Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
File:                     yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer (download)
Hash identifier:          LE6zXZ4WArM0EqO4OXeuCNJGd8jBu1PKFlx+aIvKQcI=
Subject key identifier:   C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856DF7C51742C42F0D555BBABDCAE1D16D
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/yHtZTl5nE6W4ClSBpc5x5lLYRXM.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate valid until:  Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:
    1: AS: 44685
    2: AS: 47285
    3: AS: 60778
    4: AS: 200436
    5: IP: 45.139.8.0/22
    6: IP: 185.105.236.0/22
    7: IP: 185.190.25.0/24
    8: IP: 185.231.112.0/22
    9: IP: 194.36.172.0/22
   10: IP: 194.147.140.0/24
   11: IP: 194.147.142.0/24
   12: IP: 194.147.150.0/24
   13: IP: 194.147.170.0/24
   14: IP: 194.180.208.0/23
   15: IP: 194.180.224.0/23
   16: IP: 2a07:a580::/29
   17: IP: 2a0c:6700::/29
   18: IP: 2a0e:6f40::/29
   19: IP: 2a10:3a80::/29
   20: IP: 2a12:2600::/29

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:f7:c5:17:42:c4:2f:0d:55:5b:ba:bd:ca:e1:d1:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 15:33:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:8b:43:15:7b:cf:c5:ad:09:21:0e:77:35:5b:
                    d2:81:d7:e2:26:fe:22:f8:c3:71:d5:37:9e:58:f9:
                    ea:54:64:dd:29:7f:56:6c:6c:19:d6:7d:34:34:0a:
                    c3:ae:cc:d0:77:0d:76:ec:88:fd:f4:de:42:ef:ac:
                    b8:21:a3:69:06:1e:8d:24:7b:9e:c4:1c:9a:aa:72:
                    3c:b5:5b:bb:97:33:5a:09:16:a1:08:60:5b:e8:ce:
                    6a:12:30:72:62:b6:f2:94:31:5d:3f:24:fe:90:58:
                    cc:3b:27:cd:96:15:e9:1f:8f:78:eb:30:45:8e:89:
                    5b:b8:e8:53:4a:33:27:fe:9e:47:04:bc:45:3d:c3:
                    c4:9c:b6:f5:27:cd:de:4b:65:58:c0:22:8e:7a:c8:
                    cf:14:a2:b2:dc:65:0f:a1:c7:9f:ba:9f:e0:73:31:
                    f5:92:ea:5a:4f:65:84:82:b5:46:52:8e:5e:9a:62:
                    79:ef:65:fb:d9:9e:53:8f:82:08:aa:7b:5c:1a:38:
                    08:73:96:d7:bb:2b:0e:98:84:7e:37:b0:09:c3:44:
                    6d:d8:b2:25:d1:c3:98:fa:6c:16:7f:8d:7a:be:58:
                    a7:58:79:c6:66:d9:d6:75:90:88:73:62:4d:0c:ec:
                    a9:0e:09:50:f0:c9:33:5d:0f:2a:4d:d1:2c:71:a2:
                    bf:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
            X509v3 Authority Key Identifier: 
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access: 
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/yHtZTl5nE6W4ClSBpc5x5lLYRXM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.139.8.0/22
                  185.105.236.0/22
                  185.190.25.0/24
                  185.231.112.0/22
                  194.36.172.0/22
                  194.147.140.0/24
                  194.147.142.0/24
                  194.147.150.0/24
                  194.147.170.0/24
                  194.180.208.0/23
                  194.180.224.0/23
                IPv6:
                  2a07:a580::/29
                  2a0c:6700::/29
                  2a0e:6f40::/29
                  2a10:3a80::/29
                  2a12:2600::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  44685
                  47285
                  60778
                  200436

    Signature Algorithm: sha256WithRSAEncryption
         99:ce:45:60:80:9e:d4:9a:21:66:ee:7c:29:ed:0b:a3:2e:02:
         3b:78:31:2b:f3:2a:3e:37:6c:6f:66:72:95:b3:52:2c:10:d7:
         8b:20:6f:80:7f:4b:7f:1c:a4:9a:a6:fe:49:a4:c4:a6:aa:81:
         73:f0:1d:b2:c1:61:64:36:24:4a:df:bc:79:1e:55:57:9b:a6:
         63:91:03:23:0e:cc:24:44:33:aa:28:bd:05:b3:23:43:54:2a:
         6c:2d:53:52:01:45:8e:4a:e3:12:69:2c:ef:9e:52:21:c8:eb:
         90:af:23:98:ed:10:9f:6c:f8:63:1e:50:2b:f9:be:06:9a:39:
         00:b1:19:2f:34:ab:d9:af:e5:fc:bf:76:86:4e:9e:84:22:a2:
         4e:51:86:bb:f4:a9:cf:6e:21:18:ee:1a:f3:8d:1f:cc:58:7b:
         43:88:f8:c1:cf:3f:5e:dc:ab:b2:4f:5f:cd:dd:41:92:59:2b:
         e9:5d:37:ce:58:92:c2:8b:01:02:b6:3e:c3:4f:a0:f5:97:c1:
         4d:74:8f:3a:8b:e9:69:45:f7:8b:69:a2:e6:bf:8a:4e:0a:63:
         db:0d:73:3e:4f:76:59:27:30:00:00:da:60:05:d5:01:7e:45:
         cd:88:24:a6:88:af:a2:1b:b2:0f:da:01:d4:13:39:8f:94:79:
         34:1b:a0:da
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAYVt98UXQsQvDVVbur3K4dFtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTUzMzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODdiNTk0ZTVlNjcxM2E1YjgwYTU0ODFhNWNlNzFlNjUyZDg0NTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4tDFXvPxa0JIQ53NVvSgdfiJv4i
+MNx1TeeWPnqVGTdKX9WbGwZ1n00NArDrszQdw127Ij99N5C76y4IaNpBh6NJHue
xByaqnI8tVu7lzNaCRahCGBb6M5qEjByYrbylDFdPyT+kFjMOyfNlhXpH4946zBF
jolbuOhTSjMn/p5HBLxFPcPEnLb1J83eS2VYwCKOesjPFKKy3GUPocefup/gczH1
kupaT2WEgrVGUo5emmJ572X72Z5Tj4IIqntcGjgIc5bXuysOmIR+N7AJw0Rt2LIl
0cOY+mwWf416vlinWHnGZtnWdZCIc2JNDOypDglQ8MkzXQ8qTdEscaK/JQIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFMh7WU5eZxOluApUgaXOceZS2EVzMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YyLzgyNGY3
OC1kZWUyLTQ3YmMtYWYyZi0zOGNiNmU0MTZmM2EvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIvODI0Zjc4
LWRlZTItNDdiYy1hZjJmLTM4Y2I2ZTQxNmYzYS8xL3lIdFpUbDVuRTZXNENsU0Jw
YzV4NWxMWVJYTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGGBggrBgEF
BQcBBwEB/wR3MHUwSAQCAAEwQgMEAi2LCAMEArlp7AMEALm+GQMEArnncAMEAsIk
rAMEAMKTjAMEAMKTjgMEAMKTlgMEAMKTqgMEAcK00AMEAcK04DApBAIAAjAjAwUD
KgelgAMFAyoMZwADBQMqDm9AAwUDKhA6gAMFAyoSJgAwKQYIKwYBBQUHAQgBAf8E
GjAYoBYwFAIDAK6NAgMAuLUCAwDtagIDAw70MA0GCSqGSIb3DQEBCwUAA4IBAQCZ
zkVggJ7UmiFm7nwp7QujLgI7eDEr8yo+N2xvZnKVs1IsENeLIG+Af0t/HKSapv5J
pMSmqoFz8B2ywWFkNiRK37x5HlVXm6ZjkQMjDswkRDOqKL0FsyNDVCpsLVNSAUWO
SuMSaSzvnlIhyOuQryOY7RCfbPhjHlAr+b4GmjkAsRkvNKvZr+X8v3aGTp6EIqJO
UYa79KnPbiEY7hrzjR/MWHtDiPjBzz9e3KuyT1/N3UGSWSvpXTfOWJLCiwECtj7D
T6D1l8FNdI86i+lpRfeLaaLmv4pOCmPbDXM+T3ZZJzAAANpgBdUBfkXNiCSmiK+i
G7IP2gHUEzmPlHk0G6Da
-----END CERTIFICATE-----
Generated at Mon Jan 30 09:09:45 2023 by rpki-client.