Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4HxNfBgxVgANE8-FMHvlMNHwTSQ.cer
File:                     4HxNfBgxVgANE8-FMHvlMNHwTSQ.cer (raw, json)
Hash identifier:          5UA/Q087Wm7tm7Mod8rstfXQ0SSBK5Pltst0uMdb9o8=
Subject key identifier:   E0:7C:4D:7C:18:31:56:00:0D:13:CF:85:30:7B:E5:30:D1:F0:4D:24
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       9CB70CF98A
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/43/a09832-e029-4105-8e0f-b6e6ae0d69f1/1/4HxNfBgxVgANE8-FMHvlMNHwTSQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/43/a09832-e029-4105-8e0f-b6e6ae0d69f1/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sat 01 Jan 2022 03:54:31 +0000
Certificate not after:    Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources:    IP: 141.64.0.0/16

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 673085979018 (0x9cb70cf98a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 03:54:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e07c4d7c183156000d13cf85307be530d1f04d24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:b8:1b:ab:ac:fb:23:c4:65:92:56:6c:04:8d:
                    35:15:b9:b2:da:a3:9b:06:b3:9b:e2:fc:6f:bf:35:
                    ce:3e:4a:4a:37:cf:30:3e:fd:b8:41:00:de:bc:10:
                    82:d6:84:11:3a:92:a4:0f:b9:cc:24:c6:d8:01:ea:
                    05:81:89:cb:8c:fc:1a:5d:f5:ae:40:05:5f:80:6c:
                    4f:6f:0e:d8:e9:d6:58:69:75:1d:28:d9:dc:4f:45:
                    4d:08:12:a5:b9:8a:46:13:61:3b:04:8d:65:c1:61:
                    9c:5f:17:83:f8:49:1d:88:0e:a0:fc:bf:df:53:03:
                    9d:79:02:44:c0:33:1a:1a:be:29:38:c5:9f:43:ab:
                    80:15:39:01:2c:51:38:5a:17:d2:0f:3f:6e:3f:21:
                    54:c4:5d:7d:25:e6:ee:f6:8b:42:82:18:71:20:83:
                    22:92:bd:21:2e:af:e9:f5:97:be:b3:1e:6b:93:7f:
                    34:a4:9b:65:dd:39:ac:10:5c:96:45:61:cb:80:52:
                    b3:1d:7e:df:27:7a:c0:f0:44:9a:7c:aa:15:a0:f7:
                    0b:04:04:9d:f1:fa:ff:07:e3:31:84:3d:98:d0:0a:
                    d6:a6:48:fc:f8:d6:0b:c4:89:6d:e2:aa:21:bc:b7:
                    9c:65:1f:71:03:e0:e6:f4:6a:86:0a:53:62:6e:23:
                    48:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:7C:4D:7C:18:31:56:00:0D:13:CF:85:30:7B:E5:30:D1:F0:4D:24
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a09832-e029-4105-8e0f-b6e6ae0d69f1/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a09832-e029-4105-8e0f-b6e6ae0d69f1/1/4HxNfBgxVgANE8-FMHvlMNHwTSQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.64.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         54:33:7f:78:ea:c1:6d:c9:fc:dc:40:a2:e6:f0:6c:20:7e:d3:
         60:e9:b1:09:1a:ba:22:79:8a:9e:d4:ad:4f:19:a8:1c:08:87:
         b3:e6:3a:ae:f3:8b:40:62:be:1d:2c:58:6a:a7:e2:53:87:9f:
         a6:a1:bd:76:26:f7:ab:f2:09:12:a6:73:fb:be:34:95:57:f0:
         f7:e1:52:77:bc:d6:29:24:54:a7:41:54:bb:1c:19:5c:32:4d:
         1d:c5:76:b1:66:64:69:ca:9a:69:b1:db:b1:85:9d:2f:08:2c:
         e6:f7:d2:fe:90:7f:92:f1:e2:89:0c:6b:91:3a:b8:80:10:0d:
         b8:ae:02:c8:13:a4:e2:9d:b2:1a:0c:f0:50:17:4f:1e:91:ba:
         2a:9f:71:07:20:a0:d9:f3:07:98:ad:41:d5:6a:79:55:ee:b7:
         2c:59:1f:35:31:6e:35:1d:50:0d:dc:0a:96:5d:ef:f1:34:f3:
         81:0b:c4:91:e2:b9:09:4e:e6:d9:b8:81:a3:b7:5d:56:09:04:
         6f:1a:f0:0d:3c:b8:d1:a6:fa:49:6b:3e:43:7c:f9:eb:4c:7e:
         10:58:ba:92:1b:17:35:2e:4c:be:01:0f:ea:d8:e5:11:cb:ca:
         be:bc:25:07:0e:46:22:4b:86:75:f1:3a:44:54:7c:62:26:33:
         66:86:d1:70
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgIGAJy3DPmKMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDM1NDMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlMDdjNGQ3YzE4
MzE1NjAwMGQxM2NmODUzMDdiZTUzMGQxZjA0ZDI0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAtrgbq6z7I8RlklZsBI01Fbmy2qObBrOb4vxvvzXOPkpK
N88wPv24QQDevBCC1oQROpKkD7nMJMbYAeoFgYnLjPwaXfWuQAVfgGxPbw7Y6dZY
aXUdKNncT0VNCBKluYpGE2E7BI1lwWGcXxeD+EkdiA6g/L/fUwOdeQJEwDMaGr4p
OMWfQ6uAFTkBLFE4WhfSDz9uPyFUxF19Jebu9otCghhxIIMikr0hLq/p9Ze+sx5r
k380pJtl3TmsEFyWRWHLgFKzHX7fJ3rA8ESafKoVoPcLBASd8fr/B+MxhD2Y0ArW
pkj8+NYLxIlt4qohvLecZR9xA+Dm9GqGClNibiNIkwIDAQABo4ICgzCCAn8wHQYD
VR0OBBYEFOB8TXwYMVYADRPPhTB75TDR8E0kMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQzL2EwOTgzMi1lMDI5LTQxMDUt
OGUwZi1iNmU2YWUwZDY5ZjEvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDMvYTA5ODMyLWUwMjktNDEwNS04
ZTBmLWI2ZTZhZTBkNjlmMS8xLzRIeE5mQmd4VmdBTkU4LUZNSHZsTU5Id1RTUS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL
BAIAATAFAwMAjUAwDQYJKoZIhvcNAQELBQADggEBAFQzf3jqwW3J/NxAoubwbCB+
02DpsQkauiJ5ip7UrU8ZqBwIh7PmOq7zi0Bivh0sWGqn4lOHn6ahvXYm96vyCRKm
c/u+NJVX8PfhUne81ikkVKdBVLscGVwyTR3FdrFmZGnKmmmx27GFnS8ILOb30v6Q
f5Lx4okMa5E6uIAQDbiuAsgTpOKdshoM8FAXTx6RuiqfcQcgoNnzB5itQdVqeVXu
tyxZHzUxbjUdUA3cCpZd7/E084ELxJHiuQlO5tm4gaO3XVYJBG8a8A08uNGm+klr
PkN8+etMfhBYupIbFzUuTL4BD+rY5RHLyr68JQcORiJLhnXxOkRUfGImM2aG0XA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:52 2024 by rpki-client on console-ams.rpki-client.org