Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9_he1PVHVOp0G1xOMhHFVmybzGs.cer
File: 9_he1PVHVOp0G1xOMhHFVmybzGs.cer (raw, json)
Hash identifier: UWPxYgk0ilhz2DXOUzrPiyG/GLKEMuCzJLlEuEQlYgw=
Subject key identifier: F7:F8:5E:D4:F5:47:54:EA:74:1B:5C:4E:32:11:C5:56:6C:9B:CC:6B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 78E0DEB385
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c1/12d96b-f04b-4fa9-be22-8ec2f58735d1/1/9_he1PVHVOp0G1xOMhHFVmybzGs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c1/12d96b-f04b-4fa9-be22-8ec2f58735d1/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 01 Jan 2021 01:41:52 +0000
Certificate not after: Fri 01 Jul 2022 00:00:00 +0000
Subordinate resources: IP: 141.98.216.0/22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 519168766853 (0x78e0deb385)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 01:41:52 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=f7f85ed4f54754ea741b5c4e3211c5566c9bcc6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:83:68:1d:ef:be:fd:8b:df:35:42:04:38:75:
ed:25:01:59:1c:82:b8:06:24:80:a9:77:f1:2e:ad:
11:15:22:8c:88:97:4e:56:07:41:38:f1:de:77:2b:
58:8b:34:96:f5:10:a9:d1:8a:a4:f0:88:4c:84:3d:
16:bd:3c:f5:4a:02:20:28:98:12:aa:24:56:5d:cb:
53:67:b7:94:b9:73:d3:12:35:f6:51:cf:c4:1a:a8:
17:c2:0a:6b:01:c9:d7:bc:dc:cd:c1:dc:01:0d:74:
a2:32:ba:33:df:5d:69:e2:cb:92:ae:a2:cd:fa:96:
49:4c:ad:e6:21:88:14:27:31:3b:0e:41:1b:7c:e4:
cf:3c:f5:53:71:41:a5:52:a8:64:78:5b:bb:06:db:
b4:97:48:2a:ca:84:ea:21:f0:d4:9d:1b:e5:88:65:
af:11:ca:07:23:d8:a0:f0:38:de:20:2b:22:4d:2b:
ab:61:4e:21:c0:b4:b6:14:ef:98:fb:e2:e9:55:25:
7e:56:c9:e9:85:42:a9:e6:8d:5a:d2:f9:39:e0:cc:
07:a0:0f:96:96:0d:bf:ee:78:b0:fd:b6:25:d7:5f:
c4:9c:74:3c:a5:b2:be:73:1a:49:d8:f1:30:07:0d:
24:26:b7:9d:4c:a1:ae:fc:95:0b:17:bd:22:15:5a:
e1:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:F8:5E:D4:F5:47:54:EA:74:1B:5C:4E:32:11:C5:56:6C:9B:CC:6B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/12d96b-f04b-4fa9-be22-8ec2f58735d1/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/12d96b-f04b-4fa9-be22-8ec2f58735d1/1/9_he1PVHVOp0G1xOMhHFVmybzGs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.216.0/22
Signature Algorithm: sha256WithRSAEncryption
44:c3:ea:c5:7c:df:38:a9:8b:e0:96:48:bd:79:98:33:75:d7:
ab:89:b5:39:9e:ff:84:bd:07:d0:4f:6a:7a:92:f7:b8:e2:5b:
4c:14:56:0f:5f:a3:77:91:1a:f5:a7:2f:cb:a0:c0:b2:32:9a:
d9:c5:2b:7b:ff:43:ca:ab:b6:c7:af:d6:7f:97:33:77:d5:3d:
7e:7f:3e:68:df:14:84:e2:7f:3c:d3:fa:2e:86:f6:ac:05:c1:
bf:4e:94:6f:4d:61:2e:e7:12:4e:36:e0:ca:d7:19:38:27:15:
fc:95:f4:6c:be:a6:b0:4f:2c:f1:94:94:1c:fc:e7:94:82:bf:
87:b9:cc:89:d6:92:54:02:68:75:f6:51:fe:39:e3:d9:dd:18:
be:d4:de:e2:dd:1b:32:0a:03:c3:73:b8:39:5a:85:12:35:09:
5f:2a:ce:1a:b3:11:f1:93:e7:54:65:ca:b9:1e:95:7b:21:20:
54:17:08:98:67:b3:aa:7c:c7:b6:dc:e9:55:a1:2b:6c:d2:aa:
52:11:a6:80:4e:7e:37:12:f1:6e:23:7b:96:05:d5:1d:7c:d7:
f1:3f:f1:bd:6a:33:47:b9:81:64:8d:f7:4a:e4:a2:a7:c7:2b:
b5:68:53:f5:6c:3c:23:d8:e8:28:36:d1:f3:64:29:65:1b:a8:
17:4b:8f:47
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgIFeODes4UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
MmE5NGE4ZGQ1NTRhZTcwMTA3MjA5OWM3MGI2NDA3NTU1ZGRkZTY2OTAeFw0yMTAx
MDEwMTQxNTJaFw0yMjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGY3Zjg1ZWQ0ZjU0
NzU0ZWE3NDFiNWM0ZTMyMTFjNTU2NmM5YmNjNmIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDsg2gd7779i981QgQ4de0lAVkcgrgGJICpd/EurREVIoyI
l05WB0E48d53K1iLNJb1EKnRiqTwiEyEPRa9PPVKAiAomBKqJFZdy1Nnt5S5c9MS
NfZRz8QaqBfCCmsByde83M3B3AENdKIyujPfXWniy5Kuos36lklMreYhiBQnMTsO
QRt85M889VNxQaVSqGR4W7sG27SXSCrKhOoh8NSdG+WIZa8Rygcj2KDwON4gKyJN
K6thTiHAtLYU75j74ulVJX5WyemFQqnmjVrS+TngzAegD5aWDb/ueLD9tiXXX8Sc
dDylsr5zGknY8TAHDSQmt51Moa78lQsXvSIVWuHNAgMBAAGjggKEMIICgDAdBgNV
HQ4EFgQU9/he1PVHVOp0G1xOMhHFVmybzGswHwYDVR0jBBgwFoAUKpSo3VVK5wEH
IJnHC2QHVV3d5mkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwYAYI
KwYBBQUHAQEEVDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9hY2EvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNlcjCC
ASMGCCsGAQUFBwELBIIBFTCCAREwXQYIKwYBBQUHMAWGUXJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzEvMTJkOTZiLWYwNGItNGZhOS1i
ZTIyLThlYzJmNTg3MzVkMS8xLzB8BggrBgEFBQcwCoZwcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8xMmQ5NmItZjA0Yi00ZmE5LWJl
MjItOGVjMmY1ODczNWQxLzEvOV9oZTFQVkhWT3AwRzF4T01oSEZWbXliekdzLm1m
dDAyBggrBgEFBQcwDYYmaHR0cHM6Ly9ycmRwLnJpcGUubmV0L25vdGlmaWNhdGlv
bi54bWwwWQYDVR0fBFIwUDBOoEygSoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvREVGQVVMVC9LcFNvM1ZWSzV3RUhJSm5IQzJRSFZWM2Q1bWsuY3Js
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwE
AgABMAYDBAKNYtgwDQYJKoZIhvcNAQELBQADggEBAETD6sV83zipi+CWSL15mDN1
16uJtTme/4S9B9BPanqS97jiW0wUVg9fo3eRGvWnL8ugwLIymtnFK3v/Q8qrtsev
1n+XM3fVPX5/PmjfFITifzzT+i6G9qwFwb9OlG9NYS7nEk424MrXGTgnFfyV9Gy+
prBPLPGUlBz855SCv4e5zInWklQCaHX2Uf4549ndGL7U3uLdGzIKA8NzuDlahRI1
CV8qzhqzEfGT51RlyrkelXshIFQXCJhns6p8x7bc6VWhK2zSqlIRpoBOfjcS8W4j
e5YF1R181/E/8b1qM0e5gWSN90rkoqfHK7VoU/VsPCPY6Cg20fNkKWUbqBdLj0c=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:53 2023 by rpki-client on console-fra.rpki-client.org