Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/i0YIYoFYItlV56dxXzkhWkGMepA.cer
File:                     i0YIYoFYItlV56dxXzkhWkGMepA.cer (raw, json)
Hash identifier:          D52b5+mySlYhdfxxSCECz4VBgAcbX7Lv3sG1HILXHtw=
Subject key identifier:   8B:46:08:62:81:58:22:D9:55:E7:A7:71:5F:39:21:5A:41:8C:7A:90
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       A7DD0E6DF6
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/95/e90937-9905-4152-bf4d-2f49c6577b70/1/i0YIYoFYItlV56dxXzkhWkGMepA.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/95/e90937-9905-4152-bf4d-2f49c6577b70/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sat 01 Jan 2022 13:06:07 +0000
Certificate not after:    Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources:    AS: 204480
                          IP: 185.239.64.0/22
                          IP: 2a0c:4c80::/29
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 720968248822 (0xa7dd0e6df6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 13:06:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8b460862815822d955e7a7715f39215a418c7a90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:01:54:d7:c2:65:46:36:d6:d1:e9:0b:86:85:
                    ba:49:47:ca:39:3d:b3:0a:07:bc:1c:ba:52:0d:66:
                    0f:ee:78:26:d6:66:65:43:56:74:12:04:6c:13:b8:
                    d9:91:bb:20:9e:d7:43:05:df:bd:7b:22:23:bb:d1:
                    e5:ab:45:3c:26:d4:8b:e2:ec:f1:57:af:90:ef:a9:
                    a3:94:45:fd:77:f8:8b:67:26:14:17:17:2d:16:e7:
                    34:a0:a8:8e:15:47:6c:00:bd:80:57:b0:ab:18:2b:
                    9c:d0:91:37:d0:55:61:72:78:02:0b:6d:0b:7d:85:
                    fb:f8:25:a9:a4:f1:d5:17:1c:d8:f8:03:a6:e0:23:
                    fe:39:5c:44:17:52:a6:10:f4:e6:62:40:f6:5b:c1:
                    09:12:c2:ed:6f:ab:14:61:e8:e6:9f:3c:0a:32:28:
                    cc:5a:28:e0:f4:98:ba:80:36:32:b7:2c:80:12:f9:
                    b4:8b:6f:f4:35:af:42:df:db:c2:b4:d3:ac:0b:d3:
                    63:b5:83:15:00:c3:9b:db:da:9d:d2:3d:67:c0:c4:
                    12:53:d5:2c:15:1e:2c:24:5b:51:de:8c:51:bf:13:
                    7c:52:56:04:5f:cf:5b:f5:17:e8:52:a3:b9:34:f2:
                    c2:17:3f:b4:b5:34:af:8a:6b:22:bf:a4:df:06:2e:
                    8d:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:46:08:62:81:58:22:D9:55:E7:A7:71:5F:39:21:5A:41:8C:7A:90
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/e90937-9905-4152-bf4d-2f49c6577b70/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/e90937-9905-4152-bf4d-2f49c6577b70/1/i0YIYoFYItlV56dxXzkhWkGMepA.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.239.64.0/22
                IPv6:
                  2a0c:4c80::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  204480

    Signature Algorithm: sha256WithRSAEncryption
         58:d8:63:ce:56:26:bf:0a:88:49:f7:f4:41:b3:1e:f5:4e:04:
         57:50:2d:14:da:8e:b8:48:9e:27:ab:41:99:a6:65:a7:b9:22:
         77:37:b5:c8:2b:22:af:d1:14:70:ba:1f:f7:f4:22:eb:f9:ca:
         c7:1b:e2:e5:ec:de:e7:ed:e4:c8:9c:45:0c:3b:55:45:52:ea:
         28:26:fe:52:e5:9b:f6:5c:72:e8:cf:bc:8d:24:e5:70:d4:36:
         d7:35:28:04:b8:2e:14:91:85:8d:1c:3b:7a:a9:3c:c1:5d:f1:
         84:61:16:83:67:af:2b:3a:6c:01:53:3a:27:76:6c:3b:07:c5:
         f2:9c:50:b4:61:63:23:9c:b3:b7:b8:a4:54:bc:b4:60:8a:a5:
         3d:8a:18:1a:41:1a:de:87:eb:f5:6d:d4:c2:37:18:b1:95:9a:
         47:dd:09:48:50:2f:84:1c:7c:33:7b:8d:3e:a9:06:84:97:fe:
         8c:ab:30:2e:fd:42:e3:10:f9:9c:76:ac:5b:6a:3b:65:bb:41:
         44:17:09:f8:76:ba:bd:70:a8:36:57:10:9a:2c:f3:12:b9:78:
         96:a1:cf:65:ee:d5:c7:48:46:e8:61:16:85:29:e2:30:32:1e:
         a8:84:f6:23:68:05:dc:7b:1b:6f:d2:0f:bc:4a:af:a9:6b:9a:
         b7:70:3d:7b
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIGAKfdDm32MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTMwNjA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4YjQ2MDg2Mjgx
NTgyMmQ5NTVlN2E3NzE1ZjM5MjE1YTQxOGM3YTkwMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA9wFU18JlRjbW0ekLhoW6SUfKOT2zCge8HLpSDWYP7ngm
1mZlQ1Z0EgRsE7jZkbsgntdDBd+9eyIju9Hlq0U8JtSL4uzxV6+Q76mjlEX9d/iL
ZyYUFxctFuc0oKiOFUdsAL2AV7CrGCuc0JE30FVhcngCC20LfYX7+CWppPHVFxzY
+AOm4CP+OVxEF1KmEPTmYkD2W8EJEsLtb6sUYejmnzwKMijMWijg9Ji6gDYytyyA
Evm0i2/0Na9C39vCtNOsC9NjtYMVAMOb29qd0j1nwMQSU9UsFR4sJFtR3oxRvxN8
UlYEX89b9RfoUqO5NPLCFz+0tTSvimsiv6TfBi6NUQIDAQABo4ICrzCCAqswHQYD
VR0OBBYEFItGCGKBWCLZVeencV85IVpBjHqQMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk1L2U5MDkzNy05OTA1LTQxNTIt
YmY0ZC0yZjQ5YzY1NzdiNzAvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTUvZTkwOTM3LTk5MDUtNDE1Mi1i
ZjRkLTJmNDljNjU3N2I3MC8xL2kwWUlZb0ZZSXRsVjU2ZHhYemtoV2tHTWVwQS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCue9AMA0EAgACMAcDBQMqDEyAMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMewDANBgkqhkiG9w0BAQsFAAOCAQEAWNhjzlYmvwqISff0QbMe9U4EV1At
FNqOuEieJ6tBmaZlp7kidze1yCsir9EUcLof9/Qi6/nKxxvi5eze5+3kyJxFDDtV
RVLqKCb+UuWb9lxy6M+8jSTlcNQ21zUoBLguFJGFjRw7eqk8wV3xhGEWg2evKzps
AVM6J3ZsOwfF8pxQtGFjI5yzt7ikVLy0YIqlPYoYGkEa3ofr9W3UwjcYsZWaR90J
SFAvhBx8M3uNPqkGhJf+jKswLv1C4xD5nHasW2o7ZbtBRBcJ+Ha6vXCoNlcQmizz
Erl4lqHPZe7Vx0hG6GEWhSniMDIeqIT2I2gF3Hsbb9IPvEqvqWuat3A9ew==
-----END CERTIFICATE-----