Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/xCMr1SONxAENHFKSnd6k8jwEJXQ.cer
File:                     xCMr1SONxAENHFKSnd6k8jwEJXQ.cer (download)
Hash identifier:          ZZOYTHE1E14sIWbju9MeNSbXZH9g+EWQxEE0S5T9lw4=
Subject key identifier:   C4:23:2B:D5:23:8D:C4:01:0D:1C:52:92:9D:DE:A4:F2:3C:04:25:74
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856D1A7C3F3A79726AEE61D52C2878C0E9
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/7d/c42ae7-5f64-4039-a051-403b857bf8b7/1/xCMr1SONxAENHFKSnd6k8jwEJXQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/7d/c42ae7-5f64-4039-a051-403b857bf8b7/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate valid until:  Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:
    1: IP: 46.254.108.0/24
    2: IP: 2a11:b300::/29

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:1a:7c:3f:3a:79:72:6a:ee:61:d5:2c:28:78:c0:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 11:32:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c4232bd5238dc4010d1c52929ddea4f23c042574
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:b7:6e:fd:3f:0d:5f:ae:ff:d9:03:43:76:12:
                    2e:91:33:af:47:bd:ee:bc:e8:1e:d8:1f:f6:2c:c4:
                    95:67:3e:22:0c:6b:30:dc:90:4a:f6:94:a6:c9:85:
                    80:09:77:b8:e3:6f:c2:26:9f:74:72:5c:0c:67:37:
                    6b:6d:79:60:3f:de:6a:7c:77:6d:3f:51:8b:95:68:
                    7e:35:57:bf:00:5a:ca:53:fa:19:9a:9e:74:ef:18:
                    27:da:7e:cd:18:e1:d1:9a:69:05:83:fe:7a:58:64:
                    49:8f:85:16:84:f0:53:01:e2:f2:cd:5c:bf:59:02:
                    8f:cc:5f:c6:26:b5:33:b7:d6:64:66:f9:97:a1:f8:
                    8e:d1:dd:82:b7:ad:ae:0e:07:3f:25:38:e1:05:9b:
                    3c:bd:86:d4:5e:e6:63:fa:c7:1c:db:20:8b:83:0f:
                    29:58:57:43:f0:12:49:2d:a0:a7:5a:e1:b4:82:fd:
                    02:50:2a:0b:47:0c:f6:7b:15:64:d1:ea:b5:18:91:
                    c0:e2:b2:45:2f:38:67:d2:a5:22:c2:52:53:b0:68:
                    70:d0:d9:b6:16:ec:b6:87:15:ba:83:32:e5:e5:bd:
                    bf:1c:70:fa:c8:b9:62:5d:2d:5a:93:f5:da:16:35:
                    80:d6:7d:2f:23:b4:0b:f8:8e:6b:3c:c4:4d:bc:f6:
                    82:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                C4:23:2B:D5:23:8D:C4:01:0D:1C:52:92:9D:DE:A4:F2:3C:04:25:74
            X509v3 Authority Key Identifier: 
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access: 
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/c42ae7-5f64-4039-a051-403b857bf8b7/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/c42ae7-5f64-4039-a051-403b857bf8b7/1/xCMr1SONxAENHFKSnd6k8jwEJXQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.254.108.0/24
                IPv6:
                  2a11:b300::/29

    Signature Algorithm: sha256WithRSAEncryption
         9c:78:12:02:9a:5e:b7:4a:41:dd:dc:92:fe:02:e6:fa:63:37:
         db:16:a4:e4:7a:4a:1a:76:f9:68:dc:a5:79:30:d1:40:ca:62:
         59:e9:28:db:da:14:ab:bc:dd:7e:27:7e:84:7a:ce:8e:55:39:
         4f:af:b6:c9:67:9e:fa:b3:8c:cf:b7:25:52:45:8c:08:aa:6e:
         95:0d:3d:cb:10:8e:f8:ef:58:5f:c2:dc:ba:48:4d:e5:b4:25:
         62:9b:29:e0:6f:7d:f7:a2:dc:9c:0e:4a:7e:14:00:c2:f8:66:
         0a:12:56:0a:91:3c:cb:72:24:66:a8:7f:5d:a1:bc:9a:c5:da:
         98:72:a9:28:3b:06:99:53:9c:c2:0b:ed:e4:ea:1a:0f:0c:e1:
         26:f1:db:7c:ea:54:75:c3:b5:a6:b9:0b:13:07:e9:e3:c5:4c:
         f2:4c:ba:61:2f:26:c0:a7:26:54:02:46:34:70:fe:69:47:78:
         95:08:a7:7c:09:99:8d:b7:9c:3a:c7:71:c7:ab:97:5b:04:69:
         23:be:ed:7e:7a:ef:d7:49:c7:ea:e3:de:e9:ea:28:59:8b:79:
         5d:90:26:71:34:6b:28:f2:72:52:2d:a8:38:e3:d7:4e:84:4a:
         3f:86:47:e2:05:aa:ba:ff:fe:91:49:b9:3f:50:a3:f3:3a:78:
         e8:2b:18:64
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVtGnw/Onlyau5h1SwoeMDpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTEzMjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDIzMmJkNTIzOGRjNDAxMGQxYzUyOTI5ZGRlYTRmMjNjMDQyNTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Ldu/T8NX67/2QNDdhIukTOvR73u
vOge2B/2LMSVZz4iDGsw3JBK9pSmyYWACXe442/CJp90clwMZzdrbXlgP95qfHdt
P1GLlWh+NVe/AFrKU/oZmp507xgn2n7NGOHRmmkFg/56WGRJj4UWhPBTAeLyzVy/
WQKPzF/GJrUzt9ZkZvmXofiO0d2Ct62uDgc/JTjhBZs8vYbUXuZj+scc2yCLgw8p
WFdD8BJJLaCnWuG0gv0CUCoLRwz2exVk0eq1GJHA4rJFLzhn0qUiwlJTsGhw0Nm2
Fuy2hxW6gzLl5b2/HHD6yLliXS1ak/XaFjWA1n0vI7QL+I5rPMRNvPaCBQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFMQjK9UjjcQBDRxSkp3epPI8BCV0MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdkL2M0MmFl
Ny01ZjY0LTQwMzktYTA1MS00MDNiODU3YmY4YjcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2QvYzQyYWU3
LTVmNjQtNDAzOS1hMDUxLTQwM2I4NTdiZjhiNy8xL3hDTXIxU09OeEFFTkhGS1Nu
ZDZrOGp3RUpYUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQALv5sMA0EAgACMAcDBQMqEbMAMA0GCSqGSIb3
DQEBCwUAA4IBAQCceBICml63SkHd3JL+Aub6YzfbFqTkekoadvlo3KV5MNFAymJZ
6Sjb2hSrvN1+J36Ees6OVTlPr7bJZ576s4zPtyVSRYwIqm6VDT3LEI7471hfwty6
SE3ltCVimyngb333otycDkp+FADC+GYKElYKkTzLciRmqH9dobyaxdqYcqkoOwaZ
U5zCC+3k6hoPDOEm8dt86lR1w7WmuQsTB+njxUzyTLphLybApyZUAkY0cP5pR3iV
CKd8CZmNt5w6x3HHq5dbBGkjvu1+eu/XScfq497p6ihZi3ldkCZxNGso8nJSLag4
49dOhEo/hkfiBaq6//6RSbk/UKPzOnjoKxhk
-----END CERTIFICATE-----
Generated at Thu Feb 2 14:59:02 2023 by rpki-client.