Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0haDlhvJvqUcsKZwaeK6ouSfX_k.cer
File: 0haDlhvJvqUcsKZwaeK6ouSfX_k.cer (raw, json)
Hash identifier: +nTp8C7D0NbFXCwm7sNfGDVc/ku6aEaUxEZA4GhZUnE=
Subject key identifier: D2:16:83:96:1B:C9:BE:A5:1C:B0:A6:70:69:E2:BA:A2:E4:9F:5F:F9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: B2A0342E54
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://r.magellan.ipxo.com/repo/db433656-6b13-48e1-9ca5-648946810f3e-5/0/D21683961BC9BEA51CB0A67069E2BAA2E49F5FF9.mft
caRepository: rsync://r.magellan.ipxo.com/repo/db433656-6b13-48e1-9ca5-648946810f3e-5/0
Notify URL: https://magellan.ipxo.com/rrdp/notification.xml
Certificate not before: Wed 01 Jun 2022 14:39:41 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 209526
IP: 2.57.16.0/21
IP: 2.58.28.0/22
IP: 2.58.172.0/22
IP: 5.45.36.0/22
IP: 5.181.124.0 -- 5.181.135.255
IP: 5.182.108.0/22
IP: 5.252.68.0 -- 5.252.83.255
IP: 5.252.160.0/22
IP: 5.253.200.0/22
IP: 37.143.60.0/22
IP: 45.81.0.0/22
IP: 45.87.184.0/22
IP: 45.88.96.0/22
IP: 45.89.240.0/22
IP: 45.89.248.0/21
IP: 45.93.44.0/22
IP: 45.95.12.0/22
IP: 45.95.20.0/22
IP: 45.95.36.0/22
IP: 45.133.168.0 -- 45.133.179.255
IP: 45.137.28.0/22
IP: 45.137.116.0/22
IP: 45.137.124.0/22
IP: 45.137.132.0/22
IP: 45.137.156.0/22
IP: 45.139.180.0/22
IP: 85.208.72.0/22
IP: 85.209.176.0/22
IP: 89.19.44.0 -- 89.19.51.255
IP: 89.207.176.0/22
IP: 92.118.160.0/22
IP: 92.119.32.0/22
IP: 92.242.184.0/22
IP: 109.106.0.0/22
IP: 130.185.124.0/22
IP: 141.98.88.0/22
IP: 149.62.40.0/22
IP: 179.61.128.0/17
IP: 181.41.192.0/19
IP: 181.214.0.0/15
IP: 185.34.40.0/22
IP: 185.130.204.0/22
IP: 185.135.8.0/22
IP: 185.135.156.0/22
IP: 185.137.12.0/22
IP: 185.137.92.0/22
IP: 185.139.0.0/22
IP: 185.139.236.0/22
IP: 185.141.164.0/22
IP: 185.142.24.0/22
IP: 185.143.228.0/22
IP: 185.145.36.0/22
IP: 185.151.56.0/22
IP: 185.158.100.0 -- 185.158.107.255
IP: 185.158.132.0/22
IP: 185.158.148.0/22
IP: 185.170.40.0/22
IP: 185.170.56.0/22
IP: 185.172.56.0/22
IP: 185.172.64.0/22
IP: 185.173.24.0/22
IP: 185.173.32.0/22
IP: 185.174.60.0/22
IP: 191.96.0.0/16
IP: 191.101.0.0/16
IP: 193.7.200.0/22
IP: 193.31.40.0/22
IP: 193.58.104.0/22
IP: 193.107.208.0/22
IP: 193.227.122.0/24
IP: 193.227.125.0/24
IP: 193.227.129.0/24
IP: 193.227.135.0/24
IP: 194.53.140.0/22
IP: 194.110.12.0/22
IP: 194.110.242.0/24
IP: 213.109.168.0/22
IP: 2a00:d1a0::/32
IP: 2a03:a960::/29
IP: 2a03:fbc0::/29
IP: 2a06:2b80::/29
IP: 2a09:4b40::/29
IP: 2a0a:4e80::/29
IP: 2a0a:7a00::/29
IP: 2a0a:7e00::/29
IP: 2a0a:8600::/29
IP: 2a0a:8e00::/29
IP: 2a0a:9200::/29
IP: 2a0a:9600::/29
IP: 2a0a:9a00::/29
IP: 2a0a:9e00::/29
IP: 2a0a:9f00::/29
IP: 2a0a:a600::/29
IP: 2a0a:a700::/29
IP: 2a0a:b200::/29
IP: 2a0a:b600::/29
IP: 2a0a:ba00::/29
IP: 2a0a:be00::/29
IP: 2a0a:c600::/29
IP: 2a0a:ce00::/29
IP: 2a0a:d200::/29
IP: 2a0b:300::/29
IP: 2a0b:500::/29
IP: 2a0b:3300::/29
IP: 2a0b:3700::/29
IP: 2a0b:8700::/29
IP: 2a0c:fa40::/29
IP: 2a0d:5c0::/29
IP: 2a0d:4b40::/29
IP: 2a0d:4c40::/29
IP: 2a0e:1c00::/29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 767191952980 (0xb2a0342e54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jun 1 14:39:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d21683961bc9bea51cb0a67069e2baa2e49f5ff9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:32:7d:ae:22:70:bf:51:4b:58:31:02:22:99:
86:3c:f6:40:14:ab:8a:88:94:3f:b7:ab:1d:c9:76:
2d:18:b6:8f:b2:a8:7f:1d:df:63:f7:89:b3:59:ef:
97:51:81:06:d3:72:b7:cf:81:54:d6:54:01:e5:d3:
16:bf:ec:f5:94:da:39:b6:e2:47:6e:4e:10:41:75:
c7:49:c3:02:0d:e9:b4:eb:98:39:aa:10:b9:0f:0b:
42:4c:7f:c3:7c:6f:71:93:1f:17:67:b2:1d:ea:c5:
1c:6d:17:28:02:26:bb:9b:c3:36:62:91:05:fd:c7:
24:7f:1a:67:38:7e:f0:6c:8e:96:85:7f:a7:39:f6:
ca:96:0e:3a:e3:29:8e:54:51:3b:f7:36:2a:ea:3e:
92:ec:52:74:b5:6c:44:bf:54:4d:83:d8:d7:55:6c:
0a:73:90:90:30:7b:66:99:c7:05:55:78:40:16:13:
6d:c9:fa:ae:ca:29:2a:9d:3b:88:dd:25:3b:e0:73:
52:19:d7:a9:19:e6:26:42:a1:64:a1:d4:ea:7f:61:
67:82:c7:f5:cb:01:4f:91:ed:9b:76:8c:b5:1f:8a:
93:c1:15:e4:ec:9c:d2:06:24:30:b7:b8:58:41:ce:
c0:1e:83:67:30:d9:09:a4:11:cf:9f:89:b2:f9:16:
7d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:16:83:96:1B:C9:BE:A5:1C:B0:A6:70:69:E2:BA:A2:E4:9F:5F:F9
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://r.magellan.ipxo.com/repo/db433656-6b13-48e1-9ca5-648946810f3e-5/0
RPKI Manifest - URI:rsync://r.magellan.ipxo.com/repo/db433656-6b13-48e1-9ca5-648946810f3e-5/0/D21683961BC9BEA51CB0A67069E2BAA2E49F5FF9.mft
RPKI Notify - URI:https://magellan.ipxo.com/rrdp/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.16.0/21
2.58.28.0/22
2.58.172.0/22
5.45.36.0/22
5.181.124.0-5.181.135.255
5.182.108.0/22
5.252.68.0-5.252.83.255
5.252.160.0/22
5.253.200.0/22
37.143.60.0/22
45.81.0.0/22
45.87.184.0/22
45.88.96.0/22
45.89.240.0/22
45.89.248.0/21
45.93.44.0/22
45.95.12.0/22
45.95.20.0/22
45.95.36.0/22
45.133.168.0-45.133.179.255
45.137.28.0/22
45.137.116.0/22
45.137.124.0/22
45.137.132.0/22
45.137.156.0/22
45.139.180.0/22
85.208.72.0/22
85.209.176.0/22
89.19.44.0-89.19.51.255
89.207.176.0/22
92.118.160.0/22
92.119.32.0/22
92.242.184.0/22
109.106.0.0/22
130.185.124.0/22
141.98.88.0/22
149.62.40.0/22
179.61.128.0/17
181.41.192.0/19
181.214.0.0/15
185.34.40.0/22
185.130.204.0/22
185.135.8.0/22
185.135.156.0/22
185.137.12.0/22
185.137.92.0/22
185.139.0.0/22
185.139.236.0/22
185.141.164.0/22
185.142.24.0/22
185.143.228.0/22
185.145.36.0/22
185.151.56.0/22
185.158.100.0-185.158.107.255
185.158.132.0/22
185.158.148.0/22
185.170.40.0/22
185.170.56.0/22
185.172.56.0/22
185.172.64.0/22
185.173.24.0/22
185.173.32.0/22
185.174.60.0/22
191.96.0.0/16
191.101.0.0/16
193.7.200.0/22
193.31.40.0/22
193.58.104.0/22
193.107.208.0/22
193.227.122.0/24
193.227.125.0/24
193.227.129.0/24
193.227.135.0/24
194.53.140.0/22
194.110.12.0/22
194.110.242.0/24
213.109.168.0/22
IPv6:
2a00:d1a0::/32
2a03:a960::/29
2a03:fbc0::/29
2a06:2b80::/29
2a09:4b40::/29
2a0a:4e80::/29
2a0a:7a00::/29
2a0a:7e00::/29
2a0a:8600::/29
2a0a:8e00::/29
2a0a:9200::/29
2a0a:9600::/29
2a0a:9a00::/29
2a0a:9e00::/29
2a0a:9f00::/29
2a0a:a600::/29
2a0a:a700::/29
2a0a:b200::/29
2a0a:b600::/29
2a0a:ba00::/29
2a0a:be00::/29
2a0a:c600::/29
2a0a:ce00::/29
2a0a:d200::/29
2a0b:300::/29
2a0b:500::/29
2a0b:3300::/29
2a0b:3700::/29
2a0b:8700::/29
2a0c:fa40::/29
2a0d:5c0::/29
2a0d:4b40::/29
2a0d:4c40::/29
2a0e:1c00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
209526
Signature Algorithm: sha256WithRSAEncryption
2d:39:ef:73:5c:07:55:36:e8:1a:90:60:f8:25:f5:96:4b:77:
3e:a6:13:c2:15:34:ee:35:db:e5:02:bc:f2:1e:21:60:4f:c6:
f0:c2:3d:ae:38:f1:dd:1d:da:0d:c4:e7:6a:c6:e2:65:02:86:
29:8b:59:0a:f9:ac:35:11:4c:4a:da:7c:0b:23:1d:0b:63:73:
b8:24:94:51:09:ca:0d:6d:cb:70:36:99:94:47:93:15:35:3a:
ea:fb:e2:89:55:bc:6d:30:e4:cf:38:ee:a2:91:1b:6b:79:d3:
52:4a:64:2b:22:6c:94:49:ff:0b:95:49:ed:52:40:0a:5b:aa:
c4:14:cd:a1:fa:d6:12:3e:6d:21:f2:32:24:85:07:6f:ae:d0:
f9:30:22:f4:82:d3:4c:de:ee:47:60:6a:4a:f8:9a:12:5a:51:
1b:d9:c4:20:78:59:74:88:bf:e8:8d:ae:4a:c3:78:4e:f9:c7:
9a:27:a5:35:5b:05:1c:3d:3a:e7:a7:9e:0c:7a:be:c3:8f:78:
b2:1c:15:4e:fd:d3:6f:53:48:3e:ca:a6:ce:9e:ed:a2:ff:5a:
64:45:7f:9b:e0:29:0d:83:00:06:a3:09:c6:a8:41:1c:6c:4c:
5a:42:c3:06:92:bd:43:c1:19:dd:c0:ce:76:85:3d:7e:a9:40:
3f:2a:c3:2c
-----BEGIN CERTIFICATE-----
MIIIfzCCB2egAwIBAgIGALKgNC5UMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
NjAxMTQzOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkMjE2ODM5NjFi
YzliZWE1MWNiMGE2NzA2OWUyYmFhMmU0OWY1ZmY5MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAxDJ9riJwv1FLWDECIpmGPPZAFKuKiJQ/t6sdyXYtGLaP
sqh/Hd9j94mzWe+XUYEG03K3z4FU1lQB5dMWv+z1lNo5tuJHbk4QQXXHScMCDem0
65g5qhC5DwtCTH/DfG9xkx8XZ7Id6sUcbRcoAia7m8M2YpEF/cckfxpnOH7wbI6W
hX+nOfbKlg464ymOVFE79zYq6j6S7FJ0tWxEv1RNg9jXVWwKc5CQMHtmmccFVXhA
FhNtyfquyikqnTuI3SU74HNSGdepGeYmQqFkodTqf2Fngsf1ywFPke2bdoy1H4qT
wRXk7JzSBiQwt7hYQc7AHoNnMNkJpBHPn4my+RZ9SQIDAQABo4IFlzCCBZMwHQYD
VR0OBBYEFNIWg5Ybyb6lHLCmcGniuqLkn1/5MB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggErBggrBgEFBQcBCwSCAR0wggEZMFUGCCsGAQUFBzAFhklyc3luYzovL3IubWFn
ZWxsYW4uaXB4by5jb20vcmVwby9kYjQzMzY1Ni02YjEzLTQ4ZTEtOWNhNS02NDg5
NDY4MTBmM2UtNS8wMIGCBggrBgEFBQcwCoZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlw
eG8uY29tL3JlcG8vZGI0MzM2NTYtNmIxMy00OGUxLTljYTUtNjQ4OTQ2ODEwZjNl
LTUvMC9EMjE2ODM5NjFCQzlCRUE1MUNCMEE2NzA2OUUyQkFBMkU0OUY1RkY5Lm1m
dDA7BggrBgEFBQcwDYYvaHR0cHM6Ly9tYWdlbGxhbi5pcHhvLmNvbS9ycmRwL25v
dGlmaWNhdGlvbi54bWwwWQYDVR0fBFIwUDBOoEygSoZIcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9LcFNvM1ZWSzV3RUhJSm5IQzJRSFZW
M2Q1bWsuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwggMMBggrBgEFBQcB
BwEB/wSCAvswggL3MIIB+wQCAAEwggHzAwQDAjkQAwQCAjocAwQCAjqsAwQCBS0k
MAwDBAIFtXwDBAMFtYADBAIFtmwwDAMEAgX8RAMEAgX8UAMEAgX8oAMEAgX9yAME
AiWPPAMEAi1RAAMEAi1XuAMEAi1YYAMEAi1Z8AMEAy1Z+AMEAi1dLAMEAi1fDAME
Ai1fFAMEAi1fJDAMAwQDLYWoAwQCLYWwAwQCLYkcAwQCLYl0AwQCLYl8AwQCLYmE
AwQCLYmcAwQCLYu0AwQCVdBIAwQCVdGwMAwDBAJZEywDBAJZEzADBAJZz7ADBAJc
dqADBAJcdyADBAJc8rgDBAJtagADBAKCuXwDBAKNYlgDBAKVPigDBAezPYADBAW1
KcADAwG11gMEArkiKAMEArmCzAMEArmHCAMEArmHnAMEArmJDAMEArmJXAMEArmL
AAMEArmL7AMEArmNpAMEArmOGAMEArmP5AMEArmRJAMEArmXODAMAwQCuZ5kAwQC
uZ5oAwQCuZ6EAwQCuZ6UAwQCuaooAwQCuao4AwQCuaw4AwQCuaxAAwQCua0YAwQC
ua0gAwQCua48AwMAv2ADAwC/ZQMEAsEHyAMEAsEfKAMEAsE6aAMEAsFr0AMEAMHj
egMEAMHjfQMEAMHjgQMEAMHjhwMEAsI1jAMEAsJuDAMEAMJu8gMEAtVtqDCB9QQC
AAIwge4DBQAqANGgAwUDKgOpYAMFAyoD+8ADBQMqBiuAAwUDKglLQAMFAyoKToAD
BQMqCnoAAwUDKgp+AAMFAyoKhgADBQMqCo4AAwUDKgqSAAMFAyoKlgADBQMqCpoA
AwUDKgqeAAMFAyoKnwADBQMqCqYAAwUDKgqnAAMFAyoKsgADBQMqCrYAAwUDKgq6
AAMFAyoKvgADBQMqCsYAAwUDKgrOAAMFAyoK0gADBQMqCwMAAwUDKgsFAAMFAyoL
MwADBQMqCzcAAwUDKguHAAMFAyoM+kADBQMqDQXAAwUDKg1LQAMFAyoNTEADBQMq
DhwAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMydjANBgkqhkiG9w0BAQsFAAOC
AQEALTnvc1wHVTboGpBg+CX1lkt3PqYTwhU07jXb5QK88h4hYE/G8MI9rjjx3R3a
DcTnasbiZQKGKYtZCvmsNRFMStp8CyMdC2NzuCSUUQnKDW3LcDaZlEeTFTU66vvi
iVW8bTDkzzjuopEba3nTUkpkKyJslEn/C5VJ7VJACluqxBTNofrWEj5tIfIyJIUH
b67Q+TAi9ILTTN7uR2BqSviaElpRG9nEIHhZdIi/6I2uSsN4TvnHmielNVsFHD06
56eeDHq+w494shwVTv3Tb1NIPsqmzp7tov9aZEV/m+ApDYMABqMJxqhBHGxMWkLD
BpK9Q8EZ3cDOdoU9fqlAPyrDLA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:08 2024 by rpki-client on console-fra.rpki-client.org