Certificate
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/40C5E16CC09D12B91FFDE58141213F2E82A6F498.cer
File: 40C5E16CC09D12B91FFDE58141213F2E82A6F498.cer (raw, json)
Hash identifier: iEmig+FdA1sVoR3g0UI5gF46D016xSVMGdUo7XfhLJE=
Subject key identifier: 40:C5:E1:6C:C0:9D:12:B9:1F:FD:E5:81:41:21:3F:2E:82:A6:F4:98
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 2585F03B1919C88DF572E38B90806DFC1E28D487
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/3/40C5E16CC09D12B91FFDE58141213F2E82A6F498.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/3/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Sat 16 Mar 2024 13:25:44 +0000
Certificate not after: Sat 15 Mar 2025 13:30:44 +0000
Subordinate resources: IP: 2a13:df85:b100::/40
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:85:f0:3b:19:19:c8:8d:f5:72:e3:8b:90:80:6d:fc:1e:28:d4:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Mar 16 13:25:44 2024 GMT
Not After : Mar 15 13:30:44 2025 GMT
Subject: CN=40C5E16CC09D12B91FFDE58141213F2E82A6F498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:60:40:be:cd:02:cb:1b:27:de:3c:4f:6f:18:
37:02:c6:52:e2:7b:bb:cb:06:e6:56:cd:70:41:01:
d4:e6:b1:65:73:2b:ca:13:a2:dc:89:5e:9d:00:07:
5d:c7:82:7f:59:63:1d:d6:50:17:30:5e:ab:8a:a5:
89:e6:2e:75:eb:e7:00:ff:61:cb:fb:37:f2:e7:50:
23:34:61:79:d7:86:18:1f:47:87:76:31:21:00:73:
4e:a3:f4:f0:1c:63:78:9c:3f:ef:fc:59:df:72:d3:
fa:d0:73:43:47:3e:20:93:1f:ff:fc:da:1d:be:bf:
55:36:60:63:3b:52:fc:e4:03:7c:6f:84:b9:85:ce:
b7:ad:44:ff:00:bd:93:99:c6:0c:07:32:67:40:a9:
17:13:68:83:e4:56:71:de:1c:0e:d8:de:d8:58:e3:
0b:d7:ef:da:86:e9:1d:b6:30:0b:fd:54:8d:38:01:
14:bb:f0:45:b9:a4:5f:72:46:12:cb:8f:fd:82:77:
ea:6f:a3:2e:07:eb:e7:87:49:c0:4d:2c:8c:8f:97:
45:3a:a4:8e:1e:f9:01:2b:e0:5a:8d:f6:6b:8b:12:
de:21:ce:46:85:8b:1e:6b:75:a3:43:88:41:d6:51:
86:e3:7a:57:ac:2d:98:a9:ef:0e:bc:27:2e:84:9e:
61:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Subject Key Identifier:
40:C5:E1:6C:C0:9D:12:B9:1F:FD:E5:81:41:21:3F:2E:82:A6:F4:98
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/3/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/3/40C5E16CC09D12B91FFDE58141213F2E82A6F498.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df85:b100::/40
Signature Algorithm: sha256WithRSAEncryption
bb:42:27:ea:e5:3c:e8:40:18:9d:81:92:51:f7:da:48:9c:ee:
bf:a7:97:ec:67:ef:d2:2c:59:c7:6b:bd:2b:3a:00:84:0e:55:
45:fe:82:6d:07:a4:fb:99:79:03:cc:eb:16:db:e2:e6:36:7a:
cd:0c:a5:2b:62:1b:4d:17:aa:ce:fa:e3:03:cd:19:02:11:a4:
14:55:49:e2:ae:b5:37:cd:c1:4e:b4:31:95:5b:dc:0a:d4:08:
0b:2c:75:e7:70:3c:02:2e:09:b0:27:f9:f9:d3:2a:22:53:d1:
28:92:53:b3:d5:7b:f9:47:38:71:71:1f:a3:12:0e:3f:19:96:
5e:66:e1:12:11:12:38:ed:b0:78:d6:d5:9d:dc:fc:ff:1d:1f:
53:01:61:4f:cf:c8:2d:d9:54:99:69:a9:46:e1:2d:3e:a6:9a:
2c:e3:c2:44:89:d9:95:90:f2:8c:6b:85:ac:84:4e:31:30:4d:
8f:4b:86:7c:c5:dd:d6:fb:30:94:2c:5f:a9:3d:6c:0f:38:e5:
96:bd:11:97:6d:fb:b7:4d:c3:be:e4:4a:79:83:66:d2:33:ab:
27:71:02:23:a5:27:6c:f1:aa:a8:63:a1:92:68:02:29:9c:e3:
a6:3f:84:1f:57:d9:e0:e4:35:12:af:7b:89:95:b5:9d:bf:cb:
c6:f5:3f:68
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgIUJYXwOxkZyI31cuOLkIBt/B4o1IcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDAzMTYxMzI1NDRaFw0yNTAzMTUxMzMwNDRaMDMxMTAvBgNV
BAMTKDQwQzVFMTZDQzA5RDEyQjkxRkZERTU4MTQxMjEzRjJFODJBNkY0OTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzYEC+zQLLGyfePE9vGDcCxlLi
e7vLBuZWzXBBAdTmsWVzK8oTotyJXp0AB13Hgn9ZYx3WUBcwXquKpYnmLnXr5wD/
Ycv7N/LnUCM0YXnXhhgfR4d2MSEAc06j9PAcY3icP+/8Wd9y0/rQc0NHPiCTH//8
2h2+v1U2YGM7UvzkA3xvhLmFzretRP8AvZOZxgwHMmdAqRcTaIPkVnHeHA7Y3thY
4wvX79qG6R22MAv9VI04ARS78EW5pF9yRhLLj/2Cd+pvoy4H6+eHScBNLIyPl0U6
pI4e+QEr4FqN9muLEt4hzkaFix5rdaNDiEHWUYbjelesLZip7w68Jy6EnmETAgMB
AAGjggLjMIIC3zAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRAxeFswJ0SuR/9
5YFBIT8ugqb0mDAfBgNVHSMEGDAWgBTVw9XnD8mtELqQ1F3GZFTp46FGqDAOBgNV
HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8wNDAzMmM4Zi0xZDU3LTRj
M2ItOTA0My1hMGU3ZmViZjE2N2QvMC9ENUMzRDVFNzBGQzlBRDEwQkE5MEQ0NURD
NjY0NTRFOUUzQTE0NkE4LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKG
SHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWNQVjV3
X0pyUkM2a05SZHhtUlU2ZU9oUnFnLmNlcjCCAT8GCCsGAQUFBwELBIIBMTCCAS0w
XwYIKwYBBQUHMAWGU3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4NjgzNzQ4LzMv
MIGLBggrBgEFBQcwCoZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgv
My80MEM1RTE2Q0MwOUQxMkI5MUZGREU1ODE0MTIxM0YyRTgyQTZGNDk4Lm1mdDA8
BggrBgEFBQcwDYYwaHR0cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3Rp
ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUH
AQcBAf8EEjAQMA4EAgACMAgDBgAqE9+FsTANBgkqhkiG9w0BAQsFAAOCAQEAu0In
6uU86EAYnYGSUffaSJzuv6eX7Gfv0ixZx2u9KzoAhA5VRf6CbQek+5l5A8zrFtvi
5jZ6zQylK2IbTReqzvrjA80ZAhGkFFVJ4q61N83BTrQxlVvcCtQICyx153A8Ai4J
sCf5+dMqIlPRKJJTs9V7+Uc4cXEfoxIOPxmWXmbhEhESOO2weNbVndz8/x0fUwFh
T8/ILdlUmWmpRuEtPqaaLOPCRInZlZDyjGuFrIROMTBNj0uGfMXd1vswlCxfqT1s
Dzjllr0Rl237t03DvuRKeYNm0jOrJ3ECI6UnbPGqqGOhkmgCKZzjpj+EH1fZ4OQ1
Eq97iZW1nb/LxvU/aA==
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:40 2024 by rpki-client on console-ams.rpki-client.org