Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3KFvYY5iEi8hkVMmjKizF-5NWmA.cer
File:                     3KFvYY5iEi8hkVMmjKizF-5NWmA.cer (raw, json)
Hash identifier:          ThH1RWy6yP7gacCC6H0n5+kQknDViMwp28DY7pcD2+I=
Subject key identifier:   DC:A1:6F:61:8E:62:12:2F:21:91:53:26:8C:A8:B3:17:EE:4D:5A:60
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       806911213A
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/5b/ce98a9-f026-4b66-a270-fee0d81bfb63/1/3KFvYY5iEi8hkVMmjKizF-5NWmA.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/5b/ce98a9-f026-4b66-a270-fee0d81bfb63/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 01 Jan 2021 04:53:08 +0000
Certificate not after:    Fri 01 Jul 2022 00:00:00 +0000
Subordinate resources:    AS: 2118

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 551518544186 (0x806911213a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 04:53:08 2021 GMT
            Not After : Jul  1 00:00:00 2022 GMT
        Subject: CN=dca16f618e62122f219153268ca8b317ee4d5a60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:b2:4d:a6:4f:20:e2:b2:c8:9a:a1:05:41:1e:
                    c1:28:68:89:c3:74:ac:68:b3:8d:6e:d4:87:78:8f:
                    f2:4d:73:b8:33:74:e7:1b:63:4f:14:a3:34:e0:ee:
                    29:be:75:7c:d6:8b:89:8e:cf:62:44:9d:69:5a:99:
                    e9:b8:f1:23:8f:c6:b1:22:fc:c5:75:11:9a:47:da:
                    35:9f:3d:9e:b2:ea:71:a1:82:5c:75:35:4f:b1:40:
                    82:86:18:68:7a:f2:18:98:b3:00:5d:ff:9c:07:61:
                    19:e5:b0:87:1f:6c:3c:1d:e6:20:9e:a7:47:03:68:
                    43:90:69:ef:dc:c7:0e:70:a5:a4:b0:5d:de:9d:e0:
                    81:52:bd:c3:ec:eb:b9:e4:e8:ea:3f:12:aa:76:62:
                    93:c1:5c:90:4c:85:c8:de:f7:31:47:a0:25:fb:a5:
                    a9:9f:c0:7f:a4:7e:1c:81:3c:6a:f4:25:8a:ab:32:
                    15:2b:82:80:29:f7:3d:f8:dd:c2:ea:45:de:55:93:
                    c4:ef:df:b5:5e:98:82:84:ae:52:20:af:63:95:41:
                    29:02:3b:ef:e9:19:ca:1e:82:e4:d4:d9:af:41:d0:
                    73:fe:f1:0e:2c:46:fd:00:23:26:51:bb:c6:81:59:
                    21:9a:e2:ca:2c:69:fc:cc:65:98:4a:fa:5f:be:de:
                    5a:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:A1:6F:61:8E:62:12:2F:21:91:53:26:8C:A8:B3:17:EE:4D:5A:60
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/ce98a9-f026-4b66-a270-fee0d81bfb63/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/ce98a9-f026-4b66-a270-fee0d81bfb63/1/3KFvYY5iEi8hkVMmjKizF-5NWmA.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  2118

    Signature Algorithm: sha256WithRSAEncryption
         6b:e6:35:7f:c0:e6:2a:eb:cd:93:f7:0a:68:7a:e0:a7:9d:54:
         81:4b:12:68:3a:ca:7b:9f:75:cc:06:7d:c0:a2:53:13:9b:a2:
         c5:f8:00:ee:91:42:26:bd:7b:0d:81:49:cf:24:d1:ac:f8:f5:
         2b:f1:52:ac:d5:c2:17:b8:b2:6b:dc:56:7f:0f:7a:3b:b6:bd:
         d9:63:4f:dd:6e:51:9d:06:9d:e4:54:f6:37:f4:b5:20:9b:fb:
         ee:2f:3d:73:e9:2f:26:47:de:51:93:89:97:fe:96:15:4f:cc:
         b3:10:42:0f:6c:0d:b7:dc:f5:25:23:bb:32:87:56:4d:06:88:
         69:24:ad:37:18:09:51:de:27:0a:5f:b3:d4:25:5d:82:2e:7d:
         d5:50:d7:31:2b:f2:50:48:57:6e:6b:42:50:7f:d2:47:19:b2:
         58:22:9a:51:ac:74:9d:34:5f:3b:d9:55:76:0f:c9:c2:7d:f3:
         c3:ea:7a:36:9d:bb:ca:b4:55:59:50:ea:12:03:7d:8c:9e:db:
         d8:6a:38:35:24:5b:64:e7:54:04:ed:c3:cd:60:23:ff:9b:9d:
         d3:71:95:67:32:f4:02:06:c2:c2:5c:cd:6c:e9:72:06:54:79:
         26:f1:fc:70:ff:54:dd:bc:bb:3b:42:8a:e1:3c:62:07:40:98:
         3b:c4:5f:bc
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgIGAIBpESE6MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjEw
MTAxMDQ1MzA4WhcNMjIwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkY2ExNmY2MThl
NjIxMjJmMjE5MTUzMjY4Y2E4YjMxN2VlNGQ1YTYwMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEApbJNpk8g4rLImqEFQR7BKGiJw3SsaLONbtSHeI/yTXO4
M3TnG2NPFKM04O4pvnV81ouJjs9iRJ1pWpnpuPEjj8axIvzFdRGaR9o1nz2esupx
oYJcdTVPsUCChhhoevIYmLMAXf+cB2EZ5bCHH2w8HeYgnqdHA2hDkGnv3McOcKWk
sF3eneCBUr3D7Ou55OjqPxKqdmKTwVyQTIXI3vcxR6Al+6Wpn8B/pH4cgTxq9CWK
qzIVK4KAKfc9+N3C6kXeVZPE79+1XpiChK5SIK9jlUEpAjvv6RnKHoLk1NmvQdBz
/vEOLEb9ACMmUbvGgVkhmuLKLGn8zGWYSvpfvt5aZQIDAQABo4ICfjCCAnowHQYD
VR0OBBYEFNyhb2GOYhIvIZFTJoyosxfuTVpgMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzViL2NlOThhOS1mMDI2LTRiNjYt
YTI3MC1mZWUwZDgxYmZiNjMvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIvY2U5OGE5LWYwMjYtNGI2Ni1h
MjcwLWZlZTBkODFiZmI2My8xLzNLRnZZWTVpRWk4aGtWTW1qS2l6Ri01TldtQS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBkGCCsGAQUFBwEIAQH/BAowCKAG
MAQCAghGMA0GCSqGSIb3DQEBCwUAA4IBAQBr5jV/wOYq682T9wpoeuCnnVSBSxJo
Osp7n3XMBn3AolMTm6LF+ADukUImvXsNgUnPJNGs+PUr8VKs1cIXuLJr3FZ/D3o7
tr3ZY0/dblGdBp3kVPY39LUgm/vuLz1z6S8mR95Rk4mX/pYVT8yzEEIPbA233PUl
I7syh1ZNBohpJK03GAlR3icKX7PUJV2CLn3VUNcxK/JQSFdua0JQf9JHGbJYIppR
rHSdNF872VV2D8nCffPD6no2nbvKtFVZUOoSA32MntvYajg1JFtk51QE7cPNYCP/
m53TcZVnMvQCBsLCXM1s6XIGVHkm8fxw/1TdvLs7QorhPGIHQJg7xF+8
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:29 2023 by rpki-client on console-ams.rpki-client.org