Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5k_rnv0aFAFBWnBVYH-YSOyw_o8.cer
File: 5k_rnv0aFAFBWnBVYH-YSOyw_o8.cer (raw, json)
Hash identifier: /JFxOJkYEk7l+NI52pLH6HS6H8H9eE6NQm9qC6u2Bzg=
Subject key identifier: E6:4F:EB:9E:FD:1A:14:01:41:5A:70:55:60:7F:98:48:EC:B0:FE:8F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 76961F37B0
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/cb/a5e077-47d8-4030-8c88-a976681f3fcf/1/5k_rnv0aFAFBWnBVYH-YSOyw_o8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/cb/a5e077-47d8-4030-8c88-a976681f3fcf/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 01 Jan 2021 00:31:11 +0000
Certificate not after: Fri 01 Jul 2022 00:00:00 +0000
Subordinate resources: IP: 45.91.108.0/22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 509324769200 (0x76961f37b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 00:31:11 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=e64feb9efd1a1401415a7055607f9848ecb0fe8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ee:76:5e:47:c1:9f:a1:9e:67:6f:4d:68:7f:
e1:f4:c1:e8:12:21:94:21:fb:db:ad:02:88:96:0d:
ce:c9:7e:98:4f:4f:3c:16:ab:0f:7d:fb:3b:7e:15:
12:b6:fd:db:2d:0d:40:2d:84:07:c2:a8:d7:8d:4e:
f6:57:c0:26:21:e3:92:75:10:46:e3:70:8d:45:2b:
13:e9:05:85:83:bc:7a:82:c3:e2:fb:6c:45:51:78:
14:bd:a8:f0:86:36:ec:25:99:31:d0:8e:74:77:df:
02:85:0c:e7:ae:8b:20:19:0e:22:21:26:04:0f:cf:
d8:2c:76:11:d4:af:c5:8b:47:32:e1:21:75:ef:df:
01:cc:85:22:40:a1:48:b9:74:af:66:33:00:b8:07:
84:dc:16:d7:69:69:a6:da:b9:c1:99:c9:93:e9:39:
cc:13:34:03:b2:1a:d5:e1:ae:4f:10:42:ed:b0:5b:
44:e5:cd:f4:35:60:71:02:bf:ca:3f:0a:4b:7b:ba:
e0:5e:7d:44:27:6d:bc:84:f6:c3:2f:d1:ae:79:b2:
ce:1c:8c:03:01:b2:3f:83:fe:6e:ca:0f:64:89:e1:
e9:40:06:85:98:54:97:2d:ea:19:e9:62:a3:2a:8f:
4c:7f:e4:4a:10:a4:db:fb:34:c9:90:a7:1b:cf:29:
65:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:4F:EB:9E:FD:1A:14:01:41:5A:70:55:60:7F:98:48:EC:B0:FE:8F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a5e077-47d8-4030-8c88-a976681f3fcf/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a5e077-47d8-4030-8c88-a976681f3fcf/1/5k_rnv0aFAFBWnBVYH-YSOyw_o8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.108.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:ea:d2:48:05:23:3c:29:93:d9:f3:81:80:fb:7b:42:90:0a:
0a:f9:a2:29:16:25:ea:ce:70:33:65:5a:0d:fd:8f:79:86:85:
9c:0c:f2:16:a5:7c:b4:cc:77:02:84:64:2b:5e:d3:42:d7:1e:
22:e4:d8:80:66:fe:ec:f9:ba:0a:49:e9:af:6d:e3:79:55:19:
e5:47:e9:ef:2a:79:5b:c2:ba:61:0c:66:f7:b4:d8:f2:38:2a:
38:4d:8a:c9:0e:20:85:19:be:8e:97:f6:78:43:aa:5f:01:f1:
a7:29:90:60:9c:99:61:5e:ce:a2:67:56:ea:34:a8:ce:89:8c:
2b:86:d8:a5:24:17:78:fb:ee:67:09:d1:e6:2f:5c:03:9f:15:
35:a9:2c:84:0a:81:58:7e:58:31:c4:56:80:a3:e3:d7:d3:b6:
8e:5e:46:8b:79:54:95:6e:e7:67:21:e7:89:83:9a:e1:da:1f:
b5:62:5d:ac:1e:a7:20:4f:79:c4:3a:a0:e4:06:7e:f4:c7:ec:
f8:96:7a:24:3d:8f:89:8a:ba:b1:91:70:e5:c2:20:ed:ab:3b:
7b:6f:9f:b5:7e:da:d9:fc:bc:ad:81:21:14:c2:64:2e:13:fa:
50:54:b7:87:3c:db:17:18:a2:20:45:58:20:b2:43:8b:33:0d:
43:8a:86:2f
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgIFdpYfN7AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
MmE5NGE4ZGQ1NTRhZTcwMTA3MjA5OWM3MGI2NDA3NTU1ZGRkZTY2OTAeFw0yMTAx
MDEwMDMxMTFaFw0yMjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGU2NGZlYjllZmQx
YTE0MDE0MTVhNzA1NTYwN2Y5ODQ4ZWNiMGZlOGYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDk7nZeR8GfoZ5nb01of+H0wegSIZQh+9utAoiWDc7JfphP
TzwWqw99+zt+FRK2/dstDUAthAfCqNeNTvZXwCYh45J1EEbjcI1FKxPpBYWDvHqC
w+L7bEVReBS9qPCGNuwlmTHQjnR33wKFDOeuiyAZDiIhJgQPz9gsdhHUr8WLRzLh
IXXv3wHMhSJAoUi5dK9mMwC4B4TcFtdpaabaucGZyZPpOcwTNAOyGtXhrk8QQu2w
W0TlzfQ1YHECv8o/Ckt7uuBefUQnbbyE9sMv0a55ss4cjAMBsj+D/m7KD2SJ4elA
BoWYVJct6hnpYqMqj0x/5EoQpNv7NMmQpxvPKWX/AgMBAAGjggKEMIICgDAdBgNV
HQ4EFgQU5k/rnv0aFAFBWnBVYH+YSOyw/o8wHwYDVR0jBBgwFoAUKpSo3VVK5wEH
IJnHC2QHVV3d5mkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwYAYI
KwYBBQUHAQEEVDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9hY2EvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNlcjCC
ASMGCCsGAQUFBwELBIIBFTCCAREwXQYIKwYBBQUHMAWGUXJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2IvYTVlMDc3LTQ3ZDgtNDAzMC04
Yzg4LWE5NzY2ODFmM2ZjZi8xLzB8BggrBgEFBQcwCoZwcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hNWUwNzctNDdkOC00MDMwLThj
ODgtYTk3NjY4MWYzZmNmLzEvNWtfcm52MGFGQUZCV25CVllILVlTT3l3X284Lm1m
dDAyBggrBgEFBQcwDYYmaHR0cHM6Ly9ycmRwLnJpcGUubmV0L25vdGlmaWNhdGlv
bi54bWwwWQYDVR0fBFIwUDBOoEygSoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvREVGQVVMVC9LcFNvM1ZWSzV3RUhJSm5IQzJRSFZWM2Q1bWsuY3Js
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwE
AgABMAYDBAItW2wwDQYJKoZIhvcNAQELBQADggEBALDq0kgFIzwpk9nzgYD7e0KQ
Cgr5oikWJerOcDNlWg39j3mGhZwM8halfLTMdwKEZCte00LXHiLk2IBm/uz5ugpJ
6a9t43lVGeVH6e8qeVvCumEMZve02PI4KjhNiskOIIUZvo6X9nhDql8B8acpkGCc
mWFezqJnVuo0qM6JjCuG2KUkF3j77mcJ0eYvXAOfFTWpLIQKgVh+WDHEVoCj49fT
to5eRot5VJVu52ch54mDmuHaH7ViXawepyBPecQ6oOQGfvTH7PiWeiQ9j4mKurGR
cOXCIO2rO3tvn7V+2tn8vK2BIRTCZC4T+lBUt4c82xcYoiBFWCCyQ4szDUOKhi8=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:36 2023 by rpki-client on console-ams.rpki-client.org