Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5aMbCdp1Fv0DbP5_hAaUw6z3R1Y.cer
File: 5aMbCdp1Fv0DbP5_hAaUw6z3R1Y.cer (raw, json)
Hash identifier: YMpaO+z2APVfXeKLK1QtrmZN/T/U0eBFyHEAxWCJFp0=
Subject key identifier: E5:A3:1B:09:DA:75:16:FD:03:6C:FE:7F:84:06:94:C3:AC:F7:47:56
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 7D06289ABD
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f2/777aa4-cc6d-4136-92b6-768edcfe34e0/1/5aMbCdp1Fv0DbP5_hAaUw6z3R1Y.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f2/777aa4-cc6d-4136-92b6-768edcfe34e0/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 01 Jan 2021 03:16:40 +0000
Certificate not after: Fri 01 Jul 2022 00:00:00 +0000
Subordinate resources: AS: 49060
IP: 45.151.60.0/22
IP: 94.45.160.0/19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 536974236349 (0x7d06289abd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 03:16:40 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=e5a31b09da7516fd036cfe7f840694c3acf74756
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:53:1a:e7:c3:f9:9b:85:f4:73:ba:9d:4e:ce:
74:8b:34:7e:63:84:9f:c0:4a:41:7d:5c:01:ca:4f:
a2:18:d3:bf:55:73:65:03:10:1a:60:59:cd:74:b9:
a7:a8:3d:17:c5:01:46:97:6e:31:b0:69:41:49:8c:
89:c1:e6:51:50:c0:79:cf:dd:42:13:c5:1e:4a:ee:
b7:ef:50:8f:70:2b:6d:7f:35:2f:0e:14:d7:7e:24:
4f:02:7b:96:96:ee:13:27:da:c2:9b:8b:34:7f:a8:
ba:31:c9:7d:95:76:cd:cb:44:bf:57:70:cb:ee:04:
31:d8:83:79:95:cf:e2:ba:ed:d5:47:de:cc:fd:7c:
a8:bb:db:46:ec:a4:22:0b:da:bb:a4:18:3d:c2:a8:
45:98:67:06:52:08:03:2e:47:fb:77:02:a2:b3:a9:
d5:c0:fa:2a:f4:aa:ad:7c:a9:44:11:43:7d:82:74:
5f:d4:60:a3:8a:58:e4:02:91:ff:ae:03:0e:95:2c:
ce:6a:8a:ae:1a:1f:1c:ae:0c:3e:bf:d9:9d:c7:c4:
cc:8b:5a:9c:9c:75:90:31:af:3f:7f:1b:d2:7b:e7:
49:27:ca:5b:90:a5:a6:4a:17:54:ee:7d:f1:20:77:
0c:7f:e7:a6:c8:9c:20:8c:7a:86:9d:6a:3c:35:fb:
89:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:A3:1B:09:DA:75:16:FD:03:6C:FE:7F:84:06:94:C3:AC:F7:47:56
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/777aa4-cc6d-4136-92b6-768edcfe34e0/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/777aa4-cc6d-4136-92b6-768edcfe34e0/1/5aMbCdp1Fv0DbP5_hAaUw6z3R1Y.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.60.0/22
94.45.160.0/19
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
49060
Signature Algorithm: sha256WithRSAEncryption
2e:7a:e7:1c:22:50:0b:f6:30:71:06:20:e8:cf:c2:92:a9:d0:
f3:5b:29:95:4f:14:7a:f1:c0:68:d3:93:96:70:ed:6f:ee:c3:
8d:45:aa:35:69:96:c8:a3:2a:50:2e:c4:ad:ad:76:68:3e:fe:
21:cc:dc:3b:4a:80:6d:67:69:4d:49:ca:7f:31:14:f9:70:70:
60:8e:2a:5d:16:68:f0:6d:5f:18:1e:4a:7c:85:8c:0b:97:89:
cd:65:16:95:44:d0:c3:e9:aa:20:a3:2b:46:a8:bd:90:ca:da:
44:df:4d:07:aa:07:0f:4b:88:65:96:e3:d1:16:cf:0d:ff:a9:
62:57:a1:eb:8d:bb:dd:d1:52:21:e6:ff:9b:da:a5:34:af:1a:
0a:33:b7:a4:04:87:c5:70:1f:c9:f6:bd:bf:31:82:ae:8d:a9:
6f:80:2d:ff:b4:4a:6b:50:dd:01:ff:9c:a4:63:8f:8c:e3:4b:
dc:7a:8e:04:47:6f:f9:cd:0c:b0:72:c7:54:81:0c:15:e3:20:
d3:29:41:95:b7:7d:52:db:97:32:da:cb:a1:95:49:40:55:b1:
1d:4c:02:4b:ad:36:b5:fa:6a:52:bd:07:7a:be:f5:28:b2:f2:
de:ac:c8:e4:04:21:7d:3f:9a:74:de:ec:29:51:61:7d:9c:ad:
c8:88:4e:8b
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIFfQYomr0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
MmE5NGE4ZGQ1NTRhZTcwMTA3MjA5OWM3MGI2NDA3NTU1ZGRkZTY2OTAeFw0yMTAx
MDEwMzE2NDBaFw0yMjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGU1YTMxYjA5ZGE3
NTE2ZmQwMzZjZmU3Zjg0MDY5NGMzYWNmNzQ3NTYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0Uxrnw/mbhfRzup1OznSLNH5jhJ/ASkF9XAHKT6IY079V
c2UDEBpgWc10uaeoPRfFAUaXbjGwaUFJjInB5lFQwHnP3UITxR5K7rfvUI9wK21/
NS8OFNd+JE8Ce5aW7hMn2sKbizR/qLoxyX2Vds3LRL9XcMvuBDHYg3mVz+K67dVH
3sz9fKi720bspCIL2rukGD3CqEWYZwZSCAMuR/t3AqKzqdXA+ir0qq18qUQRQ32C
dF/UYKOKWOQCkf+uAw6VLM5qiq4aHxyuDD6/2Z3HxMyLWpycdZAxrz9/G9J750kn
yluQpaZKF1TuffEgdwx/56bInCCMeoadajw1+4nnAgMBAAGjggKmMIICojAdBgNV
HQ4EFgQU5aMbCdp1Fv0DbP5/hAaUw6z3R1YwHwYDVR0jBBgwFoAUKpSo3VVK5wEH
IJnHC2QHVV3d5mkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwYAYI
KwYBBQUHAQEEVDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9hY2EvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNlcjCC
ASMGCCsGAQUFBwELBIIBFTCCAREwXQYIKwYBBQUHMAWGUXJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIvNzc3YWE0LWNjNmQtNDEzNi05
MmI2LTc2OGVkY2ZlMzRlMC8xLzB8BggrBgEFBQcwCoZwcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi83NzdhYTQtY2M2ZC00MTM2LTky
YjYtNzY4ZWRjZmUzNGUwLzEvNWFNYkNkcDFGdjBEYlA1X2hBYVV3NnozUjFZLm1m
dDAyBggrBgEFBQcwDYYmaHR0cHM6Ly9ycmRwLnJpcGUubmV0L25vdGlmaWNhdGlv
bi54bWwwWQYDVR0fBFIwUDBOoEygSoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvREVGQVVMVC9LcFNvM1ZWSzV3RUhJSm5IQzJRSFZWM2Q1bWsuY3Js
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIE
AgABMAwDBAItlzwDBAVeLaAwGgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAL+kMA0G
CSqGSIb3DQEBCwUAA4IBAQAueuccIlAL9jBxBiDoz8KSqdDzWymVTxR68cBo05OW
cO1v7sONRao1aZbIoypQLsStrXZoPv4hzNw7SoBtZ2lNScp/MRT5cHBgjipdFmjw
bV8YHkp8hYwLl4nNZRaVRNDD6aogoytGqL2QytpE300HqgcPS4hlluPRFs8N/6li
V6Hrjbvd0VIh5v+b2qU0rxoKM7ekBIfFcB/J9r2/MYKujalvgC3/tEprUN0B/5yk
Y4+M40vceo4ER2/5zQywcsdUgQwV4yDTKUGVt31S25cy2suhlUlAVbEdTAJLrTa1
+mpSvQd6vvUosvLerMjkBCF9P5p03uwpUWF9nK3IiE6L
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:39 2023 by rpki-client on console-ams.rpki-client.org