RPKI Certificate
Location:                 ./rsync/rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer (download)

Subject key identifier:   34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Manifest:                 rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.mft
CA Repository:            rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/
Notification URL:         https://rrdp.ripe.net/notification.xml
Subject Public Key Info:  
Subordinate resources:
    until: 2023-07-01T00:00:00Z
    Resources:
    1: AS: 47557
    2: AS: 59872
    3: AS: 207249
    1: IP: 91.206.20.0/23
    2: IP: 185.68.44.0/22
    3: IP: 185.161.232.0/22
    4: IP: 2a05:1600::/29
    5: IP: 2a07:c880::/29

--
$ openssl x509 -text -inform DER -in ./rsync/rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 722384213162 (0xa8317454aa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 13:56:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3474210c28413e26284822abe83ad6d7c0f764fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:d2:a4:26:80:a2:bb:fe:1b:d5:75:79:c0:89:
                    df:2e:ce:9c:e9:f4:f6:0e:5c:b6:29:2d:00:1a:00:
                    9d:b2:51:ac:85:b4:9a:c1:ee:07:eb:fb:91:c9:f7:
                    8e:b2:e8:a7:a4:18:23:06:eb:c2:d9:28:15:c2:7d:
                    78:e7:f5:55:c3:af:ec:10:a4:75:5a:aa:9e:af:e9:
                    62:f8:2b:ba:23:ef:77:76:cc:f7:81:93:3d:97:15:
                    ef:6b:87:f8:8e:65:e8:17:ea:78:55:4b:07:c3:7b:
                    db:f6:a7:0d:de:55:29:c1:36:4e:7f:d0:92:70:4e:
                    93:d6:46:95:96:3b:ba:b1:3d:fa:60:a6:b2:75:5f:
                    40:e1:b8:3d:a0:61:19:52:71:9e:23:b4:90:d8:3d:
                    88:32:47:9d:85:2f:26:81:62:8a:01:74:25:53:f6:
                    5c:04:3b:b3:a3:aa:55:ce:36:e5:8a:c3:e3:3a:b8:
                    20:f9:04:c2:79:ed:5d:a1:27:63:e7:ce:b4:b2:76:
                    b6:cf:ad:26:dc:11:cf:dc:a8:d7:e7:d1:87:8c:59:
                    0e:58:4d:f7:ba:f2:b3:02:1a:7a:80:cc:d4:2d:06:
                    95:d9:d8:14:b0:28:87:16:00:5d:b3:e0:42:f9:3d:
                    2e:e0:b3:1a:ea:f6:82:63:c5:b4:1e:5d:01:7d:4e:
                    15:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
            X509v3 Authority Key Identifier: 
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access: 
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.206.20.0/23
                  185.68.44.0/22
                  185.161.232.0/22
                IPv6:
                  2a05:1600::/29
                  2a07:c880::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  47557
                  59872
                  207249

    Signature Algorithm: sha256WithRSAEncryption
         29:d4:49:c6:3c:76:3b:9e:17:49:87:4a:0c:d2:af:d0:f6:57:
         ab:6b:07:d1:7f:77:94:6c:d9:88:ff:fb:8a:40:0d:7b:94:97:
         ff:51:84:8c:d1:29:22:20:33:e2:e4:2b:5c:24:b9:d7:99:9f:
         8b:7d:36:74:84:88:09:2f:ee:7e:27:69:15:03:f3:7f:71:c2:
         a7:93:45:52:81:fb:2b:ab:5d:07:c2:bf:86:c2:50:50:02:7f:
         c8:42:05:51:4b:70:31:42:34:47:7a:ff:54:64:93:22:97:42:
         6f:03:65:80:82:c9:3d:6c:a9:a5:d6:94:0b:a1:9d:14:e9:e7:
         39:e2:ab:c4:42:9d:d5:7f:1c:0c:22:d9:26:8f:c7:94:ac:4b:
         c9:6c:e1:cc:3b:67:d1:00:94:09:93:2b:59:23:ac:20:23:63:
         dd:41:27:43:e7:56:9e:be:05:2d:a9:ea:16:de:80:b1:9b:ae:
         60:62:c9:62:e7:de:7f:e0:63:63:bd:16:26:c9:d2:7c:97:d6:
         d2:4a:a2:fb:6b:be:9d:5a:78:82:9d:6b:ec:d7:e7:a8:83:d2:
         1b:2a:fd:51:70:ec:cd:4d:1d:43:36:aa:ec:36:57:4c:74:94:
         c6:0d:ae:c1:b3:19:56:55:fc:d6:ba:d5:dd:6c:c5:21:07:19:
         0b:5d:9e:7e
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgIGAKgxdFSqMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTM1NjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzNDc0MjEwYzI4
NDEzZTI2Mjg0ODIyYWJlODNhZDZkN2MwZjc2NGZhMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA0tKkJoCiu/4b1XV5wInfLs6c6fT2Dly2KS0AGgCdslGs
hbSawe4H6/uRyfeOsuinpBgjBuvC2SgVwn145/VVw6/sEKR1Wqqer+li+Cu6I+93
dsz3gZM9lxXva4f4jmXoF+p4VUsHw3vb9qcN3lUpwTZOf9CScE6T1kaVlju6sT36
YKaydV9A4bg9oGEZUnGeI7SQ2D2IMkedhS8mgWKKAXQlU/ZcBDuzo6pVzjblisPj
Orgg+QTCee1doSdj5860sna2z60m3BHP3KjX59GHjFkOWE33uvKzAhp6gMzULQaV
2dgUsCiHFgBds+BC+T0u4LMa6vaCY8W0Hl0BfU4VwwIDAQABo4ICzDCCAsgwHQYD
VR0OBBYEFDR0IQwoQT4mKEgiq+g61tfA92T6MB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYzLzNlOTkxNi00ZjhhLTRiMDgt
ODljOS1iMGM3NGI3NmUxODIvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjMvM2U5OTE2LTRmOGEtNGIwOC04
OWM5LWIwYzc0Yjc2ZTE4Mi8xL05IUWhEQ2hCUGlZb1NDS3I2RHJXMThEM1pQby5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAY
BAIAATASAwQBW84UAwQCuUQsAwQCuaHoMBQEAgACMA4DBQMqBRYAAwUDKgfIgDAk
BggrBgEFBQcBCAEB/wQVMBOgETAPAgMAucUCAwDp4AIDAymRMA0GCSqGSIb3DQEB
CwUAA4IBAQAp1EnGPHY7nhdJh0oM0q/Q9lerawfRf3eUbNmI//uKQA17lJf/UYSM
0SkiIDPi5CtcJLnXmZ+LfTZ0hIgJL+5+J2kVA/N/ccKnk0VSgfsrq10Hwr+GwlBQ
An/IQgVRS3AxQjRHev9UZJMil0JvA2WAgsk9bKml1pQLoZ0U6ec54qvEQp3VfxwM
Itkmj8eUrEvJbOHMO2fRAJQJkytZI6wgI2PdQSdD51aevgUtqeoW3oCxm65gYsli
595/4GNjvRYmydJ8l9bSSqL7a76dWniCnWvs1+eog9IbKv1RcOzNTR1DNqrsNldM
dJTGDa7BsxlWVfzWutXdbMUhBxkLXZ5+
-----END CERTIFICATE-----

Generated at Sat Jan 1 16:58:10 2022 by LibreSSL & rpki-client.