Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8UQZtT1Pa4Q5pZ03O0_Ay3XLv0.cer
File:                     d8UQZtT1Pa4Q5pZ03O0_Ay3XLv0.cer (download)
Hash identifier:          bQcTxFtPTpPNaXAq1iDh86AAgh91BCVM8YcToa7gUK0=
Subject key identifier:   77:C5:10:66:D4:F5:3D:AE:10:E6:96:74:DC:ED:3F:03:2D:D7:2E:FD
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018571681B53D2AAB5EE31EC72C458BC8EF1
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/cb/53a03e-5571-456f-88a6-831817955d33/1/d8UQZtT1Pa4Q5pZ03O0_Ay3XLv0.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/cb/53a03e-5571-456f-88a6-831817955d33/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate valid until:  Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:
    1: IP: 185.138.166.0/24
    2: IP: 2a11:240::/29

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:68:1b:53:d2:aa:b5:ee:31:ec:72:c4:58:bc:8e:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 07:35:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=77c51066d4f53dae10e69674dced3f032dd72efd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:d9:99:88:78:b7:c6:0b:fd:f5:9d:24:5f:36:
                    ba:ea:b2:a7:49:2f:56:ce:87:92:79:8b:38:ce:8a:
                    6e:54:56:e8:94:c1:0f:d0:7b:8e:4a:1b:0c:0e:0c:
                    cb:88:e8:f1:2c:65:af:18:96:a5:df:af:2b:f0:c6:
                    5f:3b:2d:48:55:00:a0:d8:4e:d2:8f:b2:51:d8:ee:
                    88:3e:40:a7:bd:61:d7:cc:cf:49:84:02:9f:c0:14:
                    0f:02:3b:a2:af:44:c4:08:a4:56:0b:9d:2f:f3:67:
                    06:b6:6a:b8:50:eb:d7:41:26:c9:6c:74:37:7a:0d:
                    1a:29:14:84:1f:2c:c0:40:ba:ea:3c:f7:ad:af:bd:
                    37:24:4b:83:a8:9f:db:16:de:f9:00:3a:d8:ec:81:
                    72:3c:58:9d:76:98:76:ba:75:bc:20:c4:64:a9:17:
                    e2:aa:87:aa:92:6d:d3:de:cd:54:a7:07:ad:c9:62:
                    89:64:31:ff:55:e0:6b:21:84:af:88:22:8e:23:dc:
                    87:62:82:8c:1f:c2:e5:f9:6e:54:52:d4:2d:db:d5:
                    e6:42:1c:59:00:d4:ba:63:4d:88:9c:cd:38:74:78:
                    eb:10:d7:e4:42:cd:ea:77:4c:59:1c:51:27:aa:3a:
                    3d:cc:8d:4b:26:97:db:e9:fa:c7:bd:93:b9:44:51:
                    47:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                77:C5:10:66:D4:F5:3D:AE:10:E6:96:74:DC:ED:3F:03:2D:D7:2E:FD
            X509v3 Authority Key Identifier: 
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access: 
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/53a03e-5571-456f-88a6-831817955d33/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/53a03e-5571-456f-88a6-831817955d33/1/d8UQZtT1Pa4Q5pZ03O0_Ay3XLv0.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.138.166.0/24
                IPv6:
                  2a11:240::/29

    Signature Algorithm: sha256WithRSAEncryption
         8c:f2:f4:6b:26:04:9b:7d:41:28:2e:f5:5f:15:c7:d8:e0:ae:
         08:64:e9:dc:ec:c6:be:b4:a7:0c:c1:58:9c:6a:29:16:28:f6:
         37:96:7f:45:81:f7:42:c3:f7:99:c0:b0:5f:01:e4:14:48:13:
         a0:19:8d:e9:c3:20:d4:45:4e:b9:43:dc:f8:12:e3:3e:f8:b7:
         22:1f:4b:f1:36:3d:1d:89:be:56:2b:df:b4:35:39:a9:c2:6b:
         dd:e1:17:ba:c9:72:dc:c7:24:be:c6:5e:72:b2:83:bb:a8:7a:
         f1:bb:9b:c9:60:99:56:c3:ce:b2:79:01:65:29:da:b5:fe:1d:
         bb:b6:92:84:23:22:fd:01:ee:d9:cf:4d:fa:ce:fb:91:9e:ca:
         5b:bd:33:3b:e2:18:65:21:ae:1c:fa:5e:d2:d7:c2:cc:c1:c6:
         d1:88:77:1d:8a:03:05:3c:a5:05:0b:06:7c:74:47:12:d1:b1:
         b7:76:55:ef:73:c9:c9:7b:88:c4:0c:dc:27:8f:b7:41:bd:8d:
         43:4c:e6:8e:5b:e0:37:46:5c:c9:54:50:a7:61:42:db:ee:40:
         89:06:b5:81:8e:57:2e:17:75:92:e7:ac:d9:0b:98:7a:de:f9:
         a2:bd:24:8a:2e:93:56:66:1f:9f:66:95:bf:fa:64:7d:64:91:
         51:1a:d6:5a
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVxaBtT0qq17jHscsRYvI7xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMDczNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2M1MTA2NmQ0ZjUzZGFlMTBlNjk2NzRkY2VkM2YwMzJkZDcyZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutmZiHi3xgv99Z0kXza66rKnSS9W
zoeSeYs4zopuVFbolMEP0HuOShsMDgzLiOjxLGWvGJal368r8MZfOy1IVQCg2E7S
j7JR2O6IPkCnvWHXzM9JhAKfwBQPAjuir0TECKRWC50v82cGtmq4UOvXQSbJbHQ3
eg0aKRSEHyzAQLrqPPetr703JEuDqJ/bFt75ADrY7IFyPFiddph2unW8IMRkqRfi
qoeqkm3T3s1UpwetyWKJZDH/VeBrIYSviCKOI9yHYoKMH8Ll+W5UUtQt29XmQhxZ
ANS6Y02InM04dHjrENfkQs3qd0xZHFEnqjo9zI1LJpfb6frHvZO5RFFHmwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFHfFEGbU9T2uEOaWdNztPwMt1y79MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NiLzUzYTAz
ZS01NTcxLTQ1NmYtODhhNi04MzE4MTc5NTVkMzMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2IvNTNhMDNl
LTU1NzEtNDU2Zi04OGE2LTgzMTgxNzk1NWQzMy8xL2Q4VVFadFQxUGE0UTVwWjAz
TzBfQXkzWEx2MC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAuYqmMA0EAgACMAcDBQMqEQJAMA0GCSqGSIb3
DQEBCwUAA4IBAQCM8vRrJgSbfUEoLvVfFcfY4K4IZOnc7Ma+tKcMwVicaikWKPY3
ln9FgfdCw/eZwLBfAeQUSBOgGY3pwyDURU65Q9z4EuM++LciH0vxNj0dib5WK9+0
NTmpwmvd4Re6yXLcxyS+xl5ysoO7qHrxu5vJYJlWw86yeQFlKdq1/h27tpKEIyL9
Ae7Zz036zvuRnspbvTM74hhlIa4c+l7S18LMwcbRiHcdigMFPKUFCwZ8dEcS0bG3
dlXvc8nJe4jEDNwnj7dBvY1DTOaOW+A3RlzJVFCnYULb7kCJBrWBjlcuF3WS56zZ
C5h63vmivSSKLpNWZh+fZpW/+mR9ZJFRGtZa
-----END CERTIFICATE-----
Generated at Mon Jan 30 10:54:07 2023 by rpki-client.