Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5mnokBVXQr_6f_tSbuHhMThCp2Q.cer
File:                     5mnokBVXQr_6f_tSbuHhMThCp2Q.cer (raw, json)
Hash identifier:          l5XFuGJMp3Yv2K0D1Y7tQDN9lCCP1vAwXPKKdEwHDAw=
Subject key identifier:   E6:69:E8:90:15:57:42:BF:FA:7F:FB:52:6E:E1:E1:31:38:42:A7:64
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       AA2F807393
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/a9/77961e-c308-4de1-838d-f52f6d6e59e2/1/5mnokBVXQr_6f_tSbuHhMThCp2Q.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/a9/77961e-c308-4de1-838d-f52f6d6e59e2/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sat 01 Jan 2022 15:05:46 +0000
Certificate not after:    Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources:    AS: 29374
                          AS: 31545
                          IP: 193.16.109.0/24
                          IP: 195.149.94.0/24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 730941387667 (0xaa2f807393)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 15:05:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e669e890155742bffa7ffb526ee1e1313842a764
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:7d:a6:03:44:32:15:9f:c4:15:71:a5:4d:ca:
                    a5:15:9c:19:86:9b:ea:9f:c4:d0:1c:2c:c9:ae:99:
                    fc:39:70:dc:4d:e2:c6:e8:cc:ab:b2:b0:d5:1e:af:
                    d7:7f:da:25:09:05:5a:8e:c6:a9:c3:d2:b0:2f:48:
                    b9:90:cd:82:1c:c7:b2:04:3a:b9:b7:6b:56:d5:9d:
                    b3:a3:d5:da:53:7f:20:9a:6d:5d:48:0e:2e:49:36:
                    bd:61:eb:ab:34:f5:27:3f:94:36:ca:56:f4:79:50:
                    8d:d1:cf:57:e6:0c:a8:30:67:b9:df:a0:79:71:eb:
                    82:f7:e8:6c:d7:dd:a3:9e:4f:c8:85:6d:33:b5:89:
                    47:21:e8:17:79:cb:e6:15:57:94:75:27:aa:1c:c2:
                    02:a2:66:74:49:22:cd:68:14:46:68:8a:e3:c6:bd:
                    8a:a3:be:c5:b2:ef:e8:00:c6:74:64:64:f7:48:84:
                    75:59:04:41:97:04:48:d8:fa:1a:8a:b1:e2:bc:f7:
                    13:09:c8:f4:54:db:81:d3:91:92:e3:1d:13:f8:89:
                    03:d1:c3:e1:96:60:db:75:75:ae:a1:81:b0:b5:3a:
                    28:ac:0e:b0:31:df:f2:d8:2f:7a:98:0f:2f:da:bd:
                    39:67:7a:37:d1:dc:24:c9:28:fe:22:aa:31:ba:de:
                    28:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:69:E8:90:15:57:42:BF:FA:7F:FB:52:6E:E1:E1:31:38:42:A7:64
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/77961e-c308-4de1-838d-f52f6d6e59e2/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/77961e-c308-4de1-838d-f52f6d6e59e2/1/5mnokBVXQr_6f_tSbuHhMThCp2Q.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.16.109.0/24
                  195.149.94.0/24

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  29374
                  31545

    Signature Algorithm: sha256WithRSAEncryption
         4c:40:aa:1e:92:67:7d:0b:5f:8c:28:3e:68:30:10:52:31:09:
         43:cb:1c:f4:0e:46:9e:47:8e:fe:22:b8:57:e2:00:ba:06:d8:
         33:b6:71:7b:d1:b7:aa:1e:4c:d9:f6:ef:01:30:c4:df:c4:d5:
         08:e0:d6:e5:d4:c3:8d:39:3d:6f:93:1e:f1:3b:20:72:8e:29:
         68:ce:78:84:0c:6f:5d:78:5a:6c:d2:e5:26:7d:84:56:86:6b:
         73:ec:4d:4e:14:ab:0c:71:91:05:c1:31:80:a2:b4:e5:80:25:
         62:6f:7a:0a:03:1c:3c:03:95:d4:08:4a:1d:a1:9a:8a:70:1b:
         a9:80:d5:01:22:e2:f1:24:8a:34:b4:a6:e0:03:8e:32:d0:08:
         65:a4:86:4a:08:9c:86:c5:56:00:ab:5e:1c:47:09:f9:2c:1e:
         41:a5:5b:fc:b4:4e:7e:c5:5f:94:f2:62:20:5c:25:a2:37:7c:
         98:e2:41:ee:cd:b4:26:c7:42:56:f0:c2:b4:bb:9a:61:27:81:
         b8:38:f4:ea:0e:d9:db:36:6c:e4:2f:48:d3:0b:99:d4:e3:cf:
         c5:7b:44:52:e7:66:cf:75:e0:4e:c1:dd:42:bd:67:76:85:56:
         43:98:98:36:c0:8b:6d:f3:7b:d2:62:89:ee:60:25:53:17:e4:
         b5:1b:c4:c8
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIGAKovgHOTMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTUwNTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlNjY5ZTg5MDE1
NTc0MmJmZmE3ZmZiNTI2ZWUxZTEzMTM4NDJhNzY0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEArX2mA0QyFZ/EFXGlTcqlFZwZhpvqn8TQHCzJrpn8OXDc
TeLG6MyrsrDVHq/Xf9olCQVajsapw9KwL0i5kM2CHMeyBDq5t2tW1Z2zo9XaU38g
mm1dSA4uSTa9YeurNPUnP5Q2ylb0eVCN0c9X5gyoMGe536B5ceuC9+hs192jnk/I
hW0ztYlHIegXecvmFVeUdSeqHMIComZ0SSLNaBRGaIrjxr2Ko77Fsu/oAMZ0ZGT3
SIR1WQRBlwRI2PoairHivPcTCcj0VNuB05GS4x0T+IkD0cPhlmDbdXWuoYGwtToo
rA6wMd/y2C96mA8v2r05Z3o30dwkySj+Iqoxut4oaQIDAQABo4ICqTCCAqUwHQYD
VR0OBBYEFOZp6JAVV0K/+n/7Um7h4TE4QqdkMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E5Lzc3OTYxZS1jMzA4LTRkZTEt
ODM4ZC1mNTJmNmQ2ZTU5ZTIvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkvNzc5NjFlLWMzMDgtNGRlMS04
MzhkLWY1MmY2ZDZlNTllMi8xLzVtbm9rQlZYUXJfNmZfdFNidUhoTVRoQ3AyUS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDAS
BAIAATAMAwQAwRBtAwQAw5VeMB0GCCsGAQUFBwEIAQH/BA4wDKAKMAgCAnK+AgJ7
OTANBgkqhkiG9w0BAQsFAAOCAQEATECqHpJnfQtfjCg+aDAQUjEJQ8sc9A5GnkeO
/iK4V+IAugbYM7Zxe9G3qh5M2fbvATDE38TVCODW5dTDjTk9b5Me8Tsgco4paM54
hAxvXXhabNLlJn2EVoZrc+xNThSrDHGRBcExgKK05YAlYm96CgMcPAOV1AhKHaGa
inAbqYDVASLi8SSKNLSm4AOOMtAIZaSGSgichsVWAKteHEcJ+SweQaVb/LROfsVf
lPJiIFwlojd8mOJB7s20JsdCVvDCtLuaYSeBuDj06g7Z2zZs5C9I0wuZ1OPPxXtE
Uudmz3XgTsHdQr1ndoVWQ5iYNsCLbfN70mKJ7mAlUxfktRvEyA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:36 2023 by rpki-client on console-ams.rpki-client.org