Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
File:                     Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer (download)
Hash identifier:          u+TstzDVh/sza8O4G2OT4YSR/boeH0zUqTztbVfrkLs=
Subject key identifier:   1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856FAEA3985A46C79A6C861462D2454FB8
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate valid until:  Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:
    1: AS: 204171
    2: IP: 2.59.180.0/22
    3: IP: 45.156.144.0/22
    4: IP: 185.103.120.0/22
    5: IP: 2a06:2bc0::/29
    6: IP: 2a09:f740::/29
    7: IP: 2a0f:2280::/29

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:ae:a3:98:5a:46:c7:9a:6c:86:14:62:d2:45:4f:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 23:33:14 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:d5:ba:da:7f:53:76:e0:4d:d5:ed:80:29:e0:
                    4b:e6:de:34:2a:92:d4:f2:0e:5e:82:42:38:0b:48:
                    e2:ba:06:bf:cb:7d:dc:cc:b6:77:f8:37:52:17:19:
                    1f:2e:07:75:ca:a5:fa:5e:61:72:a3:98:0d:96:42:
                    f9:d6:a4:5e:70:6f:29:fe:17:52:2f:8e:bd:4d:57:
                    e1:72:a9:2d:3b:5d:90:d9:fe:ae:6b:1d:33:0b:2d:
                    49:83:9d:68:80:46:da:d3:f4:a5:d1:b5:15:ae:3d:
                    54:8a:74:ff:34:09:d7:ef:f2:de:9f:44:c9:11:7d:
                    9c:2c:70:98:73:99:4a:8d:ec:87:8c:a9:9f:6d:f5:
                    32:20:19:ce:48:21:7e:99:62:97:60:06:92:c4:9c:
                    86:56:8e:37:ba:db:6e:c3:ce:d5:7a:cc:10:48:f1:
                    66:3b:13:1b:60:9f:dd:3d:ec:e3:75:ee:a9:6b:94:
                    d3:63:68:b5:2d:9b:b0:7c:dc:e7:67:66:f9:9a:c5:
                    20:e7:a4:5f:7a:61:de:7b:f1:02:1a:d0:33:4d:7a:
                    9b:3e:b5:4d:35:96:34:84:f2:d9:42:6b:c1:63:ae:
                    2c:38:28:0d:4e:48:9e:01:f7:bd:af:4a:a1:2b:34:
                    5a:fa:7f:80:03:22:4e:79:e0:8e:19:6a:35:8d:2c:
                    5b:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
            X509v3 Authority Key Identifier: 
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access: 
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.180.0/22
                  45.156.144.0/22
                  185.103.120.0/22
                IPv6:
                  2a06:2bc0::/29
                  2a09:f740::/29
                  2a0f:2280::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  204171

    Signature Algorithm: sha256WithRSAEncryption
         1f:b5:5c:57:ed:70:02:4c:22:14:69:66:88:d4:a0:f4:bb:fd:
         a7:67:9e:f2:3e:47:7f:bd:7b:35:d3:c3:5f:6f:03:8c:5d:60:
         39:e2:45:c7:96:4e:09:a4:74:2d:ff:68:f5:44:30:45:7c:a2:
         15:57:67:91:68:db:b1:1e:a1:76:03:a4:7d:f9:f2:43:6d:e3:
         b9:8d:20:65:db:14:94:74:e3:43:86:10:b2:36:29:a3:3c:02:
         aa:73:6b:45:33:ac:fc:07:2f:88:6f:1f:79:65:6a:b8:bf:b8:
         a5:89:1c:e2:17:d2:b2:8a:af:35:f7:89:88:34:62:fa:bb:5f:
         32:db:ef:ec:20:ab:bc:ed:27:65:0e:4b:01:d0:cd:df:6d:97:
         da:03:e5:d3:67:f6:58:86:89:5e:67:ad:89:8f:8d:ca:45:85:
         63:f0:4d:ea:4a:f4:18:02:13:17:a7:2e:de:e1:e1:fd:e6:85:
         62:03:ab:64:1d:74:2a:32:f2:35:a9:e4:53:a4:9b:13:9d:ec:
         e7:ee:df:f1:ba:d6:9b:74:2b:40:d1:fc:96:5f:28:88:4f:03:
         3a:a7:c2:57:83:4a:25:13:9d:fa:77:c0:2d:48:b4:d1:3d:30:
         58:4b:8d:7b:b4:3c:ea:d0:d1:ef:a3:4c:a1:62:e5:eb:88:67:
         66:29:59:64
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgISAYVvrqOYWkbHmmyGFGLSRU+4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMjMzMzE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTdmMDM2ZTI1OTIzOTFmYjQ1YTNkZDMzY2FmMGIwNzk1Njk3M2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtW62n9TduBN1e2AKeBL5t40KpLU
8g5egkI4C0jiuga/y33czLZ3+DdSFxkfLgd1yqX6XmFyo5gNlkL51qRecG8p/hdS
L469TVfhcqktO12Q2f6uax0zCy1Jg51ogEba0/Sl0bUVrj1UinT/NAnX7/Len0TJ
EX2cLHCYc5lKjeyHjKmfbfUyIBnOSCF+mWKXYAaSxJyGVo43uttuw87VeswQSPFm
OxMbYJ/dPezjde6pa5TTY2i1LZuwfNznZ2b5msUg56RfemHee/ECGtAzTXqbPrVN
NZY0hPLZQmvBY64sOCgNTkieAfe9r0qhKzRa+n+AAyJOeeCOGWo1jSxbCwIDAQAB
o4ICyTCCAsUwHQYDVR0OBBYEFBp/A24lkjkftFo90zyvCweVaXPPMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VkLzI0YmUx
YS0xNmRhLTQ4MWMtOGJjYi0zNDBkNjI1YzZkYmEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQvMjRiZTFh
LTE2ZGEtNDgxYy04YmNiLTM0MGQ2MjVjNmRiYS8xL0duOERiaVdTT1ItMFdqM1RQ
SzhMQjVWcGM4OC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEgGCCsGAQUF
BwEHAQH/BDkwNzAYBAIAATASAwQCAju0AwQCLZyQAwQCuWd4MBsEAgACMBUDBQMq
BivAAwUDKgn3QAMFAyoPIoAwGgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAx2LMA0G
CSqGSIb3DQEBCwUAA4IBAQAftVxX7XACTCIUaWaI1KD0u/2nZ57yPkd/vXs108Nf
bwOMXWA54kXHlk4JpHQt/2j1RDBFfKIVV2eRaNuxHqF2A6R9+fJDbeO5jSBl2xSU
dONDhhCyNimjPAKqc2tFM6z8By+Ibx95ZWq4v7iliRziF9Kyiq8194mINGL6u18y
2+/sIKu87SdlDksB0M3fbZfaA+XTZ/ZYholeZ62Jj43KRYVj8E3qSvQYAhMXpy7e
4eH95oViA6tkHXQqMvI1qeRTpJsTnezn7t/xutabdCtA0fyWXyiITwM6p8JXg0ol
E536d8AtSLTRPTBYS417tDzq0NHvo0yhYuXriGdmKVlk
-----END CERTIFICATE-----
Generated at Thu Feb 2 14:32:14 2023 by rpki-client.