Certificate 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/qIEARksYJsPERakchOLyMOY92y0.cer
File:                     qIEARksYJsPERakchOLyMOY92y0.cer (raw, json)
Hash identifier:          5GcOyRiXRLR/PBIthy4Mpz5cLNtJg4jVAIdOADKrtSg=
Subject key identifier:   A8:81:00:46:4B:18:26:C3:C4:45:A9:1C:84:E2:F2:30:E6:3D:DB:2D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       A8A10CCA2C
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/42/920566-e957-47e5-99f9-59a0f63c6682/1/qIEARksYJsPERakchOLyMOY92y0.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/42/920566-e957-47e5-99f9-59a0f63c6682/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sat 01 Jan 2022 14:01:39 +0000
Certificate not after:    Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources:    AS: 201580
                          IP: 91.198.117.0/24
                          IP: 185.109.132.0/22
                          IP: 2001:67c:6a8::/48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 724256475692 (0xa8a10cca2c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 14:01:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a88100464b1826c3c445a91c84e2f230e63ddb2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:02:9c:70:a0:bc:46:f9:c5:18:5e:08:b9:5a:
                    26:1f:98:46:96:1e:eb:0d:5e:15:b5:cd:80:49:73:
                    7c:54:e5:e5:c3:fe:98:ba:bd:96:83:f3:53:5c:66:
                    c6:84:c5:72:4b:ef:ed:bb:a1:07:b2:d9:df:7d:b5:
                    58:6f:96:40:30:0d:63:32:ef:2a:52:88:69:d5:57:
                    17:96:52:d4:52:20:e7:5b:36:c6:99:12:e3:8f:bb:
                    28:35:27:b6:25:d7:25:78:54:5f:07:f0:34:17:2f:
                    31:8b:a1:f0:78:ac:a1:aa:d1:7a:a9:1c:4b:d6:15:
                    a4:98:cd:25:56:4b:89:5d:31:06:03:f9:47:d8:0b:
                    20:94:f5:89:85:f7:83:ce:3e:27:54:a9:01:ea:e2:
                    02:97:14:ad:31:fd:68:1f:b4:22:d7:4f:9e:e0:a9:
                    a0:d7:6d:61:b3:38:a0:da:a7:61:c8:cb:14:8d:4e:
                    d1:6d:a3:d0:3a:ec:65:73:8e:da:1e:de:ed:98:51:
                    58:bf:f2:1e:65:e3:40:df:6f:20:e0:5a:a5:61:20:
                    72:d1:99:ce:b3:dd:92:f0:44:4e:61:3b:f3:94:92:
                    29:e3:80:e6:a4:06:52:36:ae:74:04:37:30:61:aa:
                    23:33:22:ef:d4:c2:94:99:c3:8b:02:4c:68:a5:cb:
                    77:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:81:00:46:4B:18:26:C3:C4:45:A9:1C:84:E2:F2:30:E6:3D:DB:2D
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/920566-e957-47e5-99f9-59a0f63c6682/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/920566-e957-47e5-99f9-59a0f63c6682/1/qIEARksYJsPERakchOLyMOY92y0.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.198.117.0/24
                  185.109.132.0/22
                IPv6:
                  2001:67c:6a8::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  201580

    Signature Algorithm: sha256WithRSAEncryption
         9d:fa:f8:f5:11:42:7c:d0:45:54:24:86:ef:58:ae:a8:78:34:
         76:08:dc:08:dc:d2:52:b3:41:1a:68:5c:21:2c:cf:44:e0:9f:
         5b:79:c7:fb:5a:27:37:7a:69:71:63:1c:77:e0:7b:f5:ee:fd:
         ed:23:62:ac:81:6c:68:30:0b:ec:a4:d6:e0:9a:89:ba:54:6a:
         73:32:d9:e2:5f:02:c5:a4:0c:cf:9f:df:0f:1c:1d:dd:a3:78:
         a1:a6:c7:f9:09:61:09:59:63:7f:34:67:a8:2a:73:4b:24:6e:
         d4:cf:65:1e:d9:41:8f:d4:21:6f:28:8a:3f:dc:a1:ee:0f:fd:
         18:ef:15:1d:38:fe:03:20:ad:c4:95:c2:3d:d8:00:ea:99:1f:
         92:c2:1f:d1:2b:48:af:7c:7f:3e:42:a5:9b:f8:de:d9:0c:f8:
         94:75:bf:6e:0b:7d:47:ad:66:e3:ae:36:a7:69:7a:03:59:8a:
         7f:31:01:81:bb:0d:45:cf:66:7a:cc:53:21:59:15:0a:4f:6a:
         0c:5b:3e:7b:7c:b9:ca:f2:6f:58:a0:4d:0b:55:4d:63:97:41:
         8f:af:17:41:28:16:8d:ed:cb:dd:4c:29:9f:46:04:be:6c:16:
         6c:35:09:64:c1:d8:e0:1a:d0:63:07:a2:af:74:1f:a0:e5:a0:
         4d:8b:07:8d
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIGAKihDMosMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTQwMTM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhODgxMDA0NjRi
MTgyNmMzYzQ0NWE5MWM4NGUyZjIzMGU2M2RkYjJkMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA1gKccKC8RvnFGF4IuVomH5hGlh7rDV4Vtc2ASXN8VOXl
w/6Yur2Wg/NTXGbGhMVyS+/tu6EHstnffbVYb5ZAMA1jMu8qUohp1VcXllLUUiDn
WzbGmRLjj7soNSe2JdcleFRfB/A0Fy8xi6HweKyhqtF6qRxL1hWkmM0lVkuJXTEG
A/lH2AsglPWJhfeDzj4nVKkB6uIClxStMf1oH7Qi10+e4Kmg121hszig2qdhyMsU
jU7RbaPQOuxlc47aHt7tmFFYv/IeZeNA328g4FqlYSBy0ZnOs92S8EROYTvzlJIp
44DmpAZSNq50BDcwYaojMyLv1MKUmcOLAkxopct3pwIDAQABo4ICtzCCArMwHQYD
VR0OBBYEFKiBAEZLGCbDxEWpHITi8jDmPdstMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQyLzkyMDU2Ni1lOTU3LTQ3ZTUt
OTlmOS01OWEwZjYzYzY2ODIvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDIvOTIwNTY2LWU5NTctNDdlNS05
OWY5LTU5YTBmNjNjNjY4Mi8xL3FJRUFSa3NZSnNQRVJha2NoT0x5TU9ZOTJ5MC5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAS
BAIAATAMAwQAW8Z1AwQCuW2EMA8EAgACMAkDBwAgAQZ8BqgwGgYIKwYBBQUHAQgB
Af8ECzAJoAcwBQIDAxNsMA0GCSqGSIb3DQEBCwUAA4IBAQCd+vj1EUJ80EVUJIbv
WK6oeDR2CNwI3NJSs0EaaFwhLM9E4J9becf7Wic3emlxYxx34Hv17v3tI2KsgWxo
MAvspNbgmom6VGpzMtniXwLFpAzPn98PHB3do3ihpsf5CWEJWWN/NGeoKnNLJG7U
z2Ue2UGP1CFvKIo/3KHuD/0Y7xUdOP4DIK3ElcI92ADqmR+Swh/RK0ivfH8+QqWb
+N7ZDPiUdb9uC31HrWbjrjanaXoDWYp/MQGBuw1Fz2Z6zFMhWRUKT2oMWz57fLnK
8m9YoE0LVU1jl0GPrxdBKBaN7cvdTCmfRgS+bBZsNQlkwdjgGtBjB6KvdB+g5aBN
iweN
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:02:53 2024 by rpki-client on console-fra.rpki-client.org