Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1-1aGYcwXvMdMjcSUbqWs4pHhPQY.cer
File:                     1-1aGYcwXvMdMjcSUbqWs4pHhPQY.cer (raw, json)
Hash identifier:          JkjDm0xgxfUaxETeoAworWis+Eu+EXs+a/r0G4/9z8g=
Subject key identifier:   FB:56:86:61:CC:17:BC:C7:4C:8D:C4:94:6E:A5:AC:E2:91:E1:3D:06
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       9CD175BD8A
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/5f/6c8e8d-3023-4cbf-a0fe-5fc96388b662/1/1-1aGYcwXvMdMjcSUbqWs4pHhPQY.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/5f/6c8e8d-3023-4cbf-a0fe-5fc96388b662/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sat 01 Jan 2022 03:55:25 +0000
Certificate not after:    Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources:    IP: 193.38.44.0/22
                          IP: 2a0d:6740::/29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 673529052554 (0x9cd175bd8a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 03:55:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fb568661cc17bcc74c8dc4946ea5ace291e13d06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:67:2d:1c:51:e5:51:18:b2:6f:f5:72:4a:93:
                    7d:bf:1f:fa:20:44:33:f5:42:a3:75:28:31:72:26:
                    8f:52:e5:2f:50:bc:d8:eb:cc:cf:c3:b7:35:5f:66:
                    db:27:51:16:8a:4d:e6:5d:fa:7d:97:c5:77:14:e0:
                    b4:84:4c:2a:22:0e:b7:31:e9:ca:f6:d5:6b:52:27:
                    ab:9a:52:8b:2e:7c:f6:65:c8:6f:2b:a2:ad:51:53:
                    8c:ca:10:5e:73:ea:e5:91:85:34:be:ad:4d:07:be:
                    57:fc:0f:ab:c5:14:68:d1:2a:06:14:e5:ee:95:32:
                    fb:99:c0:62:7f:40:0c:a2:dc:b4:e5:33:2f:c6:40:
                    34:d0:d2:e9:66:4c:0b:32:ac:1f:86:bf:4f:49:c3:
                    94:e1:7b:37:62:9b:71:13:7c:02:2f:85:dd:4f:c6:
                    71:e2:40:f3:f4:42:b9:4f:4a:fc:92:53:87:e6:25:
                    a7:4d:1b:51:be:74:ba:af:77:a8:01:1d:bd:d7:42:
                    dc:28:20:05:ce:ff:4f:00:94:b5:3f:28:20:37:fb:
                    cc:7c:21:9c:ed:5d:cf:58:e6:4f:cb:c2:ca:ff:d0:
                    67:b4:cd:c1:aa:6d:c0:f2:79:5e:2e:55:d8:f8:86:
                    c4:be:bb:63:bd:f8:32:12:97:51:ee:cd:fd:83:8d:
                    b9:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:56:86:61:CC:17:BC:C7:4C:8D:C4:94:6E:A5:AC:E2:91:E1:3D:06
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/6c8e8d-3023-4cbf-a0fe-5fc96388b662/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/6c8e8d-3023-4cbf-a0fe-5fc96388b662/1/1-1aGYcwXvMdMjcSUbqWs4pHhPQY.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.38.44.0/22
                IPv6:
                  2a0d:6740::/29

    Signature Algorithm: sha256WithRSAEncryption
         ae:9e:73:41:47:32:5e:f3:76:ee:3c:90:16:9e:24:17:72:b5:
         26:97:06:1d:cd:1a:b9:e8:d4:57:83:32:7d:b5:c7:a7:c0:da:
         8a:de:bc:a6:ef:b4:fa:2e:8e:d7:21:50:90:7d:33:93:4e:cf:
         fb:aa:12:a5:3f:57:17:b7:0b:aa:76:58:22:d4:f3:54:2e:22:
         50:6a:b5:67:5c:d5:5b:12:f1:a0:02:71:2d:d3:cf:7e:64:6e:
         59:58:86:39:29:e7:9a:57:7e:b7:1f:1f:68:db:c6:91:3e:a1:
         72:7d:9c:1a:d8:e9:15:2a:75:51:6c:77:74:a3:e0:50:bf:a0:
         2f:42:1a:be:56:0e:f4:ed:13:2a:c4:5c:13:de:6e:8b:b7:6a:
         8f:f7:06:d2:04:82:6e:71:4a:1e:ac:37:5d:a1:14:cb:4e:7f:
         f0:62:cc:6e:0d:aa:22:49:c0:42:78:4a:63:01:df:ba:ef:ee:
         f0:ed:42:74:43:02:52:ca:a9:72:99:01:0f:0d:7c:c7:af:2a:
         f3:d5:28:19:ea:05:7b:a3:f6:06:85:c2:b1:cb:71:19:fe:14:
         2d:0b:fe:27:b8:bb:53:69:3e:d4:a0:02:85:79:72:bb:c0:d3:
         0d:fd:74:15:d9:5f:dc:75:93:dc:2e:92:94:1e:5b:84:23:51:
         b6:82:e9:b1
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIGAJzRdb2KMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDM1NTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmYjU2ODY2MWNj
MTdiY2M3NGM4ZGM0OTQ2ZWE1YWNlMjkxZTEzZDA2MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAo2ctHFHlURiyb/VySpN9vx/6IEQz9UKjdSgxciaPUuUv
ULzY68zPw7c1X2bbJ1EWik3mXfp9l8V3FOC0hEwqIg63MenK9tVrUiermlKLLnz2
ZchvK6KtUVOMyhBec+rlkYU0vq1NB75X/A+rxRRo0SoGFOXulTL7mcBif0AMoty0
5TMvxkA00NLpZkwLMqwfhr9PScOU4Xs3YptxE3wCL4XdT8Zx4kDz9EK5T0r8klOH
5iWnTRtRvnS6r3eoAR2910LcKCAFzv9PAJS1PyggN/vMfCGc7V3PWOZPy8LK/9Bn
tM3Bqm3A8nleLlXY+IbEvrtjvfgyEpdR7s39g4254QIDAQABo4IClDCCApAwHQYD
VR0OBBYEFPtWhmHMF7zHTI3ElG6lrOKR4T0GMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEkBggrBgEFBQcBCwSCARYwggESMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVmLzZjOGU4ZC0zMDIzLTRjYmYt
YTBmZS01ZmM5NjM4OGI2NjIvMS8wfQYIKwYBBQUHMAqGcXJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYvNmM4ZThkLTMwMjMtNGNiZi1h
MGZlLTVmYzk2Mzg4YjY2Mi8xLzEtMWFHWWN3WHZNZE1qY1NVYnFXczRwSGhQUVku
bWZ0MDIGCCsGAQUFBzANhiZodHRwczovL3JyZHAucmlwZS5uZXQvbm90aWZpY2F0
aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5j
cmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0w
DAQCAAEwBgMEAsEmLDANBAIAAjAHAwUDKg1nQDANBgkqhkiG9w0BAQsFAAOCAQEA
rp5zQUcyXvN27jyQFp4kF3K1JpcGHc0auejUV4MyfbXHp8Dait68pu+0+i6O1yFQ
kH0zk07P+6oSpT9XF7cLqnZYItTzVC4iUGq1Z1zVWxLxoAJxLdPPfmRuWViGOSnn
mld+tx8faNvGkT6hcn2cGtjpFSp1UWx3dKPgUL+gL0IavlYO9O0TKsRcE95ui7dq
j/cG0gSCbnFKHqw3XaEUy05/8GLMbg2qIknAQnhKYwHfuu/u8O1CdEMCUsqpcpkB
Dw18x68q89UoGeoFe6P2BoXCsctxGf4ULQv+J7i7U2k+1KAChXlyu8DTDf10Fdlf
3HWT3C6SlB5bhCNRtoLpsQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:05 2023 by rpki-client on console-fra.rpki-client.org