Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
File:                     xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer (download)
Hash identifier:          IFJ1XxcZqM7x9kSMuTjUn/IAlCBrb3YsbsqqrrqM2nE=
Subject key identifier:   C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856AF51F2C9C8849952F51BD77584CC7E0
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate valid until:  Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:
    1: AS: 29262
    2: AS: 201064
    3: IP: 46.29.24.0/22
    4: IP: 91.106.216.0/22
    5: IP: 91.194.53.0/24
    6: IP: 91.194.55.0/24
    7: IP: 93.190.12.0/22
    8: IP: 109.236.48.0/22
    9: IP: 160.20.108.0/22
   10: IP: 185.85.188.0/22
   11: IP: 185.85.236.0/22
   12: IP: 185.86.4.0/22
   13: IP: 185.86.12.0/22
   14: IP: 185.86.152.0/22
   15: IP: 185.86.164.0/22
   16: IP: 185.87.24.0/22
   17: IP: 185.87.120.0/22
   18: IP: 185.88.172.0/22
   19: IP: 185.98.60.0/22
   20: IP: 185.119.80.0/22
   21: IP: 185.141.32.0/22
   22: IP: 185.184.24.0/22
   23: IP: 185.185.232.0/22
   24: IP: 185.243.180.0/22
   25: IP: 185.249.200.0/22
   26: IP: 185.250.210.0/24
   27: IP: 185.254.28.0/22
   28: IP: 185.254.236.0/22
   29: IP: 193.35.152.0/22
   30: IP: 193.35.204.0/22
   31: IP: 193.160.140.0/22
   32: IP: 193.223.104.0/22
   33: IP: 194.62.52.0/22
   34: IP: 194.127.116.0/22
   35: IP: 2a03:f3c0::/29
   36: IP: 2a05:4f80::/29
   37: IP: 2a05:bf00::/29
   38: IP: 2a06:3440::/29
   39: IP: 2a06:a700::/29
   40: IP: 2a07:21c0::/29
   41: IP: 2a07:d800::/29
   42: IP: 2a07:e700::/29
   43: IP: 2a07:fe40::/29
   44: IP: 2a0b:2780::/29
   45: IP: 2a0b:6780::/29
   46: IP: 2a0c:1340::/29
   47: IP: 2a0c:46c0::/29
   48: IP: 2a0c:5c40::/29
   49: IP: 2a0c:67c0::/29
   50: IP: 2a0c:7a40::/29
   51: IP: 2a0c:89c0::/29
   52: IP: 2a0c:9dc0::/29
   53: IP: 2a0c:acc0::/29
   54: IP: 2a0d:7c0::/29
   55: IP: 2a0d:49c0::/29
   56: IP: 2a10:8b00::/29

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6a:f5:1f:2c:9c:88:49:95:2f:51:bd:77:58:4c:c7:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 01:32:07 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:36:6d:f9:3c:13:64:c3:c3:e5:36:e5:d4:2f:
                    da:22:c9:ab:49:b8:12:d0:a7:0e:02:d9:53:09:b3:
                    b9:89:f2:1d:72:29:f4:27:49:2c:50:14:ee:d7:93:
                    e6:f6:ee:1f:66:29:31:1a:d3:95:51:e6:98:bf:9f:
                    75:ed:39:c1:4f:10:19:27:12:6b:d5:17:cf:11:b5:
                    29:70:a4:9b:af:86:ce:6d:93:d1:5c:7c:5b:80:1b:
                    71:f6:6a:42:03:44:25:7e:66:bb:5e:58:e1:19:f1:
                    0a:60:a0:3d:8f:eb:74:5f:c7:89:7e:d4:82:36:00:
                    c9:db:06:58:e5:87:29:93:94:79:dd:d6:b4:0c:cb:
                    0c:71:38:f9:50:b1:b9:be:59:6d:51:31:84:86:61:
                    1e:0f:89:c5:be:e0:20:cc:6a:55:bd:89:07:0d:60:
                    3b:0d:4d:1e:4f:70:04:c0:fa:ad:fb:ef:81:cd:ab:
                    9e:76:a2:22:a3:de:45:e4:ce:6b:e7:bb:17:64:dc:
                    cb:15:f5:66:53:0d:dd:5f:46:3e:c7:b9:14:1c:04:
                    1c:24:40:20:99:52:f9:12:ff:9e:c3:7f:fe:e9:34:
                    62:b1:07:35:ba:20:03:20:fe:33:80:28:1d:ae:87:
                    f2:a3:91:e0:cf:10:60:39:31:fe:d9:fc:5c:ca:cc:
                    d8:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
            X509v3 Authority Key Identifier: 
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access: 
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.29.24.0/22
                  91.106.216.0/22
                  91.194.53.0/24
                  91.194.55.0/24
                  93.190.12.0/22
                  109.236.48.0/22
                  160.20.108.0/22
                  185.85.188.0/22
                  185.85.236.0/22
                  185.86.4.0/22
                  185.86.12.0/22
                  185.86.152.0/22
                  185.86.164.0/22
                  185.87.24.0/22
                  185.87.120.0/22
                  185.88.172.0/22
                  185.98.60.0/22
                  185.119.80.0/22
                  185.141.32.0/22
                  185.184.24.0/22
                  185.185.232.0/22
                  185.243.180.0/22
                  185.249.200.0/22
                  185.250.210.0/24
                  185.254.28.0/22
                  185.254.236.0/22
                  193.35.152.0/22
                  193.35.204.0/22
                  193.160.140.0/22
                  193.223.104.0/22
                  194.62.52.0/22
                  194.127.116.0/22
                IPv6:
                  2a03:f3c0::/29
                  2a05:4f80::/29
                  2a05:bf00::/29
                  2a06:3440::/29
                  2a06:a700::/29
                  2a07:21c0::/29
                  2a07:d800::/29
                  2a07:e700::/29
                  2a07:fe40::/29
                  2a0b:2780::/29
                  2a0b:6780::/29
                  2a0c:1340::/29
                  2a0c:46c0::/29
                  2a0c:5c40::/29
                  2a0c:67c0::/29
                  2a0c:7a40::/29
                  2a0c:89c0::/29
                  2a0c:9dc0::/29
                  2a0c:acc0::/29
                  2a0d:7c0::/29
                  2a0d:49c0::/29
                  2a10:8b00::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  29262
                  201064

    Signature Algorithm: sha256WithRSAEncryption
         61:dd:48:ae:3b:3d:14:7d:27:c5:e5:9c:cf:2a:72:d8:fb:99:
         8b:16:16:57:df:83:80:78:2c:23:06:72:f2:51:89:3e:1f:e9:
         88:27:ca:d8:09:5b:f5:29:13:e4:60:41:db:f3:06:a7:74:b0:
         8e:27:28:06:45:8a:4e:fe:a0:08:3e:82:a5:49:ca:34:a4:c2:
         7c:4a:50:13:a4:11:1e:db:2c:46:5b:9c:1e:99:a5:b1:ce:da:
         94:ac:36:e8:3e:0e:69:e3:01:1e:0b:87:45:1a:76:5d:dc:d0:
         36:89:41:3c:ef:64:b8:25:2c:46:57:80:fb:f9:1b:c3:4a:26:
         fc:5d:c8:8e:c9:8a:14:35:67:f9:7a:56:bb:f7:3d:65:71:87:
         6f:77:b9:8f:6f:d0:b0:98:18:21:a9:de:62:09:e7:ab:d6:a3:
         64:4a:9c:a1:f0:e3:46:f5:a4:2e:c0:33:37:43:f4:1a:bf:12:
         fd:7c:1d:8c:88:ed:7b:83:6a:60:51:e8:33:6d:65:3a:08:8d:
         fb:2b:96:90:e8:a9:1a:f5:a7:e2:2b:4a:95:48:7a:fe:81:da:
         67:81:bc:c8:9a:09:4d:10:de:00:29:dc:82:d6:7f:b6:a0:e2:
         ed:d0:f3:56:44:e4:6d:76:37:17:6d:9f:71:24:2f:e8:b1:46:
         a0:22:78:fc
-----BEGIN CERTIFICATE-----
MIIG/jCCBeagAwIBAgISAYVq9R8snIhJlS9RvXdYTMfgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMDEzMjA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjE2YzQxOTUxNTJlZmZlZGJmN2IzYWZlZTJhYTcyZTE5MDkwZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDZt+TwTZMPD5Tbl1C/aIsmrSbgS
0KcOAtlTCbO5ifIdcin0J0ksUBTu15Pm9u4fZikxGtOVUeaYv5917TnBTxAZJxJr
1RfPEbUpcKSbr4bObZPRXHxbgBtx9mpCA0Qlfma7XljhGfEKYKA9j+t0X8eJftSC
NgDJ2wZY5Ycpk5R53da0DMsMcTj5ULG5vlltUTGEhmEeD4nFvuAgzGpVvYkHDWA7
DU0eT3AEwPqt+++BzauedqIio95F5M5r57sXZNzLFfVmUw3dX0Y+x7kUHAQcJEAg
mVL5Ev+ew3/+6TRisQc1uiADIP4zgCgdrofyo5HgzxBgOTH+2fxcyszYJwIDAQAB
o4IECjCCBAYwHQYDVR0OBBYEFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ3L2FkNjUy
MS1kM2E5LTRiMTMtYmU2OS0zOWZkYjk4NmYwNTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcvYWQ2NTIx
LWQzYTktNGIxMy1iZTY5LTM5ZmRiOTg2ZjA1OS8xL3hoYkVHVkZTN183Yjk3T3Y3
aXFuTGhrSkRrMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBgwYIKwYB
BQUHAQcBAf8EggFyMIIBbjCBxwQCAAEwgcADBAIuHRgDBAJbatgDBABbwjUDBABb
wjcDBAJdvgwDBAJt7DADBAKgFGwDBAK5VbwDBAK5VewDBAK5VgQDBAK5VgwDBAK5
VpgDBAK5VqQDBAK5VxgDBAK5V3gDBAK5WKwDBAK5YjwDBAK5d1ADBAK5jSADBAK5
uBgDBAK5uegDBAK587QDBAK5+cgDBAC5+tIDBAK5/hwDBAK5/uwDBALBI5gDBALB
I8wDBALBoIwDBALB32gDBALCPjQDBALCf3QwgaEEAgACMIGaAwUDKgPzwAMFAyoF
T4ADBQMqBb8AAwUDKgY0QAMFAyoGpwADBQMqByHAAwUDKgfYAAMFAyoH5wADBQMq
B/5AAwUDKgsngAMFAyoLZ4ADBQMqDBNAAwUDKgxGwAMFAyoMXEADBQMqDGfAAwUD
Kgx6QAMFAyoMicADBQMqDJ3AAwUDKgyswAMFAyoNB8ADBQMqDUnAAwUDKhCLADAe
BggrBgEFBQcBCAEB/wQPMA2gCzAJAgJyTgIDAxFoMA0GCSqGSIb3DQEBCwUAA4IB
AQBh3UiuOz0UfSfF5ZzPKnLY+5mLFhZX34OAeCwjBnLyUYk+H+mIJ8rYCVv1KRPk
YEHb8wandLCOJygGRYpO/qAIPoKlSco0pMJ8SlATpBEe2yxGW5wemaWxztqUrDbo
Pg5p4wEeC4dFGnZd3NA2iUE872S4JSxGV4D7+RvDSib8XciOyYoUNWf5ela79z1l
cYdvd7mPb9CwmBghqd5iCeer1qNkSpyh8ONG9aQuwDM3Q/QavxL9fB2MiO17g2pg
UegzbWU6CI37K5aQ6Kka9afiK0qVSHr+gdpngbzImglNEN4AKdyC1n+2oOLt0PNW
RORtdjcXbZ9xJC/osUagInj8
-----END CERTIFICATE-----
Generated at Thu Feb 2 14:59:14 2023 by rpki-client.