Certificate

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/CEE50F8654426B5A60EE8C52A9AE958F8D77B848.cer
File:                     CEE50F8654426B5A60EE8C52A9AE958F8D77B848.cer (raw, json)
Hash identifier:          7vLkyUAQbxiLLTtLPTkxdYYdz3Z3gV7jT0yw/qUtZ6Q=
Subject key identifier:   CE:E5:0F:86:54:42:6B:5A:60:EE:8C:52:A9:AE:95:8F:8D:77:B8:48
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Certificate issuer:       /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial:       676D8FD951FA0F05B32B96433B14212DCD8DA529
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/bc90f4f6-f2c4-4882-91cf-9b8f0b38d7da/1/CEE50F8654426B5A60EE8C52A9AE958F8D77B848.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/bc90f4f6-f2c4-4882-91cf-9b8f0b38d7da/1/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Fri 22 Sep 2023 16:55:17 +0000
Certificate not after:    Fri 20 Sep 2024 17:00:17 +0000
Subordinate resources:    IP: 2a07:54c1:3800::/40

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:6d:8f:d9:51:fa:0f:05:b3:2b:96:43:3b:14:21:2d:cd:8d:a5:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
        Validity
            Not Before: Sep 22 16:55:17 2023 GMT
            Not After : Sep 20 17:00:17 2024 GMT
        Subject: CN=CEE50F8654426B5A60EE8C52A9AE958F8D77B848
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:cc:5b:e1:25:7a:8f:ce:a2:02:e1:d1:af:f8:
                    6b:23:63:22:e2:03:22:0c:3b:e2:94:d3:66:d6:ce:
                    32:c9:99:08:84:5b:0c:0e:4d:f9:c1:ad:a9:32:1b:
                    20:ae:66:9b:63:82:e5:dc:9f:df:f4:a0:bd:61:12:
                    9f:48:45:e3:6b:75:d5:37:dc:9e:15:2b:b6:2c:2f:
                    75:5e:36:a9:41:4a:a6:c0:49:9d:f0:07:3a:25:f7:
                    a8:27:1f:61:8e:31:94:ea:56:d8:95:95:f5:d8:49:
                    4e:27:e4:bd:d5:23:5b:33:cf:66:08:00:88:33:84:
                    f3:6e:57:3b:f8:c5:94:e7:e4:fb:4b:6a:c0:c3:ad:
                    55:11:a9:3a:71:1d:e6:2e:e9:2c:11:4a:48:e0:f4:
                    58:b4:f1:71:46:51:2c:68:41:52:dc:c1:28:74:1d:
                    dd:8b:69:ba:93:aa:ad:e8:90:b8:62:90:c9:db:0c:
                    81:32:9b:54:bc:58:25:9a:07:72:d4:14:10:bd:0e:
                    15:3b:fb:30:4a:ca:bc:15:19:1a:bf:3b:f6:f9:75:
                    1f:80:48:77:f2:29:96:25:96:f5:23:e9:43:f2:5e:
                    66:37:10:e1:ea:27:07:e0:93:a3:81:7b:a8:c9:38:
                    77:a7:ae:23:b9:85:36:48:8c:b4:15:9d:04:b3:53:
                    d8:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                CE:E5:0F:86:54:42:6B:5A:60:EE:8C:52:A9:AE:95:8F:8D:77:B8:48
            X509v3 Authority Key Identifier:
                keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/bc90f4f6-f2c4-4882-91cf-9b8f0b38d7da/1/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/bc90f4f6-f2c4-4882-91cf-9b8f0b38d7da/1/CEE50F8654426B5A60EE8C52A9AE958F8D77B848.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:54c1:3800::/40

    Signature Algorithm: sha256WithRSAEncryption
         32:9e:59:68:85:dc:d4:1f:17:6d:6b:7f:1e:01:80:43:da:f1:
         da:eb:ac:bd:e0:f2:3e:95:41:e0:4d:6b:3e:19:ce:d3:a9:73:
         c9:ca:c7:c0:71:f3:f4:5b:8e:cd:a9:20:69:5e:d8:35:4f:25:
         41:2b:04:56:04:29:34:09:bc:32:48:c2:b5:93:46:d6:e1:18:
         6b:2a:3b:f5:18:e6:b9:71:f0:1a:8e:a7:df:4b:47:95:ba:b8:
         91:24:53:79:71:12:34:ee:cb:eb:59:4a:51:85:9d:39:f8:12:
         f4:92:8d:3d:92:ff:a8:94:d5:1d:a9:70:9f:15:5a:12:bc:69:
         69:03:6f:6b:c2:c7:84:f9:d0:70:54:03:0b:10:82:e0:4e:75:
         e2:ef:7a:be:21:8e:ad:b2:99:e1:f3:83:9c:f6:d4:0c:ac:95:
         02:8c:66:93:ae:75:3e:3f:64:90:e1:03:fd:5f:e6:de:fc:00:
         5c:69:7c:f6:79:c1:6d:02:0b:58:c7:79:0f:c3:64:f6:71:07:
         a0:f4:f1:d9:d8:24:eb:f2:df:d8:3e:61:3e:5c:f2:c1:45:86:
         3e:ed:99:98:cd:db:ae:30:60:1c:05:ec:d6:28:3d:66:67:d8:
         26:94:69:02:b2:cf:f4:ae:b4:4b:31:bb:f0:ff:63:3c:7c:fd:
         95:d5:ba:dd
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgIUZ22P2VH6DwWzK5ZDOxQhLc2NpSkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yMzA5MjIxNjU1MTdaFw0yNDA5MjAxNzAwMTdaMDMxMTAvBgNV
BAMTKENFRTUwRjg2NTQ0MjZCNUE2MEVFOEM1MkE5QUU5NThGOEQ3N0I4NDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjzFvhJXqPzqIC4dGv+GsjYyLi
AyIMO+KU02bWzjLJmQiEWwwOTfnBrakyGyCuZptjguXcn9/0oL1hEp9IReNrddU3
3J4VK7YsL3VeNqlBSqbASZ3wBzol96gnH2GOMZTqVtiVlfXYSU4n5L3VI1szz2YI
AIgzhPNuVzv4xZTn5PtLasDDrVURqTpxHeYu6SwRSkjg9Fi08XFGUSxoQVLcwSh0
Hd2LabqTqq3okLhikMnbDIEym1S8WCWaB3LUFBC9DhU7+zBKyrwVGRq/O/b5dR+A
SHfyKZYllvUj6UPyXmY3EOHqJwfgk6OBe6jJOHenriO5hTZIjLQVnQSzU9hLAgMB
AAGjggMTMIIDDzAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTO5Q+GVEJrWmDu
jFKprpWPjXe4SDAfBgNVHSMEGDAWgBRB9lfPNWTyM7l39ArKXkvRDh4vjjAOBgNV
HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hYTAwNGJhMS00MTliLTRk
YjUtYmJkMy01Y2NhNjMzY2FlM2YvMC80MUY2NTdDRjM1NjRGMjMzQjk3N0Y0MEFD
QTVFNEJEMTBFMUUyRjhFLmNybDCBkwYIKwYBBQUHAQEEgYYwgYMwgYAGCCsGAQUF
BzAChnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhh
ZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi80MUY2NTdDRjM1NjRGMjMzQjk3
N0Y0MEFDQTVFNEJEMTBFMUUyRjhFLmNlcjCCAT8GCCsGAQUFBwELBIIBMTCCAS0w
XwYIKwYBBQUHMAWGU3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvYmM5MGY0ZjYtZjJjNC00ODgyLTkxY2YtOWI4ZjBiMzhkN2RhLzEv
MIGLBggrBgEFBQcwCoZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9iYzkwZjRmNi1mMmM0LTQ4ODItOTFjZi05YjhmMGIzOGQ3ZGEv
MS9DRUU1MEY4NjU0NDI2QjVBNjBFRThDNTJBOUFFOTU4RjhENzdCODQ4Lm1mdDA8
BggrBgEFBQcwDYYwaHR0cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3Rp
ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUH
AQcBAf8EEjAQMA4EAgACMAgDBgAqB1TBODANBgkqhkiG9w0BAQsFAAOCAQEAMp5Z
aIXc1B8XbWt/HgGAQ9rx2uusveDyPpVB4E1rPhnO06lzycrHwHHz9FuOzakgaV7Y
NU8lQSsEVgQpNAm8MkjCtZNG1uEYayo79RjmuXHwGo6n30tHlbq4kSRTeXESNO7L
61lKUYWdOfgS9JKNPZL/qJTVHalwnxVaErxpaQNva8LHhPnQcFQDCxCC4E514u96
viGOrbKZ4fODnPbUDKyVAoxmk651Pj9kkOED/V/m3vwAXGl89nnBbQILWMd5D8Nk
9nEHoPTx2dgk6/Lf2D5hPlzywUWGPu2ZmM3brjBgHAXs1ig9ZmfYJpRpArLP9K60
SzG78P9jPHz9ldW63Q==
-----END CERTIFICATE-----
Generated at Sun Nov 24 10:00:15 2024 by rpki-client on console-ams.rpki-client.org