Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/SxUe13AmKwJZLBeVBFH8t1_ygEg.cer
File: SxUe13AmKwJZLBeVBFH8t1_ygEg.cer (raw, json)
Hash identifier: nddaBNifmTDJRFPEYGzwd0M2+Ma6Ih1D+wMEPMLHu6E=
Subject key identifier: 4B:15:1E:D7:70:26:2B:02:59:2C:17:95:04:51:FC:B7:5F:F2:80:48
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 98BA41878A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://nostromo.heficed.net/repo/1123811/0/4B151ED770262B02592C17950451FCB75FF28048.mft
caRepository: rsync://nostromo.heficed.net/repo/1123811/0/
Notify URL: https://nostromo.heficed.net/rrdp/notification.xml
Certificate not before: Sat 01 Jan 2022 00:01:19 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 91.233.198.0/24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 655959885706 (0x98ba41878a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 00:01:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b151ed770262b02592c17950451fcb75ff28048
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:bd:4d:7a:40:3b:80:19:34:2e:93:b7:3d:fc:
28:98:54:cd:2a:fa:ee:62:ae:42:45:93:60:0c:11:
8e:7d:53:4b:81:e0:15:cf:e0:e7:0b:d0:be:18:d5:
eb:33:6c:df:f5:0e:87:6f:49:14:da:b4:28:37:f4:
1d:22:3c:5c:6d:10:9c:c8:9e:34:00:50:b2:b5:95:
b6:0c:cf:22:53:5d:83:85:a3:e2:9c:b3:9d:c3:9b:
5d:31:c4:19:64:a1:6a:22:b3:4e:67:7a:8b:d1:f1:
fb:23:2a:c9:47:dc:18:64:02:dc:91:d8:56:38:0e:
b9:49:df:de:99:58:52:ce:7e:4b:cc:b9:9d:af:a0:
1f:41:71:85:a0:b2:dc:54:34:3c:c1:05:32:6c:a3:
5c:60:bd:4d:82:9b:2f:c1:d7:ab:50:59:c2:36:fc:
6d:73:a3:91:01:3b:53:9b:c4:b0:68:4c:48:68:ce:
1c:b2:f6:aa:a6:8c:0c:bd:82:fa:b1:23:39:e3:ea:
00:28:7c:91:0a:78:f6:1b:8a:8f:6d:45:77:3c:c8:
7a:3d:95:00:72:bb:4b:9d:fd:9d:1e:db:3c:1b:9d:
de:f8:7c:ce:2c:8d:8e:44:be:04:27:94:1a:df:c1:
e2:4b:1e:a0:bf:e9:cd:7c:24:5b:d8:5d:4a:f2:01:
b9:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:15:1E:D7:70:26:2B:02:59:2C:17:95:04:51:FC:B7:5F:F2:80:48
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://nostromo.heficed.net/repo/1123811/0/
RPKI Manifest - URI:rsync://nostromo.heficed.net/repo/1123811/0/4B151ED770262B02592C17950451FCB75FF28048.mft
RPKI Notify - URI:https://nostromo.heficed.net/rrdp/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.198.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:d9:41:01:47:f5:2e:a3:51:ce:48:48:a0:de:66:99:6d:8b:
92:9e:41:6e:02:c5:a7:a1:86:0b:43:23:76:15:91:4f:d1:dc:
08:3b:39:a1:e3:32:cd:90:b4:91:87:6b:09:56:74:04:8c:fa:
09:cf:8d:25:b8:79:59:5e:57:bf:4b:a3:7c:21:cc:9f:2d:82:
aa:a3:a4:5f:b3:55:ca:44:4b:dd:dd:50:e6:99:0c:77:c1:06:
97:a0:13:b2:cf:78:d3:11:4a:2b:dc:a2:61:6e:94:2c:a1:7a:
5c:7f:ea:ec:97:02:74:69:3d:55:15:e5:de:50:3c:48:03:91:
15:6e:b6:1c:2f:f4:56:84:25:0f:5f:fb:74:e8:5a:61:ae:82:
e5:b5:d9:2a:df:8a:d1:39:cf:d2:01:1c:17:41:21:8d:5a:09:
07:e6:03:a3:25:96:7a:e2:a7:7f:df:83:bb:56:1f:fd:5e:49:
f1:cb:88:f6:40:fe:3e:7f:ae:e3:97:57:2c:be:ef:43:0c:bc:
2d:ba:9d:3e:db:4b:f3:7c:52:18:01:5c:c5:43:fc:cb:e7:c3:
ac:9e:cc:9b:d0:f6:42:ed:3a:21:b1:fb:ae:0f:2e:bd:bc:a8:
d6:6a:41:b4:a4:34:33:08:1f:5e:a2:06:26:72:65:32:e3:f3:
79:49:bc:b8
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIGAJi6QYeKMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDAwMTE5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0YjE1MWVkNzcw
MjYyYjAyNTkyYzE3OTUwNDUxZmNiNzVmZjI4MDQ4MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA571NekA7gBk0LpO3PfwomFTNKvruYq5CRZNgDBGOfVNL
geAVz+DnC9C+GNXrM2zf9Q6Hb0kU2rQoN/QdIjxcbRCcyJ40AFCytZW2DM8iU12D
haPinLOdw5tdMcQZZKFqIrNOZ3qL0fH7IyrJR9wYZALckdhWOA65Sd/emVhSzn5L
zLmdr6AfQXGFoLLcVDQ8wQUybKNcYL1NgpsvwderUFnCNvxtc6ORATtTm8SwaExI
aM4csvaqpowMvYL6sSM54+oAKHyRCnj2G4qPbUV3PMh6PZUAcrtLnf2dHts8G53e
+HzOLI2ORL4EJ5Qa38HiSx6gv+nNfCRb2F1K8gG5YwIDAQABo4ICUDCCAkwwHQYD
VR0OBBYEFEsVHtdwJisCWSwXlQRR/Ldf8oBIMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
gfAGCCsGAQUFBwELBIHjMIHgMDgGCCsGAQUFBzAFhixyc3luYzovL25vc3Ryb21v
LmhlZmljZWQubmV0L3JlcG8vMTEyMzgxMS8wLzBkBggrBgEFBQcwCoZYcnN5bmM6
Ly9ub3N0cm9tby5oZWZpY2VkLm5ldC9yZXBvLzExMjM4MTEvMC80QjE1MUVENzcw
MjYyQjAyNTkyQzE3OTUwNDUxRkNCNzVGRjI4MDQ4Lm1mdDA+BggrBgEFBQcwDYYy
aHR0cHM6Ly9ub3N0cm9tby5oZWZpY2VkLm5ldC9ycmRwL25vdGlmaWNhdGlvbi54
bWwwWQYDVR0fBFIwUDBOoEygSoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9z
aXRvcnkvREVGQVVMVC9LcFNvM1ZWSzV3RUhJSm5IQzJRSFZWM2Q1bWsuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABb6cYwDQYJKoZIhvcNAQELBQADggEBAC/ZQQFH9S6jUc5ISKDeZplti5Ke
QW4CxaehhgtDI3YVkU/R3Ag7OaHjMs2QtJGHawlWdASM+gnPjSW4eVleV79Lo3wh
zJ8tgqqjpF+zVcpES93dUOaZDHfBBpegE7LPeNMRSivcomFulCyhelx/6uyXAnRp
PVUV5d5QPEgDkRVuthwv9FaEJQ9f+3ToWmGuguW12SrfitE5z9IBHBdBIY1aCQfm
A6Mllnrip3/fg7tWH/1eSfHLiPZA/j5/ruOXVyy+70MMvC26nT7bS/N8UhgBXMVD
/Mvnw6yezJvQ9kLtOiGx+64PLr28qNZqQbSkNDMIH16iBiZyZTLj83lJvLg=
-----END CERTIFICATE-----
Generated at Fri Jul 4 09:40:26 2025 by rpki-client