Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2y4HqEBiXEwCBjDH8BUyHEko_HE.cer
File:                     2y4HqEBiXEwCBjDH8BUyHEko_HE.cer (raw, json)
Hash identifier:          LN4EqHXSg3H8pyJy7p9OICPChVkpMx+2DVFpalOSLps=
Subject key identifier:   DB:2E:07:A8:40:62:5C:4C:02:06:30:C7:F0:15:32:1C:49:28:FC:71
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       A28F34449C
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/06/65ccd7-10b8-4af1-89a0-a28957f0206c/1/2y4HqEBiXEwCBjDH8BUyHEko_HE.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/06/65ccd7-10b8-4af1-89a0-a28957f0206c/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sat 01 Jan 2022 08:56:05 +0000
Certificate not after:    Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources:    AS: 205741
                          IP: 185.207.208.0/22
                          IP: 2a0b:2c40::/29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 698187269276 (0xa28f34449c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 08:56:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=db2e07a840625c4c020630c7f015321c4928fc71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:c5:f2:f4:be:3f:6b:79:70:5f:4c:63:81:ac:
                    c9:ec:2b:71:60:4a:27:87:fb:de:24:e9:5e:56:6e:
                    ab:af:72:d8:e4:a7:af:19:1c:5b:85:8d:49:ac:47:
                    72:e0:66:04:85:78:83:42:ae:48:29:6b:78:50:6b:
                    02:2a:bd:3d:13:77:91:4d:77:8d:21:17:f6:e0:a8:
                    80:b2:52:ad:bd:f1:1a:0b:1e:7d:bf:53:2d:c2:5f:
                    04:cf:3c:61:ca:ca:f3:ee:b0:46:b6:4c:ff:36:9f:
                    a3:54:f4:bb:4e:91:d9:e1:4a:68:57:dc:76:d1:0c:
                    da:df:b9:37:02:ac:56:28:1a:cd:ed:32:a5:09:e1:
                    21:91:b5:7c:f7:e2:eb:16:98:29:8a:63:98:43:a3:
                    17:a7:90:94:6b:89:53:1d:11:08:25:fe:6e:2d:e2:
                    43:1c:77:b2:7e:0d:dd:7f:8b:8f:ce:e5:d1:4d:8e:
                    ce:0c:57:12:b1:90:72:82:85:bf:e2:e4:b6:80:db:
                    d7:1e:6d:0e:83:03:ef:39:95:02:54:90:a1:50:ec:
                    dd:01:f4:e9:1f:6f:be:12:b4:39:c6:24:2a:0b:10:
                    cc:f2:36:37:4b:10:c7:63:6e:46:07:8a:be:72:73:
                    a2:5a:4e:90:52:a1:66:47:96:bc:75:6c:ba:02:24:
                    6b:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:2E:07:A8:40:62:5C:4C:02:06:30:C7:F0:15:32:1C:49:28:FC:71
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/65ccd7-10b8-4af1-89a0-a28957f0206c/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/65ccd7-10b8-4af1-89a0-a28957f0206c/1/2y4HqEBiXEwCBjDH8BUyHEko_HE.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.207.208.0/22
                IPv6:
                  2a0b:2c40::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  205741

    Signature Algorithm: sha256WithRSAEncryption
         77:f7:97:9f:e5:2c:c1:e7:70:d5:53:0d:c2:b8:fe:97:e9:c9:
         03:ec:b5:ba:5c:33:ec:96:15:59:1e:46:0c:b8:1b:07:36:a4:
         8e:5f:43:03:ab:d2:e8:0f:fb:c4:13:2f:3c:5e:9c:0e:fc:e2:
         5f:98:7d:25:fe:42:d8:21:fd:80:69:5e:b3:63:d0:22:5f:aa:
         d4:83:25:79:03:73:87:9b:7b:75:99:95:ae:6a:3e:a6:ea:dc:
         14:f0:89:58:10:f3:fe:eb:14:b6:56:2e:59:6c:fa:ac:70:83:
         69:75:11:f8:7e:02:43:6e:25:1a:aa:12:c5:9e:0f:43:ea:79:
         69:04:97:58:a4:18:94:53:fd:53:41:ae:82:f9:28:4e:e7:4a:
         31:21:dc:41:9d:18:b4:a8:fb:f8:08:80:a0:21:e5:92:0e:cb:
         7f:4f:65:12:64:c5:e8:c4:35:e8:64:ed:81:dc:12:83:31:e6:
         43:d2:00:43:c4:99:7a:5b:08:43:35:83:0c:bf:d3:3d:b0:de:
         89:3f:33:d2:31:34:ae:6a:00:01:64:32:18:d1:c3:83:17:78:
         9d:c9:e8:17:ef:d0:4e:6b:50:b1:88:7c:81:dc:80:cc:92:96:
         c7:eb:c5:91:6f:bc:74:e9:b2:ed:64:0f:9f:8a:ea:be:17:32:
         71:e2:8d:af
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIGAKKPNEScMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDg1NjA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkYjJlMDdhODQw
NjI1YzRjMDIwNjMwYzdmMDE1MzIxYzQ5MjhmYzcxMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAssXy9L4/a3lwX0xjgazJ7CtxYEonh/veJOleVm6rr3LY
5KevGRxbhY1JrEdy4GYEhXiDQq5IKWt4UGsCKr09E3eRTXeNIRf24KiAslKtvfEa
Cx59v1Mtwl8Ezzxhysrz7rBGtkz/Np+jVPS7TpHZ4UpoV9x20Qza37k3AqxWKBrN
7TKlCeEhkbV89+LrFpgpimOYQ6MXp5CUa4lTHREIJf5uLeJDHHeyfg3df4uPzuXR
TY7ODFcSsZBygoW/4uS2gNvXHm0OgwPvOZUCVJChUOzdAfTpH2++ErQ5xiQqCxDM
8jY3SxDHY25GB4q+cnOiWk6QUqFmR5a8dWy6AiRrEQIDAQABo4ICrzCCAqswHQYD
VR0OBBYEFNsuB6hAYlxMAgYwx/AVMhxJKPxxMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA2LzY1Y2NkNy0xMGI4LTRhZjEt
ODlhMC1hMjg5NTdmMDIwNmMvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYvNjVjY2Q3LTEwYjgtNGFmMS04
OWEwLWEyODk1N2YwMjA2Yy8xLzJ5NEhxRUJpWEV3Q0JqREg4QlV5SEVrb19IRS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCuc/QMA0EAgACMAcDBQMqCyxAMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMjrTANBgkqhkiG9w0BAQsFAAOCAQEAd/eXn+Uswedw1VMNwrj+l+nJA+y1
ulwz7JYVWR5GDLgbBzakjl9DA6vS6A/7xBMvPF6cDvziX5h9Jf5C2CH9gGles2PQ
Il+q1IMleQNzh5t7dZmVrmo+purcFPCJWBDz/usUtlYuWWz6rHCDaXUR+H4CQ24l
GqoSxZ4PQ+p5aQSXWKQYlFP9U0GugvkoTudKMSHcQZ0YtKj7+AiAoCHlkg7Lf09l
EmTF6MQ16GTtgdwSgzHmQ9IAQ8SZelsIQzWDDL/TPbDeiT8z0jE0rmoAAWQyGNHD
gxd4ncnoF+/QTmtQsYh8gdyAzJKWx+vFkW+8dOmy7WQPn4rqvhcyceKNrw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:05 2023 by rpki-client on console-fra.rpki-client.org