Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/OlT5wevI3FcDHlPDJfbpO94rqFU.cer
File: OlT5wevI3FcDHlPDJfbpO94rqFU.cer (raw, json)
Hash identifier: DYEes6bYn4Ch2onznAPrgNaB8g2CTBJlMBZXAhNaEdo=
Subject key identifier: 3A:54:F9:C1:EB:C8:DC:57:03:1E:53:C3:25:F6:E9:3B:DE:2B:A8:55
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CCA2ADC03A5E210D44F8F264771187222
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/e4/0f1ed9-09a1-4e14-9b17-8bc37a64e6c7/1/OlT5wevI3FcDHlPDJfbpO94rqFU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/e4/0f1ed9-09a1-4e14-9b17-8bc37a64e6c7/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 12:34:15 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 35619
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:dc:03:a5:e2:10:d4:4f:8f:26:47:71:18:72:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 12:34:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a54f9c1ebc8dc57031e53c325f6e93bde2ba855
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e1:f8:dd:f9:2c:48:55:e6:27:ae:b7:5e:c8:
f1:3f:2f:2b:9c:9d:80:87:02:c1:33:97:8d:71:d7:
1e:fa:0e:4a:3e:b4:0e:cb:ff:18:7e:b2:e0:5c:6b:
27:96:d0:2c:4a:b0:4d:7d:3f:28:6a:8e:4f:e0:95:
2b:50:3e:9f:66:d5:73:3d:e0:82:4d:5f:f7:f9:61:
34:68:bc:cd:d8:27:8e:75:5e:18:b1:86:c3:3f:ac:
4f:a3:b2:0b:5f:ab:45:a9:bb:86:35:17:e4:8a:4b:
f4:7f:ee:33:cf:d4:ec:91:25:6c:fa:e2:1f:24:02:
06:14:07:2b:e1:a6:fb:f2:e0:c2:84:74:c8:9f:07:
b8:2f:4e:d6:53:cc:9e:e1:b4:42:ac:72:32:3c:3c:
33:37:a6:ae:d1:84:6c:18:62:b4:6d:84:e6:8e:21:
54:b6:5a:c0:39:f1:04:4d:cd:49:d3:82:46:f6:10:
f2:b3:d9:c8:8e:9d:4b:69:f1:16:71:21:b9:28:5e:
c9:78:b3:2b:b8:4c:68:b2:9f:1f:f5:14:a3:d3:76:
60:44:76:b1:31:d8:07:a4:d6:b6:60:f2:93:d6:af:
69:b6:0e:b3:60:7d:61:20:4f:a6:6a:7c:d9:aa:91:
ad:fa:75:e2:66:66:6d:96:9f:0e:81:55:dc:5a:c7:
bd:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:54:F9:C1:EB:C8:DC:57:03:1E:53:C3:25:F6:E9:3B:DE:2B:A8:55
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/0f1ed9-09a1-4e14-9b17-8bc37a64e6c7/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/0f1ed9-09a1-4e14-9b17-8bc37a64e6c7/1/OlT5wevI3FcDHlPDJfbpO94rqFU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35619
Signature Algorithm: sha256WithRSAEncryption
42:59:3a:a2:4f:40:8c:ea:05:8b:8d:43:03:7a:65:27:6c:84:
30:ef:1b:2c:15:0d:1c:5e:b5:a5:7d:68:a2:a3:29:26:3c:92:
66:5b:8c:fa:50:46:c7:6d:0e:4a:e3:72:ee:d4:3c:86:2b:a7:
d6:86:b2:5b:35:bd:42:c8:85:ec:d6:b3:1f:43:05:a0:df:be:
b7:18:fb:ca:75:30:68:be:0f:fb:12:f9:82:93:b4:ca:74:d7:
bc:d6:89:98:8e:29:e1:76:7d:0b:48:a5:a1:35:aa:bd:c6:af:
81:e8:c3:b2:64:20:d8:74:31:af:61:c4:5a:9e:c0:52:57:4f:
9f:6d:fe:7f:36:cf:55:3b:68:fb:e7:bc:42:fe:5d:ac:d4:bd:
5a:83:d4:e7:2d:a9:94:49:d6:25:30:61:cb:66:43:09:db:d6:
f1:9e:e0:6f:c0:80:d4:de:8c:35:01:01:17:fd:81:15:f7:10:
97:09:87:9f:ad:3e:48:bf:ab:34:a2:4d:b5:33:10:0b:79:c7:
33:0d:1e:8f:9f:99:69:55:8c:4d:3a:91:d6:ef:cf:2c:7f:aa:
0d:fe:aa:94:b8:79:81:a0:0a:74:7c:e7:f9:75:2c:4e:16:ec:
36:0f:39:f9:b5:53:af:83:84:f3:b5:13:68:ab:6c:0f:4b:c0:
2d:76:09:c8
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzKKtwDpeIQ1E+PJkdxGHIiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTIzNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTU0ZjljMWViYzhkYzU3MDMxZTUzYzMyNWY2ZTkzYmRlMmJhODU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleH43fksSFXmJ663XsjxPy8rnJ2A
hwLBM5eNcdce+g5KPrQOy/8YfrLgXGsnltAsSrBNfT8oao5P4JUrUD6fZtVzPeCC
TV/3+WE0aLzN2CeOdV4YsYbDP6xPo7ILX6tFqbuGNRfkikv0f+4zz9TskSVs+uIf
JAIGFAcr4ab78uDChHTInwe4L07WU8ye4bRCrHIyPDwzN6au0YRsGGK0bYTmjiFU
tlrAOfEETc1J04JG9hDys9nIjp1LafEWcSG5KF7JeLMruExosp8f9RSj03ZgRHax
MdgHpNa2YPKT1q9ptg6zYH1hIE+manzZqpGt+nXiZmZtlp8OgVXcWse9cwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFDpU+cHryNxXAx5TwyX26TveK6hVMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2U0LzBmMWVk
OS0wOWExLTRlMTQtOWIxNy04YmMzN2E2NGU2YzcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTQvMGYxZWQ5
LTA5YTEtNGUxNC05YjE3LThiYzM3YTY0ZTZjNy8xL09sVDV3ZXZJM0ZjREhsUERK
ZmJwTzk0cnFGVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCLIzANBgkqhkiG9w0BAQsFAAOCAQEAQlk6ok9AjOoF
i41DA3plJ2yEMO8bLBUNHF61pX1ooqMpJjySZluM+lBGx20OSuNy7tQ8hiun1oay
WzW9QsiF7NazH0MFoN++txj7ynUwaL4P+xL5gpO0ynTXvNaJmI4p4XZ9C0iloTWq
vcavgejDsmQg2HQxr2HEWp7AUldPn23+fzbPVTto++e8Qv5drNS9WoPU5y2plEnW
JTBhy2ZDCdvW8Z7gb8CA1N6MNQEBF/2BFfcQlwmHn60+SL+rNKJNtTMQC3nHMw0e
j5+ZaVWMTTqR1u/PLH+qDf6qlLh5gaAKdHzn+XUsThbsNg85+bVTr4OE87UTaKts
D0vALXYJyA==
-----END CERTIFICATE-----
Generated at Wed Jun 11 10:59:29 2025 by rpki-client