Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0rkNltekBmyX5zA34EV2tv2H8_U.cer
File:                     0rkNltekBmyX5zA34EV2tv2H8_U.cer (raw, json)
Hash identifier:          DWzGNIrCaXfY8SjAQP6RoI/GrMbqTiZpq7G62mspa9w=
Subject key identifier:   D2:B9:0D:96:D7:A4:06:6C:97:E7:30:37:E0:45:76:B6:FD:87:F3:F5
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856DF78C8FA66308E67A0DFA037ED94249
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/29/168f11-496e-4b07-8e58-4f81fcfee5e4/1/0rkNltekBmyX5zA34EV2tv2H8_U.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/29/168f11-496e-4b07-8e58-4f81fcfee5e4/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 01 Jan 2023 15:33:38 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    IP: 195.96.128.0/24

Validation:               Failed, certificate revoked on Mon 13 Nov 2023 15:05:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:f7:8c:8f:a6:63:08:e6:7a:0d:fa:03:7e:d9:42:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 15:33:38 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d2b90d96d7a4066c97e73037e04576b6fd87f3f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:53:a5:07:38:ff:df:a5:d3:17:3f:8b:b3:ae:
                    07:94:48:2b:71:26:d6:32:35:41:ff:da:eb:a8:68:
                    a9:f5:27:26:f5:41:e1:10:7c:d0:19:38:61:e8:e0:
                    5f:42:2b:bf:5a:bd:c8:94:62:6c:6d:78:24:bc:cb:
                    dd:f5:3b:54:9b:22:58:68:34:ba:4a:0a:d1:c1:27:
                    c5:64:53:c7:a5:cd:3e:d8:7d:05:ed:7c:75:b2:ce:
                    dc:f8:b4:70:6c:de:c6:8f:fa:00:c8:3d:d3:68:ae:
                    0c:3d:d7:bf:1f:2b:78:af:fc:d2:9a:0e:8f:b2:90:
                    6c:ab:df:6a:e4:f8:80:8d:05:67:24:75:99:1a:fc:
                    f2:d6:b2:51:2a:8e:68:56:3c:57:7f:b0:c4:36:6a:
                    46:9d:35:06:e3:ec:5d:d2:f4:0e:21:2b:cc:41:db:
                    54:5f:24:4f:18:ff:87:e5:bb:6b:47:a3:c6:44:ed:
                    9b:12:ad:8e:4d:69:4d:51:37:43:4a:b5:72:8c:8d:
                    20:40:1f:55:87:b5:c3:7b:73:91:09:5f:21:52:71:
                    95:3c:02:99:2b:a7:3b:de:ae:68:64:60:e8:f3:2b:
                    a1:54:05:b9:7e:30:40:70:35:3a:70:6d:40:58:20:
                    2b:71:31:6e:b6:07:64:9d:d8:d8:99:2f:72:07:c8:
                    4d:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:B9:0D:96:D7:A4:06:6C:97:E7:30:37:E0:45:76:B6:FD:87:F3:F5
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/168f11-496e-4b07-8e58-4f81fcfee5e4/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/168f11-496e-4b07-8e58-4f81fcfee5e4/1/0rkNltekBmyX5zA34EV2tv2H8_U.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.96.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:97:d1:43:95:b0:97:03:6e:98:f9:5c:2d:5e:ae:8d:2c:bb:
         35:30:b9:7b:22:54:1c:9b:7e:a1:0b:a5:a6:d2:90:98:80:3b:
         c1:f1:46:eb:6b:c1:dc:94:d4:ac:38:f3:45:0a:d4:36:29:27:
         64:6d:b1:e6:7b:a8:e4:30:07:65:3b:b2:7d:5b:48:bd:05:6b:
         c3:b0:a1:1c:b0:f3:d0:02:92:bc:3c:1a:53:04:5c:11:15:3c:
         bb:75:9a:3a:e2:38:5b:2c:2c:a8:80:42:c7:0e:54:31:ea:e0:
         95:d0:72:2b:b5:40:08:f7:6c:56:5c:c8:89:1c:a3:99:0c:01:
         f7:93:59:fd:59:1a:fc:24:a0:f5:59:78:ff:76:1c:ca:71:36:
         25:0b:28:b5:0d:b6:24:b0:d5:6a:18:a1:1a:68:b4:0f:52:74:
         c8:01:db:3a:af:3c:64:dc:6a:97:c5:8f:f1:be:a8:24:3b:47:
         60:51:2c:2d:69:8f:32:1e:0f:dc:1a:8e:da:d6:1b:e7:b4:ee:
         75:a3:01:e3:94:36:e3:26:71:a2:be:72:9a:07:02:63:2d:3e:
         f7:de:cc:2a:32:07:98:5a:65:8a:47:4d:ef:38:96:24:34:6d:
         f4:9c:bf:19:de:5e:eb:1f:2e:c7:d8:c8:16:17:e1:6a:28:67:
         c4:43:e8:76
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYVt94yPpmMI5noN+gN+2UJJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTUzMzM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmI5MGQ5NmQ3YTQwNjZjOTdlNzMwMzdlMDQ1NzZiNmZkODdmM2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FOlBzj/36XTFz+Ls64HlEgrcSbW
MjVB/9rrqGip9Scm9UHhEHzQGThh6OBfQiu/Wr3IlGJsbXgkvMvd9TtUmyJYaDS6
SgrRwSfFZFPHpc0+2H0F7Xx1ss7c+LRwbN7Gj/oAyD3TaK4MPde/Hyt4r/zSmg6P
spBsq99q5PiAjQVnJHWZGvzy1rJRKo5oVjxXf7DENmpGnTUG4+xd0vQOISvMQdtU
XyRPGP+H5btrR6PGRO2bEq2OTWlNUTdDSrVyjI0gQB9Vh7XDe3ORCV8hUnGVPAKZ
K6c73q5oZGDo8yuhVAW5fjBAcDU6cG1AWCArcTFutgdkndjYmS9yB8hNywIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFNK5DZbXpAZsl+cwN+BFdrb9h/P1MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI5LzE2OGYx
MS00OTZlLTRiMDctOGU1OC00ZjgxZmNmZWU1ZTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkvMTY4ZjEx
LTQ5NmUtNGIwNy04ZTU4LTRmODFmY2ZlZTVlNC8xLzBya05sdGVrQm15WDV6QTM0
RVYydHYySDhfVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAw2CAMA0GCSqGSIb3DQEBCwUAA4IBAQCZl9FD
lbCXA26Y+VwtXq6NLLs1MLl7IlQcm36hC6Wm0pCYgDvB8Ubra8HclNSsOPNFCtQ2
KSdkbbHme6jkMAdlO7J9W0i9BWvDsKEcsPPQApK8PBpTBFwRFTy7dZo64jhbLCyo
gELHDlQx6uCV0HIrtUAI92xWXMiJHKOZDAH3k1n9WRr8JKD1WXj/dhzKcTYlCyi1
DbYksNVqGKEaaLQPUnTIAds6rzxk3GqXxY/xvqgkO0dgUSwtaY8yHg/cGo7a1hvn
tO51owHjlDbjJnGivnKaBwJjLT733swqMgeYWmWKR03vOJYkNG30nL8Z3l7rHy7H
2MgWF+FqKGfEQ+h2
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:27 2024 by rpki-client on console-ams.rpki-client.org