Certificate

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/a01e997c-b89e-47c2-8d79-d31e58bc3ca4/eecf847d7a32046881bbfaba0599bdd6dab3a81a88d8a48a46.cer
File:                     eecf847d7a32046881bbfaba0599bdd6dab3a81a88d8a48a46.cer (raw, json)
Hash identifier:          BiZtutoHg7ZBxPWld28R1HV2sk9kXHKqe+UecMH3Gwg=
Subject key identifier:   1A:05:03:43:0B:A9:93:F7:0F:89:AB:E8:42:1B:F7:46:3F:E5:CA:BF
Authority key identifier: 34:35:74:15:33:DF:E8:56:5B:FE:7F:0E:91:04:2C:50:B7:C1:A1:6C
Certificate issuer:       /CN=a01e997c-b89e-47c2-8d79-d31e58bc3ca4
Certificate serial:       010D0C9F4328584053166C166AB43DECE151C800
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/a01e997c-b89e-47c2-8d79-d31e58bc3ca4.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/1/1A0503430BA993F70F89ABE8421BF7463FE5CABF.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/1
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Fri 23 Dec 2022 00:08:39 +0000
Certificate not after:    Wed 26 Mar 2025 23:08:39 +0000
Subordinate resources:    AS: 926
                          AS: 1018
                          IP: 23.132.184.0/23
                          IP: 128.254.204.0/22
                          IP: 192.138.210.0/23
                          IP: 192.209.62.0/23
                          IP: 216.73.156.0/22
                          IP: 2606:b940::/32

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:40:53:16:6c:16:6a:b4:3d:ec:e1:51:c8:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a01e997c-b89e-47c2-8d79-d31e58bc3ca4
        Validity
            Not Before: Dec 23 00:08:39 2022 GMT
            Not After : Mar 26 23:08:39 2025 GMT
        Subject: CN=eecf847d7a32046881bbfaba0599bdd6dab3a81a88d8a48a46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:21:97:08:8c:de:49:90:62:c0:63:b8:e3:0c:
                    cf:4c:b2:69:d6:d2:5b:9a:82:c0:61:05:e4:91:c1:
                    0d:e5:e1:bc:2e:5c:0b:b1:f8:df:d9:d5:b6:47:7e:
                    87:dc:d1:b5:82:bc:44:3d:cb:ca:d1:eb:64:68:74:
                    e3:5d:1a:1e:36:04:b0:2f:79:32:bc:be:b7:42:d7:
                    6a:0c:e8:42:96:94:9b:16:57:23:fc:54:6a:f8:b3:
                    19:e7:a3:2f:fa:ff:15:19:e4:f0:73:2a:5d:7d:f6:
                    17:2e:d0:b0:cf:6d:97:49:65:69:e5:a3:56:0d:3c:
                    7c:f6:8c:94:7c:8a:4f:8b:3e:a7:16:7a:5d:82:4b:
                    2e:a8:68:ca:db:ad:15:50:1f:f4:ec:16:15:f1:66:
                    b7:0e:47:17:95:69:29:61:93:b9:3d:4b:05:08:db:
                    de:b4:67:19:34:32:f1:55:61:84:13:f8:5c:5d:4c:
                    f5:88:5c:0d:df:6a:7a:2c:ba:f6:e6:b2:61:74:2e:
                    af:ea:3c:f6:f6:65:f4:5c:e0:ef:01:ab:55:f3:95:
                    fa:64:44:27:56:d6:dd:8d:88:16:75:62:cf:71:8c:
                    6c:f3:ef:de:e8:04:8a:bc:f3:2f:f8:39:b4:11:7a:
                    4a:ee:af:41:a3:46:bb:c3:17:87:df:56:75:d9:3a:
                    aa:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:05:03:43:0B:A9:93:F7:0F:89:AB:E8:42:1B:F7:46:3F:E5:CA:BF
            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/1
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/1/1A0503430BA993F70F89ABE8421BF7463FE5CABF.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/a01e997c-b89e-47c2-8d79-d31e58bc3ca4/a01e997c-b89e-47c2-8d79-d31e58bc3ca4.crl

            X509v3 Authority Key Identifier:
                keyid:34:35:74:15:33:DF:E8:56:5B:FE:7F:0E:91:04:2C:50:B7:C1:A1:6C

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/a01e997c-b89e-47c2-8d79-d31e58bc3ca4.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.132.184.0/23
                  128.254.204.0/22
                  192.138.210.0/23
                  192.209.62.0/23
                  216.73.156.0/22
                IPv6:
                  2606:b940::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  926
                  1018

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         4f:86:ed:2f:0a:f5:72:60:3d:77:bb:34:03:3e:fb:a6:3e:ef:
         f8:50:c8:1e:a6:94:53:6c:7a:88:6b:fb:20:2f:19:4e:06:43:
         5e:57:f7:1b:05:91:16:b1:6b:6f:72:c9:06:4e:04:40:98:79:
         0e:04:ab:91:f7:07:c5:16:8a:ad:7d:59:33:5e:b9:5c:b1:7a:
         6b:89:7b:1b:a5:43:6f:6a:49:64:e4:3a:5d:c4:1d:4a:d6:75:
         22:d7:d7:05:57:63:7e:26:21:72:5a:70:f6:be:b9:06:92:db:
         d8:d3:0a:3f:7d:d9:3d:5d:07:41:20:a1:e9:a5:93:46:d2:7b:
         34:8c:38:b3:4b:de:d1:3c:7d:f3:d8:64:20:7e:10:d8:f0:4f:
         4c:60:15:42:77:6d:6e:86:89:ec:7e:d6:c1:68:50:c3:44:78:
         2d:46:57:fc:14:48:0c:9c:92:7f:96:31:99:3d:13:26:34:b1:
         44:83:d4:3a:38:61:e2:32:2a:5d:b4:a0:e2:d5:77:26:35:d9:
         70:c1:dd:f5:93:3c:79:b9:ae:33:28:3c:9b:90:b4:47:87:57:
         3e:7e:43:25:27:73:50:be:15:08:64:f6:7c:09:59:c5:8d:76:
         ab:d4:6c:60:f4:5b:db:02:78:64:34:de:20:34:7f:1f:f6:7c:
         d9:c1:52:3f
-----BEGIN CERTIFICATE-----
MIIHAjCCBeqgAwIBAgIUAQ0Mn0MoWEBTFmwWarQ97OFRyAAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYTAxZTk5N2MtYjg5ZS00N2MyLThkNzktZDMxZTU4YmMz
Y2E0MB4XDTIyMTIyMzAwMDgzOVoXDTI1MDMyNjIzMDgzOVowPTE7MDkGA1UEAxMy
ZWVjZjg0N2Q3YTMyMDQ2ODgxYmJmYWJhMDU5OWJkZDZkYWIzYTgxYTg4ZDhhNDhh
NDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1IZcIjN5JkGLAY7jj
DM9MsmnW0luagsBhBeSRwQ3l4bwuXAux+N/Z1bZHfofc0bWCvEQ9y8rR62RodONd
Gh42BLAveTK8vrdC12oM6EKWlJsWVyP8VGr4sxnnoy/6/xUZ5PBzKl199hcu0LDP
bZdJZWnlo1YNPHz2jJR8ik+LPqcWel2CSy6oaMrbrRVQH/TsFhXxZrcORxeVaSlh
k7k9SwUI2960Zxk0MvFVYYQT+FxdTPWIXA3fanosuvbmsmF0Lq/qPPb2ZfRc4O8B
q1XzlfpkRCdW1t2NiBZ1Ys9xjGzz797oBIq88y/4ObQRekrur0GjRrvDF4ffVnXZ
OqqpAgMBAAGjggQGMIIEAjAdBgNVHQ4EFgQUGgUDQwupk/cPiavoQhv3Rj/lyr8w
ggE+BggrBgEFBQcBCwSCATAwggEsMF4GCCsGAQUFBzAFhlJyc3luYzovL3JzeW5j
LnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2Y4ZTdkODY3LWMzNWUtNGU2
OS1hODE1LWJhMWU5YjMzNmQ2Mi8xMIGLBggrBgEFBQcwCoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mOGU3ZDg2Ny1jMzVlLTRl
NjktYTgxNS1iYTFlOWIzMzZkNjIvMS8xQTA1MDM0MzBCQTk5M0Y3MEY4OUFCRTg0
MjFCRjc0NjNGRTVDQUJGLm1mdDA8BggrBgEFBQcwDYYwaHR0cHM6Ly9ycmRwLnBh
YXMucnBraS5yaXBlLm5ldC9ub3RpZmljYXRpb24ueG1sMA8GA1UdEwEB/wQFMAMB
Af8wgdwGA1UdHwSB1DCB0TCBzqCBy6CByIaBxXJzeW5jOi8vcnBraS5hcmluLm5l
dC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4
Yy0yMTcxZGEyMTU3ZDMvZjYwYzlmMzItYTg3Yy00MzM5LWEyZjMtNjI5OWEzYjAy
ZTI5L2EwMWU5OTdjLWI4OWUtNDdjMi04ZDc5LWQzMWU1OGJjM2NhNC9hMDFlOTk3
Yy1iODllLTQ3YzItOGQ3OS1kMzFlNThiYzNjYTQuY3JsMB8GA1UdIwQYMBaAFDQ1
dBUz3+hWW/5/DpEELFC3waFsMA4GA1UdDwEB/wQEAwIBBjCBwAYIKwYBBQUHAQEE
gbMwgbAwga0GCCsGAQUFBzAChoGgcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9z
aXRvcnkvYXJpbi1ycGtpLXRhLzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFk
YTIxNTdkMy9mNjBjOWYzMi1hODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvYTAx
ZTk5N2MtYjg5ZS00N2MyLThkNzktZDMxZTU4YmMzY2E0LmNlcjBGBggrBgEFBQcB
BwEB/wQ3MDUwJAQCAAEwHgMEAReEuAMEAoD+zAMEAcCK0gMEAcDRPgMEAthJnDAN
BAIAAjAHAwUAJga5QDAdBggrBgEFBQcBCAEB/wQOMAygCjAIAgIDngICA/owVAYD
VR0gAQH/BEowSDBGBggrBgEFBQcOAjA6MDgGCCsGAQUFBwIBFixodHRwczovL3d3
dy5hcmluLm5ldC9yZXNvdXJjZXMvcnBraS9jcHMuaHRtbDANBgkqhkiG9w0BAQsF
AAOCAQEAT4btLwr1cmA9d7s0Az77pj7v+FDIHqaUU2x6iGv7IC8ZTgZDXlf3GwWR
FrFrb3LJBk4EQJh5DgSrkfcHxRaKrX1ZM165XLF6a4l7G6VDb2pJZOQ6XcQdStZ1
ItfXBVdjfiYhclpw9r65BpLb2NMKP33ZPV0HQSCh6aWTRtJ7NIw4s0ve0Tx989hk
IH4Q2PBPTGAVQndtboaJ7H7WwWhQw0R4LUZX/BRIDJySf5YxmT0TJjSxRIPUOjhh
4jIqXbSg4tV3JjXZcMHd9ZM8ebmuMyg8m5C0R4dXPn5DJSdzUL4VCGT2fAlZxY12
q9RsYPRb2wJ4ZDTeIDR/H/Z82cFSPw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:14:46 2024 by rpki-client on console-fra.rpki-client.org