Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
File:                     hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer (download)
Hash identifier:          KYXCORRDEetiApT9EkNiiUlkqBfsviC3rh30MtHg2yE=
Subject key identifier:   85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856FB081E4AFF46FE1249C17E5853F4BD7
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate valid until:  Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:
    1: IP: 2.57.248.0/22
    2: IP: 5.183.240.0/22
    3: IP: 45.11.240.0/22
    4: IP: 45.14.80.0/22
    5: IP: 45.80.96.0/22
    6: IP: 45.85.128.0/22
    7: IP: 45.86.24.0/22
    8: IP: 45.90.204.0/22
    9: IP: 45.129.220.0/22
   10: IP: 45.158.192.0/22
   11: IP: 92.119.24.0/22
   12: IP: 171.22.60.0/22
   13: IP: 185.45.92.0/22

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:b0:81:e4:af:f4:6f:e1:24:9c:17:e5:85:3f:4b:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 23:35:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:a3:13:72:1d:ba:db:21:bb:3c:a4:d8:0d:3c:
                    3f:54:0f:93:93:a1:a9:5d:fc:d6:d6:11:bf:d1:20:
                    61:54:fb:55:ee:38:f6:0f:6b:32:b2:bb:6b:7e:d1:
                    dd:40:f6:69:28:fb:69:fc:10:97:78:4e:a9:d4:2b:
                    13:85:24:24:26:75:ed:5c:73:09:ea:a8:b5:95:7d:
                    3a:69:e3:6e:bf:f7:34:69:c4:e8:75:7c:cb:8e:d0:
                    8b:88:6f:f1:30:2e:b7:f2:8c:02:79:6f:30:53:b6:
                    10:e4:13:f0:0b:ad:25:55:60:18:51:de:de:b4:f6:
                    c1:00:c8:5f:81:57:3a:20:ea:16:5a:ef:11:34:e7:
                    43:f1:99:e9:b2:c0:b1:4a:6d:24:36:61:52:0f:6f:
                    c1:c5:e8:42:30:0c:d0:1f:46:e4:fc:7d:1f:01:9f:
                    90:bd:05:0c:6e:55:6f:63:cb:32:d2:0b:e2:2b:1c:
                    78:bc:34:f9:4c:e8:f1:bd:e5:ac:67:a5:4a:b1:9a:
                    c9:36:6f:c3:a4:07:8e:88:6a:ca:b4:47:1b:b1:3e:
                    e1:bf:1a:9e:5c:f9:4c:38:0d:3b:27:6f:fc:54:5a:
                    86:5b:a1:d3:7f:3a:d1:36:47:08:43:04:4a:27:52:
                    59:c8:a9:1e:1c:2b:1d:65:01:4c:8b:c2:31:c6:8f:
                    0a:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
            X509v3 Authority Key Identifier: 
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access: 
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.57.248.0/22
                  5.183.240.0/22
                  45.11.240.0/22
                  45.14.80.0/22
                  45.80.96.0/22
                  45.85.128.0/22
                  45.86.24.0/22
                  45.90.204.0/22
                  45.129.220.0/22
                  45.158.192.0/22
                  92.119.24.0/22
                  171.22.60.0/22
                  185.45.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2f:72:5d:03:a9:b0:b9:cb:09:2e:dc:af:8a:18:27:ca:fe:23:
         36:e1:fe:5b:58:50:1e:a3:2c:0f:bc:b8:72:83:99:35:eb:d4:
         63:5d:15:52:52:36:2a:63:13:e2:7b:c7:f1:5d:6b:92:42:4f:
         56:1a:fe:b2:96:47:3d:a5:97:cc:2a:69:97:e0:1f:64:6a:a1:
         b9:d5:5e:8e:7f:a0:bf:54:f9:0b:89:36:e7:25:46:0d:17:b9:
         12:ab:fe:92:c2:39:6b:88:ac:e1:3e:79:32:87:36:c9:db:3b:
         b9:c8:b7:0e:df:66:c1:73:9a:c4:2c:5c:82:89:91:a7:27:55:
         f5:62:9e:71:6d:ae:35:4b:e2:f4:8e:46:36:7b:78:72:be:02:
         8d:46:d8:74:1a:49:ab:7a:d4:78:b0:49:71:3a:79:fd:f9:c5:
         26:fe:03:d2:db:84:d2:47:59:61:08:8d:33:91:bd:5d:5b:d1:
         59:f5:9a:c6:e6:bc:cc:7d:c0:94:9a:bd:c3:f2:7d:76:97:6d:
         1e:31:57:07:2e:08:27:04:3e:b3:a4:4d:90:8a:cc:70:2e:f4:
         49:6b:a1:0c:26:c5:bf:10:6e:2a:14:b4:c7:12:70:03:04:2e:
         c6:91:c7:5b:98:88:18:a7:63:c0:79:44:4f:6d:76:cb:f1:00:
         d4:0e:b9:2a
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAYVvsIHkr/Rv4SScF+WFP0vXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMjMzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTMzZWY0NjExNmZkOWQyMWJmYjUzM2U0NGJkZTUxNzg5MGMyNGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqMTch262yG7PKTYDTw/VA+Tk6Gp
XfzW1hG/0SBhVPtV7jj2D2sysrtrftHdQPZpKPtp/BCXeE6p1CsThSQkJnXtXHMJ
6qi1lX06aeNuv/c0acTodXzLjtCLiG/xMC638owCeW8wU7YQ5BPwC60lVWAYUd7e
tPbBAMhfgVc6IOoWWu8RNOdD8ZnpssCxSm0kNmFSD2/BxehCMAzQH0bk/H0fAZ+Q
vQUMblVvY8sy0gviKxx4vDT5TOjxveWsZ6VKsZrJNm/DpAeOiGrKtEcbsT7hvxqe
XPlMOA07J2/8VFqGW6HTfzrRNkcIQwRKJ1JZyKkeHCsdZQFMi8Ixxo8KxQIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFIUz70YRb9nSG/tTPkS95ReJDCTcMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAzL2UwNDcy
YS0zYWRmLTQzY2QtYmYzMC03MzkyM2RhZWYxMTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMvZTA0NzJh
LTNhZGYtNDNjZC1iZjMwLTczOTIzZGFlZjExNC8xL2hUUHZSaEZ2MmRJYi0xTS1S
TDNsRjRrTUpOdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGcGCCsGAQUF
BwEHAQH/BFgwVjBUBAIAATBOAwQCAjn4AwQCBbfwAwQCLQvwAwQCLQ5QAwQCLVBg
AwQCLVWAAwQCLVYYAwQCLVrMAwQCLYHcAwQCLZ7AAwQCXHcYAwQCqxY8AwQCuS1c
MA0GCSqGSIb3DQEBCwUAA4IBAQAvcl0DqbC5ywku3K+KGCfK/iM24f5bWFAeoywP
vLhyg5k169RjXRVSUjYqYxPie8fxXWuSQk9WGv6ylkc9pZfMKmmX4B9kaqG51V6O
f6C/VPkLiTbnJUYNF7kSq/6SwjlriKzhPnkyhzbJ2zu5yLcO32bBc5rELFyCiZGn
J1X1Yp5xba41S+L0jkY2e3hyvgKNRth0GkmretR4sElxOnn9+cUm/gPS24TSR1lh
CI0zkb1dW9FZ9ZrG5rzMfcCUmr3D8n12l20eMVcHLggnBD6zpE2QisxwLvRJa6EM
JsW/EG4qFLTHEnADBC7GkcdbmIgYp2PAeURPbXbL8QDUDrkq
-----END CERTIFICATE-----
Generated at Wed Feb 8 05:07:42 2023 by rpki-client.