Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9SGnQJ7Ukuqnr6cAffxZQjtYgpw.cer
File:                     9SGnQJ7Ukuqnr6cAffxZQjtYgpw.cer (raw, json)
Hash identifier:          fX/b34HfT+X+CGl2QxrdeYIFmj7oyyVqdi+Zp7yHScE=
Subject key identifier:   F5:21:A7:40:9E:D4:92:EA:A7:AF:A7:00:7D:FC:59:42:3B:58:82:9C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       A7ABDFF199
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/a1/6f4855-c1e4-4499-a077-1acbfc4965c4/1/9SGnQJ7Ukuqnr6cAffxZQjtYgpw.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/a1/6f4855-c1e4-4499-a077-1acbfc4965c4/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sat 01 Jan 2022 13:03:50 +0000
Certificate not after:    Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources:    IP: 193.57.84.0/22
                          IP: 193.57.132.0/22
                          IP: 194.4.0.0/21
                          IP: 194.4.10.0 -- 194.4.13.255

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 720143118745 (0xa7abdff199)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 13:03:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f521a7409ed492eaa7afa7007dfc59423b58829c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:02:8d:15:d7:98:83:2b:55:b7:34:dd:99:17:
                    9c:22:af:11:c6:31:44:b3:cf:db:fc:0a:d5:ae:e1:
                    61:c9:89:11:b1:a9:20:52:d7:94:b8:25:3e:cc:1d:
                    b3:1d:5c:07:ae:ee:f6:39:8a:44:b6:35:28:10:be:
                    7e:83:50:22:11:dd:e2:98:90:d9:be:f8:b2:ce:be:
                    75:e2:85:4b:9f:b4:b7:a8:0c:77:8c:6c:8a:5d:4c:
                    70:fe:f8:74:b2:50:6a:a5:6f:9d:5a:f6:d3:48:86:
                    23:da:cb:1d:0c:bf:cb:6f:a8:e7:7d:a4:ba:8d:91:
                    7e:df:85:41:9a:80:9b:2b:ec:1d:09:6e:92:f8:3d:
                    e1:5b:6e:1f:2b:d6:cf:85:13:6b:cf:29:18:c4:96:
                    7a:ab:e4:16:5e:11:44:15:3b:18:bb:83:d7:4f:a6:
                    81:3e:8b:6d:4d:63:1d:f3:36:c7:95:2d:3c:e3:43:
                    a3:b3:2e:68:6b:cd:72:e0:ed:99:c1:43:87:a7:72:
                    70:94:43:f4:45:f5:08:15:c6:e7:13:f4:e3:52:54:
                    05:a1:25:86:e3:34:d0:31:d1:30:2e:83:e8:5c:46:
                    56:95:da:10:77:29:9a:6e:74:2e:a2:de:1c:5f:4c:
                    eb:4a:63:a6:e6:71:e2:e4:09:3d:c2:7f:db:7e:45:
                    39:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:21:A7:40:9E:D4:92:EA:A7:AF:A7:00:7D:FC:59:42:3B:58:82:9C
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/6f4855-c1e4-4499-a077-1acbfc4965c4/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/6f4855-c1e4-4499-a077-1acbfc4965c4/1/9SGnQJ7Ukuqnr6cAffxZQjtYgpw.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.57.84.0/22
                  193.57.132.0/22
                  194.4.0.0/21
                  194.4.10.0-194.4.13.255

    Signature Algorithm: sha256WithRSAEncryption
         54:0a:15:4d:8e:af:82:fb:9e:1b:dc:b2:14:da:b9:50:70:5d:
         fc:25:87:61:50:75:c8:d7:9e:b2:2f:ad:a5:70:f4:b5:49:d3:
         c5:12:74:9d:0b:92:42:8f:3a:08:b5:30:78:08:f2:cf:ae:b6:
         bc:04:68:0d:ee:1a:7e:fd:12:23:56:57:30:85:a9:1f:f3:33:
         54:b4:ca:31:1c:ac:a6:b5:c1:04:d5:e1:a0:a6:67:4d:14:63:
         e7:2a:9f:29:b4:28:40:4b:f2:d3:fc:39:d0:ff:a0:d5:0e:02:
         e6:fb:5d:92:f6:4a:b8:51:a2:4a:8a:10:24:b2:d1:ea:1c:1f:
         11:12:a6:55:27:c9:bd:2a:df:22:c1:6c:0b:63:3f:27:78:a7:
         ee:79:33:28:84:e8:12:e6:2a:53:6b:f9:f7:14:c2:23:51:fa:
         f4:f6:e0:bf:ff:ca:63:15:1b:dd:f3:7e:1b:85:d1:57:d0:de:
         9b:55:ec:f5:74:d8:1f:e2:26:7b:70:ef:cb:7b:a2:aa:c1:71:
         7a:35:7a:01:45:90:49:e1:3e:36:ab:ef:b1:87:c1:d1:4e:6d:
         37:19:97:ad:9d:e7:19:e0:a4:c1:36:34:fa:86:ba:5a:19:1b:
         0b:7d:ee:d0:f8:e4:be:84:4a:9a:5d:b4:8b:7d:62:a8:f5:69:
         5b:35:b8:f6
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgIGAKer3/GZMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTMwMzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmNTIxYTc0MDll
ZDQ5MmVhYTdhZmE3MDA3ZGZjNTk0MjNiNTg4MjljMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAlAKNFdeYgytVtzTdmRecIq8RxjFEs8/b/ArVruFhyYkR
sakgUteUuCU+zB2zHVwHru72OYpEtjUoEL5+g1AiEd3imJDZvviyzr514oVLn7S3
qAx3jGyKXUxw/vh0slBqpW+dWvbTSIYj2ssdDL/Lb6jnfaS6jZF+34VBmoCbK+wd
CW6S+D3hW24fK9bPhRNrzykYxJZ6q+QWXhFEFTsYu4PXT6aBPottTWMd8zbHlS08
40Ojsy5oa81y4O2ZwUOHp3JwlEP0RfUIFcbnE/TjUlQFoSWG4zTQMdEwLoPoXEZW
ldoQdymabnQuot4cX0zrSmOm5nHi5Ak9wn/bfkU5KwIDAQABo4ICnjCCApowHQYD
VR0OBBYEFPUhp0Ce1JLqp6+nAH38WUI7WIKcMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ExLzZmNDg1NS1jMWU0LTQ0OTkt
YTA3Ny0xYWNiZmM0OTY1YzQvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEvNmY0ODU1LWMxZTQtNDQ5OS1h
MDc3LTFhY2JmYzQ5NjVjNC8xLzlTR25RSjdVa3VxbnI2Y0FmZnhaUWp0WWdwdy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAm
BAIAATAgAwQCwTlUAwQCwTmEAwQDwgQAMAwDBAHCBAoDBAHCBAwwDQYJKoZIhvcN
AQELBQADggEBAFQKFU2Or4L7nhvcshTauVBwXfwlh2FQdcjXnrIvraVw9LVJ08US
dJ0LkkKPOgi1MHgI8s+utrwEaA3uGn79EiNWVzCFqR/zM1S0yjEcrKa1wQTV4aCm
Z00UY+cqnym0KEBL8tP8OdD/oNUOAub7XZL2SrhRokqKECSy0eocHxESplUnyb0q
3yLBbAtjPyd4p+55MyiE6BLmKlNr+fcUwiNR+vT24L//ymMVG93zfhuF0VfQ3ptV
7PV02B/iJntw78t7oqrBcXo1egFFkEnhPjar77GHwdFObTcZl62d5xngpME2NPqG
uloZGwt97tD45L6ESppdtIt9Yqj1aVs1uPY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:53 2023 by rpki-client on console-fra.rpki-client.org