Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/iPZYCiKcz9U2nhniUq3LcozazTk.cer
File:                     iPZYCiKcz9U2nhniUq3LcozazTk.cer (download)
Hash identifier:          RvwDfZorPcS4y9BhADmAGr3CRiYW7q0BCtarinMT63M=
Subject key identifier:   88:F6:58:0A:22:9C:CF:D5:36:9E:19:E2:52:AD:CB:72:8C:DA:CD:39
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856B6377D2B40D57BE675733F3498678C5
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/0b/e52b30-cd47-4c27-b6fc-d097cd2c7d82/1/iPZYCiKcz9U2nhniUq3LcozazTk.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/0b/e52b30-cd47-4c27-b6fc-d097cd2c7d82/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate valid until:  Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:
    1: AS: 211209
    2: IP: 94.154.8.0/24
    3: IP: 185.234.115.0/24
    4: IP: 2a10:e580::/29

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:63:77:d2:b4:0d:57:be:67:57:33:f3:49:86:78:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 03:32:38 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=88f6580a229ccfd5369e19e252adcb728cdacd39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:00:be:b7:66:ff:4d:62:40:a2:7f:cc:c8:22:
                    0b:bf:e9:ec:4d:b2:13:a4:62:9d:e0:5a:7c:7a:6d:
                    72:66:b2:b5:d0:d8:d3:1f:4a:58:d8:2e:91:0b:86:
                    12:99:c1:2d:fe:20:7e:db:e1:44:c7:32:da:a7:52:
                    c8:61:88:db:00:74:0e:f3:b3:93:ba:46:4d:d1:1f:
                    89:45:e6:fb:c4:5f:b6:11:b5:72:ef:4d:c2:0e:99:
                    1d:98:6e:bc:4c:82:78:1f:25:d5:cc:f1:80:42:65:
                    f7:e5:44:bf:c2:f1:db:ed:ab:dc:22:18:e8:6d:28:
                    52:96:2b:1e:d6:0d:d6:31:76:00:e4:5c:f6:ea:7a:
                    17:bb:ca:c0:77:37:7b:19:21:9f:02:2d:9d:d2:1f:
                    b6:68:f9:cf:55:1a:cb:c5:9a:43:37:15:f0:2f:49:
                    08:0e:7f:03:dc:51:e6:a6:f8:c4:c1:dd:a5:31:e2:
                    dc:e2:58:bd:de:3d:1a:34:4b:62:1f:59:03:fa:51:
                    aa:e9:c5:54:b5:d9:51:8c:e7:10:70:4c:18:d4:90:
                    61:fd:18:4f:68:c6:40:0c:d5:a8:fb:9c:9b:99:2a:
                    05:bc:c4:ef:81:51:a4:f7:0d:d4:87:49:5a:e5:b6:
                    d6:76:3e:97:f2:ee:44:5b:c9:be:4a:4e:96:3e:21:
                    89:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                88:F6:58:0A:22:9C:CF:D5:36:9E:19:E2:52:AD:CB:72:8C:DA:CD:39
            X509v3 Authority Key Identifier: 
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access: 
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/e52b30-cd47-4c27-b6fc-d097cd2c7d82/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/e52b30-cd47-4c27-b6fc-d097cd2c7d82/1/iPZYCiKcz9U2nhniUq3LcozazTk.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.154.8.0/24
                  185.234.115.0/24
                IPv6:
                  2a10:e580::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  211209

    Signature Algorithm: sha256WithRSAEncryption
         5e:30:a2:22:3e:90:c8:7a:bb:e3:42:89:e1:a7:1c:df:76:b6:
         ea:d9:bd:f9:d3:eb:f0:9b:95:73:2a:a3:25:4b:09:22:bd:ab:
         a1:b1:b8:2f:3c:73:0b:90:9a:35:d6:df:47:70:ff:e5:91:ca:
         b4:18:7f:36:c8:a6:62:bb:fe:50:38:e2:6d:b3:c6:ff:94:7a:
         1f:8f:81:b3:0a:d8:93:5c:cc:45:58:e0:ae:a3:1b:6b:05:a1:
         c1:f3:fb:4e:85:cf:48:85:f7:31:0c:f7:71:6f:ef:6f:3b:78:
         64:a9:c4:1a:0f:e6:9c:77:df:55:30:9f:81:e8:b3:af:c4:da:
         29:1e:23:c4:af:d8:31:e5:9e:fd:1c:a3:bb:5d:00:99:43:1d:
         cf:a5:67:a2:01:36:a3:34:33:16:cb:96:30:e7:19:d7:40:f6:
         80:d2:ae:c9:ad:85:00:b8:e5:38:34:6f:19:62:35:8a:fd:e0:
         00:d6:cf:04:43:c5:85:38:76:16:58:d5:2a:dd:bf:12:84:90:
         6d:68:d7:2d:8d:a6:19:e4:1d:f9:11:d9:ff:53:1c:ac:71:b0:
         b9:d6:46:44:59:63:78:1e:78:fc:ad:29:6e:60:28:17:0c:9c:
         fc:ae:d6:88:6e:09:9f:e5:9e:16:7a:5a:28:d2:e0:75:1d:5f:
         36:57:75:87
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYVrY3fStA1XvmdXM/NJhnjFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMDMzMjM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGY2NTgwYTIyOWNjZmQ1MzY5ZTE5ZTI1MmFkY2I3MjhjZGFjZDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgC+t2b/TWJAon/MyCILv+nsTbIT
pGKd4Fp8em1yZrK10NjTH0pY2C6RC4YSmcEt/iB+2+FExzLap1LIYYjbAHQO87OT
ukZN0R+JReb7xF+2EbVy703CDpkdmG68TIJ4HyXVzPGAQmX35US/wvHb7avcIhjo
bShSlise1g3WMXYA5Fz26noXu8rAdzd7GSGfAi2d0h+2aPnPVRrLxZpDNxXwL0kI
Dn8D3FHmpvjEwd2lMeLc4li93j0aNEtiH1kD+lGq6cVUtdlRjOcQcEwY1JBh/RhP
aMZADNWo+5ybmSoFvMTvgVGk9w3Uh0la5bbWdj6X8u5EW8m+Sk6WPiGJ7wIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFIj2WAoinM/VNp4Z4lKty3KM2s05MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBiL2U1MmIz
MC1jZDQ3LTRjMjctYjZmYy1kMDk3Y2QyYzdkODIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIvZTUyYjMw
LWNkNDctNGMyNy1iNmZjLWQwOTdjZDJjN2Q4Mi8xL2lQWllDaUtjejlVMm5obmlV
cTNMY296YXpUay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQAXpoIAwQAuepzMA0EAgACMAcDBQMqEOWAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwM5CTANBgkqhkiG9w0BAQsFAAOCAQEAXjCi
Ij6QyHq740KJ4acc33a26tm9+dPr8JuVcyqjJUsJIr2robG4LzxzC5CaNdbfR3D/
5ZHKtBh/NsimYrv+UDjibbPG/5R6H4+BswrYk1zMRVjgrqMbawWhwfP7ToXPSIX3
MQz3cW/vbzt4ZKnEGg/mnHffVTCfgeizr8TaKR4jxK/YMeWe/Ryju10AmUMdz6Vn
ogE2ozQzFsuWMOcZ10D2gNKuya2FALjlODRvGWI1iv3gANbPBEPFhTh2FljVKt2/
EoSQbWjXLY2mGeQd+RHZ/1McrHGwudZGRFljeB54/K0pbmAoFwyc/K7WiG4Jn+We
FnpaKNLgdR1fNld1hw==
-----END CERTIFICATE-----
Generated at Thu Feb 2 12:53:12 2023 by rpki-client.