Certificate

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/dffb95a77b596556dc922d7d59d7e123c2fec9b7.cer
File:                     dffb95a77b596556dc922d7d59d7e123c2fec9b7.cer (raw, json)
Hash identifier:          fpAjZ4wUHRewUTYQ9v1W6ZxK+VcESimvLZPPctANKbs=
Subject key identifier:   D4:7C:4D:55:EF:31:B5:B6:73:BE:CF:CE:F3:1F:AF:BE:A3:18:37:F0
Authority key identifier: 14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07
Certificate issuer:       /CN=production O=lacnic
Certificate serial:       EA4DD9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
Manifest:                 rsync://repository.lacnic.net/rpki/lacnic/49c18d82-9a62-46a6-8470-be909cac4304/dffb95a77b596556dc922d7d59d7e123c2fec9b7.mft
caRepository:             rsync://repository.lacnic.net/rpki/lacnic/49c18d82-9a62-46a6-8470-be909cac4304/
Notify URL:               https://rrdp.lacnic.net/rrdp/notification.xml
Certificate not before:   Tue 01 Sep 2020 17:39:03 +0000
Certificate not after:    Tue 18 Jun 2024 09:41:46 +0000
Subordinate resources:    IP: 170.78.208.0/22
                          IP: 2806:3c7::/32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15355353 (0xea4dd9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=production O=lacnic
        Validity
            Not Before: Sep  1 17:39:03 2020 GMT
            Not After : Jun 18 09:41:46 2024 GMT
        Subject: CN=dffb95a77b596556dc922d7d59d7e123c2fec9b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:d9:75:7f:51:28:81:09:ba:4e:93:48:c8:86:
                    7a:74:58:71:99:9b:4d:59:27:ae:26:13:e8:89:88:
                    b8:d3:b0:42:1b:57:f8:bb:e3:13:4e:b5:2a:0d:8f:
                    a6:ad:6c:1c:83:90:36:87:d6:0b:26:4d:6b:ad:b2:
                    79:44:14:36:73:6f:90:fe:8f:8c:9f:ec:74:81:33:
                    d9:2d:39:88:43:62:33:c0:2f:93:31:1c:54:7b:43:
                    90:b3:65:dd:12:14:9d:4a:db:90:c4:32:80:fb:d3:
                    8b:81:67:2e:c6:5e:3b:d9:ab:89:17:09:5f:5b:24:
                    3c:9d:b0:7e:67:ac:aa:3e:4e:3a:39:cc:dd:82:d9:
                    f9:78:5c:a8:8b:99:5f:c2:65:48:1c:c3:6f:5b:3c:
                    ff:38:46:47:29:95:c0:cc:e8:f5:a1:b6:89:b0:69:
                    a9:8e:46:61:e6:d4:5f:d5:fc:bb:59:e2:8c:65:2a:
                    90:42:25:5f:62:06:8d:1e:fe:29:45:bf:f9:4f:89:
                    d0:ac:a3:5e:b0:09:be:d0:5a:87:ab:1d:c5:79:f2:
                    2d:2b:70:4d:bf:29:aa:de:7c:3f:0b:38:4b:75:d5:
                    7a:23:81:f4:fb:1e:4c:e4:eb:a8:df:6f:6b:e4:e7:
                    60:ec:62:86:ef:81:8f:7d:8d:38:ec:7c:d6:8f:ca:
                    b7:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:7C:4D:55:EF:31:B5:B6:73:BE:CF:CE:F3:1F:AF:BE:A3:18:37:F0
            X509v3 Authority Key Identifier:
                keyid:14:70:94:B4:E4:47:E3:EE:2D:CC:3F:D5:27:3D:46:EB:9D:C4:78:07

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer

            Subject Information Access:
                RPKI Notify - URI:https://rrdp.lacnic.net/rrdp/notification.xml
                CA Repository - URI:rsync://repository.lacnic.net/rpki/lacnic/49c18d82-9a62-46a6-8470-be909cac4304/
                RPKI Manifest - URI:rsync://repository.lacnic.net/rpki/lacnic/49c18d82-9a62-46a6-8470-be909cac4304/dffb95a77b596556dc922d7d59d7e123c2fec9b7.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.78.208.0/22
                IPv6:
                  2806:3c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         91:f9:d9:6d:b4:06:de:e6:04:e7:88:f6:43:46:5c:e4:28:fb:
         6d:b7:f5:ee:8d:d7:81:9b:d0:5f:7b:49:f2:42:8a:c5:d0:64:
         c6:39:0c:7b:93:10:5f:bf:dd:6d:24:6a:cb:94:4a:be:bb:7e:
         43:4a:3d:1f:45:21:0b:12:54:29:cc:82:fc:e6:21:6b:13:3d:
         d1:e7:b1:ab:cf:7e:f7:1d:dd:88:a0:b0:ed:c9:25:8e:81:c3:
         71:98:48:0e:6e:2f:9f:6b:4a:ab:82:15:f9:90:74:bf:c7:28:
         57:3e:a1:65:73:b0:bc:99:b0:3a:03:31:49:d6:0e:64:41:41:
         d9:89:bb:41:7b:6d:c1:a0:49:e0:32:8c:e8:e9:38:59:5a:67:
         c9:3e:3e:c1:01:7d:6e:8c:cf:c5:3c:37:d1:b6:31:6b:8e:a5:
         82:b9:83:94:e7:21:28:6d:5c:c8:1c:ab:af:17:b5:4d:8a:32:
         26:d9:16:c5:7b:d5:05:58:d8:51:03:4d:e5:43:4a:b8:18:ba:
         0d:64:e0:4c:e1:96:bc:a0:76:3a:47:3d:0d:4a:07:7d:35:c1:
         3a:76:18:45:e4:b5:ae:76:eb:2c:56:2f:2a:f9:64:05:2b:f7:
         b4:5d:ca:3f:0d:10:08:c2:53:74:a8:bb:51:78:b7:46:02:eb:
         7e:8d:af:80
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIEAOpN2TANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDExNw
cm9kdWN0aW9uIE89bGFjbmljMB4XDTIwMDkwMTE3MzkwM1oXDTI0MDYxODA5NDE0
NlowMzExMC8GA1UEAxMoZGZmYjk1YTc3YjU5NjU1NmRjOTIyZDdkNTlkN2UxMjNj
MmZlYzliNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAI3ZdX9RKIEJ
uk6TSMiGenRYcZmbTVknriYT6ImIuNOwQhtX+LvjE061Kg2Ppq1sHIOQNofWCyZN
a62yeUQUNnNvkP6PjJ/sdIEz2S05iENiM8AvkzEcVHtDkLNl3RIUnUrbkMQygPvT
i4FnLsZeO9mriRcJX1skPJ2wfmesqj5OOjnM3YLZ+XhcqIuZX8JlSBzDb1s8/zhG
RymVwMzo9aG2ibBpqY5GYebUX9X8u1nijGUqkEIlX2IGjR7+KUW/+U+J0KyjXrAJ
vtBah6sdxXnyLStwTb8pqt58Pws4S3XVeiOB9PseTOTrqN9va+TnYOxihu+Bj32N
OOx81o/Kt8ECAwEAAaOCAu0wggLpMB0GA1UdDgQWBBTUfE1V7zG1tnO+z87zH6++
oxg38DAfBgNVHSMEGDAWgBQUcJS05Efj7i3MP9UnPUbrncR4BzAPBgNVHRMBAf8E
BTADAQH/MA4GA1UdDwEB/wQEAwIBBjByBggrBgEFBQcBAQRmMGQwYgYIKwYBBQUH
MAKGVnJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFjbmljL2Zm
MTRlOTA1NWQ1YWZhYTM3ZmJlMjBmNGEyNmJkMTNjOGYxOGQ3OWEuY2VyMIIBNAYI
KwYBBQUHAQsEggEmMIIBIjA5BggrBgEFBQcwDYYtaHR0cHM6Ly9ycmRwLmxhY25p
Yy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMFsGCCsGAQUFBzAFhk9yc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy80OWMxOGQ4Mi05YTYy
LTQ2YTYtODQ3MC1iZTkwOWNhYzQzMDQvMIGHBggrBgEFBQcwCoZ7cnN5bmM6Ly9y
ZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9sYWNuaWMvNDljMThkODItOWE2Mi00
NmE2LTg0NzAtYmU5MDljYWM0MzA0L2RmZmI5NWE3N2I1OTY1NTZkYzkyMmQ3ZDU5
ZDdlMTIzYzJmZWM5YjcubWZ0MIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzov
L3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xhY25pYy80OGYwODNiYi1mNjAz
LTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZmYxNGU5MDU1ZDVhZmFhMzdmYmUyMGY0
YTI2YmQxM2M4ZjE4ZDc5YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAqpO0DANBAIAAjAHAwUAKAYDxzAN
BgkqhkiG9w0BAQsFAAOCAQEAkfnZbbQG3uYE54j2Q0Zc5Cj7bbf17o3XgZvQX3tJ
8kKKxdBkxjkMe5MQX7/dbSRqy5RKvrt+Q0o9H0UhCxJUKcyC/OYhaxM90eexq89+
9x3diKCw7ckljoHDcZhIDm4vn2tKq4IV+ZB0v8coVz6hZXOwvJmwOgMxSdYOZEFB
2Ym7QXttwaBJ4DKM6Ok4WVpnyT4+wQF9bozPxTw30bYxa46lgrmDlOchKG1cyByr
rxe1TYoyJtkWxXvVBVjYUQNN5UNKuBi6DWTgTOGWvKB2Okc9DUoHfTXBOnYYReS1
rnbrLFYvKvlkBSv3tF3KPw0QCMJTdKi7UXi3RgLrfo2vgA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:35:43 2024 by rpki-client on console-fra.rpki-client.org