Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3SgB3l6KOjbvB_dp6vGTJM9J-Pg.cer
File:                     3SgB3l6KOjbvB_dp6vGTJM9J-Pg.cer (raw, json)
Hash identifier:          p2lUx17FaiUQHIb9wzAzOwGG8QgoGOj7jrvJKsTvzxw=
Subject key identifier:   DD:28:01:DE:5E:8A:3A:36:EF:07:F7:69:EA:F1:93:24:CF:49:F8:F8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       80D183B4BC
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/5f/240145-6098-4b55-8bbb-19ed7fddbdcc/1/3SgB3l6KOjbvB_dp6vGTJM9J-Pg.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/5f/240145-6098-4b55-8bbb-19ed7fddbdcc/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 01 Jan 2021 05:05:37 +0000
Certificate not after:    Fri 01 Jul 2022 00:00:00 +0000
Subordinate resources:    IP: 45.88.68.0/22
                          IP: 2a07:4b40::/29

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 553270883516 (0x80d183b4bc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 05:05:37 2021 GMT
            Not After : Jul  1 00:00:00 2022 GMT
        Subject: CN=dd2801de5e8a3a36ef07f769eaf19324cf49f8f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:11:1b:59:06:3d:12:1d:8b:3f:6c:43:86:28:
                    72:76:20:c1:09:06:12:40:2c:2e:6d:82:b3:02:6a:
                    01:52:1a:e0:b1:80:b2:fe:82:a9:57:4c:1a:ad:59:
                    b2:35:be:32:24:1c:df:43:64:25:0c:1b:ff:66:34:
                    af:68:75:92:20:98:cc:90:fa:d8:5d:f4:4b:cf:3c:
                    78:72:51:28:07:4e:86:85:ef:77:b9:7d:2a:c4:b1:
                    b1:1c:95:e2:0c:77:aa:78:08:9c:a3:93:27:52:27:
                    67:6b:2b:8d:c8:18:90:f9:e9:f2:86:ac:5d:0a:71:
                    56:55:64:21:d3:d1:05:b0:e0:51:e1:83:c0:bd:a9:
                    ef:e0:d4:7c:1d:e8:3d:b9:6c:48:9f:ef:a5:9e:e3:
                    d2:d4:3b:0e:94:48:1c:bf:e4:b1:91:88:c0:70:d0:
                    7d:07:f1:ee:96:11:27:74:58:73:51:a2:05:cb:44:
                    26:51:59:08:10:ae:26:e3:87:ea:d4:e9:0e:5d:1b:
                    79:8e:a5:f2:8c:9b:b3:70:c1:6a:55:c0:1f:30:e7:
                    6d:ec:e4:f4:5b:73:1e:c1:6a:ec:37:be:4c:2e:07:
                    ff:ba:0f:0a:be:ea:cb:aa:8c:c8:79:00:d3:d8:d9:
                    02:21:ce:be:8f:cb:5e:b8:4e:69:61:4d:5b:34:b8:
                    05:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:28:01:DE:5E:8A:3A:36:EF:07:F7:69:EA:F1:93:24:CF:49:F8:F8
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/240145-6098-4b55-8bbb-19ed7fddbdcc/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/240145-6098-4b55-8bbb-19ed7fddbdcc/1/3SgB3l6KOjbvB_dp6vGTJM9J-Pg.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.88.68.0/22
                IPv6:
                  2a07:4b40::/29

    Signature Algorithm: sha256WithRSAEncryption
         aa:e5:0f:3b:1b:9e:9c:44:67:43:19:b3:cc:07:b6:80:b5:18:
         8a:43:df:0b:8e:79:24:fe:62:44:46:42:39:5a:e0:51:0c:18:
         d0:05:9c:91:53:47:7d:ae:a8:cf:c1:38:12:78:8b:39:78:82:
         a0:c8:37:76:0f:97:e0:8d:e4:73:57:de:69:0d:9e:b4:6d:99:
         f4:88:1a:6c:b3:8e:70:2a:92:62:ef:89:d2:bc:e8:d4:a0:50:
         a2:de:68:2d:a5:cf:ad:c3:89:3a:58:81:15:15:4c:26:3c:c0:
         8b:a7:e9:82:eb:55:7e:e7:fe:a3:99:79:d9:38:ce:ca:27:fb:
         71:f8:e9:fd:76:22:7a:bb:db:d1:db:78:50:d0:1c:47:bb:4e:
         3a:99:03:34:ba:30:c7:42:d4:6d:3e:dc:8c:1a:60:a6:8a:ee:
         fc:a3:7c:0e:e2:2a:38:4f:47:05:6b:ed:df:2b:38:5d:01:5c:
         9c:33:bf:52:1e:40:da:5c:89:bb:eb:df:15:74:6a:f8:6f:be:
         89:55:20:23:4f:b0:9f:ea:28:23:65:3a:9a:98:d6:ac:cd:49:
         a2:61:d6:22:75:03:1a:57:2c:73:80:0a:86:1b:b4:51:bd:3a:
         6c:95:31:3a:c5:c9:0f:72:4f:c3:fa:2f:d3:a6:f1:2a:8f:a1:
         e8:71:f6:1f
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIGAIDRg7S8MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjEw
MTAxMDUwNTM3WhcNMjIwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkZDI4MDFkZTVl
OGEzYTM2ZWYwN2Y3NjllYWYxOTMyNGNmNDlmOGY4MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAqxEbWQY9Eh2LP2xDhihydiDBCQYSQCwubYKzAmoBUhrg
sYCy/oKpV0warVmyNb4yJBzfQ2QlDBv/ZjSvaHWSIJjMkPrYXfRLzzx4clEoB06G
he93uX0qxLGxHJXiDHeqeAico5MnUidnayuNyBiQ+enyhqxdCnFWVWQh09EFsOBR
4YPAvanv4NR8Heg9uWxIn++lnuPS1DsOlEgcv+SxkYjAcNB9B/HulhEndFhzUaIF
y0QmUVkIEK4m44fq1OkOXRt5jqXyjJuzcMFqVcAfMOdt7OT0W3MewWrsN75MLgf/
ug8KvurLqozIeQDT2NkCIc6+j8teuE5pYU1bNLgFXwIDAQABo4ICkzCCAo8wHQYD
VR0OBBYEFN0oAd5eijo27wf3aerxkyTPSfj4MB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVmLzI0MDE0NS02MDk4LTRiNTUt
OGJiYi0xOWVkN2ZkZGJkY2MvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYvMjQwMTQ1LTYwOTgtNGI1NS04
YmJiLTE5ZWQ3ZmRkYmRjYy8xLzNTZ0IzbDZLT2pidkJfZHA2dkdUSk05Si1QZy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCLVhEMA0EAgACMAcDBQMqB0tAMA0GCSqGSIb3DQEBCwUAA4IBAQCq
5Q87G56cRGdDGbPMB7aAtRiKQ98Ljnkk/mJERkI5WuBRDBjQBZyRU0d9rqjPwTgS
eIs5eIKgyDd2D5fgjeRzV95pDZ60bZn0iBpss45wKpJi74nSvOjUoFCi3mgtpc+t
w4k6WIEVFUwmPMCLp+mC61V+5/6jmXnZOM7KJ/tx+On9diJ6u9vR23hQ0BxHu046
mQM0ujDHQtRtPtyMGmCmiu78o3wO4io4T0cFa+3fKzhdAVycM79SHkDaXIm7698V
dGr4b76JVSAjT7Cf6igjZTqamNaszUmiYdYidQMaVyxzgAqGG7RRvTpslTE6xckP
ck/D+i/TpvEqj6HocfYf
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:29 2023 by rpki-client on console-ams.rpki-client.org