Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/__YhBCy9DKjl2esaM0tBpDgc6hg.cer
File: __YhBCy9DKjl2esaM0tBpDgc6hg.cer (raw, json)
Hash identifier: U0oHu4c8nGe7DR0M2+htanhTVoMNknf4bFDmkoGEuHI=
Subject key identifier: FF:F6:21:04:2C:BD:0C:A8:E5:D9:EB:1A:33:4B:41:A4:38:1C:EA:18
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018368D1F1CC3FB5485AD4D625F7EC2C0249
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/30/241a77-46f7-4821-be9f-9ff0f52f10e8/1/__YhBCy9DKjl2esaM0tBpDgc6hg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/30/241a77-46f7-4821-be9f-9ff0f52f10e8/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 23 Sep 2022 05:28:52 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 193.8.203.0/24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:68:d1:f1:cc:3f:b5:48:5a:d4:d6:25:f7:ec:2c:02:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 23 05:28:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fff621042cbd0ca8e5d9eb1a334b41a4381cea18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:fd:65:e8:5e:71:3d:6b:b0:db:e1:84:aa:e9:
17:16:0a:ab:4d:e2:3d:ac:45:71:23:e8:54:b4:50:
5f:30:dd:f6:ae:17:a6:f5:82:4f:66:24:e7:87:4c:
e7:24:91:64:c4:db:46:cf:41:29:3b:a5:27:03:01:
52:8c:6a:20:c1:c1:78:84:85:6c:94:96:de:fa:83:
3e:fb:31:e6:c6:c6:de:2a:76:bc:2b:bf:fb:50:43:
e7:0c:3a:a7:ae:1b:ae:26:c2:96:c5:4f:d0:8e:c0:
27:28:56:b1:69:15:48:31:32:82:1a:66:2e:7e:d7:
6c:ff:82:c6:d0:fc:d9:ac:e6:26:93:80:64:ca:88:
4e:14:74:9c:a5:78:c9:ed:12:cf:c8:dd:36:9d:05:
43:1d:6e:8c:2c:8e:e7:86:70:f9:96:ad:d8:38:33:
5d:b1:74:01:81:22:9e:b0:53:55:bb:da:28:cc:71:
5a:70:68:99:b7:59:b0:d0:8e:16:a6:28:57:72:79:
64:95:6e:7b:35:4f:2b:ab:75:ad:8c:44:30:a6:4a:
3b:c4:d4:c6:e5:6b:8d:fd:07:3e:02:21:b0:72:d8:
bd:41:be:74:31:d4:17:49:4d:61:3d:d5:9e:4c:33:
25:68:5c:84:d5:49:52:3a:23:b5:49:81:c3:0d:d1:
23:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:F6:21:04:2C:BD:0C:A8:E5:D9:EB:1A:33:4B:41:A4:38:1C:EA:18
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/241a77-46f7-4821-be9f-9ff0f52f10e8/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/241a77-46f7-4821-be9f-9ff0f52f10e8/1/__YhBCy9DKjl2esaM0tBpDgc6hg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.203.0/24
Signature Algorithm: sha256WithRSAEncryption
07:81:4d:ce:72:b4:57:59:36:f7:b5:aa:0c:33:c3:f1:a1:14:
2c:fa:60:4c:3e:49:0c:84:1a:f6:d9:07:40:71:54:3a:fa:3c:
3d:c4:95:ad:3d:e0:4f:0e:bf:9d:8b:b9:a3:63:47:4a:13:c0:
d2:cb:99:18:2f:4e:92:35:a8:11:aa:54:61:81:13:d6:2f:3c:
2f:03:cf:5b:81:90:ca:02:e1:65:82:10:f7:74:3d:ff:5c:cd:
1a:79:17:d4:a5:98:13:fe:14:be:a0:ca:c5:41:8f:22:5c:be:
bc:52:37:10:63:d6:6f:eb:5c:a7:27:62:b7:8c:b7:94:88:ed:
85:0f:f4:29:e4:54:d1:2e:d2:b2:3f:f7:d1:4d:e1:80:7a:7c:
7f:6b:74:0b:92:d4:e3:c9:b6:24:e0:5c:10:db:38:8d:f4:a4:
15:d4:53:b0:95:39:af:4b:de:a8:fc:c0:88:0c:c6:f0:2b:3c:
c2:ac:b2:b0:9e:5a:87:98:37:5b:10:57:87:68:d2:7d:3d:78:
1c:fe:95:5a:86:99:55:fd:ca:4f:ae:a3:ef:e0:27:48:ed:5f:
76:72:9b:47:87:41:95:f1:13:65:2d:b8:36:f9:a6:b3:9c:93:
69:a7:00:8d:7f:4e:31:9d:50:f9:1c:35:93:19:3e:79:ea:1c:
b2:2e:fe:93
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYNo0fHMP7VIWtTWJffsLAJJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjIwOTIzMDUyODUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmY2MjEwNDJjYmQwY2E4ZTVkOWViMWEzMzRiNDFhNDM4MWNlYTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/1l6F5xPWuw2+GEqukXFgqrTeI9
rEVxI+hUtFBfMN32rhem9YJPZiTnh0znJJFkxNtGz0EpO6UnAwFSjGogwcF4hIVs
lJbe+oM++zHmxsbeKna8K7/7UEPnDDqnrhuuJsKWxU/QjsAnKFaxaRVIMTKCGmYu
ftds/4LG0PzZrOYmk4BkyohOFHScpXjJ7RLPyN02nQVDHW6MLI7nhnD5lq3YODNd
sXQBgSKesFNVu9oozHFacGiZt1mw0I4WpihXcnlklW57NU8rq3WtjEQwpko7xNTG
5WuN/Qc+AiGwcti9Qb50MdQXSU1hPdWeTDMlaFyE1UlSOiO1SYHDDdEjTQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFP/2IQQsvQyo5dnrGjNLQaQ4HOoYMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMwLzI0MWE3
Ny00NmY3LTQ4MjEtYmU5Zi05ZmYwZjUyZjEwZTgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAvMjQxYTc3
LTQ2ZjctNDgyMS1iZTlmLTlmZjBmNTJmMTBlOC8xL19fWWhCQ3k5REtqbDJlc2FN
MHRCcERnYzZoZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwQjLMA0GCSqGSIb3DQEBCwUAA4IBAQAHgU3O
crRXWTb3taoMM8PxoRQs+mBMPkkMhBr22QdAcVQ6+jw9xJWtPeBPDr+di7mjY0dK
E8DSy5kYL06SNagRqlRhgRPWLzwvA89bgZDKAuFlghD3dD3/XM0aeRfUpZgT/hS+
oMrFQY8iXL68UjcQY9Zv61ynJ2K3jLeUiO2FD/Qp5FTRLtKyP/fRTeGAenx/a3QL
ktTjybYk4FwQ2ziN9KQV1FOwlTmvS96o/MCIDMbwKzzCrLKwnlqHmDdbEFeHaNJ9
PXgc/pVahplV/cpPrqPv4CdI7V92cptHh0GV8RNlLbg2+aaznJNppwCNf04xnVD5
HDWTGT556hyyLv6T
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:39 2024 by rpki-client on console-fra.rpki-client.org