Certificate 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YwbMAWFHXYT3pXfiyiPIwkTwC3w.cer
File:                     YwbMAWFHXYT3pXfiyiPIwkTwC3w.cer (raw, json)
Hash identifier:          W4a0a4djOYVHorLSYc0Cx/NTHGo8hKj2Zong3CeNImM=
Subject key identifier:   63:06:CC:01:61:47:5D:84:F7:A5:77:E2:CA:23:C8:C2:44:F0:0B:7C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       9DB2AC24AD
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/ca/d5b93c-6022-48d3-a72f-461e894872e8/1/YwbMAWFHXYT3pXfiyiPIwkTwC3w.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/ca/d5b93c-6022-48d3-a72f-461e894872e8/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sat 01 Jan 2022 04:53:21 +0000
Certificate not after:    Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources:    AS: 199971
                          IP: 185.133.184.0/22
                          IP: 2001:67c:18e0::/48
                          IP: 2a0d:b80::/32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 677307491501 (0x9db2ac24ad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 04:53:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6306cc0161475d84f7a577e2ca23c8c244f00b7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:b2:36:28:18:64:f6:5f:f5:93:c2:c1:b3:18:
                    9f:95:c1:3c:96:ec:1f:36:df:48:7a:b1:20:7d:be:
                    56:18:03:16:cf:ad:13:1b:a2:64:9b:b1:c2:52:12:
                    92:df:d3:0e:20:b2:e7:31:89:74:7b:13:a1:e9:9d:
                    c9:11:e0:56:c9:51:3a:34:60:e2:74:77:87:af:67:
                    c9:45:ea:3c:a6:05:ab:86:fa:7f:0f:c7:e4:24:7c:
                    2b:e5:17:74:11:72:4a:a8:97:55:1b:5a:37:d9:59:
                    c4:9e:ea:67:93:55:55:8f:30:bd:86:7d:24:b6:20:
                    f7:ba:2f:f1:2a:16:23:a6:80:df:73:dd:23:68:14:
                    50:37:c2:11:61:08:b3:42:47:91:5f:28:75:3f:37:
                    eb:c3:67:36:7a:27:2e:bc:cb:2b:94:53:59:70:7d:
                    55:7f:f7:6b:f7:4e:7c:c9:0b:6b:c0:9c:8d:27:db:
                    89:65:25:68:73:e2:87:14:f3:17:03:fe:66:e6:79:
                    42:05:bd:33:a5:4f:a7:8e:01:6d:1c:83:16:69:38:
                    37:d0:a4:d0:1a:93:0c:9d:90:f6:d8:6e:83:20:bc:
                    54:e1:e7:e2:03:2e:6c:20:ff:bf:2e:a0:04:4f:b8:
                    d4:e3:95:91:d2:0c:bd:64:1f:18:a7:2d:ee:82:7d:
                    28:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:06:CC:01:61:47:5D:84:F7:A5:77:E2:CA:23:C8:C2:44:F0:0B:7C
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d5b93c-6022-48d3-a72f-461e894872e8/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d5b93c-6022-48d3-a72f-461e894872e8/1/YwbMAWFHXYT3pXfiyiPIwkTwC3w.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.133.184.0/22
                IPv6:
                  2001:67c:18e0::/48
                  2a0d:b80::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  199971

    Signature Algorithm: sha256WithRSAEncryption
         90:ba:e3:a4:91:d9:da:bb:a9:58:43:2f:fe:f8:75:46:d2:3b:
         a6:7a:d7:0b:2b:14:c2:54:13:80:46:35:3f:2b:06:86:2c:58:
         3c:58:e4:a1:4f:83:65:02:b0:9d:e0:52:c1:13:bd:82:c9:14:
         7d:73:48:34:bc:db:c4:41:bd:d5:42:84:bd:01:82:67:63:1b:
         cb:d5:bb:8c:f6:9d:80:25:3e:c0:9b:ac:67:31:f5:d5:1d:ed:
         55:7a:07:bc:1d:65:f5:7a:47:f3:7e:07:ce:fb:81:9d:f8:34:
         0c:13:e0:77:06:67:9e:07:d2:ea:e5:d9:e6:61:8b:c0:eb:bd:
         02:40:17:a6:f0:60:2e:42:2b:25:60:d7:4b:f2:11:52:07:2c:
         c4:87:64:83:ad:e7:6d:0b:91:f7:24:08:6d:7c:5f:c2:28:ff:
         25:58:75:07:8d:e4:e6:0d:cf:8c:93:ff:87:85:1d:91:df:19:
         0a:88:4e:26:ea:9a:87:d4:a7:02:b5:09:75:51:03:a3:e2:de:
         ab:54:9c:42:c9:d1:48:e1:48:fa:d5:79:a3:ff:73:7c:df:f2:
         df:f1:2f:37:62:af:8b:20:83:76:d9:3c:82:fa:49:6c:bf:84:
         18:c4:22:69:c8:50:70:48:09:95:d2:b5:26:72:ba:74:e8:0b:
         91:1a:de:7e
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgIGAJ2yrCStMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDQ1MzIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2MzA2Y2MwMTYx
NDc1ZDg0ZjdhNTc3ZTJjYTIzYzhjMjQ0ZjAwYjdjMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAt7I2KBhk9l/1k8LBsxiflcE8luwfNt9IerEgfb5WGAMW
z60TG6Jkm7HCUhKS39MOILLnMYl0exOh6Z3JEeBWyVE6NGDidHeHr2fJReo8pgWr
hvp/D8fkJHwr5Rd0EXJKqJdVG1o32VnEnupnk1VVjzC9hn0ktiD3ui/xKhYjpoDf
c90jaBRQN8IRYQizQkeRXyh1Pzfrw2c2eicuvMsrlFNZcH1Vf/dr9058yQtrwJyN
J9uJZSVoc+KHFPMXA/5m5nlCBb0zpU+njgFtHIMWaTg30KTQGpMMnZD22G6DILxU
4efiAy5sIP+/LqAET7jU45WR0gy9ZB8Ypy3ugn0o5wIDAQABo4ICuDCCArQwHQYD
VR0OBBYEFGMGzAFhR12E96V34sojyMJE8At8MB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NhL2Q1YjkzYy02MDIyLTQ4ZDMt
YTcyZi00NjFlODk0ODcyZTgvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2EvZDViOTNjLTYwMjItNDhkMy1h
NzJmLTQ2MWU4OTQ4NzJlOC8xL1l3Yk1BV0ZIWFlUM3BYZml5aVBJd2tUd0Mzdy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAM
BAIAATAGAwQCuYW4MBYEAgACMBADBwAgAQZ8GOADBQAqDQuAMBoGCCsGAQUFBwEI
AQH/BAswCaAHMAUCAwMNIzANBgkqhkiG9w0BAQsFAAOCAQEAkLrjpJHZ2rupWEMv
/vh1RtI7pnrXCysUwlQTgEY1PysGhixYPFjkoU+DZQKwneBSwRO9gskUfXNINLzb
xEG91UKEvQGCZ2Mby9W7jPadgCU+wJusZzH11R3tVXoHvB1l9XpH834HzvuBnfg0
DBPgdwZnngfS6uXZ5mGLwOu9AkAXpvBgLkIrJWDXS/IRUgcsxIdkg63nbQuR9yQI
bXxfwij/JVh1B43k5g3PjJP/h4Udkd8ZCohOJuqah9SnArUJdVEDo+Leq1ScQsnR
SOFI+tV5o/9zfN/y3/EvN2KviyCDdtk8gvpJbL+EGMQiachQcEgJldK1JnK6dOgL
kRrefg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:17 2024 by rpki-client on console-fra.rpki-client.org