Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/C9q6hz7hi-VHvZNZQ8B5jdz3CTU.cer
File: C9q6hz7hi-VHvZNZQ8B5jdz3CTU.cer (raw, json)
Hash identifier: vWdCUH6TSq4AHBwmeBgoivDoAaL9HbL3IcqRVELdmPc=
Subject key identifier: 0B:DA:BA:87:3E:E1:8B:E5:47:BD:93:59:43:C0:79:8D:DC:F7:09:35
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC4252196B38A6599CE03740543DB115C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a2/6e4ecc-ad79-4603-84c5-b64e61e280ab/1/C9q6hz7hi-VHvZNZQ8B5jdz3CTU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a2/6e4ecc-ad79-4603-84c5-b64e61e280ab/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 08:30:16 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 210398
IP: 185.81.70.0/24
IP: 2a12:e680::/29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:21:96:b3:8a:65:99:ce:03:74:05:43:db:11:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 08:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0bdaba873ee18be547bd935943c0798ddcf70935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6c:97:ec:d7:e8:73:6d:9b:26:13:b8:9e:14:
da:2e:f1:24:ad:1a:e0:d5:25:e9:37:b5:d2:8d:c9:
ee:aa:e0:77:5b:0b:8f:b3:81:92:5a:52:80:02:ac:
cb:0a:ff:63:b2:b6:fa:5a:57:a3:78:50:b9:8b:6c:
27:82:57:37:eb:02:f5:5e:89:f7:a3:09:ca:2a:4b:
fc:54:42:4e:30:c5:a9:29:a4:5c:54:41:88:46:6b:
4c:a5:69:59:d9:c3:94:0f:4b:97:0d:76:6f:08:d1:
05:0b:ff:a9:9f:3a:70:d0:b9:78:ad:61:8a:57:df:
30:ec:83:41:6f:58:90:2b:93:f2:4d:90:83:38:03:
33:e4:b2:90:0c:fa:bf:92:73:2b:cf:20:7d:60:24:
f7:17:2f:05:71:5f:ec:9e:99:fb:0b:5d:24:fe:09:
30:be:e3:38:d7:cd:4b:2d:1b:a0:c4:f1:00:3c:9f:
ef:15:b4:75:d1:83:45:1d:b7:93:c2:85:b0:17:98:
c9:6e:e3:34:8b:20:29:7b:a1:b2:3f:da:12:b1:b1:
d0:d6:66:7d:19:25:af:c3:b5:84:c6:d8:ee:87:c7:
25:90:d5:5b:6e:1b:5e:b6:7c:eb:85:f9:8a:b8:88:
bf:94:99:5c:15:98:76:c9:d9:2f:c9:84:c8:a5:db:
43:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:DA:BA:87:3E:E1:8B:E5:47:BD:93:59:43:C0:79:8D:DC:F7:09:35
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/6e4ecc-ad79-4603-84c5-b64e61e280ab/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/6e4ecc-ad79-4603-84c5-b64e61e280ab/1/C9q6hz7hi-VHvZNZQ8B5jdz3CTU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.70.0/24
IPv6:
2a12:e680::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
210398
Signature Algorithm: sha256WithRSAEncryption
79:8c:54:b9:52:9c:b8:c9:07:76:cf:4a:9b:3d:c8:75:82:84:
c8:b4:f4:ad:12:0e:ca:7c:76:54:ae:31:9d:0b:d4:e2:48:6f:
97:fb:ae:e4:5e:ce:e4:c8:23:91:99:16:9c:56:ab:75:e3:13:
d4:8d:df:cc:26:71:23:a2:a0:a2:af:5d:f2:f6:43:56:b2:25:
38:f0:c1:2c:af:ea:f1:76:db:a7:3b:ad:cb:67:21:9c:70:c0:
16:59:f6:e7:d2:30:da:aa:7c:7a:c6:74:70:ba:27:25:06:7b:
78:f5:ee:77:a1:2b:0e:29:9b:77:ef:10:e6:1c:f7:9c:81:72:
57:d4:5f:54:e5:8b:eb:f4:4a:12:75:4c:b8:5c:a9:1e:af:91:
a3:19:ce:8a:3e:04:3e:d5:c9:5c:38:cb:da:d5:c4:2f:11:81:
75:31:20:07:52:ac:38:64:c5:b3:3e:e1:88:a6:39:03:e9:93:
aa:70:4e:eb:bc:3d:eb:95:be:0b:d3:16:91:23:0d:89:42:5a:
81:45:8f:40:0e:33:44:2e:dd:f4:c1:82:b0:4e:d5:13:de:50:
f0:e4:a7:02:5f:b2:99:32:77:29:0b:86:cd:88:f5:cd:89:f6:
ea:6c:a4:26:4e:bf:7d:a1:2d:5c:13:ae:53:b1:b0:c3:46:75:
1c:b2:ae:88
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzEJSGWs4plmc4DdAVD2xFcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDgzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmRhYmE4NzNlZTE4YmU1NDdiZDkzNTk0M2MwNzk4ZGRjZjcwOTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2yX7Nfoc22bJhO4nhTaLvEkrRrg
1SXpN7XSjcnuquB3WwuPs4GSWlKAAqzLCv9jsrb6WlejeFC5i2wnglc36wL1Xon3
ownKKkv8VEJOMMWpKaRcVEGIRmtMpWlZ2cOUD0uXDXZvCNEFC/+pnzpw0Ll4rWGK
V98w7INBb1iQK5PyTZCDOAMz5LKQDPq/knMrzyB9YCT3Fy8FcV/snpn7C10k/gkw
vuM4181LLRugxPEAPJ/vFbR10YNFHbeTwoWwF5jJbuM0iyApe6GyP9oSsbHQ1mZ9
GSWvw7WExtjuh8clkNVbbhtetnzrhfmKuIi/lJlcFZh2ydkvyYTIpdtDuwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFAvauoc+4YvlR72TWUPAeY3c9wk1MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2EyLzZlNGVj
Yy1hZDc5LTQ2MDMtODRjNS1iNjRlNjFlMjgwYWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIvNmU0ZWNj
LWFkNzktNDYwMy04NGM1LWI2NGU2MWUyODBhYi8xL0M5cTZoejdoaS1WSHZaTlpR
OEI1amR6M0NUVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAuVFGMA0EAgACMAcDBQMqEuaAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwM13jANBgkqhkiG9w0BAQsFAAOCAQEAeYxUuVKcuMkH
ds9Kmz3IdYKEyLT0rRIOynx2VK4xnQvU4khvl/uu5F7O5MgjkZkWnFardeMT1I3f
zCZxI6Kgoq9d8vZDVrIlOPDBLK/q8Xbbpzuty2chnHDAFln259Iw2qp8esZ0cLon
JQZ7ePXud6ErDimbd+8Q5hz3nIFyV9RfVOWL6/RKEnVMuFypHq+RoxnOij4EPtXJ
XDjL2tXELxGBdTEgB1KsOGTFsz7hiKY5A+mTqnBO67w965W+C9MWkSMNiUJagUWP
QA4zRC7d9MGCsE7VE95Q8OSnAl+ymTJ3KQuGzYj1zYn26mykJk6/faEtXBOuU7Gw
w0Z1HLKuiA==
-----END CERTIFICATE-----
Generated at Wed Mar 13 10:59:29 2024 by rpki-client on console-ams.rpki-client.org