Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ALH-iUBQnbrlrqlW8TK703onl1g.cer
File:                     ALH-iUBQnbrlrqlW8TK703onl1g.cer (raw, json)
Hash identifier:          5lRcRiM+BsPZuH45iIoIMV1P9ewaPwxhkk4ZAF1jKgE=
Subject key identifier:   00:B1:FE:89:40:50:9D:BA:E5:AE:A9:56:F1:32:BB:D3:7A:27:97:58
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       7FC43881B2
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/b3/a8bf23-e61d-4627-8150-b15947f5b413/1/ALH-iUBQnbrlrqlW8TK703onl1g.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/b3/a8bf23-e61d-4627-8150-b15947f5b413/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 01 Jan 2021 04:30:00 +0000
Certificate not after:    Fri 01 Jul 2022 00:00:00 +0000
Subordinate resources:    IP: 160.20.152.0/22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 548752884146 (0x7fc43881b2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 04:30:00 2021 GMT
            Not After : Jul  1 00:00:00 2022 GMT
        Subject: CN=00b1fe8940509dbae5aea956f132bbd37a279758
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:32:8a:45:31:49:4a:5c:ef:30:31:c4:33:0e:
                    fd:0c:53:2e:11:e1:84:4a:50:43:2d:c0:8c:c3:1f:
                    21:cf:4f:e9:51:16:aa:77:44:7c:a6:7c:7f:bf:c5:
                    89:57:07:00:fe:a9:3d:6f:9e:b1:67:ae:8d:d3:bb:
                    36:92:80:f9:73:e6:d5:41:16:c2:10:cd:4e:64:7c:
                    6a:46:4f:77:0b:9a:f2:80:39:f3:7e:25:de:47:f4:
                    b6:fd:36:7f:3c:08:bd:3a:a6:63:8a:80:8b:21:cc:
                    4a:0e:7a:d2:93:bd:62:5e:fa:7a:ee:9f:47:90:fd:
                    29:2f:84:c5:ff:51:a2:1b:90:df:df:e3:2b:a4:cf:
                    52:a3:dd:f1:b4:b1:40:1c:05:9e:98:81:f5:a8:5c:
                    ab:6e:a3:39:49:e8:6d:85:03:24:36:0c:b0:9a:f6:
                    6d:a0:66:fa:70:b1:40:cb:8a:bd:c3:63:48:e8:57:
                    b9:46:11:68:b7:54:34:37:ff:8b:36:1a:43:dd:2e:
                    be:0f:f9:7f:8a:98:18:8e:7f:ba:b5:0f:cd:47:af:
                    e0:66:41:f2:32:2a:c8:82:cf:f8:d1:75:46:6d:18:
                    97:6c:0c:6b:76:4a:f2:d2:78:33:c6:18:99:43:68:
                    72:0e:3c:26:ea:1e:c3:be:90:92:c6:91:fd:0b:f6:
                    49:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:B1:FE:89:40:50:9D:BA:E5:AE:A9:56:F1:32:BB:D3:7A:27:97:58
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/a8bf23-e61d-4627-8150-b15947f5b413/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/a8bf23-e61d-4627-8150-b15947f5b413/1/ALH-iUBQnbrlrqlW8TK703onl1g.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.20.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         07:3e:ca:ad:bb:b0:f9:b1:f3:9d:22:b2:3c:39:df:04:44:dd:
         3d:e4:e6:0b:6e:6a:bd:af:a8:88:1f:40:8b:cb:e7:b2:d4:db:
         62:f1:7b:6d:b5:4b:3e:0b:44:18:11:88:aa:20:8b:10:46:40:
         85:cb:a3:3f:3d:39:41:6c:c4:ea:e6:68:49:97:38:b3:0b:a9:
         a6:6a:b0:80:4c:b4:d5:ce:ee:f2:b2:6a:5e:5f:60:fb:9f:5b:
         13:d6:0a:d1:aa:dd:1b:6c:a5:06:d2:7e:f2:f3:2e:37:81:d1:
         53:ba:37:bc:71:d1:f7:48:0e:f6:a2:4e:57:82:85:11:87:c4:
         d8:aa:97:82:ee:5b:08:6c:ce:a9:0b:8e:4f:ed:45:96:77:9a:
         3a:d6:81:e7:bd:f5:96:ce:76:29:22:0a:6e:59:f0:33:b9:1c:
         9c:e9:a5:68:fa:70:b9:26:16:e7:f0:9c:c2:21:a0:d6:88:b5:
         a7:c5:83:ce:dd:86:8b:10:79:9a:af:59:74:c7:8b:04:ba:f8:
         c3:c3:00:e7:e8:d9:0c:0b:fb:be:2e:9d:28:39:88:07:c7:c7:
         d2:75:02:41:eb:86:fb:df:70:10:bc:92:f5:e8:f8:6a:45:9e:
         f5:a4:1a:40:fa:45:20:24:52:ba:9c:7d:58:2c:b9:67:f3:04:
         50:db:ae:7a
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgIFf8Q4gbIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
MmE5NGE4ZGQ1NTRhZTcwMTA3MjA5OWM3MGI2NDA3NTU1ZGRkZTY2OTAeFw0yMTAx
MDEwNDMwMDBaFw0yMjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDAwYjFmZTg5NDA1
MDlkYmFlNWFlYTk1NmYxMzJiYmQzN2EyNzk3NTgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsMopFMUlKXO8wMcQzDv0MUy4R4YRKUEMtwIzDHyHPT+lR
Fqp3RHymfH+/xYlXBwD+qT1vnrFnro3TuzaSgPlz5tVBFsIQzU5kfGpGT3cLmvKA
OfN+Jd5H9Lb9Nn88CL06pmOKgIshzEoOetKTvWJe+nrun0eQ/SkvhMX/UaIbkN/f
4yukz1Kj3fG0sUAcBZ6YgfWoXKtuozlJ6G2FAyQ2DLCa9m2gZvpwsUDLir3DY0jo
V7lGEWi3VDQ3/4s2GkPdLr4P+X+KmBiOf7q1D81Hr+BmQfIyKsiCz/jRdUZtGJds
DGt2SvLSeDPGGJlDaHIOPCbqHsO+kJLGkf0L9kmZAgMBAAGjggKEMIICgDAdBgNV
HQ4EFgQUALH+iUBQnbrlrqlW8TK703onl1gwHwYDVR0jBBgwFoAUKpSo3VVK5wEH
IJnHC2QHVV3d5mkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwYAYI
KwYBBQUHAQEEVDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9hY2EvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNlcjCC
ASMGCCsGAQUFBwELBIIBFTCCAREwXQYIKwYBBQUHMAWGUXJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMvYThiZjIzLWU2MWQtNDYyNy04
MTUwLWIxNTk0N2Y1YjQxMy8xLzB8BggrBgEFBQcwCoZwcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9hOGJmMjMtZTYxZC00NjI3LTgx
NTAtYjE1OTQ3ZjViNDEzLzEvQUxILWlVQlFuYnJscnFsVzhUSzcwM29ubDFnLm1m
dDAyBggrBgEFBQcwDYYmaHR0cHM6Ly9ycmRwLnJpcGUubmV0L25vdGlmaWNhdGlv
bi54bWwwWQYDVR0fBFIwUDBOoEygSoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvREVGQVVMVC9LcFNvM1ZWSzV3RUhJSm5IQzJRSFZWM2Q1bWsuY3Js
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwE
AgABMAYDBAKgFJgwDQYJKoZIhvcNAQELBQADggEBAAc+yq27sPmx850isjw53wRE
3T3k5gtuar2vqIgfQIvL57LU22Lxe221Sz4LRBgRiKogixBGQIXLoz89OUFsxOrm
aEmXOLMLqaZqsIBMtNXO7vKyal5fYPufWxPWCtGq3RtspQbSfvLzLjeB0VO6N7xx
0fdIDvaiTleChRGHxNiql4LuWwhszqkLjk/tRZZ3mjrWgee99ZbOdikiCm5Z8DO5
HJzppWj6cLkmFufwnMIhoNaItafFg87dhosQeZqvWXTHiwS6+MPDAOfo2QwL+74u
nSg5iAfHx9J1AkHrhvvfcBC8kvXo+GpFnvWkGkD6RSAkUrqcfVgsuWfzBFDbrno=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:59 2023 by rpki-client on console-ams.rpki-client.org