Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/MDtfMZc0KBMpnM4KZt_qOLP1JCY.cer
File: MDtfMZc0KBMpnM4KZt_qOLP1JCY.cer (raw, json)
Hash identifier: s6vsdp7p+RorTpyUflX+krbMpWidk0dH7Cek1qf3FkY=
Subject key identifier: 30:3B:5F:31:97:34:28:13:29:9C:CE:0A:66:DF:EA:38:B3:F5:24:26
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01887DE541F1CEC7A70AA8A0553E233EDB35
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/08fd9179-4ef9-4b01-ae08-a50baa6ea49b/0/303B5F3197342813299CCE0A66DFEA38B3F52426.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/08fd9179-4ef9-4b01-ae08-a50baa6ea49b/0/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Fri 02 Jun 2023 20:55:56 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 91.194.201.0/24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7d:e5:41:f1:ce:c7:a7:0a:a8:a0:55:3e:23:3e:db:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jun 2 20:55:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=303b5f3197342813299cce0a66dfea38b3f52426
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:37:ec:08:3c:a1:a9:4d:65:6b:eb:7e:5c:e5:
a0:7d:f0:d8:3e:82:ca:c5:5f:95:8e:b2:fb:67:b4:
72:2c:99:7f:42:13:f5:bf:3d:8c:78:99:78:98:2f:
9b:d1:f3:8e:e0:22:c6:b7:d1:2a:44:ed:fc:97:40:
fd:26:fe:d0:e8:96:54:6d:42:34:8d:17:50:aa:cb:
24:43:4d:ed:be:cb:fb:54:f6:ce:2d:76:55:af:9c:
3b:56:05:31:f1:e2:36:f2:aa:d6:43:9a:04:ba:fd:
7f:e7:54:3d:f9:5f:22:c8:37:bd:a9:de:db:15:2d:
da:6f:9b:60:22:db:b2:0c:ef:84:28:40:35:36:e8:
b4:60:28:06:6b:f8:63:2e:bb:7b:6a:9a:dd:07:13:
7a:d4:76:ad:e2:be:78:d5:48:b8:0c:51:8c:17:99:
3d:e3:8b:ec:82:1e:fe:68:ec:c1:14:c4:d4:43:24:
2a:dc:99:de:ce:92:d8:c6:cb:ff:32:ae:c1:7b:f9:
59:13:3c:16:b1:45:7a:b8:a6:c6:eb:99:a2:0e:9c:
74:fe:d6:f5:7c:ff:4e:a4:4a:5a:d4:70:91:66:80:
f5:92:26:ef:2a:d4:aa:42:62:a2:20:f1:b7:e8:aa:
a0:fc:ea:28:8b:b1:0c:39:ed:86:07:e3:dd:cb:d8:
2f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:3B:5F:31:97:34:28:13:29:9C:CE:0A:66:DF:EA:38:B3:F5:24:26
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/08fd9179-4ef9-4b01-ae08-a50baa6ea49b/0/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/08fd9179-4ef9-4b01-ae08-a50baa6ea49b/0/303B5F3197342813299CCE0A66DFEA38B3F52426.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.201.0/24
Signature Algorithm: sha256WithRSAEncryption
97:7f:a1:a8:07:df:fa:f0:7c:34:b4:05:8a:5c:d2:91:9c:8f:
26:51:29:4d:7b:2d:af:2e:eb:0e:c3:5b:09:50:ee:b4:07:6c:
36:32:23:b0:a6:a8:4e:fb:9b:51:0d:84:e4:bf:b2:98:27:3a:
a2:20:5c:e8:d8:53:8a:a8:47:29:0b:1b:ea:52:e9:16:b0:0c:
5a:45:ab:9f:b9:1b:8c:79:f6:56:84:80:52:21:3d:de:8b:f5:
21:07:a3:49:90:fc:52:81:73:2d:e8:94:ce:d3:33:4e:4a:dd:
e5:cd:fe:e2:4b:59:0b:97:76:16:e9:f6:3a:79:06:1e:f2:1b:
b6:f5:9a:21:c5:ce:c0:39:47:5c:e4:ff:e2:c1:2f:41:5b:09:
b5:57:85:d5:17:cb:10:7a:19:a0:f4:03:35:86:e4:11:d2:8a:
cf:50:39:76:d0:d5:9b:5e:16:c1:e2:cd:96:4e:c5:ac:f1:63:
8c:99:95:e8:74:e9:78:fd:42:01:cb:79:a0:7e:3b:51:c2:e7:
e6:86:a6:d7:0b:b7:12:9d:17:35:3a:0d:e1:55:3f:a9:75:5f:
7b:c2:34:9d:80:e2:96:ed:45:49:3a:0c:9e:0b:89:3f:69:6d:
0d:f4:d7:ca:91:92:0d:2d:5a:55:d7:d2:47:3d:28:93:55:eb:
75:4d:e9:52
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYh95UHxzsenCqigVT4jPts1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwNjAyMjA1NTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDNiNWYzMTk3MzQyODEzMjk5Y2NlMGE2NmRmZWEzOGIzZjUyNDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDfsCDyhqU1la+t+XOWgffDYPoLK
xV+VjrL7Z7RyLJl/QhP1vz2MeJl4mC+b0fOO4CLGt9EqRO38l0D9Jv7Q6JZUbUI0
jRdQqsskQ03tvsv7VPbOLXZVr5w7VgUx8eI28qrWQ5oEuv1/51Q9+V8iyDe9qd7b
FS3ab5tgItuyDO+EKEA1Nui0YCgGa/hjLrt7aprdBxN61Hat4r541Ui4DFGMF5k9
44vsgh7+aOzBFMTUQyQq3JnezpLYxsv/Mq7Be/lZEzwWsUV6uKbG65miDpx0/tb1
fP9OpEpa1HCRZoD1kibvKtSqQmKiIPG36Kqg/Oooi7EMOe2GB+Pdy9gvTQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFDA7XzGXNCgTKZzOCmbf6jiz9SQmMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA4ZmQ5
MTc5LTRlZjktNGIwMS1hZTA4LWE1MGJhYTZlYTQ5Yi8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDhm
ZDkxNzktNGVmOS00YjAxLWFlMDgtYTUwYmFhNmVhNDliLzAvMzAzQjVGMzE5NzM0
MjgxMzI5OUNDRTBBNjZERkVBMzhCM0Y1MjQyNi5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AFvCyTANBgkqhkiG9w0BAQsFAAOCAQEAl3+hqAff+vB8NLQFilzSkZyPJlEpTXst
ry7rDsNbCVDutAdsNjIjsKaoTvubUQ2E5L+ymCc6oiBc6NhTiqhHKQsb6lLpFrAM
WkWrn7kbjHn2VoSAUiE93ov1IQejSZD8UoFzLeiUztMzTkrd5c3+4ktZC5d2Fun2
OnkGHvIbtvWaIcXOwDlHXOT/4sEvQVsJtVeF1RfLEHoZoPQDNYbkEdKKz1A5dtDV
m14WweLNlk7FrPFjjJmV6HTpeP1CAct5oH47UcLn5oam1wu3Ep0XNToN4VU/qXVf
e8I0nYDilu1FSToMnguJP2ltDfTXypGSDS1aVdfSRz0ok1XrdU3pUg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:44:13 2024 by rpki-client on console-fra.rpki-client.org