Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Dc7w4fpKAIj_jXuRuKhk7tnsYdw.cer
File:                     Dc7w4fpKAIj_jXuRuKhk7tnsYdw.cer (download)
Hash identifier:          3AHhy4KPltK0ZA9ZruMNf+KU2ewI9hpI4jlPRCx5OBk=
Subject key identifier:   0D:CE:F0:E1:FA:4A:00:88:FF:8D:7B:91:B8:A8:64:EE:D9:EC:61:DC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0185701D53C94AF199D3F857C9971AC901FA
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/1d/f9c0f8-bb07-4234-ab06-2b1aaae880ea/1/Dc7w4fpKAIj_jXuRuKhk7tnsYdw.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/1d/f9c0f8-bb07-4234-ab06-2b1aaae880ea/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate valid until:  Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:
    1: IP: 194.126.176.0/24
    2: IP: 2a11:c480::/29

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:1d:53:c9:4a:f1:99:d3:f8:57:c9:97:1a:c9:01:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 01:34:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0dcef0e1fa4a0088ff8d7b91b8a864eed9ec61dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:40:d2:dc:e5:3d:00:73:16:cd:b4:63:b9:0b:
                    7f:24:f8:55:05:9e:c6:07:7d:4b:18:5d:d0:20:d3:
                    d8:72:f2:95:1e:e5:0c:db:c9:99:04:41:50:61:36:
                    d2:50:ad:d9:f2:47:49:87:d7:a8:5b:92:87:8c:3e:
                    ac:c0:90:02:6a:aa:dd:a2:61:03:7a:43:27:79:e4:
                    db:d6:85:c9:53:51:f6:dd:32:22:45:1b:25:bd:96:
                    6b:49:e2:6e:cd:a6:e6:89:e7:8e:67:7c:6a:dd:1e:
                    52:88:30:75:45:ec:61:c1:fb:6c:a3:6b:95:3a:78:
                    ce:8b:99:67:7b:01:61:87:e3:57:66:f3:2a:2e:c1:
                    27:5c:e0:6b:ee:cd:dd:52:de:ef:64:08:92:eb:43:
                    ab:7e:11:12:19:38:07:94:4c:4d:8b:95:ac:21:f1:
                    6c:c4:01:a3:7f:0b:91:05:7c:f1:3b:dc:25:99:fe:
                    da:fd:5e:8e:41:9c:74:9f:d3:3c:35:d9:31:44:63:
                    f8:3b:e3:84:24:ff:41:ca:7e:e7:ce:a3:bf:68:89:
                    a8:60:11:6a:2a:3c:ee:6e:22:2d:11:a5:9b:ac:96:
                    de:35:6c:91:cd:e8:b3:20:24:50:30:07:38:a6:5e:
                    93:50:94:08:ca:5f:98:c1:a3:83:c9:2b:dd:f5:7a:
                    cb:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                0D:CE:F0:E1:FA:4A:00:88:FF:8D:7B:91:B8:A8:64:EE:D9:EC:61:DC
            X509v3 Authority Key Identifier: 
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access: 
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/f9c0f8-bb07-4234-ab06-2b1aaae880ea/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/f9c0f8-bb07-4234-ab06-2b1aaae880ea/1/Dc7w4fpKAIj_jXuRuKhk7tnsYdw.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.126.176.0/24
                IPv6:
                  2a11:c480::/29

    Signature Algorithm: sha256WithRSAEncryption
         29:74:0a:6f:12:12:a4:eb:7e:36:97:53:db:8e:3b:cf:73:6e:
         9b:70:8f:d0:f1:d0:87:f6:f4:b6:e9:88:27:60:7a:18:99:fe:
         6f:19:ea:85:8e:a2:b2:f2:8f:10:b3:53:44:1b:ee:ed:48:a9:
         71:69:e0:aa:3d:5e:ca:a0:da:aa:86:7b:7c:98:d2:b5:8c:87:
         d6:83:fb:5e:33:89:62:ae:ec:ae:78:5b:eb:f1:25:57:2f:00:
         ff:57:1d:ec:3b:f9:6a:4e:94:5b:32:e4:e1:99:70:99:14:ec:
         4d:1e:2d:23:78:a9:c4:b3:40:c3:14:fd:d1:4b:c7:28:1d:99:
         a9:95:70:2d:57:0e:15:aa:67:e3:ff:41:bb:67:c3:40:c4:fd:
         3b:f7:84:d0:4d:fc:0c:7e:db:23:cc:ce:de:b9:41:13:b1:c8:
         28:11:1c:f9:3a:9d:69:75:8b:2a:10:fa:9f:92:ca:5b:2d:69:
         4e:15:e9:15:f2:96:a4:86:4b:11:63:0c:2d:78:f8:95:65:7d:
         e9:a2:3f:31:6b:e9:0c:ce:75:e6:0b:28:3a:9a:ea:80:4a:3f:
         55:e9:ae:09:de:53:15:a9:3a:a7:99:85:9d:16:47:1c:12:9a:
         9d:df:84:3d:3c:38:9b:99:f8:a4:3f:86:c3:c1:95:51:94:88:
         3b:ab:ef:4d
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVwHVPJSvGZ0/hXyZcayQH6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMDEzNDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGNlZjBlMWZhNGEwMDg4ZmY4ZDdiOTFiOGE4NjRlZWQ5ZWM2MWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0DS3OU9AHMWzbRjuQt/JPhVBZ7G
B31LGF3QINPYcvKVHuUM28mZBEFQYTbSUK3Z8kdJh9eoW5KHjD6swJACaqrdomED
ekMneeTb1oXJU1H23TIiRRslvZZrSeJuzabmieeOZ3xq3R5SiDB1Rexhwftso2uV
OnjOi5lnewFhh+NXZvMqLsEnXOBr7s3dUt7vZAiS60OrfhESGTgHlExNi5WsIfFs
xAGjfwuRBXzxO9wlmf7a/V6OQZx0n9M8NdkxRGP4O+OEJP9Byn7nzqO/aImoYBFq
KjzubiItEaWbrJbeNWyRzeizICRQMAc4pl6TUJQIyl+YwaODySvd9XrLUQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFA3O8OH6SgCI/417kbioZO7Z7GHcMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFkL2Y5YzBm
OC1iYjA3LTQyMzQtYWIwNi0yYjFhYWFlODgwZWEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWQvZjljMGY4
LWJiMDctNDIzNC1hYjA2LTJiMWFhYWU4ODBlYS8xL0RjN3c0ZnBLQUlqX2pYdVJ1
S2hrN3Ruc1lkdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAwn6wMA0EAgACMAcDBQMqEcSAMA0GCSqGSIb3
DQEBCwUAA4IBAQApdApvEhKk6342l1PbjjvPc26bcI/Q8dCH9vS26YgnYHoYmf5v
GeqFjqKy8o8Qs1NEG+7tSKlxaeCqPV7KoNqqhnt8mNK1jIfWg/teM4liruyueFvr
8SVXLwD/Vx3sO/lqTpRbMuThmXCZFOxNHi0jeKnEs0DDFP3RS8coHZmplXAtVw4V
qmfj/0G7Z8NAxP0794TQTfwMftsjzM7euUETscgoERz5Op1pdYsqEPqfkspbLWlO
FekV8pakhksRYwwtePiVZX3poj8xa+kMznXmCyg6muqASj9V6a4J3lMVqTqnmYWd
FkccEpqd34Q9PDibmfikP4bDwZVRlIg7q+9N
-----END CERTIFICATE-----
Generated at Wed Feb 8 06:44:23 2023 by rpki-client.