Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/NpABg88IpuW8gHhGKUpGBi4ZDjs.cer
File: NpABg88IpuW8gHhGKUpGBi4ZDjs.cer (raw, json)
Hash identifier: lc01ZLJn6uawEgwQYU7ESSu2hl2rp6uEaXH0BnCu0n4=
Subject key identifier: 36:90:01:83:CF:08:A6:E5:BC:80:78:46:29:4A:46:06:2E:19:0E:3B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194258F1ABFC1BFAFB44E4CFF91B27B4BAE
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/NpABg88IpuW8gHhGKUpGBi4ZDjs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 05:48:43 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 80.91.218.0/24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:1a:bf:c1:bf:af:b4:4e:4c:ff:91:b2:7b:4b:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 05:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36900183cf08a6e5bc807846294a46062e190e3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:9d:93:9a:af:dc:2c:b4:a3:4b:79:01:25:52:
32:fd:48:89:83:e1:0c:0d:84:d8:07:41:7c:1f:6a:
d0:15:cd:cf:3e:29:4c:1e:c9:b9:9e:95:93:8b:21:
6a:db:6a:6a:ff:38:f9:46:e9:a7:86:b9:10:d3:cf:
cc:dd:d4:b2:97:31:ce:7e:40:d8:58:50:87:74:a6:
99:94:33:82:34:13:3b:d5:d7:8f:93:6c:09:6f:e4:
37:62:20:69:1c:a7:cd:ed:21:29:cf:27:bf:b0:91:
c3:f8:38:d4:0f:69:ed:66:a7:a6:90:47:e2:1e:b2:
b1:95:04:b0:ba:3f:f7:59:b1:b3:74:fc:3f:e3:de:
5a:7c:26:08:92:dc:31:94:d3:95:fb:7e:3d:69:25:
d7:80:e3:78:13:d7:70:b4:1e:fe:94:d4:58:ba:64:
72:a2:33:75:cb:d5:e3:9d:4d:b1:84:73:86:e1:61:
1e:17:e4:69:36:f6:b5:4f:db:4c:3b:c5:48:95:16:
2c:7b:fc:a6:5c:83:63:f8:6c:d8:7d:91:32:47:9a:
08:88:c1:0d:ef:ee:ef:5e:de:e6:18:3f:e9:76:c6:
44:8d:e7:d8:03:a0:68:5e:4a:b9:2f:e8:38:91:ca:
f9:cc:c4:81:93:83:46:8b:7e:d6:cb:33:8f:5a:42:
59:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:90:01:83:CF:08:A6:E5:BC:80:78:46:29:4A:46:06:2E:19:0E:3B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/NpABg88IpuW8gHhGKUpGBi4ZDjs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.91.218.0/24
Signature Algorithm: sha256WithRSAEncryption
52:b3:aa:f5:76:ac:c6:ba:1a:4e:46:4b:89:10:3c:2c:b2:83:
87:02:87:a7:a7:7b:0c:14:28:f0:9a:1c:93:6d:c9:9d:ae:a2:
f2:63:23:c6:8a:0d:99:21:e3:7b:30:b7:ec:2d:ff:b8:d7:71:
7d:a7:0b:a4:1c:2d:cd:c1:e3:9c:7e:b8:8e:b7:9f:14:99:ad:
64:19:75:3a:d5:1a:16:67:2b:1f:8f:21:ac:5e:13:f3:9e:07:
55:78:7e:f1:23:80:d0:f8:a9:8f:96:9c:07:80:63:09:e7:3f:
17:14:43:a9:be:e0:22:92:6f:58:64:5b:8e:92:b3:b3:0f:e3:
f2:35:f8:54:7a:82:4c:f2:dc:31:57:68:99:ab:8b:77:0f:80:
f6:d8:f5:f7:41:23:6f:fc:8a:b6:15:44:e6:c3:2d:f1:9f:16:
b9:a6:90:8f:37:6b:7e:0a:f5:d7:ef:d7:78:0a:f6:1c:8a:b6:
09:e1:73:fa:87:88:af:8c:f0:80:12:f7:b7:2e:59:01:cf:74:
48:01:33:b8:83:51:42:21:6c:30:7d:fd:bd:43:17:dc:31:ea:
4b:3b:c4:5d:20:38:1a:72:5a:2e:ac:5a:f1:56:54:7b:72:1e:
73:e4:e1:9f:df:38:35:f0:8b:b4:27:a5:03:ca:4f:bb:c1:39:
35:15:97:86
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZQljxq/wb+vtE5M/5Gye0uuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDU0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjkwMDE4M2NmMDhhNmU1YmM4MDc4NDYyOTRhNDYwNjJlMTkwZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA152Tmq/cLLSjS3kBJVIy/UiJg+EM
DYTYB0F8H2rQFc3PPilMHsm5npWTiyFq22pq/zj5RumnhrkQ08/M3dSylzHOfkDY
WFCHdKaZlDOCNBM71dePk2wJb+Q3YiBpHKfN7SEpzye/sJHD+DjUD2ntZqemkEfi
HrKxlQSwuj/3WbGzdPw/495afCYIktwxlNOV+349aSXXgON4E9dwtB7+lNRYumRy
ojN1y9XjnU2xhHOG4WEeF+RpNva1T9tMO8VIlRYse/ymXINj+GzYfZEyR5oIiMEN
7+7vXt7mGD/pdsZEjefYA6BoXkq5L+g4kcr5zMSBk4NGi37WyzOPWkJZvwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFDaQAYPPCKblvIB4RilKRgYuGQ47MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEwLzVhMzJi
Yy0wODM2LTQ3ZWMtYjViMy0yZjViNmE4M2ZhZjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAvNWEzMmJj
LTA4MzYtNDdlYy1iNWIzLTJmNWI2YTgzZmFmMy8xL05wQUJnODhJcHVXOGdIaEdL
VXBHQmk0WkRqcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAUFvaMA0GCSqGSIb3DQEBCwUAA4IBAQBSs6r1
dqzGuhpORkuJEDwssoOHAoenp3sMFCjwmhyTbcmdrqLyYyPGig2ZIeN7MLfsLf+4
13F9pwukHC3NweOcfriOt58Uma1kGXU61RoWZysfjyGsXhPzngdVeH7xI4DQ+KmP
lpwHgGMJ5z8XFEOpvuAikm9YZFuOkrOzD+PyNfhUeoJM8twxV2iZq4t3D4D22PX3
QSNv/Iq2FUTmwy3xnxa5ppCPN2t+CvXX79d4CvYcirYJ4XP6h4ivjPCAEve3LlkB
z3RIATO4g1FCIWwwff29QxfcMepLO8RdIDgaclourFrxVlR7ch5z5OGf3zg18Iu0
J6UDyk+7wTk1FZeG
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:52:41 2025 by rpki-client