Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9Nev2LpxTJc1xtj_o856Cu8Gp0.cer
File:                     a9Nev2LpxTJc1xtj_o856Cu8Gp0.cer (raw, json)
Hash identifier:          caoZ1YltFuCtfFG4Rx/PO8GxWzDO2sKrSDl2P2rALA0=
Subject key identifier:   6B:D3:5E:BF:62:E9:C5:32:5C:D7:1B:63:FE:8F:39:E8:2B:BC:1A:9D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       AA7D7B122C
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/a0/3bf02a-2b66-45f5-9e3e-c5e56a72ee18/1/a9Nev2LpxTJc1xtj_o856Cu8Gp0.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/a0/3bf02a-2b66-45f5-9e3e-c5e56a72ee18/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sat 01 Jan 2022 15:56:10 +0000
Certificate not after:    Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources:    IP: 5.133.124.0/22
                          IP: 2a09:8200::/29
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 732249657900 (0xaa7d7b122c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 15:56:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6bd35ebf62e9c5325cd71b63fe8f39e82bbc1a9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:08:69:61:70:2f:31:fa:2d:d9:af:3d:72:0d:
                    02:7b:38:32:7a:64:44:ee:48:2d:bc:39:c9:69:56:
                    ee:bb:fd:46:1d:f3:14:2b:69:dd:d0:5a:eb:9f:65:
                    ee:1a:1f:91:bb:00:64:5f:3c:5f:4f:a9:f0:55:6e:
                    53:15:76:a2:f7:a9:c0:c8:83:d6:b2:ef:c6:79:21:
                    1e:fc:5e:97:eb:0c:78:59:b5:6e:b4:e7:f4:3d:8c:
                    a4:d9:fe:d1:39:2b:70:f6:ec:b3:43:1f:ff:60:28:
                    bc:fb:3a:5d:84:5b:05:52:a1:6d:fc:55:b3:1f:27:
                    9f:5a:f6:d5:28:5c:bf:9a:a0:04:dd:3f:99:d1:dc:
                    2a:36:3a:ce:94:2e:1e:6c:ff:46:eb:78:d3:80:6d:
                    64:fd:e1:bd:99:d1:1f:e3:4a:b1:84:a1:63:c7:a2:
                    6f:ca:4e:c5:60:1c:69:63:ae:bb:3a:a3:f2:b9:48:
                    60:65:73:e4:00:81:54:74:4f:f0:f1:29:15:cb:3a:
                    fd:0b:67:08:ed:57:30:6f:b7:55:69:4b:15:77:ae:
                    cc:77:eb:20:4b:29:69:02:18:6b:0e:91:98:15:c0:
                    0b:73:0f:b4:b6:f3:e6:7c:e6:79:f1:60:61:4e:b3:
                    62:d5:54:61:24:88:b9:0f:4f:f1:18:05:53:77:03:
                    68:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:D3:5E:BF:62:E9:C5:32:5C:D7:1B:63:FE:8F:39:E8:2B:BC:1A:9D
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/3bf02a-2b66-45f5-9e3e-c5e56a72ee18/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/3bf02a-2b66-45f5-9e3e-c5e56a72ee18/1/a9Nev2LpxTJc1xtj_o856Cu8Gp0.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.133.124.0/22
                IPv6:
                  2a09:8200::/29

    Signature Algorithm: sha256WithRSAEncryption
         3a:6d:ec:4f:93:dc:b0:cc:3c:41:e6:dd:02:08:c9:f0:e5:b4:
         3d:6b:9e:2a:b1:aa:2e:0f:2b:dc:6d:50:40:65:52:fc:96:29:
         c0:40:9f:30:3c:1f:35:40:20:0c:89:ac:c0:d5:d0:71:13:f9:
         09:b1:9b:25:1d:cb:3f:9e:ad:e7:32:6d:67:16:0e:81:03:2e:
         d3:09:0d:8e:b7:2e:0f:78:78:34:5d:40:b8:86:43:07:cd:e1:
         21:be:00:5a:ef:07:d3:f4:8e:92:70:be:61:b2:c3:e1:5c:47:
         8a:03:e8:08:d1:bf:74:86:56:40:d5:91:80:c8:73:09:a7:2a:
         89:2b:af:4a:6a:b3:89:48:da:70:20:1c:48:65:a2:03:45:84:
         ac:8b:46:70:84:2a:c5:78:25:1e:84:4f:15:41:0d:c1:85:55:
         39:ac:8d:42:f6:4d:6f:36:2a:9d:f0:50:b0:50:cf:90:86:e7:
         49:95:e9:35:b9:ab:cb:a4:36:70:4c:c2:01:80:03:b3:f0:d7:
         b8:0c:76:78:73:12:77:db:ea:4c:e0:87:85:5e:72:9a:3a:b7:
         27:55:e8:35:6b:87:ef:3e:30:a8:4b:e0:2e:0f:a8:ee:7e:2f:
         18:34:9f:52:34:7c:fd:61:e4:fe:e0:67:c0:f9:7c:3c:28:52:
         0e:80:78:73
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIGAKp9exIsMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTU1NjEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2YmQzNWViZjYy
ZTljNTMyNWNkNzFiNjNmZThmMzllODJiYmMxYTlkMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAuQhpYXAvMfot2a89cg0CezgyemRE7kgtvDnJaVbuu/1G
HfMUK2nd0Frrn2XuGh+RuwBkXzxfT6nwVW5TFXai96nAyIPWsu/GeSEe/F6X6wx4
WbVutOf0PYyk2f7ROStw9uyzQx//YCi8+zpdhFsFUqFt/FWzHyefWvbVKFy/mqAE
3T+Z0dwqNjrOlC4ebP9G63jTgG1k/eG9mdEf40qxhKFjx6Jvyk7FYBxpY667OqPy
uUhgZXPkAIFUdE/w8SkVyzr9C2cI7Vcwb7dVaUsVd67Md+sgSylpAhhrDpGYFcAL
cw+0tvPmfOZ58WBhTrNi1VRhJIi5D0/xGAVTdwNo6wIDAQABo4ICkzCCAo8wHQYD
VR0OBBYEFGvTXr9i6cUyXNcbY/6POegrvBqdMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2EwLzNiZjAyYS0yYjY2LTQ1ZjUt
OWUzZS1jNWU1NmE3MmVlMTgvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAvM2JmMDJhLTJiNjYtNDVmNS05
ZTNlLWM1ZTU2YTcyZWUxOC8xL2E5TmV2MkxweFRKYzF4dGpfbzg1NkN1OEdwMC5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCBYV8MA0EAgACMAcDBQMqCYIAMA0GCSqGSIb3DQEBCwUAA4IBAQA6
bexPk9ywzDxB5t0CCMnw5bQ9a54qsaouDyvcbVBAZVL8linAQJ8wPB81QCAMiazA
1dBxE/kJsZslHcs/nq3nMm1nFg6BAy7TCQ2Oty4PeHg0XUC4hkMHzeEhvgBa7wfT
9I6ScL5hssPhXEeKA+gI0b90hlZA1ZGAyHMJpyqJK69KarOJSNpwIBxIZaIDRYSs
i0ZwhCrFeCUehE8VQQ3BhVU5rI1C9k1vNiqd8FCwUM+QhudJlek1uavLpDZwTMIB
gAOz8Ne4DHZ4cxJ32+pM4IeFXnKaOrcnVeg1a4fvPjCoS+AuD6jufi8YNJ9SNHz9
YeT+4GfA+Xw8KFIOgHhz
-----END CERTIFICATE-----
Generated at Tue Jun 10 20:16:48 2025 by rpki-client