Certificate

$ rpki-client -vvf rpki-repo.registro.br/repo/nicbr_repo/1/9D68635E63381A5F13180DF283B95BDD1CF6E589.cer
File:                     9D68635E63381A5F13180DF283B95BDD1CF6E589.cer (raw, json)
Hash identifier:          zmBFiVW8iDLKbYWS0WnNcIeyUg23eBnhlNqBHu2Rmd0=
Subject key identifier:   9D:68:63:5E:63:38:1A:5F:13:18:0D:F2:83:B9:5B:DD:1C:F6:E5:89
Authority key identifier: 60:54:32:E9:E1:B0:5A:7E:6C:20:8B:29:46:FD:C9:C9:67:CA:8A:4B
Certificate issuer:       /CN=605432E9E1B05A7E6C208B2946FDC9C967CA8A4B
Certificate serial:       62A429131958EC6FE17A8E3F1758E978C74D28DB
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
Manifest:                 rsync://rpki-repo.registro.br/repo/DVuNsaLjaa2XTbQkrbZigjnVys7QZdATMPiGjirASWfj/0/9D68635E63381A5F13180DF283B95BDD1CF6E589.mft
caRepository:             rsync://rpki-repo.registro.br/repo/DVuNsaLjaa2XTbQkrbZigjnVys7QZdATMPiGjirASWfj/0/
Notify URL:               https://rpki-repo.registro.br/rrdp/notification.xml
Certificate not before:   Wed 25 Sep 2024 12:47:03 +0000
Certificate not after:    Wed 24 Sep 2025 12:52:03 +0000
Subordinate resources:    AS: 52944
                          IP: 168.205.152.0/22
                          IP: 177.38.56.0/21
                          IP: 201.150.112.0/22
                          IP: 2804:b28::/32

Validation:               Failed, certificate revoked on Mon 21 Oct 2024 19:17:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:a4:29:13:19:58:ec:6f:e1:7a:8e:3f:17:58:e9:78:c7:4d:28:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=605432E9E1B05A7E6C208B2946FDC9C967CA8A4B
        Validity
            Not Before: Sep 25 12:47:03 2024 GMT
            Not After : Sep 24 12:52:03 2025 GMT
        Subject: CN=9D68635E63381A5F13180DF283B95BDD1CF6E589
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:7f:57:31:55:ed:56:09:fd:04:19:f5:18:f9:
                    46:b5:ea:0e:3c:18:a9:24:c1:83:2b:89:bf:a2:8e:
                    1f:79:43:14:bf:17:0b:2a:7b:94:dd:08:06:02:a5:
                    c4:ea:eb:6b:7e:35:b9:ea:47:6a:62:c4:b8:8f:f2:
                    ef:a7:42:ef:bc:99:ba:50:3e:2e:eb:70:96:2f:40:
                    66:1f:a5:d5:98:b5:0f:a6:b7:78:34:6e:91:d9:e8:
                    34:8d:5e:68:25:4b:27:c7:fc:f7:14:87:57:0d:aa:
                    0e:a2:bf:15:31:1e:4c:ae:6b:09:0f:9b:4a:ab:16:
                    13:25:48:78:de:40:39:13:0e:23:86:98:e6:61:c3:
                    cc:6d:39:f5:f7:ff:1a:7d:e3:a4:59:1b:b1:e1:39:
                    74:2c:60:39:7b:cc:b3:cc:8b:21:36:0d:f2:6f:c4:
                    78:c0:b4:66:5b:43:42:1d:9a:43:f6:fa:20:17:7b:
                    7a:03:b9:b9:48:54:9d:7e:91:db:ec:70:74:45:bb:
                    10:b5:a7:9a:31:4a:d3:ec:38:15:1a:be:e9:b2:d3:
                    07:e9:84:d4:19:42:97:95:c3:3a:33:82:93:e4:67:
                    7e:0d:18:ae:92:5d:3f:5f:8f:df:ff:4b:f7:b0:0f:
                    01:2d:13:88:20:68:f7:e4:41:66:a9:cb:23:37:c0:
                    a0:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                9D:68:63:5E:63:38:1A:5F:13:18:0D:F2:83:B9:5B:DD:1C:F6:E5:89
            X509v3 Authority Key Identifier:
                keyid:60:54:32:E9:E1:B0:5A:7E:6C:20:8B:29:46:FD:C9:C9:67:CA:8A:4B

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki-repo.registro.br/repo/DVuNsaLjaa2XTbQkrbZigjnVys7QZdATMPiGjirASWfj/0/
                RPKI Manifest - URI:rsync://rpki-repo.registro.br/repo/DVuNsaLjaa2XTbQkrbZigjnVys7QZdATMPiGjirASWfj/0/9D68635E63381A5F13180DF283B95BDD1CF6E589.mft
                RPKI Notify - URI:https://rpki-repo.registro.br/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.205.152.0/22
                  177.38.56.0/21
                  201.150.112.0/22
                IPv6:
                  2804:b28::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  52944

    Signature Algorithm: sha256WithRSAEncryption
         38:1e:d6:db:c8:48:f6:1b:34:34:76:e1:38:da:51:6f:1e:a1:
         23:26:b8:36:77:c4:18:d9:22:9a:31:58:9d:ba:bd:18:09:fc:
         46:83:d8:e8:47:3f:8b:32:5d:29:dd:31:3b:35:24:5b:5f:3d:
         5b:0b:ff:fa:55:73:bd:55:e7:82:0e:ed:62:b6:aa:8b:64:4d:
         59:06:94:66:cd:c7:e8:b3:e1:be:fd:80:46:4c:e5:1d:f7:24:
         87:95:34:10:39:01:50:b1:ce:56:c6:2f:1d:ad:98:51:9c:c9:
         1c:f3:62:d1:bd:67:21:97:0b:b5:60:c7:06:76:76:dc:a9:2d:
         d4:10:ee:1b:1e:5b:b8:8a:39:6c:5d:9e:43:e6:af:af:da:36:
         02:cc:0f:fa:fe:7a:c9:b8:d9:b7:05:62:00:ac:32:c9:fe:94:
         76:9c:81:37:64:dd:87:bd:37:5b:02:3c:da:e9:4d:47:a8:dc:
         3b:7c:50:fd:07:08:c0:4d:25:cf:e6:c4:3f:55:3f:18:4e:5d:
         c4:85:e4:04:78:c5:0a:c3:af:17:88:c2:df:ee:13:33:9b:ef:
         0c:20:e1:04:b2:64:1b:35:2f:5e:b7:5d:84:63:b4:7f:90:52:
         df:b1:b1:11:ba:32:ad:7f:ee:28:b1:1e:b4:8a:35:95:e6:be:
         9c:d3:e2:8e
-----BEGIN CERTIFICATE-----
MIIGPDCCBSSgAwIBAgIUYqQpExlY7G/heo4/F1jpeMdNKNswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjA1NDMyRTlFMUIwNUE3RTZDMjA4QjI5NDZGREM5Qzk2
N0NBOEE0QjAeFw0yNDA5MjUxMjQ3MDNaFw0yNTA5MjQxMjUyMDNaMDMxMTAvBgNV
BAMTKDlENjg2MzVFNjMzODFBNUYxMzE4MERGMjgzQjk1QkREMUNGNkU1ODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCCf1cxVe1WCf0EGfUY+Ua16g48
GKkkwYMrib+ijh95QxS/Fwsqe5TdCAYCpcTq62t+NbnqR2pixLiP8u+nQu+8mbpQ
Pi7rcJYvQGYfpdWYtQ+mt3g0bpHZ6DSNXmglSyfH/PcUh1cNqg6ivxUxHkyuawkP
m0qrFhMlSHjeQDkTDiOGmOZhw8xtOfX3/xp946RZG7HhOXQsYDl7zLPMiyE2DfJv
xHjAtGZbQ0IdmkP2+iAXe3oDublIVJ1+kdvscHRFuxC1p5oxStPsOBUavumy0wfp
hNQZQpeVwzozgpPkZ34NGK6SXT9fj9//S/ewDwEtE4ggaPfkQWapyyM3wKDPAgMB
AAGjggNGMIIDQjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSdaGNeYzgaXxMY
DfKDuVvdHPbliTAfBgNVHSMEGDAWgBRgVDLp4bBafmwgiylG/cnJZ8qKSzAOBgNV
HQ8BAf8EBAMCAQYwbQYDVR0fBGYwZDBioGCgXoZccnN5bmM6Ly9ycGtpLXJlcG8u
cmVnaXN0cm8uYnIvcmVwby9uaWNicl9yZXBvLzEvNjA1NDMyRTlFMUIwNUE3RTZD
MjA4QjI5NDZGREM5Qzk2N0NBOEE0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGpMIGm
BggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kv
bGFjbmljL0ExNTMxQjI0QkY1MEM0NjFDN0Y1NzRDRDY1MjY3QThCMERDMzI1REFB
QTEwMDc1RjY3MTY1Qjk4QzRGNEVGQzMvMC82MDU0MzJFOUUxQjA1QTdFNkMyMDhC
Mjk0NkZEQzlDOTY3Q0E4QTRCLmNlcjCCAUAGCCsGAQUFBwELBIIBMjCCAS4wXgYI
KwYBBQUHMAWGUnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJyL3JlcG8vRFZ1
TnNhTGphYTJYVGJRa3JiWmlnam5WeXM3UVpkQVRNUGlHamlyQVNXZmovMC8wgYoG
CCsGAQUFBzAKhn5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBvL0RW
dU5zYUxqYWEyWFRiUWtyYlppZ2puVnlzN1FaZEFUTVBpR2ppckFTV2ZqLzAvOUQ2
ODYzNUU2MzM4MUE1RjEzMTgwREYyODNCOTVCREQxQ0Y2RTU4OS5tZnQwPwYIKwYB
BQUHMA2GM2h0dHBzOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJyL3JyZHAvbm90aWZp
Y2F0aW9uLnhtbDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEH
AQH/BCswKTAYBAIAATASAwQCqM2YAwQDsSY4AwQCyZZwMA0EAgACMAcDBQAoBAso
MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwDO0DANBgkqhkiG9w0BAQsFAAOCAQEA
OB7W28hI9hs0NHbhONpRbx6hIya4NnfEGNkimjFYnbq9GAn8RoPY6Ec/izJdKd0x
OzUkW189Wwv/+lVzvVXngg7tYraqi2RNWQaUZs3H6LPhvv2ARkzlHfckh5U0EDkB
ULHOVsYvHa2YUZzJHPNi0b1nIZcLtWDHBnZ23Kkt1BDuGx5buIo5bF2eQ+avr9o2
AswP+v56ybjZtwViAKwyyf6UdpyBN2Tdh703WwI82ulNR6jcO3xQ/QcIwE0lz+bE
P1U/GE5dxIXkBHjFCsOvF4jC3+4TM5vvDCDhBLJkGzUvXrddhGO0f5BS37GxEboy
rX/uKLEetIo1lea+nNPijg==
-----END CERTIFICATE-----
Generated at Mon Oct 21 22:08:11 2024 by rpki-client on console-ams.rpki-client.org