RPKI Certificate
Location:                 rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer (download)

Subject key identifier:   2A:7D:D1:D7:87:D7:93:E4:C8:AF:56:E1:97:D4:EE:D9:2A:F6:BA:13
Authority key identifier: E8:55:2B:1F:D6:D1:A4:F7:E4:04:C6:D8:E5:68:0D:1E:BC:16:3F:C3
Manifest:                 rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
CA Repository:            rpki.ripe.net/repository/aca/
Notification URL:         https://rrdp.ripe.net/notification.xml
Subject Public Key Info:  
Subordinate resources:
    until: 2023-07-01T00:00:00Z
    Resources:
    1: AS: 0 -- 4294967295
    1: IP: 0.0.0.0/0
    2: IP: ::/0

--
$ openssl x509 -text -inform DER -in rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 246 (0xf6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ripe-ncc-ta
        Validity
            Not Before: Jun 27 12:22:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2a7dd1d787d793e4c8af56e197d4eed92af6ba13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:da:42:1b:5a:48:a6:32:79:78:99:e5:ee:bf:
                    c7:bb:a4:ec:e2:9a:eb:ac:5e:10:a8:7d:b1:dc:fd:
                    22:b4:cf:e3:e6:27:60:a6:f9:22:f4:05:24:fa:a6:
                    54:8a:01:43:c3:ae:09:03:43:9f:e1:d2:26:c9:6d:
                    14:28:53:f8:e2:be:22:03:e5:bb:23:08:e9:0e:39:
                    79:5a:aa:fc:b6:24:e9:e1:98:ad:1d:1d:f5:42:d1:
                    70:dc:d1:c8:4d:fe:84:62:69:c4:db:fb:63:dd:b5:
                    90:4e:4f:74:a0:7e:03:76:a1:0b:0d:fb:a3:6e:59:
                    57:2e:7f:1f:5e:87:da:91:85:62:38:08:9d:3d:70:
                    f1:e2:4f:3a:64:be:2d:39:55:35:70:35:36:77:f0:
                    08:5d:05:cb:db:08:8c:2e:55:82:b3:f5:a4:f0:ed:
                    1e:61:37:61:4f:ec:3a:ae:f6:60:1a:c9:9f:97:27:
                    25:74:52:32:cd:21:6d:d2:20:80:79:f8:12:80:07:
                    98:db:8c:9c:3f:2f:a0:6b:0b:28:50:c6:a6:b4:2b:
                    b1:57:f5:5f:d0:3f:7f:e3:76:1f:c4:ed:4d:42:87:
                    50:75:0b:45:88:20:8c:27:c6:f4:22:03:04:b3:d1:
                    f9:a5:fa:6a:2c:4b:25:e5:37:eb:b9:43:69:02:a1:
                    ca:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                2A:7D:D1:D7:87:D7:93:E4:C8:AF:56:E1:97:D4:EE:D9:2A:F6:BA:13
            X509v3 Authority Key Identifier: 
                keyid:E8:55:2B:1F:D6:D1:A4:F7:E4:04:C6:D8:E5:68:0D:1E:BC:16:3F:C3

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer

            Subject Information Access: 
                CA Repository - URI:rsync://rpki.ripe.net/repository/aca/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  0.0.0.0/0
                IPv6:
                  ::/0

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  0-4294967295

    Signature Algorithm: sha256WithRSAEncryption
         81:4b:3e:3f:a2:c1:6e:a7:ba:87:a3:aa:c2:7f:6f:8e:90:ee:
         d7:9f:c2:1c:08:22:c9:ea:c9:57:82:6c:5c:fd:1d:79:3f:42:
         23:22:32:f0:7d:6e:75:9e:28:e6:35:20:5d:99:a1:5f:b5:8c:
         9a:e5:86:30:be:90:d4:28:90:74:7e:52:6c:54:e2:45:ec:01:
         64:1d:c1:2a:b6:23:6b:cd:ca:78:6d:b6:91:64:3d:50:59:ef:
         6b:7c:a7:01:84:92:7e:84:8c:2e:cf:7c:8a:74:b9:72:e9:da:
         e0:c3:9a:6f:84:ea:b5:c7:23:bf:78:6e:cd:c1:fc:d4:55:3f:
         c2:f3:e1:7f:ef:78:97:40:35:3f:57:79:55:91:bd:e8:a8:6e:
         fb:c6:24:0d:f5:38:52:97:6f:33:ef:3c:6a:53:7c:49:f9:8d:
         d1:1d:78:25:a0:ee:77:ef:be:d3:c2:cb:fa:1e:be:23:c0:3f:
         7b:e2:35:96:b7:b2:65:de:86:bc:b3:97:ac:1a:c8:08:66:67:
         98:80:65:f0:9d:d8:64:e0:90:53:a8:01:42:87:17:24:92:24:
         d9:8e:d5:a2:41:1e:95:1a:77:26:7d:06:78:58:0b:ae:3a:bc:
         07:7f:53:a4:5a:b3:32:01:83:a5:16:17:9e:a5:0e:76:82:28:
         1a:53:37:35
-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgICAPYwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UEAxMLcmlw
ZS1uY2MtdGEwHhcNMjIwNjI3MTIyMjA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYD
VQQDEygyYTdkZDFkNzg3ZDc5M2U0YzhhZjU2ZTE5N2Q0ZWVkOTJhZjZiYTEzMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6tpCG1pIpjJ5eJnl7r/Hu6Ts
4prrrF4QqH2x3P0itM/j5idgpvki9AUk+qZUigFDw64JA0Of4dImyW0UKFP44r4i
A+W7IwjpDjl5Wqr8tiTp4ZitHR31QtFw3NHITf6EYmnE2/tj3bWQTk90oH4DdqEL
DfujbllXLn8fXofakYViOAidPXDx4k86ZL4tOVU1cDU2d/AIXQXL2wiMLlWCs/Wk
8O0eYTdhT+w6rvZgGsmflycldFIyzSFt0iCAefgSgAeY24ycPy+gawsoUMamtCux
V/Vf0D9/43YfxO1NQodQdQtFiCCMJ8b0IgMEs9H5pfpqLEsl5TfruUNpAqHKRwID
AQABo4ICIDCCAhwwHQYDVR0OBBYEFCp90deH15PkyK9W4ZfU7tkq9roTMB8GA1Ud
IwQYMBaAFOhVKx/W0aT35ATG2OVoDR68Fj/DMA8GA1UdEwEB/wQFMAMBAf8wDgYD
VR0PAQH/BAQDAgEGMEQGCCsGAQUFBwEBBDgwNjA0BggrBgEFBQcwAoYocnN5bmM6
Ly9ycGtpLnJpcGUubmV0L3RhL3JpcGUtbmNjLXRhLmNlcjCByQYIKwYBBQUHAQsE
gbwwgbkwMQYIKwYBBQUHMAWGJXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L2FjYS8wUAYIKwYBBQUHMAqGRHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L2FjYS9LbjNSMTRmWGstVElyMWJobDlUdTJTcjJ1aE0ubWZ0MDIGCCsG
AQUFBzANhiZodHRwczovL3JyZHAucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBB
BgNVHR8EOjA4MDagNKAyhjByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9yaXBlLW5jYy10YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAnBggr
BgEFBQcBBwEB/wQYMBYwCQQCAAEwAwMBADAJBAIAAjADAwEAMCEGCCsGAQUFBwEI
AQH/BBIwEKAOMAwwCgIBAAIFAP////8wDQYJKoZIhvcNAQELBQADggEBAIFLPj+i
wW6nuoejqsJ/b46Q7tefwhwIIsnqyVeCbFz9HXk/QiMiMvB9bnWeKOY1IF2ZoV+1
jJrlhjC+kNQokHR+UmxU4kXsAWQdwSq2I2vNynhttpFkPVBZ72t8pwGEkn6EjC7P
fIp0uXLp2uDDmm+E6rXHI794bs3B/NRVP8Lz4X/veJdANT9XeVWRveiobvvGJA31
OFKXbzPvPGpTfEn5jdEdeCWg7nfvvtPCy/oeviPAP3viNZa3smXehryzl6wayAhm
Z5iAZfCd2GTgkFOoAUKHFySSJNmO1aJBHpUadyZ9BnhYC646vAd/U6RaszIBg6UW
F56lDnaCKBpTNzU=
-----END CERTIFICATE-----

Generated at Mon Jun 27 16:07:08 2022 by LibreSSL & rpki-client.