Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0KFNCwitQSsA1YbeqInubaxPXe8.cer
File:                     0KFNCwitQSsA1YbeqInubaxPXe8.cer (raw, json)
Hash identifier:          c1+ymZdLBQQIW2vq+XdD0lKgM/ouTFkq+tBB4AIiAkA=
Subject key identifier:   D0:A1:4D:0B:08:AD:41:2B:00:D5:86:DE:A8:89:EE:6D:AC:4F:5D:EF
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC94E6338D9CC5C1A1073F77856AC151B
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/5d/d61183-2bea-4dd0-b2b2-c3e7b6e14f58/1/0KFNCwitQSsA1YbeqInubaxPXe8.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/5d/d61183-2bea-4dd0-b2b2-c3e7b6e14f58/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 08:33:26 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 185.211.170.0/24
                          IP: 2a12:12c0::/29

Validation:               Failed, certificate revoked on Tue 12 Mar 2024 10:39:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4e:63:38:d9:cc:5c:1a:10:73:f7:78:56:ac:15:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 08:33:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d0a14d0b08ad412b00d586dea889ee6dac4f5def
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:39:84:c6:39:7a:b0:99:dc:68:72:d1:f5:09:
                    04:46:9d:87:46:9e:d7:71:e6:62:c8:57:74:60:33:
                    a8:01:43:60:ac:f7:e0:c7:c1:1d:5f:9e:71:5b:2b:
                    04:93:f7:be:6f:ee:2d:2d:33:66:27:9a:47:2b:4c:
                    82:55:2e:68:05:e6:c5:a9:e4:80:fb:0e:d1:cc:ea:
                    e1:2b:af:0d:a2:89:ae:0c:ee:f3:73:cb:87:cb:38:
                    3e:93:d7:0d:41:7a:da:ed:49:11:c8:39:5f:6e:69:
                    d7:db:c8:5b:a3:a1:a5:19:6f:a0:c2:2d:74:b9:60:
                    ad:9a:b7:19:aa:8c:5b:82:18:8b:fd:e0:3f:9d:0d:
                    b2:a4:85:8e:66:e6:d5:2f:1a:66:50:df:6d:0c:59:
                    e9:6f:3f:bb:0a:05:d1:05:1f:2e:68:f9:bd:10:6b:
                    fd:80:4a:3b:99:cb:60:2d:c8:cb:a8:70:3c:c7:01:
                    be:cb:c1:2d:fe:25:52:83:14:38:e4:f1:90:c1:6d:
                    f0:b6:79:a7:d0:03:0a:c1:e1:a7:15:e4:b9:66:ce:
                    c1:82:76:8e:95:e7:ff:75:ae:4e:42:53:0a:d4:7e:
                    0b:63:40:0f:b6:48:7b:f3:c1:be:84:ec:1c:5a:08:
                    47:e8:49:80:fb:f4:d6:1e:6f:67:c5:77:7e:ab:94:
                    25:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:A1:4D:0B:08:AD:41:2B:00:D5:86:DE:A8:89:EE:6D:AC:4F:5D:EF
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/d61183-2bea-4dd0-b2b2-c3e7b6e14f58/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/d61183-2bea-4dd0-b2b2-c3e7b6e14f58/1/0KFNCwitQSsA1YbeqInubaxPXe8.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.211.170.0/24
                IPv6:
                  2a12:12c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         ae:c5:11:20:ed:f0:94:96:a2:98:4b:fd:b5:f8:e2:2b:d1:c2:
         54:97:42:b7:da:b2:03:f9:62:f0:ff:0d:1a:f6:f8:a1:6c:b0:
         6a:20:c0:34:c9:79:fb:dc:b1:14:3a:ff:02:ed:55:92:1c:a1:
         31:83:1e:ed:b8:8a:81:a4:f1:6a:01:ed:c3:55:94:fa:23:4b:
         59:92:15:5a:a1:6d:79:53:2e:dc:b0:be:db:1c:1d:1e:16:8b:
         12:53:ef:a0:65:d1:85:de:ae:5d:9c:72:07:6b:85:41:a9:b2:
         03:73:1f:9f:8e:d4:7a:b6:83:c9:f1:83:f9:e7:1f:e6:35:e9:
         1e:7c:5e:7d:42:d9:2d:b4:11:e6:d0:4b:06:62:86:c4:8e:0d:
         a2:8c:f7:57:4d:9d:17:49:61:98:0b:60:97:f0:87:39:40:89:
         ff:36:d1:6a:9a:3f:b7:97:38:0e:00:d8:e8:5c:18:b9:bd:d2:
         91:56:f0:84:e1:e4:84:65:6d:97:82:eb:33:0a:45:14:42:25:
         6e:69:e4:78:ee:18:d2:f4:44:ac:5e:0e:e5:f4:2f:d3:17:43:
         77:3d:d0:8f:b5:33:2a:05:a4:f6:00:7d:60:f1:4f:13:6d:c8:
         2b:b4:19:95:cf:0f:a5:75:aa:88:71:f1:71:33:a5:ea:a7:fe:
         dc:ec:8d:d5
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYzJTmM42cxcGhBz93hWrBUbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDgzMzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGExNGQwYjA4YWQ0MTJiMDBkNTg2ZGVhODg5ZWU2ZGFjNGY1ZGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTmExjl6sJncaHLR9QkERp2HRp7X
ceZiyFd0YDOoAUNgrPfgx8EdX55xWysEk/e+b+4tLTNmJ5pHK0yCVS5oBebFqeSA
+w7RzOrhK68NoomuDO7zc8uHyzg+k9cNQXra7UkRyDlfbmnX28hbo6GlGW+gwi10
uWCtmrcZqoxbghiL/eA/nQ2ypIWOZubVLxpmUN9tDFnpbz+7CgXRBR8uaPm9EGv9
gEo7mctgLcjLqHA8xwG+y8Et/iVSgxQ45PGQwW3wtnmn0AMKweGnFeS5Zs7BgnaO
lef/da5OQlMK1H4LY0APtkh788G+hOwcWghH6EmA+/TWHm9nxXd+q5QlkwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFNChTQsIrUErANWG3qiJ7m2sT13vMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVkL2Q2MTE4
My0yYmVhLTRkZDAtYjJiMi1jM2U3YjZlMTRmNTgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQvZDYxMTgz
LTJiZWEtNGRkMC1iMmIyLWMzZTdiNmUxNGY1OC8xLzBLRk5Dd2l0UVNzQTFZYmVx
SW51YmF4UFhlOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAudOqMA0EAgACMAcDBQMqEhLAMA0GCSqGSIb3
DQEBCwUAA4IBAQCuxREg7fCUlqKYS/21+OIr0cJUl0K32rID+WLw/w0a9vihbLBq
IMA0yXn73LEUOv8C7VWSHKExgx7tuIqBpPFqAe3DVZT6I0tZkhVaoW15Uy7csL7b
HB0eFosSU++gZdGF3q5dnHIHa4VBqbIDcx+fjtR6toPJ8YP55x/mNekefF59Qtkt
tBHm0EsGYobEjg2ijPdXTZ0XSWGYC2CX8Ic5QIn/NtFqmj+3lzgOANjoXBi5vdKR
VvCE4eSEZW2XguszCkUUQiVuaeR47hjS9ESsXg7l9C/TF0N3PdCPtTMqBaT2AH1g
8U8TbcgrtBmVzw+ldaqIcfFxM6Xqp/7c7I3V
-----END CERTIFICATE-----
Generated at Tue Mar 12 14:23:33 2024 by rpki-client on console-fra.rpki-client.org