Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
File:                     gho_IfsMKU1tSlKbLx29S9ERm9c.cer (download)
Hash identifier:          RnYEH0IbFOASZ2i2q+QP9wJrtv0TFdGF5R4+UAmwRUE=
Subject key identifier:   82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856F414CEDD537B9B7C67985862ADB6970
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate valid until:  Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:
    1: AS: 210347
    2: IP: 5.182.100.0/22
    3: IP: 45.11.236.0/22
    4: IP: 45.14.72.0/22
    5: IP: 45.84.44.0/22
    6: IP: 45.157.72.0/22
    7: IP: 85.8.188.0/22
    8: IP: 85.209.216.0/22
    9: IP: 88.218.100.0/22
   10: IP: 91.201.140.0/22
   11: IP: 92.119.180.0/22
   12: IP: 139.28.136.0/22
   13: IP: 141.98.240.0/22
   14: IP: 193.31.72.0/22
   15: IP: 194.5.0.0/22
   16: IP: 194.38.24.0/22
   17: IP: 194.124.52.0/22
   18: IP: 195.206.108.0/22

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:41:4c:ed:d5:37:b9:b7:c6:79:85:86:2a:db:69:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 21:33:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:cb:a6:b7:b3:d1:1f:ac:ae:4b:04:e0:66:3d:
                    41:98:0a:8f:69:1d:5c:35:a9:64:2d:64:eb:de:fb:
                    cd:3b:9d:57:ac:0d:2d:86:61:2c:ed:f9:67:11:90:
                    0e:d1:7b:02:17:b8:f2:aa:af:8b:37:8b:ff:be:8c:
                    aa:8c:82:08:27:d2:0a:cb:a4:28:77:3e:a9:9a:bf:
                    bd:81:72:d8:db:85:25:10:be:78:93:ed:aa:72:8e:
                    84:bb:b5:53:3e:e4:ba:74:09:a8:cd:8a:c9:a5:02:
                    40:e7:ad:79:fc:5e:b3:75:33:e2:8c:bb:aa:a2:f8:
                    0a:3d:d5:b8:f5:95:cf:05:87:42:cf:7c:3d:bc:16:
                    2a:ea:bd:fd:8d:73:f4:3f:0e:22:b6:8f:e8:d7:2d:
                    2b:48:c6:d6:de:5d:7f:a9:2d:1c:84:19:90:8a:69:
                    ee:0f:f5:ce:11:28:4a:52:5a:12:66:e0:0e:de:09:
                    f7:df:e2:0d:83:74:a5:2c:8c:63:0b:3b:e6:13:9e:
                    6c:0b:87:fa:1c:7d:25:bc:3f:fd:69:47:5a:26:ce:
                    ac:a0:84:a3:8b:d5:81:7d:f3:e3:1a:6c:49:0d:0e:
                    9e:07:0a:ee:8b:96:e4:97:33:07:71:07:df:c5:56:
                    70:2a:50:d3:c6:fd:72:bf:2a:f2:74:7b:19:8a:4b:
                    08:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
            X509v3 Authority Key Identifier: 
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access: 
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.182.100.0/22
                  45.11.236.0/22
                  45.14.72.0/22
                  45.84.44.0/22
                  45.157.72.0/22
                  85.8.188.0/22
                  85.209.216.0/22
                  88.218.100.0/22
                  91.201.140.0/22
                  92.119.180.0/22
                  139.28.136.0/22
                  141.98.240.0/22
                  193.31.72.0/22
                  194.5.0.0/22
                  194.38.24.0/22
                  194.124.52.0/22
                  195.206.108.0/22

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  210347

    Signature Algorithm: sha256WithRSAEncryption
         26:5e:5c:2e:18:ae:6d:a8:d5:8d:62:09:59:6a:24:6b:b6:64:
         bd:43:94:da:36:d1:5d:99:49:41:ce:71:fe:5f:ac:07:47:c5:
         d1:0c:06:31:73:e0:30:fa:f2:4a:24:b9:14:96:b6:a5:77:4d:
         20:bc:d1:1a:6f:c0:b9:0c:d3:23:bb:39:75:45:11:72:4a:d4:
         ae:84:10:86:29:17:95:61:1c:17:d6:1a:d3:98:41:4a:73:5f:
         bc:d6:79:ba:2a:c5:5a:24:45:cb:a6:e2:ce:c7:ce:24:8c:81:
         9a:3f:a5:17:21:b7:47:20:b8:10:0e:bf:3d:ea:8d:04:bf:52:
         a8:db:3a:4b:3b:2b:7f:be:da:b4:d8:9e:81:b2:41:89:7e:4a:
         4b:bd:ad:0b:19:85:a6:c7:7e:ad:ad:b6:f1:aa:de:13:f1:b7:
         ea:10:93:61:65:da:05:95:50:4f:19:cc:25:e2:46:df:bc:03:
         69:7a:7e:ee:ae:7c:cd:ee:ae:dd:96:30:d8:62:3b:67:08:c3:
         b5:31:af:d7:f7:31:76:87:6e:33:30:47:0c:66:b5:a0:be:0e:
         03:85:f7:dd:3e:ad:5d:9b:e2:51:1c:74:cf:19:c9:f4:f2:00:
         34:aa:41:cc:66:6e:19:9d:9f:69:44:4f:b3:ef:52:42:f5:e1:
         eb:be:44:59
-----BEGIN CERTIFICATE-----
MIIF9DCCBNygAwIBAgISAYVvQUzt1Te5t8Z5hYYq22lwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMjEzMzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjFhM2YyMWZiMGMyOTRkNmQ0YTUyOWIyZjFkYmQ0YmQxMTE5YmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucumt7PRH6yuSwTgZj1BmAqPaR1c
NalkLWTr3vvNO51XrA0thmEs7flnEZAO0XsCF7jyqq+LN4v/voyqjIIIJ9IKy6Qo
dz6pmr+9gXLY24UlEL54k+2qco6Eu7VTPuS6dAmozYrJpQJA5615/F6zdTPijLuq
ovgKPdW49ZXPBYdCz3w9vBYq6r39jXP0Pw4ito/o1y0rSMbW3l1/qS0chBmQimnu
D/XOEShKUloSZuAO3gn33+INg3SlLIxjCzvmE55sC4f6HH0lvD/9aUdaJs6soISj
i9WBffPjGmxJDQ6eBwrui5bklzMHcQffxVZwKlDTxv1yvyrydHsZiksIRwIDAQAB
o4IDADCCAvwwHQYDVR0OBBYEFIIaPyH7DClNbUpSmy8dvUvREZvXMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEyL2VkYzg1
NS1mMmJjLTRlOWMtOGMwYy1iNmYyYWM4NmVmMjcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIvZWRjODU1
LWYyYmMtNGU5Yy04YzBjLWI2ZjJhYzg2ZWYyNy8xL2dob19JZnNNS1UxdFNsS2JM
eDI5UzlFUm05Yy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMH8GCCsGAQUF
BwEHAQH/BHAwbjBsBAIAATBmAwQCBbZkAwQCLQvsAwQCLQ5IAwQCLVQsAwQCLZ1I
AwQCVQi8AwQCVdHYAwQCWNpkAwQCW8mMAwQCXHe0AwQCixyIAwQCjWLwAwQCwR9I
AwQCwgUAAwQCwiYYAwQCwnw0AwQCw85sMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwM1qzANBgkqhkiG9w0BAQsFAAOCAQEAJl5cLhiubajVjWIJWWoka7ZkvUOU2jbR
XZlJQc5x/l+sB0fF0QwGMXPgMPrySiS5FJa2pXdNILzRGm/AuQzTI7s5dUURckrU
roQQhikXlWEcF9Ya05hBSnNfvNZ5uirFWiRFy6bizsfOJIyBmj+lFyG3RyC4EA6/
PeqNBL9SqNs6Szsrf77atNiegbJBiX5KS72tCxmFpsd+ra228areE/G36hCTYWXa
BZVQTxnMJeJG37wDaXp+7q58ze6u3ZYw2GI7ZwjDtTGv1/cxdoduMzBHDGa1oL4O
A4X33T6tXZviURx0zxnJ9PIANKpBzGZuGZ2faURPs+9SQvXh675EWQ==
-----END CERTIFICATE-----
Generated at Sun Feb 5 13:22:11 2023 by rpki-client.