Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YDIpPbAgMnKPMJ4i5NUJsEEhjN0.cer
File: YDIpPbAgMnKPMJ4i5NUJsEEhjN0.cer (raw, json)
Hash identifier: VCzMEIEblmxrPRzdkXna3kCxHzQazcoFREQcIc7eDoI=
Subject key identifier: 60:32:29:3D:B0:20:32:72:8F:30:9E:22:E4:D5:09:B0:41:21:8C:DD
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0184151ABFFE5DD320427FDC34507DDDAF4E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/31/731d75-36a3-426f-9f19-5f854ea9a3ea/1/YDIpPbAgMnKPMJ4i5NUJsEEhjN0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/31/731d75-36a3-426f-9f19-5f854ea9a3ea/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 26 Oct 2022 16:23:05 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 91.233.198.0/24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:15:1a:bf:fe:5d:d3:20:42:7f:dc:34:50:7d:dd:af:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Oct 26 16:23:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6032293db02032728f309e22e4d509b041218cdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:31:ef:8a:10:19:44:99:c2:b1:9a:a1:03:83:
1d:c6:7e:0a:08:4c:9c:6a:51:a3:9a:00:68:4f:6f:
28:a6:c7:b0:79:ff:ee:eb:1e:2d:4d:4c:76:11:2c:
bc:97:f8:5c:70:eb:56:66:cb:5a:cd:77:38:22:32:
6b:46:85:d6:35:df:f2:b3:b8:ff:30:16:78:5e:69:
77:72:dd:1d:ea:1e:27:e0:a6:9d:79:68:e2:22:e3:
09:c2:5d:ed:cd:ef:9b:e5:f7:21:7a:08:37:5e:b7:
d1:77:1d:d0:ea:b0:0e:c2:67:af:81:a7:58:12:1d:
ec:51:9c:2b:f7:a3:0c:73:25:b0:22:f0:db:4d:85:
83:6b:68:27:94:fc:0a:49:05:67:fd:fe:b2:cf:52:
ad:bb:9a:1f:fb:7c:e6:aa:07:e2:b5:11:3a:5e:57:
54:dd:5d:11:8a:6c:e2:a0:c1:28:c7:8d:84:53:74:
29:8d:c3:41:04:81:ab:80:59:50:e0:b4:e3:5b:40:
8f:81:85:4d:94:fb:80:2a:18:23:50:44:a1:d5:a5:
8f:57:84:c9:0e:7b:06:b8:09:6c:7a:24:f9:dc:be:
07:c1:e7:9e:27:ed:8f:a1:63:bd:87:a1:a2:e9:a8:
86:12:6b:e9:31:56:d1:ef:50:a3:bf:bd:3a:ed:92:
df:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:32:29:3D:B0:20:32:72:8F:30:9E:22:E4:D5:09:B0:41:21:8C:DD
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/731d75-36a3-426f-9f19-5f854ea9a3ea/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/731d75-36a3-426f-9f19-5f854ea9a3ea/1/YDIpPbAgMnKPMJ4i5NUJsEEhjN0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.198.0/24
Signature Algorithm: sha256WithRSAEncryption
59:ca:2d:42:23:37:6d:ac:ec:94:ef:c9:8f:d2:41:2a:06:83:
d1:c1:98:c2:a0:f1:b2:8a:c5:b7:17:8f:c3:00:fe:73:af:fb:
6d:16:0e:f6:ce:0d:fd:29:d6:08:dc:4c:5c:dd:eb:c7:13:58:
8c:9d:41:47:15:70:27:f7:b0:6b:b9:ef:26:78:b0:95:ab:2e:
2b:84:f0:fc:d0:13:0f:8f:c6:25:70:a7:69:02:79:32:7c:e1:
69:eb:82:b1:4e:eb:f5:00:52:43:33:b7:e2:59:36:5f:a7:5c:
6f:e3:20:02:a1:23:67:39:8c:f7:10:ab:b8:8f:07:44:59:fc:
e7:23:b0:73:f9:43:7f:4c:11:e9:9b:85:a5:39:21:46:09:61:
d3:e3:8d:98:27:e0:3e:c7:b2:d2:ba:a8:9b:60:0a:8a:c4:00:
56:64:f6:12:b1:50:33:96:f6:b5:ad:71:82:2e:37:a6:cf:e5:
b7:17:b9:9c:df:3d:d1:4b:21:5c:40:27:f3:9d:10:59:cd:b7:
01:4f:8c:9b:25:8a:e7:b3:59:b2:20:3e:77:f2:16:b7:99:c7:
18:23:3e:9c:4c:7b:18:3a:48:40:97:96:d3:06:c1:b2:5c:3c:
43:26:24:7a:bc:2b:7c:83:33:c5:2c:16:a4:74:c5:81:fe:66:
f8:f4:1d:07
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYQVGr/+XdMgQn/cNFB93a9OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjIxMDI2MTYyMzA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDMyMjkzZGIwMjAzMjcyOGYzMDllMjJlNGQ1MDliMDQxMjE4Y2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDHvihAZRJnCsZqhA4Mdxn4KCEyc
alGjmgBoT28opsewef/u6x4tTUx2ESy8l/hccOtWZstazXc4IjJrRoXWNd/ys7j/
MBZ4Xml3ct0d6h4n4KadeWjiIuMJwl3tze+b5fchegg3XrfRdx3Q6rAOwmevgadY
Eh3sUZwr96MMcyWwIvDbTYWDa2gnlPwKSQVn/f6yz1Ktu5of+3zmqgfitRE6XldU
3V0RimzioMEox42EU3QpjcNBBIGrgFlQ4LTjW0CPgYVNlPuAKhgjUESh1aWPV4TJ
DnsGuAlseiT53L4HweeeJ+2PoWO9h6Gi6aiGEmvpMVbR71Cjv7067ZLfOQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFGAyKT2wIDJyjzCeIuTVCbBBIYzdMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMxLzczMWQ3
NS0zNmEzLTQyNmYtOWYxOS01Zjg1NGVhOWEzZWEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzEvNzMxZDc1
LTM2YTMtNDI2Zi05ZjE5LTVmODU0ZWE5YTNlYS8xL1lESXBQYkFnTW5LUE1KNGk1
TlVKc0VFaGpOMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAW+nGMA0GCSqGSIb3DQEBCwUAA4IBAQBZyi1C
IzdtrOyU78mP0kEqBoPRwZjCoPGyisW3F4/DAP5zr/ttFg72zg39KdYI3Exc3evH
E1iMnUFHFXAn97Brue8meLCVqy4rhPD80BMPj8YlcKdpAnkyfOFp64KxTuv1AFJD
M7fiWTZfp1xv4yACoSNnOYz3EKu4jwdEWfznI7Bz+UN/TBHpm4WlOSFGCWHT442Y
J+A+x7LSuqibYAqKxABWZPYSsVAzlva1rXGCLjemz+W3F7mc3z3RSyFcQCfznRBZ
zbcBT4ybJYrns1myID538ha3mccYIz6cTHsYOkhAl5bTBsGyXDxDJiR6vCt8gzPF
LBakdMWB/mb49B0H
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:34:49 2024 by rpki-client on console-ams.rpki-client.org