Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
File:                     GUJjJay4zmCaaG-mVbBYlogJs0Y.cer (download)
Hash identifier:          QpmeaOAO1ZWVZx+uIGdhEllJRCXdN2yUQWbMgcDaM70=
Subject key identifier:   19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856CAC9FD46087CEC65054F989C72C052D
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate valid until:  Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:
    1: AS: 3319
    2: AS: 12687
    3: AS: 25500
    4: AS: 205656
    5: AS: 212397
    6: IP: 77.47.128.0/17
    7: IP: 185.143.56.0/22
    8: IP: 195.178.128.0/19
    9: IP: 212.111.192.0/19
   10: IP: 2a01:5c40::/32
   11: IP: 2a02:db0::/32

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:ac:9f:d4:60:87:ce:c6:50:54:f9:89:c7:2c:05:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 09:32:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=19426325acb8ce609a686fa655b058968809b346
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:10:08:41:bb:b4:f6:f1:8d:c9:ca:75:f9:38:
                    e4:ea:7a:ce:4c:77:74:bd:4d:cd:58:38:f4:34:0f:
                    1a:c3:11:30:28:ca:a2:d5:5d:72:27:fc:8a:5d:7d:
                    47:88:0e:6e:0f:94:53:dd:f6:d0:d0:2b:2b:86:37:
                    63:66:5d:31:3b:29:4d:45:8a:9d:00:08:ce:2e:0a:
                    d9:e3:69:c2:fb:9e:ec:eb:cd:36:15:47:cc:f0:5a:
                    ff:57:67:93:6b:d8:62:bf:b8:dd:8e:34:fc:b2:d0:
                    ee:87:bb:fe:cc:b5:da:a8:fe:32:4a:bf:56:ba:00:
                    b6:d6:a1:87:de:8e:bc:e4:fa:27:1c:3a:fc:0d:ef:
                    3c:4e:8e:6c:73:7e:f2:3f:cf:1b:35:0f:09:82:ca:
                    35:1b:2f:9c:70:0e:32:34:c3:5e:73:ca:d7:3b:06:
                    83:6c:2d:50:79:4d:9b:59:f7:f2:58:6e:b8:e1:5e:
                    41:70:2b:bb:6f:b4:41:bf:f0:78:2f:54:52:d6:44:
                    cc:fc:7e:9a:a5:b4:84:dd:e9:6d:b0:04:d2:23:e0:
                    8f:b9:71:c4:1e:80:4d:5c:15:55:42:89:6d:af:f4:
                    7b:55:c0:ab:9e:b4:6d:20:d6:a0:7f:99:9b:14:da:
                    7e:9e:41:3b:52:09:5f:96:cc:58:89:92:8b:cf:94:
                    11:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
            X509v3 Authority Key Identifier: 
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access: 
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.47.128.0/17
                  185.143.56.0/22
                  195.178.128.0/19
                  212.111.192.0/19
                IPv6:
                  2a01:5c40::/32
                  2a02:db0::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  3319
                  12687
                  25500
                  205656
                  212397

    Signature Algorithm: sha256WithRSAEncryption
         01:0c:46:69:de:43:bb:8b:49:c1:38:d1:38:b6:d1:e5:fb:b4:
         83:47:87:23:77:11:35:c3:f3:b4:18:8d:da:76:3b:49:0d:8d:
         21:e7:01:e7:41:d5:ac:44:6b:3c:be:cb:c4:66:e1:32:42:37:
         18:40:e9:db:8e:c8:71:02:dd:17:08:64:2d:b5:38:22:ff:cb:
         52:97:d9:4a:5f:b7:bd:94:aa:35:46:4e:60:a5:e8:09:0c:e1:
         41:00:37:71:c2:df:41:77:35:6c:4a:86:f5:74:ad:c3:9a:85:
         38:21:3d:16:1a:b2:f7:45:81:17:0c:47:9b:fe:e9:1d:c2:67:
         0c:62:c8:63:45:ec:26:9e:14:4e:83:a4:c0:11:2d:7f:8c:f0:
         53:8a:75:10:15:e4:d3:96:17:de:a4:a0:55:ec:77:2f:dc:46:
         f7:30:b6:90:3c:49:f5:3e:b1:f6:d8:6d:bc:3a:5a:54:2d:ae:
         cc:c3:db:05:f1:9b:be:5b:0b:92:72:b0:2f:ab:b2:8e:80:1c:
         8c:f7:ec:99:c7:40:d6:a8:9e:78:e0:7d:ac:1a:4e:e7:98:f7:
         64:8e:40:6c:ea:1e:1a:1d:c1:24:14:83:76:db:49:b8:ca:e2:
         b5:b6:77:53:1a:f0:ac:99:26:78:c6:3c:6f:27:fa:a5:03:02:
         02:81:20:c1
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgISAYVsrJ/UYIfOxlBU+YnHLAUtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMDkzMjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTQyNjMyNWFjYjhjZTYwOWE2ODZmYTY1NWIwNTg5Njg4MDliMzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxAIQbu09vGNycp1+Tjk6nrOTHd0
vU3NWDj0NA8awxEwKMqi1V1yJ/yKXX1HiA5uD5RT3fbQ0CsrhjdjZl0xOylNRYqd
AAjOLgrZ42nC+57s6802FUfM8Fr/V2eTa9hiv7jdjjT8stDuh7v+zLXaqP4ySr9W
ugC21qGH3o685PonHDr8De88To5sc37yP88bNQ8Jgso1Gy+ccA4yNMNec8rXOwaD
bC1QeU2bWffyWG644V5BcCu7b7RBv/B4L1RS1kTM/H6apbSE3eltsATSI+CPuXHE
HoBNXBVVQoltr/R7VcCrnrRtINagf5mbFNp+nkE7UglflsxYiZKLz5QR1wIDAQAB
o4IC2TCCAtUwHQYDVR0OBBYEFBlCYyWsuM5gmmhvplWwWJaICbNGMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUxLzhiNmZi
MC1hODc1LTQ5NDctOGFlNC0wM2Y0YzcxMTNjMzQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEvOGI2ZmIw
LWE4NzUtNDk0Ny04YWU0LTAzZjRjNzExM2MzNC8xL0dVSmpKYXk0em1DYWFHLW1W
YkJZbG9nSnMwWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEcGCCsGAQUF
BwEHAQH/BDgwNjAeBAIAATAYAwQHTS+AAwQCuY84AwQFw7KAAwQF1G/AMBQEAgAC
MA4DBQAqAVxAAwUAKgINsDArBggrBgEFBQcBCAEB/wQcMBqgGDAWAgIM9wICMY8C
AmOcAgMDI1gCAwM9rTANBgkqhkiG9w0BAQsFAAOCAQEAAQxGad5Du4tJwTjROLbR
5fu0g0eHI3cRNcPztBiN2nY7SQ2NIecB50HVrERrPL7LxGbhMkI3GEDp247IcQLd
FwhkLbU4Iv/LUpfZSl+3vZSqNUZOYKXoCQzhQQA3ccLfQXc1bEqG9XStw5qFOCE9
Fhqy90WBFwxHm/7pHcJnDGLIY0XsJp4UToOkwBEtf4zwU4p1EBXk05YX3qSgVex3
L9xG9zC2kDxJ9T6x9thtvDpaVC2uzMPbBfGbvlsLknKwL6uyjoAcjPfsmcdA1qie
eOB9rBpO55j3ZI5AbOoeGh3BJBSDdttJuMritbZ3UxrwrJkmeMY8byf6pQMCAoEg
wQ==
-----END CERTIFICATE-----
Generated at Wed Feb 8 06:46:12 2023 by rpki-client.