Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/FGTDVzC2XG8eQg5ZqWJ5gLU7waU.cer
File:                     FGTDVzC2XG8eQg5ZqWJ5gLU7waU.cer (download)
Hash identifier:          3IBkIVGZmtq9S/VHvm+ra0kuEg8Og0yTKfOAkWwnaT8=
Subject key identifier:   14:64:C3:57:30:B6:5C:6F:1E:42:0E:59:A9:62:79:80:B5:3B:C1:A5
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018571D65D6C51BCE73E5B1B86320E9ADB96
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/32/154f81-ea44-4e76-845e-b0718f437d7c/1/FGTDVzC2XG8eQg5ZqWJ5gLU7waU.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/32/154f81-ea44-4e76-845e-b0718f437d7c/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate valid until:  Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:
    1: IP: 185.149.148.0/24
    2: IP: 2a04:ca80::/29

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:d6:5d:6c:51:bc:e7:3e:5b:1b:86:32:0e:9a:db:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 09:35:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1464c35730b65c6f1e420e59a9627980b53bc1a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:f9:37:fa:5e:22:35:71:ad:2a:47:c1:ac:81:
                    27:e4:55:1a:67:a4:f9:7e:b8:f9:96:a1:31:01:28:
                    a9:00:7d:09:bf:35:6f:ad:c5:c4:6a:3c:f3:3f:ed:
                    66:9c:8a:24:5c:4d:68:84:70:60:09:59:19:30:1d:
                    31:17:ce:72:9a:f0:86:10:a4:5d:59:1f:13:ed:64:
                    c9:65:0b:77:25:8c:b3:d9:50:7a:34:52:29:e8:85:
                    21:32:f1:8f:0c:7c:c4:a2:b7:f9:a8:74:70:18:66:
                    92:a7:71:24:55:43:d2:1d:d8:40:7f:77:92:46:c7:
                    e3:20:bb:87:3b:3c:c5:1a:1c:1d:27:b9:02:34:c9:
                    1b:50:54:cb:83:88:a4:d4:ef:10:0a:b2:18:ae:86:
                    b7:89:da:60:3d:f4:ab:5f:28:7d:b3:12:10:d3:8b:
                    80:64:24:c9:b8:de:ec:63:a8:ff:67:07:b7:9d:2b:
                    c1:95:34:4c:b9:06:73:51:4f:13:3b:a1:74:4c:ff:
                    80:c1:4b:8c:40:b4:22:cb:88:33:cf:1f:c3:73:72:
                    25:f8:d2:47:16:69:e4:e7:ab:11:b6:4c:e5:04:66:
                    fd:0f:3f:75:16:a4:55:dd:51:ec:ec:56:b1:55:f9:
                    72:d9:22:e8:70:24:b5:72:73:1b:9a:90:8c:89:35:
                    97:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                14:64:C3:57:30:B6:5C:6F:1E:42:0E:59:A9:62:79:80:B5:3B:C1:A5
            X509v3 Authority Key Identifier: 
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access: 
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/154f81-ea44-4e76-845e-b0718f437d7c/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/154f81-ea44-4e76-845e-b0718f437d7c/1/FGTDVzC2XG8eQg5ZqWJ5gLU7waU.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.149.148.0/24
                IPv6:
                  2a04:ca80::/29

    Signature Algorithm: sha256WithRSAEncryption
         74:c1:9a:59:33:81:e3:c6:a4:4f:a1:7e:28:5f:e1:27:02:5b:
         9d:39:5b:5c:91:e7:b8:c2:7e:46:8d:f2:c4:4e:49:b1:a7:89:
         cf:34:7d:5f:00:c4:89:eb:be:f7:d9:db:1a:82:32:f4:70:c9:
         f4:ce:4c:b0:3b:d0:7b:68:5d:12:4d:4f:fe:dc:03:b6:cd:9d:
         c5:54:53:40:14:72:39:76:8f:13:a9:cf:73:0f:43:a4:0c:60:
         4f:28:a1:ff:88:99:01:5f:3e:95:8d:80:e6:22:44:ba:47:ba:
         cf:ea:25:f7:f7:3b:53:c4:2f:be:0a:e0:01:55:db:2b:91:6d:
         ed:7b:5f:c3:45:df:4d:52:3b:f2:9f:f5:41:fc:84:ba:89:65:
         2c:aa:57:16:97:91:73:5c:3d:84:5f:ab:dc:1c:ef:61:6c:53:
         ca:50:4c:33:52:dd:53:2d:43:d8:5f:42:4c:69:ac:3e:cf:cb:
         87:7b:e5:c5:f2:88:a7:92:55:79:66:df:dd:1a:e5:9b:58:a8:
         24:9d:a0:22:8b:72:42:39:b3:53:1c:ba:b0:70:2c:cf:2f:1f:
         87:5f:22:5a:15:1f:df:59:97:1e:a1:54:4e:6f:8b:8f:4e:2d:
         1e:5c:5a:bf:80:b9:c7:4f:67:59:31:51:1c:36:12:62:dd:4c:
         20:76:66:fe
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVx1l1sUbznPlsbhjIOmtuWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMDkzNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDY0YzM1NzMwYjY1YzZmMWU0MjBlNTlhOTYyNzk4MGI1M2JjMWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfk3+l4iNXGtKkfBrIEn5FUaZ6T5
frj5lqExASipAH0JvzVvrcXEajzzP+1mnIokXE1ohHBgCVkZMB0xF85ymvCGEKRd
WR8T7WTJZQt3JYyz2VB6NFIp6IUhMvGPDHzEorf5qHRwGGaSp3EkVUPSHdhAf3eS
RsfjILuHOzzFGhwdJ7kCNMkbUFTLg4ik1O8QCrIYroa3idpgPfSrXyh9sxIQ04uA
ZCTJuN7sY6j/Zwe3nSvBlTRMuQZzUU8TO6F0TP+AwUuMQLQiy4gzzx/Dc3Il+NJH
Fmnk56sRtkzlBGb9Dz91FqRV3VHs7FaxVfly2SLocCS1cnMbmpCMiTWX9wIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFBRkw1cwtlxvHkIOWalieYC1O8GlMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMyLzE1NGY4
MS1lYTQ0LTRlNzYtODQ1ZS1iMDcxOGY0MzdkN2MvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIvMTU0Zjgx
LWVhNDQtNGU3Ni04NDVlLWIwNzE4ZjQzN2Q3Yy8xL0ZHVERWekMyWEc4ZVFnNVpx
V0o1Z0xVN3dhVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAuZWUMA0EAgACMAcDBQMqBMqAMA0GCSqGSIb3
DQEBCwUAA4IBAQB0wZpZM4HjxqRPoX4oX+EnAludOVtckee4wn5GjfLETkmxp4nP
NH1fAMSJ67732dsagjL0cMn0zkywO9B7aF0STU/+3AO2zZ3FVFNAFHI5do8Tqc9z
D0OkDGBPKKH/iJkBXz6VjYDmIkS6R7rP6iX39ztTxC++CuABVdsrkW3te1/DRd9N
Ujvyn/VB/IS6iWUsqlcWl5FzXD2EX6vcHO9hbFPKUEwzUt1TLUPYX0JMaaw+z8uH
e+XF8oinklV5Zt/dGuWbWKgknaAii3JCObNTHLqwcCzPLx+HXyJaFR/fWZceoVRO
b4uPTi0eXFq/gLnHT2dZMVEcNhJi3Uwgdmb+
-----END CERTIFICATE-----
Generated at Mon Feb 6 17:55:01 2023 by rpki-client.