Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/O57zsAQsY8FReDD4ZXV-twa4Igk.cer
File:                     O57zsAQsY8FReDD4ZXV-twa4Igk.cer (raw, json)
Hash identifier:          cWNKVybPQSk59Sea0UPH6C319FHdjcOSzYGP6A+1FYw=
Subject key identifier:   3B:9E:F3:B0:04:2C:63:C1:51:78:30:F8:65:75:7E:B7:06:B8:22:09
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       A67CC70AD4
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/8a/339f76-e2ac-45c4-b6b9-ae2a153d0b32/1/O57zsAQsY8FReDD4ZXV-twa4Igk.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/8a/339f76-e2ac-45c4-b6b9-ae2a153d0b32/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sat 01 Jan 2022 12:02:58 +0000
Certificate not after:    Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources:    AS: 50147
                          IP: 31.204.0.0/18
                          IP: 185.175.16.0/22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 715057990356 (0xa67cc70ad4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 12:02:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3b9ef3b0042c63c1517830f865757eb706b82209
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:1f:07:09:29:dc:fb:d2:88:78:77:6f:53:b2:
                    05:f3:d0:92:31:34:bd:e6:44:33:c6:4e:06:b7:b5:
                    bd:4c:df:0e:3a:83:81:89:9a:79:0d:aa:a2:35:64:
                    04:70:69:48:0e:be:74:8e:75:ef:71:58:60:23:ac:
                    74:f1:8f:09:0e:c9:1c:68:fe:a8:be:2f:de:1a:b6:
                    0e:a7:2d:92:d3:4f:27:75:13:eb:9a:f0:4d:5e:1d:
                    c1:d7:6e:9a:4c:f0:d9:c9:1e:83:4f:9b:0c:af:9c:
                    0f:02:11:c4:83:de:0a:bb:99:f4:94:1d:53:46:3a:
                    69:3b:e8:29:02:5b:f1:f9:b9:aa:40:c8:bf:5a:1b:
                    53:58:49:03:58:99:4e:77:c1:15:6b:a9:9b:85:6a:
                    00:2d:a9:b1:11:0b:8a:db:53:78:57:5d:0c:0c:15:
                    e2:32:34:1b:75:e7:99:96:d8:98:6d:0f:bb:c1:47:
                    f7:58:00:3a:14:68:f9:4e:2e:e4:77:63:43:69:e8:
                    2c:f4:75:13:f0:64:07:71:24:82:4d:27:59:ef:98:
                    1a:7c:3e:0d:16:0e:f8:3e:7c:5b:4a:d0:f7:44:10:
                    14:45:b9:20:f9:dd:cb:b3:75:c0:a4:17:9b:c9:6b:
                    3d:7b:40:e8:1c:17:78:22:c6:e8:fe:85:90:63:d1:
                    69:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:9E:F3:B0:04:2C:63:C1:51:78:30:F8:65:75:7E:B7:06:B8:22:09
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/339f76-e2ac-45c4-b6b9-ae2a153d0b32/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/339f76-e2ac-45c4-b6b9-ae2a153d0b32/1/O57zsAQsY8FReDD4ZXV-twa4Igk.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.204.0.0/18
                  185.175.16.0/22

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  50147

    Signature Algorithm: sha256WithRSAEncryption
         37:d2:f6:ee:44:b1:4c:eb:11:b7:d5:5c:39:2f:c9:68:a1:2d:
         4f:28:07:5d:49:63:30:6f:c9:17:7b:4d:8d:c3:d7:fb:4c:24:
         25:6e:2d:5f:5f:fb:77:e6:02:78:04:10:c8:43:61:a6:06:ce:
         de:a0:2c:6e:b0:3e:5e:10:6d:4d:4f:58:07:6a:bb:b9:64:dd:
         15:8f:f1:63:47:b8:e4:2b:c4:65:80:69:11:ea:d0:4e:57:57:
         76:cc:e8:11:31:3c:db:4a:db:a7:0c:e5:a9:24:f5:30:48:a5:
         88:40:91:87:49:6a:11:f7:4c:c1:73:7a:de:50:58:71:43:b9:
         b7:7f:50:c2:3b:2b:a1:66:59:ed:55:60:b2:65:f3:67:88:5e:
         3e:16:ef:ac:e9:9d:bd:71:25:80:4a:88:bd:64:5b:64:e2:97:
         96:6d:c1:04:6b:a4:9e:c2:47:80:3e:1e:5e:83:b7:af:8f:90:
         15:3e:15:64:45:87:41:6e:90:c1:1e:a8:c6:10:ae:76:1c:0e:
         0c:5b:c1:bc:a8:72:04:bf:ec:4a:7f:9f:9e:be:26:be:2d:9b:
         e4:e4:1a:4e:47:15:87:8e:c3:25:aa:21:b6:a1:e9:bb:9c:f4:
         99:8c:f4:84:b9:9f:62:25:7d:23:e3:c9:43:18:5b:47:ca:7f:
         4b:07:53:2f
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIGAKZ8xwrUMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTIwMjU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzYjllZjNiMDA0
MmM2M2MxNTE3ODMwZjg2NTc1N2ViNzA2YjgyMjA5MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAnx8HCSnc+9KIeHdvU7IF89CSMTS95kQzxk4Gt7W9TN8O
OoOBiZp5DaqiNWQEcGlIDr50jnXvcVhgI6x08Y8JDskcaP6ovi/eGrYOpy2S008n
dRPrmvBNXh3B126aTPDZyR6DT5sMr5wPAhHEg94Ku5n0lB1TRjppO+gpAlvx+bmq
QMi/WhtTWEkDWJlOd8EVa6mbhWoALamxEQuK21N4V10MDBXiMjQbdeeZltiYbQ+7
wUf3WAA6FGj5Ti7kd2NDaegs9HUT8GQHcSSCTSdZ75gafD4NFg74PnxbStD3RBAU
Rbkg+d3Ls3XApBebyWs9e0DoHBd4Isbo/oWQY9FpzQIDAQABo4ICpjCCAqIwHQYD
VR0OBBYEFDue87AELGPBUXgw+GV1frcGuCIJMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhhLzMzOWY3Ni1lMmFjLTQ1YzQt
YjZiOS1hZTJhMTUzZDBiMzIvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEvMzM5Zjc2LWUyYWMtNDVjNC1i
NmI5LWFlMmExNTNkMGIzMi8xL081N3pzQVFzWThGUmVERDRaWFYtdHdhNElnay5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDAS
BAIAATAMAwQGH8wAAwQCua8QMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwDD4zAN
BgkqhkiG9w0BAQsFAAOCAQEAN9L27kSxTOsRt9VcOS/JaKEtTygHXUljMG/JF3tN
jcPX+0wkJW4tX1/7d+YCeAQQyENhpgbO3qAsbrA+XhBtTU9YB2q7uWTdFY/xY0e4
5CvEZYBpEerQTldXdszoETE820rbpwzlqST1MEiliECRh0lqEfdMwXN63lBYcUO5
t39QwjsroWZZ7VVgsmXzZ4hePhbvrOmdvXElgEqIvWRbZOKXlm3BBGuknsJHgD4e
XoO3r4+QFT4VZEWHQW6QwR6oxhCudhwODFvBvKhyBL/sSn+fnr4mvi2b5OQaTkcV
h47DJaohtqHpu5z0mYz0hLmfYiV9I+PJQxhbR8p/SwdTLw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:31:29 2024 by rpki-client on console-ams.rpki-client.org