Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
File:                     v4QRNUXZAAdg9mBipCIZM6LpWdg.cer (download)
Hash identifier:          mdgosk18BWrCnY8kon2H63fG1bBnikKpy5io4DYSEsg=
Subject key identifier:   BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0185DDDFCA420CB343BDF58E863C402296B3
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate valid until:  Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:
    1: AS: 61087
    2: IP: 5.181.20.0/22
    3: IP: 45.14.244.0/22
    4: IP: 45.89.60.0/22
    5: IP: 45.91.52.0/22
    6: IP: 45.130.68.0/22
    7: IP: 45.140.144.0/22
    8: IP: 45.140.164.0/22
    9: IP: 45.144.28.0/22
   10: IP: 45.144.232.0/22
   11: IP: 45.150.64.0/22
   12: IP: 45.155.52.0/22
   13: IP: 79.143.19.0/24
   14: IP: 91.194.10.0/23
   15: IP: 185.234.247.0/24
   16: IP: 2a0c:ab00::/29
   17: IP: 2a0e:4000::/29
   18: IP: 2a10:2ec0::/29

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:dd:df:ca:42:0c:b3:43:bd:f5:8e:86:3c:40:22:96:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan 23 09:05:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bf84113545d9000760f66062a4221933a2e959d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:cc:67:75:e0:e1:53:07:55:3b:83:ed:98:e5:
                    34:3a:71:57:be:af:0b:f0:ef:a4:9f:33:fd:75:64:
                    f9:a5:93:3c:7f:3c:4b:fc:b8:75:64:8f:a3:3c:13:
                    37:fa:c1:a9:3e:f4:f4:16:78:aa:b2:d6:58:1d:33:
                    ee:65:10:96:1f:6e:5b:7f:f9:5f:d7:80:84:1b:13:
                    21:73:e6:49:b2:13:7d:d9:c9:da:b2:34:1b:d3:37:
                    0a:b5:39:7c:6f:4c:60:19:ff:bf:8a:5e:ff:16:9d:
                    4f:f9:0a:42:b5:c5:bc:4d:be:9d:a8:fe:78:66:40:
                    15:de:46:9b:a3:50:cd:64:5c:c5:82:c4:0b:77:c8:
                    6c:fa:f1:68:7c:e0:3f:86:97:de:e4:18:94:b6:b2:
                    6c:ce:a5:af:ba:de:eb:b3:84:8d:25:fc:1d:a3:de:
                    8d:2f:00:f6:43:28:c6:89:52:c2:12:33:d5:0e:36:
                    7f:aa:2e:ea:b2:bc:06:96:bd:82:22:a1:91:c9:02:
                    30:cc:b8:c4:27:51:98:bc:b3:0e:cf:47:23:bc:b9:
                    3d:88:d7:79:ac:46:04:c7:17:8a:7f:bf:b5:aa:9c:
                    75:0a:b0:6d:0d:29:6e:a5:05:ef:9f:8f:e3:c3:c0:
                    c0:81:30:98:c4:85:5b:9d:64:62:ee:3f:e8:5b:6b:
                    93:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
            X509v3 Authority Key Identifier: 
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access: 
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.20.0/22
                  45.14.244.0/22
                  45.89.60.0/22
                  45.91.52.0/22
                  45.130.68.0/22
                  45.140.144.0/22
                  45.140.164.0/22
                  45.144.28.0/22
                  45.144.232.0/22
                  45.150.64.0/22
                  45.155.52.0/22
                  79.143.19.0/24
                  91.194.10.0/23
                  185.234.247.0/24
                IPv6:
                  2a0c:ab00::/29
                  2a0e:4000::/29
                  2a10:2ec0::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  61087

    Signature Algorithm: sha256WithRSAEncryption
         52:35:42:67:5f:0e:e7:59:cc:54:c5:23:c6:45:79:21:18:ca:
         0d:13:3d:2d:79:ae:8d:35:6d:62:3f:13:fe:ae:60:3d:da:3d:
         32:bf:83:05:2f:f6:74:40:1f:5b:20:0c:c9:b6:57:12:13:0c:
         da:a1:08:17:5a:cf:03:81:c7:56:82:7a:e4:9e:10:52:e9:7a:
         c4:43:69:02:2d:87:3e:69:8f:7d:b6:7e:3e:6a:06:dc:ba:8e:
         f0:81:63:f4:1f:3e:62:f4:09:31:27:14:c9:cd:2f:c4:ad:27:
         df:a4:9c:e3:59:0b:c8:84:13:69:fb:ee:2a:75:a3:09:df:1f:
         3b:6f:74:0d:fa:c6:1e:0f:5a:88:53:d7:39:3b:58:aa:cd:aa:
         6d:4a:82:74:b1:a9:3f:f5:f9:ac:54:7e:2f:75:12:21:dd:04:
         cd:ca:86:bf:9b:5e:cf:4e:02:33:c0:a6:03:d4:b7:27:03:80:
         9e:c2:e4:f7:1e:9e:91:d9:f7:76:f4:38:ca:39:71:f9:a6:40:
         c5:51:1f:88:41:75:48:ba:ce:fa:54:97:4d:2b:ef:17:51:98:
         52:fd:39:8e:ab:3b:24:bb:52:91:39:4e:d3:6f:db:ee:22:28:
         e7:78:45:1e:22:00:7d:07:68:91:7e:1b:65:2f:9f:54:22:dd:
         2a:26:fc:7e
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgISAYXd38pCDLNDvfWOhjxAIpazMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTIzMDkwNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjg0MTEzNTQ1ZDkwMDA3NjBmNjYwNjJhNDIyMTkzM2EyZTk1OWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6sxndeDhUwdVO4PtmOU0OnFXvq8L
8O+knzP9dWT5pZM8fzxL/Lh1ZI+jPBM3+sGpPvT0FniqstZYHTPuZRCWH25bf/lf
14CEGxMhc+ZJshN92cnasjQb0zcKtTl8b0xgGf+/il7/Fp1P+QpCtcW8Tb6dqP54
ZkAV3kabo1DNZFzFgsQLd8hs+vFofOA/hpfe5BiUtrJszqWvut7rs4SNJfwdo96N
LwD2QyjGiVLCEjPVDjZ/qi7qsrwGlr2CIqGRyQIwzLjEJ1GYvLMOz0cjvLk9iNd5
rEYExxeKf7+1qpx1CrBtDSlupQXvn4/jw8DAgTCYxIVbnWRi7j/oW2uT7QIDAQAB
o4IDDDCCAwgwHQYDVR0OBBYEFL+EETVF2QAHYPZgYqQiGTOi6VnYMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI1LzMwZGM4
NS0yZGQ4LTRiMWMtYjE1MS00YmQ2M2FkYzczNTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUvMzBkYzg1
LTJkZDgtNGIxYy1iMTUxLTRiZDYzYWRjNzM1NC8xL3Y0UVJOVVhaQUFkZzltQmlw
Q0laTTZMcFdkZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGKBggrBgEF
BQcBBwEB/wR7MHkwWgQCAAEwVAMEAgW1FAMEAi0O9AMEAi1ZPAMEAi1bNAMEAi2C
RAMEAi2MkAMEAi2MpAMEAi2QHAMEAi2Q6AMEAi2WQAMEAi2bNAMEAE+PEwMEAVvC
CgMEALnq9zAbBAIAAjAVAwUDKgyrAAMFAyoOQAADBQMqEC7AMBoGCCsGAQUFBwEI
AQH/BAswCaAHMAUCAwDunzANBgkqhkiG9w0BAQsFAAOCAQEAUjVCZ18O51nMVMUj
xkV5IRjKDRM9LXmujTVtYj8T/q5gPdo9Mr+DBS/2dEAfWyAMybZXEhMM2qEIF1rP
A4HHVoJ65J4QUul6xENpAi2HPmmPfbZ+PmoG3LqO8IFj9B8+YvQJMScUyc0vxK0n
36Sc41kLyIQTafvuKnWjCd8fO290DfrGHg9aiFPXOTtYqs2qbUqCdLGpP/X5rFR+
L3USId0EzcqGv5tez04CM8CmA9S3JwOAnsLk9x6ekdn3dvQ4yjlx+aZAxVEfiEF1
SLrO+lSXTSvvF1GYUv05jqs7JLtSkTlO02/b7iIo53hFHiIAfQdokX4bZS+fVCLd
Kib8fg==
-----END CERTIFICATE-----
Generated at Mon Jan 30 11:05:07 2023 by rpki-client.