Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/IE0C1LO29ho9dwXfYyRJIpKQERI.cer
File: IE0C1LO29ho9dwXfYyRJIpKQERI.cer (raw, json)
Hash identifier: FhmysLYDVBPh5fUujDstBLCPGz4WmnuKY2k5qiDL/jw=
Subject key identifier: 20:4D:02:D4:B3:B6:F6:1A:3D:77:05:DF:63:24:49:22:92:90:11:12
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 753C02AA2E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://nostromo.heficed.net/repo/1123932/0/204D02D4B3B6F61A3D7705DF6324492292901112.mft
caRepository: rsync://nostromo.heficed.net/repo/1123932/0/
Notify URL: https://nostromo.heficed.net/rrdp/notification.xml
Certificate not before: Fri 01 Jan 2021 00:02:01 +0000
Certificate not after: Fri 01 Jul 2022 00:00:00 +0000
Subordinate resources: IP: 194.33.149.0/24
IP: 194.33.182.0/24
IP: 194.34.139.0/24
IP: 194.34.175.0/24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 503517981230 (0x753c02aa2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 00:02:01 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=204d02d4b3b6f61a3d7705df6324492292901112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:ad:44:66:d3:1c:d3:e5:5d:37:aa:e8:ed:5d:
51:9d:d5:3a:4a:7c:b8:99:f2:c0:e5:37:ca:c2:fd:
11:0e:e0:bc:77:87:14:78:c7:51:00:87:65:52:15:
13:f7:47:82:54:72:f3:dc:1a:1a:eb:a1:7e:3c:c3:
f3:c9:20:ce:4f:3b:0c:4f:ed:e4:7e:ed:d9:3c:05:
a6:4f:6d:4a:f7:e6:80:63:cf:dd:43:d1:10:70:35:
a1:1d:a7:40:81:94:ab:d3:58:fa:bc:e8:97:e9:65:
bd:89:44:5b:ce:eb:f0:b6:0b:50:4a:63:0b:f1:cc:
01:8e:06:fa:fa:03:82:4e:53:4a:1d:48:52:01:f0:
8c:3d:5a:82:e5:49:46:4d:67:36:5e:8b:b9:a3:2f:
4d:dd:d8:37:12:0f:2a:7b:fc:5e:9d:15:64:64:8b:
94:1c:b1:1f:8e:11:2f:5c:53:b8:83:d2:ef:d4:10:
0e:76:32:31:df:0a:48:ca:ab:90:45:99:42:1f:94:
ae:fa:8d:38:cc:e0:03:27:0d:78:52:b8:db:62:01:
bf:93:13:6f:db:02:10:7a:b6:14:ea:10:66:52:58:
aa:39:44:36:ca:1a:f9:6a:d8:f7:09:50:01:85:ba:
49:1c:dd:b0:bc:f5:a6:0c:8e:5f:db:a1:68:6b:0b:
52:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:4D:02:D4:B3:B6:F6:1A:3D:77:05:DF:63:24:49:22:92:90:11:12
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://nostromo.heficed.net/repo/1123932/0/
RPKI Manifest - URI:rsync://nostromo.heficed.net/repo/1123932/0/204D02D4B3B6F61A3D7705DF6324492292901112.mft
RPKI Notify - URI:https://nostromo.heficed.net/rrdp/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.149.0/24
194.33.182.0/24
194.34.139.0/24
194.34.175.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:22:88:82:c9:37:c9:16:f9:0b:43:5a:b3:94:e1:80:38:68:
0b:18:87:11:a5:4e:46:5a:29:d0:cc:fb:84:8f:dd:a7:2e:0b:
59:33:37:b4:cb:eb:af:88:2d:37:6d:c2:e5:04:5c:bf:67:59:
92:f5:17:8a:2d:f0:cb:80:68:ec:dd:87:a8:57:66:27:79:1b:
0a:8b:7a:93:db:41:7e:5d:db:e1:47:0f:1e:92:b6:95:3a:85:
e1:57:8b:8c:26:02:77:68:12:5c:90:ce:41:0b:46:c9:d3:4f:
5b:0e:26:00:3d:d6:56:40:05:79:74:58:6c:82:9c:55:f9:15:
0c:f1:15:e2:8d:6f:1c:b2:f9:7e:4e:89:6c:3b:cf:1f:7c:1f:
ec:df:05:ff:99:44:03:a2:0b:a1:9d:91:00:55:97:df:57:65:
4b:b6:d3:ce:15:e9:8c:d3:f3:05:e0:f6:b3:af:c9:f6:80:c3:
7c:14:4b:02:55:24:09:51:50:5b:58:a8:1c:a4:bd:cf:e7:0d:
d9:d9:53:82:63:09:42:4b:37:be:4a:95:7c:4a:16:ff:95:a0:
d5:3e:97:cc:d2:f1:88:fc:89:f3:e2:fa:a5:6f:d9:cb:bd:cd:
91:da:db:9d:b9:da:2e:f6:b4:d1:82:ae:f3:aa:f0:3e:57:93:
75:e9:6a:0e
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIFdTwCqi4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
MmE5NGE4ZGQ1NTRhZTcwMTA3MjA5OWM3MGI2NDA3NTU1ZGRkZTY2OTAeFw0yMTAx
MDEwMDAyMDFaFw0yMjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDIwNGQwMmQ0YjNi
NmY2MWEzZDc3MDVkZjYzMjQ0OTIyOTI5MDExMTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDlrURm0xzT5V03qujtXVGd1TpKfLiZ8sDlN8rC/REO4Lx3
hxR4x1EAh2VSFRP3R4JUcvPcGhrroX48w/PJIM5POwxP7eR+7dk8BaZPbUr35oBj
z91D0RBwNaEdp0CBlKvTWPq86JfpZb2JRFvO6/C2C1BKYwvxzAGOBvr6A4JOU0od
SFIB8Iw9WoLlSUZNZzZei7mjL03d2DcSDyp7/F6dFWRki5QcsR+OES9cU7iD0u/U
EA52MjHfCkjKq5BFmUIflK76jTjM4AMnDXhSuNtiAb+TE2/bAhB6thTqEGZSWKo5
RDbKGvlq2PcJUAGFukkc3bC89aYMjl/boWhrC1LRAgMBAAGjggJiMIICXjAdBgNV
HQ4EFgQUIE0C1LO29ho9dwXfYyRJIpKQERIwHwYDVR0jBBgwFoAUKpSo3VVK5wEH
IJnHC2QHVV3d5mkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwYAYI
KwYBBQUHAQEEVDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9hY2EvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNlcjCB
8AYIKwYBBQUHAQsEgeMwgeAwOAYIKwYBBQUHMAWGLHJzeW5jOi8vbm9zdHJvbW8u
aGVmaWNlZC5uZXQvcmVwby8xMTIzOTMyLzAvMGQGCCsGAQUFBzAKhlhyc3luYzov
L25vc3Ryb21vLmhlZmljZWQubmV0L3JlcG8vMTEyMzkzMi8wLzIwNEQwMkQ0QjNC
NkY2MUEzRDc3MDVERjYzMjQ0OTIyOTI5MDExMTIubWZ0MD4GCCsGAQUFBzANhjJo
dHRwczovL25vc3Ryb21vLmhlZmljZWQubmV0L3JyZHAvbm90aWZpY2F0aW9uLnht
bDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEw
GAMEAMIhlQMEAMIhtgMEAMIiiwMEAMIirzANBgkqhkiG9w0BAQsFAAOCAQEAXCKI
gsk3yRb5C0Nas5ThgDhoCxiHEaVORlop0Mz7hI/dpy4LWTM3tMvrr4gtN23C5QRc
v2dZkvUXii3wy4Bo7N2HqFdmJ3kbCot6k9tBfl3b4UcPHpK2lTqF4VeLjCYCd2gS
XJDOQQtGydNPWw4mAD3WVkAFeXRYbIKcVfkVDPEV4o1vHLL5fk6JbDvPH3wf7N8F
/5lEA6ILoZ2RAFWX31dlS7bTzhXpjNPzBeD2s6/J9oDDfBRLAlUkCVFQW1ioHKS9
z+cN2dlTgmMJQks3vkqVfEoW/5Wg1T6XzNLxiPyJ8+L6pW/Zy73NkdrbnbnaLva0
0YKu86rwPleTdelqDg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:34 2023 by rpki-client on console-fra.rpki-client.org