Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KOH0LFPzHXXRYVatug-uAr-RekQ.cer
File:                     KOH0LFPzHXXRYVatug-uAr-RekQ.cer (raw, json)
Hash identifier:          Gof5YfsaUXzL9SmyOHLv+F1tYoxaQi08DCMc23TbT74=
Subject key identifier:   28:E1:F4:2C:53:F3:1D:75:D1:61:56:AD:BA:0F:AE:02:BF:91:7A:44
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       9D3BF0B66C
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/77/e2cc90-971f-4957-ae39-9e72a29de9e2/1/KOH0LFPzHXXRYVatug-uAr-RekQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/77/e2cc90-971f-4957-ae39-9e72a29de9e2/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sat 01 Jan 2022 04:00:58 +0000
Certificate not after:    Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources:    AS: 8855
                          IP: 212.78.0.0/19
                          IP: 2a01:9a00::/32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 675315496556 (0x9d3bf0b66c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 04:00:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=28e1f42c53f31d75d16156adba0fae02bf917a44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:52:16:ff:5c:f6:a5:81:92:a4:d5:35:e8:79:
                    db:69:7f:2e:59:1e:e5:aa:9c:e2:b3:ad:54:ed:f2:
                    d3:33:bf:61:64:59:c2:9d:49:11:d1:7a:3e:fd:c4:
                    01:48:5f:df:13:08:80:30:d5:d4:b2:cf:5f:13:47:
                    3f:2e:20:2f:2c:b1:ac:cf:64:af:72:7b:71:8f:f7:
                    65:b6:48:29:b1:21:d5:d9:25:f0:74:12:36:53:59:
                    fd:3e:ad:47:d7:dc:b1:1f:a3:b4:91:08:9b:e6:4b:
                    82:d6:e8:a2:a7:1d:53:52:9d:70:3f:23:ee:4b:2f:
                    50:51:72:ab:6a:1b:ca:06:22:78:60:75:48:89:19:
                    9f:90:b9:9f:40:8a:f6:b0:34:b6:03:5e:99:b8:fb:
                    3e:61:c6:91:cc:34:9a:e9:6c:af:f6:c5:0e:94:32:
                    7a:55:d9:d3:7b:d5:f4:5f:d1:98:87:b3:67:b2:65:
                    9b:1a:21:ee:ae:b9:70:05:0d:ad:e9:05:df:47:37:
                    70:13:46:b8:3d:c3:3a:f1:52:61:37:43:14:f5:4e:
                    81:51:ef:f5:7c:fb:ef:9e:f4:fc:c7:d4:2e:b3:d3:
                    23:54:85:3b:42:de:b5:13:ff:28:56:72:28:82:2e:
                    d5:ba:c5:af:c8:00:14:77:4b:17:e6:05:12:3e:24:
                    38:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:E1:F4:2C:53:F3:1D:75:D1:61:56:AD:BA:0F:AE:02:BF:91:7A:44
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/e2cc90-971f-4957-ae39-9e72a29de9e2/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/e2cc90-971f-4957-ae39-9e72a29de9e2/1/KOH0LFPzHXXRYVatug-uAr-RekQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.78.0.0/19
                IPv6:
                  2a01:9a00::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  8855

    Signature Algorithm: sha256WithRSAEncryption
         8f:30:4f:43:f2:8c:82:12:98:6f:30:9b:57:22:81:05:85:5f:
         5f:ae:d2:df:68:a6:d9:4a:3b:da:c9:2c:6c:08:1d:58:c6:9f:
         47:66:b1:85:3e:dd:01:cc:50:cd:2d:0d:df:24:4e:8f:87:99:
         bc:1f:7b:86:c0:6b:d8:cc:8c:4a:76:61:93:60:36:fb:4f:e0:
         81:ae:ba:16:a2:83:b6:12:07:34:1e:6a:3c:65:a8:61:bc:9c:
         03:41:f7:ac:b5:2e:92:10:d2:2b:f1:9a:ae:36:eb:26:9f:d7:
         44:f3:ea:1a:fa:e9:98:39:83:56:8c:0c:62:5f:3f:5d:5e:5f:
         8c:69:b3:f4:2e:54:0e:df:e1:a7:fd:49:24:b2:f8:7e:13:a2:
         7d:26:64:5d:71:c8:4d:ff:d0:3a:94:a6:40:c5:85:a5:54:3f:
         5e:1d:ed:62:b0:8d:52:89:12:69:b1:20:7f:fc:fd:93:cd:25:
         53:35:b5:1d:61:13:fd:7c:79:ce:93:4d:53:75:82:cb:2d:b4:
         11:f0:21:c1:8e:14:86:7d:47:37:d0:59:1d:8d:03:b7:d4:35:
         75:b0:86:dc:0d:83:b8:88:f5:b0:f7:88:19:e2:7a:0e:3d:cd:
         a4:26:3c:b5:ce:f6:f2:95:aa:81:b2:c9:9c:27:5a:60:4c:e4:
         43:6b:84:ed
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIGAJ078LZsMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDQwMDU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyOGUxZjQyYzUz
ZjMxZDc1ZDE2MTU2YWRiYTBmYWUwMmJmOTE3YTQ0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAllIW/1z2pYGSpNU16HnbaX8uWR7lqpzis61U7fLTM79h
ZFnCnUkR0Xo+/cQBSF/fEwiAMNXUss9fE0c/LiAvLLGsz2Svcntxj/dltkgpsSHV
2SXwdBI2U1n9Pq1H19yxH6O0kQib5kuC1uiipx1TUp1wPyPuSy9QUXKrahvKBiJ4
YHVIiRmfkLmfQIr2sDS2A16ZuPs+YcaRzDSa6Wyv9sUOlDJ6VdnTe9X0X9GYh7Nn
smWbGiHurrlwBQ2t6QXfRzdwE0a4PcM68VJhN0MU9U6BUe/1fPvvnvT8x9Qus9Mj
VIU7Qt61E/8oVnIogi7VusWvyAAUd0sX5gUSPiQ4LwIDAQABo4ICrjCCAqowHQYD
VR0OBBYEFCjh9CxT8x110WFWrboPrgK/kXpEMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc3L2UyY2M5MC05NzFmLTQ5NTct
YWUzOS05ZTcyYTI5ZGU5ZTIvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcvZTJjYzkwLTk3MWYtNDk1Ny1h
ZTM5LTllNzJhMjlkZTllMi8xL0tPSDBMRlB6SFhYUllWYXR1Zy11QXItUmVrUS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQF1E4AMA0EAgACMAcDBQAqAZoAMBkGCCsGAQUFBwEIAQH/BAowCKAG
MAQCAiKXMA0GCSqGSIb3DQEBCwUAA4IBAQCPME9D8oyCEphvMJtXIoEFhV9frtLf
aKbZSjvaySxsCB1Yxp9HZrGFPt0BzFDNLQ3fJE6Ph5m8H3uGwGvYzIxKdmGTYDb7
T+CBrroWooO2Egc0Hmo8ZahhvJwDQfestS6SENIr8ZquNusmn9dE8+oa+umYOYNW
jAxiXz9dXl+MabP0LlQO3+Gn/Ukksvh+E6J9JmRdcchN/9A6lKZAxYWlVD9eHe1i
sI1SiRJpsSB//P2TzSVTNbUdYRP9fHnOk01TdYLLLbQR8CHBjhSGfUc30FkdjQO3
1DV1sIbcDYO4iPWw94gZ4noOPc2kJjy1zvbylaqBssmcJ1pgTORDa4Tt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:30:17 2024 by rpki-client on console-ams.rpki-client.org