Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1-DY6f65S7A9Zk6IkMgqBUAJHYhc.cer
File:                     1-DY6f65S7A9Zk6IkMgqBUAJHYhc.cer (raw, json)
Hash identifier:          xzzjZpANieXL7HbOjkI2ZNcq2csmQ8TWMmSDDhuiaGc=
Subject key identifier:   F8:36:3A:7F:AE:52:EC:0F:59:93:A2:24:32:0A:81:50:02:47:62:17
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       620DAE3D18
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/34/e01dfd-9306-46a9-8490-8075a2d1fcae/1/1-DY6f65S7A9Zk6IkMgqBUAJHYhc.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/34/e01dfd-9306-46a9-8490-8075a2d1fcae/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 24 Feb 2020 15:27:22 +0000
Certificate not after:    Thu 01 Jul 2021 00:00:00 +0000
Subordinate resources:    AS: 48140
                          IP: 91.209.25.0/24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 421136317720 (0x620dae3d18)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Feb 24 15:27:22 2020 GMT
            Not After : Jul  1 00:00:00 2021 GMT
        Subject: CN=f8363a7fae52ec0f5993a224320a815002476217
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:87:4f:d9:fd:2e:8a:88:44:90:45:96:82:2b:
                    2f:4f:22:2f:9b:48:94:2a:00:ef:a2:ef:59:b9:cd:
                    41:e1:eb:d6:91:4c:03:aa:9c:5c:d6:74:17:cb:eb:
                    14:78:1c:6a:11:70:d3:3d:d1:a0:9a:f7:90:bd:cd:
                    e1:26:91:ee:7c:8c:e2:2c:f0:52:70:b2:f8:90:81:
                    1b:62:e3:7e:60:ae:e6:2e:53:c3:1d:ea:a9:9d:93:
                    18:49:a2:f3:3a:35:bf:53:86:6e:63:a3:96:a5:8f:
                    60:45:fc:e4:40:41:1a:6a:69:ac:7c:81:f9:b6:fe:
                    5d:19:d1:b4:f6:57:93:c8:e9:3a:27:dd:d0:1e:b0:
                    bf:86:e5:21:d9:aa:b2:af:ac:53:42:69:0a:b8:87:
                    95:f8:5a:4a:17:25:36:14:5b:3a:2c:80:a8:db:0e:
                    f5:f5:f6:e4:c5:f9:9d:5a:90:46:b7:cc:03:9f:04:
                    e0:1c:51:a3:11:2f:ae:46:c9:fd:78:22:b8:51:c1:
                    3c:ba:68:e3:32:89:7f:e3:78:d0:66:5e:54:27:bf:
                    20:41:91:ab:e5:8b:2b:f4:cc:ba:93:93:51:c1:ff:
                    8b:f5:05:6f:37:83:81:5b:06:0b:f9:aa:62:71:5c:
                    62:e8:8a:f8:3e:b6:c9:19:c2:01:fc:d6:bb:fc:b2:
                    63:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:36:3A:7F:AE:52:EC:0F:59:93:A2:24:32:0A:81:50:02:47:62:17
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/e01dfd-9306-46a9-8490-8075a2d1fcae/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/e01dfd-9306-46a9-8490-8075a2d1fcae/1/1-DY6f65S7A9Zk6IkMgqBUAJHYhc.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.209.25.0/24

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  48140

    Signature Algorithm: sha256WithRSAEncryption
         69:80:f7:5e:0a:90:da:04:51:f6:5f:fc:e0:44:a8:eb:81:63:
         d2:c9:45:3f:fe:b0:8e:2a:a2:a0:9a:55:27:9e:de:24:77:6f:
         99:f7:12:c6:ca:1a:bf:db:c3:fe:a2:c2:af:d8:d1:4d:be:7c:
         dd:b9:20:3a:76:9e:55:93:24:42:7f:b3:5c:8c:1a:69:41:fd:
         d4:9d:0c:0a:07:83:e4:bf:ec:a9:16:84:ae:c4:b5:56:18:37:
         c3:c1:b8:61:7b:df:ef:e2:45:90:8b:07:59:bc:19:7a:b1:cc:
         b8:26:d8:9e:4f:28:1d:7b:35:c2:8a:73:a0:22:8c:6f:7e:73:
         86:ff:39:cd:4d:eb:9d:d8:06:c2:a7:c8:f5:fd:cf:60:78:d1:
         df:85:da:d4:52:cf:78:d9:cc:5b:d8:7f:c2:9d:87:c5:8d:b1:
         5d:86:42:d3:fa:cc:fd:9c:9c:2a:bd:55:58:38:8f:e4:b4:f9:
         a8:83:09:c0:b7:64:c4:4c:7c:3c:f1:e7:76:55:dd:6f:5b:4c:
         be:b1:59:ce:52:d7:6a:41:8c:3d:4c:e1:18:1c:26:93:b4:52:
         71:5c:9e:5d:07:8e:00:7f:29:b5:45:ec:b4:e3:6e:2f:72:68:
         7c:ca:f2:94:2c:fc:39:c9:0d:a6:f1:01:f0:0e:20:97:2a:88:
         f1:6e:00:16
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIFYg2uPRgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
MmE5NGE4ZGQ1NTRhZTcwMTA3MjA5OWM3MGI2NDA3NTU1ZGRkZTY2OTAeFw0yMDAy
MjQxNTI3MjJaFw0yMTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGY4MzYzYTdmYWU1
MmVjMGY1OTkzYTIyNDMyMGE4MTUwMDI0NzYyMTcwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDch0/Z/S6KiESQRZaCKy9PIi+bSJQqAO+i71m5zUHh69aR
TAOqnFzWdBfL6xR4HGoRcNM90aCa95C9zeEmke58jOIs8FJwsviQgRti435gruYu
U8Md6qmdkxhJovM6Nb9Thm5jo5alj2BF/ORAQRpqaax8gfm2/l0Z0bT2V5PI6Ton
3dAesL+G5SHZqrKvrFNCaQq4h5X4WkoXJTYUWzosgKjbDvX19uTF+Z1akEa3zAOf
BOAcUaMRL65Gyf14IrhRwTy6aOMyiX/jeNBmXlQnvyBBkavliyv0zLqTk1HB/4v1
BW83g4FbBgv5qmJxXGLoivg+tskZwgH81rv8smOBAgMBAAGjggKhMIICnTAdBgNV
HQ4EFgQU+DY6f65S7A9Zk6IkMgqBUAJHYhcwHwYDVR0jBBgwFoAUKpSo3VVK5wEH
IJnHC2QHVV3d5mkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwYAYI
KwYBBQUHAQEEVDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9hY2EvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNlcjCC
ASQGCCsGAQUFBwELBIIBFjCCARIwXQYIKwYBBQUHMAWGUXJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQvZTAxZGZkLTkzMDYtNDZhOS04
NDkwLTgwNzVhMmQxZmNhZS8xLzB9BggrBgEFBQcwCoZxcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9lMDFkZmQtOTMwNi00NmE5LTg0
OTAtODA3NWEyZDFmY2FlLzEvMS1EWTZmNjVTN0E5Wms2SWtNZ3FCVUFKSFloYy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAW9EZMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwC8DDANBgkqhkiG
9w0BAQsFAAOCAQEAaYD3XgqQ2gRR9l/84ESo64Fj0slFP/6wjiqioJpVJ57eJHdv
mfcSxsoav9vD/qLCr9jRTb583bkgOnaeVZMkQn+zXIwaaUH91J0MCgeD5L/sqRaE
rsS1Vhg3w8G4YXvf7+JFkIsHWbwZerHMuCbYnk8oHXs1wopzoCKMb35zhv85zU3r
ndgGwqfI9f3PYHjR34Xa1FLPeNnMW9h/wp2HxY2xXYZC0/rM/ZycKr1VWDiP5LT5
qIMJwLdkxEx8PPHndlXdb1tMvrFZzlLXakGMPUzhGBwmk7RScVyeXQeOAH8ptUXs
tONuL3JofMrylCz8OckNpvEB8A4glyqI8W4AFg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:55 2023 by rpki-client on console-ams.rpki-client.org