Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3yKkq7kzn2XoH4cfxFSZX1vyoBY.cer
File:                     3yKkq7kzn2XoH4cfxFSZX1vyoBY.cer (download)
Hash identifier:          SAoHuMVQ3p6AHkARRQx2eIUQTi28RXZzb5JK5Bdnbts=
Subject key identifier:   DF:22:A4:AB:B9:33:9F:65:E8:1F:87:1F:C4:54:99:5F:5B:F2:A0:16
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0185701E24F1B0106B0232932B3124229C53
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/73/3363c0-63cc-4588-a03b-fdd081e779de/1/3yKkq7kzn2XoH4cfxFSZX1vyoBY.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/73/3363c0-63cc-4588-a03b-fdd081e779de/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate valid until:  Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:
    1: IP: 212.6.63.0/24
    2: IP: 2a11:7a80::/29

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:1e:24:f1:b0:10:6b:02:32:93:2b:31:24:22:9c:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 01:35:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=df22a4abb9339f65e81f871fc454995f5bf2a016
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:91:0a:f3:09:da:b4:e0:c6:40:1f:d7:00:a4:
                    40:be:5a:0f:5b:52:8a:97:09:30:08:62:58:6a:c0:
                    8c:57:07:b9:f7:92:1c:04:0d:6a:59:33:77:70:3f:
                    28:9d:e5:20:de:ba:49:f1:a2:ee:9e:15:81:2e:48:
                    74:80:a2:04:73:6c:67:ec:62:c2:29:3e:45:44:20:
                    3c:7f:c9:d4:00:8d:24:fc:96:6e:08:8e:ab:21:6d:
                    d4:b2:cd:f2:ee:f5:52:bd:1f:b3:2d:8d:e0:e9:e5:
                    07:06:c0:46:89:80:1e:df:66:d7:c8:8b:bb:76:0f:
                    05:66:8b:fe:f2:5d:90:be:93:ea:46:3f:1f:ae:c9:
                    a4:33:e3:07:cb:bb:fe:13:1d:ee:d9:75:ea:65:0c:
                    2c:50:c8:41:8d:21:69:ab:36:ad:ef:5b:ab:07:60:
                    8e:59:94:61:8a:30:4d:c9:d0:7a:70:86:e2:74:63:
                    cf:f1:13:7c:01:bd:5a:05:06:75:96:a1:5b:f6:22:
                    78:64:bb:c3:d5:5f:f6:c2:ae:00:2a:3b:b0:ee:dc:
                    51:65:a6:ae:1f:8e:9f:ac:f0:97:8f:41:47:21:eb:
                    40:db:f7:c7:fc:77:02:7c:9a:6f:23:24:c8:aa:04:
                    23:15:2e:f2:95:35:38:ef:91:81:b6:ec:74:d8:a3:
                    e4:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                DF:22:A4:AB:B9:33:9F:65:E8:1F:87:1F:C4:54:99:5F:5B:F2:A0:16
            X509v3 Authority Key Identifier: 
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access: 
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/3363c0-63cc-4588-a03b-fdd081e779de/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/3363c0-63cc-4588-a03b-fdd081e779de/1/3yKkq7kzn2XoH4cfxFSZX1vyoBY.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.6.63.0/24
                IPv6:
                  2a11:7a80::/29

    Signature Algorithm: sha256WithRSAEncryption
         61:03:8f:df:f2:f2:8e:12:52:48:6b:ba:f8:7c:fb:30:33:68:
         b9:54:17:bb:53:67:6e:7e:67:bb:d5:27:93:fe:03:9a:77:c8:
         32:e6:fd:d1:0a:7d:09:11:77:2f:3e:f8:99:ad:9e:f8:85:58:
         db:a1:21:53:aa:4e:de:28:53:02:5a:c7:37:ba:6b:08:62:9e:
         12:eb:a0:c4:0e:d4:d9:2f:7c:7a:8c:1e:1e:69:b0:83:48:c4:
         d9:c5:41:ae:e1:80:6c:c3:06:35:5e:0a:33:97:a7:46:9a:2b:
         1b:f8:97:f3:e6:05:11:a3:05:00:24:a4:47:f2:41:73:29:41:
         5e:1c:3f:cd:40:c0:c9:31:45:6c:67:cb:19:63:af:40:e0:e2:
         88:2b:b2:54:08:b6:75:01:ab:17:79:c2:37:43:bd:e8:a3:1f:
         cc:60:ab:25:96:6b:9c:3f:f5:8b:45:57:e1:74:ea:48:a9:48:
         45:a5:c6:49:4b:12:41:ed:7d:48:d5:50:b4:10:33:d0:4b:38:
         3f:f1:94:d5:a3:4a:0e:e8:5f:2e:66:b6:97:dd:64:55:e8:6f:
         55:ec:f5:5e:3a:90:03:29:39:03:16:cc:93:7b:42:af:64:ea:
         dc:08:da:4b:13:ef:04:c1:2e:d6:cb:2e:3e:4e:56:a8:c7:af:
         f6:e7:5f:21
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVwHiTxsBBrAjKTKzEkIpxTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMDEzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjIyYTRhYmI5MzM5ZjY1ZTgxZjg3MWZjNDU0OTk1ZjViZjJhMDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZEK8wnatODGQB/XAKRAvloPW1KK
lwkwCGJYasCMVwe595IcBA1qWTN3cD8oneUg3rpJ8aLunhWBLkh0gKIEc2xn7GLC
KT5FRCA8f8nUAI0k/JZuCI6rIW3Uss3y7vVSvR+zLY3g6eUHBsBGiYAe32bXyIu7
dg8FZov+8l2QvpPqRj8frsmkM+MHy7v+Ex3u2XXqZQwsUMhBjSFpqzat71urB2CO
WZRhijBNydB6cIbidGPP8RN8Ab1aBQZ1lqFb9iJ4ZLvD1V/2wq4AKjuw7txRZaau
H46frPCXj0FHIetA2/fH/HcCfJpvIyTIqgQjFS7ylTU475GBtux02KPkDwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFN8ipKu5M59l6B+HH8RUmV9b8qAWMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzczLzMzNjNj
MC02M2NjLTQ1ODgtYTAzYi1mZGQwODFlNzc5ZGUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMvMzM2M2Mw
LTYzY2MtNDU4OC1hMDNiLWZkZDA4MWU3NzlkZS8xLzN5S2txN2t6bjJYb0g0Y2Z4
RlNaWDF2eW9CWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQA1AY/MA0EAgACMAcDBQMqEXqAMA0GCSqGSIb3
DQEBCwUAA4IBAQBhA4/f8vKOElJIa7r4fPswM2i5VBe7U2dufme71SeT/gOad8gy
5v3RCn0JEXcvPviZrZ74hVjboSFTqk7eKFMCWsc3umsIYp4S66DEDtTZL3x6jB4e
abCDSMTZxUGu4YBswwY1Xgozl6dGmisb+Jfz5gURowUAJKRH8kFzKUFeHD/NQMDJ
MUVsZ8sZY69A4OKIK7JUCLZ1AasXecI3Q73oox/MYKsllmucP/WLRVfhdOpIqUhF
pcZJSxJB7X1I1VC0EDPQSzg/8ZTVo0oO6F8uZraX3WRV6G9V7PVeOpADKTkDFsyT
e0KvZOrcCNpLE+8EwS7Wyy4+Tlaox6/2518h
-----END CERTIFICATE-----
Generated at Sun Jan 29 19:05:51 2023 by rpki-client.