Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YkA5OZAX-gk9yNUDeZ9spAPwvQU.cer
File:                     YkA5OZAX-gk9yNUDeZ9spAPwvQU.cer (raw, json)
Hash identifier:          gg42ARkIO9J3Q4Vcr0TcCUkXqhOC0d06/XV2ajfPihI=
Subject key identifier:   62:40:39:39:90:17:FA:09:3D:C8:D5:03:79:9F:6C:A4:03:F0:BD:05
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856CAD5F06D54A51D797D2FD1D452C35B7
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/YkA5OZAX-gk9yNUDeZ9spAPwvQU.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 01 Jan 2023 09:32:59 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    IP: 2.59.60.0/22
                          IP: 5.181.184.0/22
                          IP: 45.8.216.0/22
                          IP: 45.95.212.0/22
                          IP: 85.209.228.0/22
                          IP: 194.31.194.0 -- 194.31.197.255
                          IP: 2a0d:7b00::/29

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:ad:5f:06:d5:4a:51:d7:97:d2:fd:1d:45:2c:35:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 09:32:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=624039399017fa093dc8d503799f6ca403f0bd05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:b4:e1:fe:23:53:4f:96:84:9b:68:8e:f3:2e:
                    31:a7:69:fe:09:ac:cb:4f:e9:00:b1:5d:4d:dc:e2:
                    d5:a3:dd:49:77:7f:c6:43:e0:98:37:70:0b:85:d1:
                    49:ea:0b:11:84:30:7f:c8:4f:bd:6d:df:23:1f:b1:
                    ae:5d:64:37:bb:16:a3:e9:60:c0:6d:b2:38:7a:41:
                    f4:57:30:db:bf:da:52:90:db:9f:3e:2e:94:77:a2:
                    3b:42:72:57:dc:8c:67:ad:52:82:51:f2:eb:cd:48:
                    43:4a:46:af:3e:c7:8e:4b:23:51:3a:8c:78:64:19:
                    b1:b6:d6:4c:8a:59:e6:88:b2:c7:10:eb:af:c3:d1:
                    8a:4b:c0:c8:c1:17:24:21:ac:3b:0b:94:0f:fc:92:
                    4b:d7:ee:75:c0:06:bd:01:d5:e2:09:98:78:ec:63:
                    db:98:62:ab:23:06:87:58:e5:aa:49:03:8b:21:ba:
                    8e:71:6a:e0:c6:d1:62:6a:fb:16:17:c0:44:a2:f4:
                    81:7f:ed:76:c1:c3:b5:17:1a:40:63:ce:90:29:18:
                    d4:c8:cd:7d:76:f0:aa:13:24:59:b7:4e:91:e7:a1:
                    c6:fc:69:a9:10:07:24:16:49:0a:52:90:ef:6b:34:
                    db:62:64:54:36:68:bf:ac:49:93:56:94:5b:e6:ff:
                    c0:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:40:39:39:90:17:FA:09:3D:C8:D5:03:79:9F:6C:A4:03:F0:BD:05
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/YkA5OZAX-gk9yNUDeZ9spAPwvQU.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.60.0/22
                  5.181.184.0/22
                  45.8.216.0/22
                  45.95.212.0/22
                  85.209.228.0/22
                  194.31.194.0-194.31.197.255
                IPv6:
                  2a0d:7b00::/29

    Signature Algorithm: sha256WithRSAEncryption
         07:23:f7:3c:fa:6e:94:23:01:bd:9b:c6:3e:4c:61:55:21:b4:
         f6:33:fb:e3:42:81:2a:91:22:ac:80:5d:6c:c9:12:9a:3b:4c:
         48:2d:c6:0d:fa:e6:07:6f:0b:8b:57:e5:3a:13:71:ab:b7:35:
         65:fe:d1:35:b7:99:80:54:6e:66:8c:49:cb:5e:c7:09:33:d4:
         75:a7:b3:ff:62:11:17:fd:e1:44:4f:fe:0e:ea:95:c9:7a:f3:
         d3:ba:1e:51:d8:76:05:ca:e8:bc:4a:82:92:88:84:91:f6:95:
         7e:b3:e6:27:e1:c5:4d:85:15:8d:8f:85:91:0b:5e:41:82:7f:
         6a:9f:fd:5a:a2:c5:ef:fd:0e:08:8e:35:a0:14:df:2d:a5:02:
         35:77:41:8a:ad:c0:87:3e:01:6b:7d:a5:68:0b:4e:2b:9e:3e:
         17:50:72:51:2a:20:85:86:bb:ba:bd:31:ee:68:91:9c:a8:7c:
         66:bd:41:27:64:7c:31:cc:ba:ca:7e:07:9b:1f:6d:c3:91:9d:
         7c:22:9f:d8:0e:ad:e9:3e:a3:f5:0c:4b:66:6c:e8:04:eb:a5:
         f0:af:81:38:25:bb:cc:c0:05:77:ca:fe:3b:cd:1d:e3:53:00:
         fc:7f:e3:ad:61:ab:de:8a:e3:57:5f:2c:39:b3:52:dc:5e:c0:
         e3:8a:c7:fa
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYVsrV8G1UpR15fS/R1FLDW3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMDkzMjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjQwMzkzOTkwMTdmYTA5M2RjOGQ1MDM3OTlmNmNhNDAzZjBiZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbTh/iNTT5aEm2iO8y4xp2n+CazL
T+kAsV1N3OLVo91Jd3/GQ+CYN3ALhdFJ6gsRhDB/yE+9bd8jH7GuXWQ3uxaj6WDA
bbI4ekH0VzDbv9pSkNufPi6Ud6I7QnJX3IxnrVKCUfLrzUhDSkavPseOSyNROox4
ZBmxttZMilnmiLLHEOuvw9GKS8DIwRckIaw7C5QP/JJL1+51wAa9AdXiCZh47GPb
mGKrIwaHWOWqSQOLIbqOcWrgxtFiavsWF8BEovSBf+12wcO1FxpAY86QKRjUyM19
dvCqEyRZt06R56HG/GmpEAckFkkKUpDvazTbYmRUNmi/rEmTVpRb5v/AbwIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFGJAOTmQF/oJPcjVA3mfbKQD8L0FMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q3L2ViMjM5
YS0zM2M4LTRkYmQtYmM5Ni0zMjU5NDk2ZTdjNWYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcvZWIyMzlh
LTMzYzgtNGRiZC1iYzk2LTMyNTk0OTZlN2M1Zi8xL1lrQTVPWkFYLWdrOXlOVURl
WjlzcEFQd3ZRVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFQGCCsGAQUF
BwEHAQH/BEUwQzAyBAIAATAsAwQCAjs8AwQCBbW4AwQCLQjYAwQCLV/UAwQCVdHk
MAwDBAHCH8IDBAHCH8QwDQQCAAIwBwMFAyoNewAwDQYJKoZIhvcNAQELBQADggEB
AAcj9zz6bpQjAb2bxj5MYVUhtPYz++NCgSqRIqyAXWzJEpo7TEgtxg365gdvC4tX
5ToTcau3NWX+0TW3mYBUbmaMSctexwkz1HWns/9iERf94URP/g7qlcl689O6HlHY
dgXK6LxKgpKIhJH2lX6z5ifhxU2FFY2PhZELXkGCf2qf/Vqixe/9DgiONaAU3y2l
AjV3QYqtwIc+AWt9pWgLTiuePhdQclEqIIWGu7q9Me5okZyofGa9QSdkfDHMusp+
B5sfbcORnXwin9gOrek+o/UMS2Zs6ATrpfCvgTglu8zABXfK/jvNHeNTAPx/461h
q96K41dfLDmzUtxewOOKx/o=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:24 2023 by rpki-client on console-fra.rpki-client.org