Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1bbSoKjFOOkX-5SqlnkaO-e4Bjo.cer
File:                     1bbSoKjFOOkX-5SqlnkaO-e4Bjo.cer (raw, json)
Hash identifier:          7gTLJ7xLIJiaDW34HktLvIu94+qTZ9g3lnoxYGdrgj4=
Subject key identifier:   D5:B6:D2:A0:A8:C5:38:E9:17:FB:94:AA:96:79:1A:3B:E7:B8:06:3A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC8DF453BB18027A29EB60A9893EBA18C
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/58/bbf319-15a9-40d9-beec-36a86f0d0e13/1/1bbSoKjFOOkX-5SqlnkaO-e4Bjo.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/58/bbf319-15a9-40d9-beec-36a86f0d0e13/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 06:32:04 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 208417
                          IP: 45.129.16.0/22
                          IP: 2a0e:3640::/29

Validation:               Failed, certificate revoked on Fri 20 Dec 2024 14:25:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:df:45:3b:b1:80:27:a2:9e:b6:0a:98:93:eb:a1:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 06:32:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d5b6d2a0a8c538e917fb94aa96791a3be7b8063a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:8d:c1:25:64:3c:cd:f8:a9:85:39:9f:d0:5f:
                    f9:fe:bf:52:90:6c:73:88:a2:34:64:b2:45:3b:7e:
                    0b:db:36:1a:43:2d:1d:59:63:20:68:33:ec:b8:fe:
                    b5:79:2f:fc:a8:a1:34:19:c0:07:e2:eb:49:2d:0a:
                    9f:bf:7b:44:b0:3c:e1:24:36:c1:f5:92:4b:a7:87:
                    37:55:15:21:fc:50:9a:b8:de:b7:c1:e0:b2:9f:e3:
                    16:96:e8:b9:b1:71:f8:d4:97:4b:cb:b8:7f:a7:d6:
                    f6:bb:ae:03:1f:ef:30:65:f8:d6:3b:87:a3:b4:99:
                    2a:37:cc:7e:8b:1c:e4:7f:d4:6f:ff:81:eb:cc:b4:
                    fb:1f:85:7b:75:07:06:a8:53:72:c0:ca:66:05:11:
                    27:ae:45:5c:e5:5d:fd:e2:dc:1a:73:47:7f:f2:47:
                    47:32:dc:d3:9d:25:e9:a1:d1:c2:ff:54:cd:c2:c8:
                    df:3f:20:fa:35:ea:fd:4c:70:bc:40:12:ee:1b:21:
                    da:8d:8c:d2:dd:ce:be:7c:28:cb:2b:26:ea:35:72:
                    73:e8:76:8e:4a:8a:b9:e0:35:af:b4:23:95:6a:19:
                    1b:1f:3f:4d:12:cb:94:d9:d2:61:61:6f:6a:7a:41:
                    ed:49:98:d0:e0:8b:91:28:e0:af:0b:a0:5c:39:5b:
                    fc:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:B6:D2:A0:A8:C5:38:E9:17:FB:94:AA:96:79:1A:3B:E7:B8:06:3A
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/bbf319-15a9-40d9-beec-36a86f0d0e13/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/bbf319-15a9-40d9-beec-36a86f0d0e13/1/1bbSoKjFOOkX-5SqlnkaO-e4Bjo.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.129.16.0/22
                IPv6:
                  2a0e:3640::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  208417

    Signature Algorithm: sha256WithRSAEncryption
         88:1d:8c:fb:4a:02:3d:dd:ac:6f:a8:26:dc:82:51:9e:43:38:
         77:e6:c1:e1:2e:de:f7:ad:29:11:c1:3c:8e:cb:eb:3e:2d:1b:
         4f:e5:f6:f4:98:15:8e:7f:e7:52:44:9f:57:ec:9f:42:7c:9b:
         92:20:50:4e:1e:8c:cc:47:d5:48:91:66:30:4d:e5:ec:5c:c7:
         d3:18:49:d2:52:4f:3d:60:00:7d:31:f5:58:63:df:e4:04:0d:
         45:95:a6:ac:4f:1b:19:90:da:8f:f3:96:8e:42:a7:41:37:79:
         0e:26:19:b7:3e:bb:a1:c8:d0:35:9a:ee:f7:29:4a:c2:ac:71:
         bb:b4:a3:d3:fd:76:29:f2:7e:e1:cc:11:71:65:19:bd:02:ef:
         49:95:1c:47:eb:94:17:fe:2c:d1:25:65:ee:29:54:d6:56:8f:
         fc:3d:44:e5:e2:c6:68:a0:5e:ab:e2:4e:5f:d1:bc:0c:dc:34:
         94:d5:11:c3:65:f8:cc:fe:39:c3:14:02:00:b5:13:68:d2:bd:
         04:75:01:f9:9d:74:9d:66:4d:60:1d:46:10:d3:c7:a7:c2:b8:
         b6:69:5b:b6:98:73:cb:f9:6c:08:ba:22:9d:25:02:80:d1:ed:
         0a:0c:43:f5:a9:31:00:8f:22:07:83:37:38:4f:c9:04:0e:dd:
         af:d4:65:e6
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzI30U7sYAnop62CpiT66GMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDYzMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWI2ZDJhMGE4YzUzOGU5MTdmYjk0YWE5Njc5MWEzYmU3YjgwNjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxI3BJWQ8zfiphTmf0F/5/r9SkGxz
iKI0ZLJFO34L2zYaQy0dWWMgaDPsuP61eS/8qKE0GcAH4utJLQqfv3tEsDzhJDbB
9ZJLp4c3VRUh/FCauN63weCyn+MWlui5sXH41JdLy7h/p9b2u64DH+8wZfjWO4ej
tJkqN8x+ixzkf9Rv/4HrzLT7H4V7dQcGqFNywMpmBREnrkVc5V394twac0d/8kdH
MtzTnSXpodHC/1TNwsjfPyD6Ner9THC8QBLuGyHajYzS3c6+fCjLKybqNXJz6HaO
Soq54DWvtCOVahkbHz9NEsuU2dJhYW9qekHtSZjQ4IuRKOCvC6BcOVv8MwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFNW20qCoxTjpF/uUqpZ5GjvnuAY6MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU4L2JiZjMx
OS0xNWE5LTQwZDktYmVlYy0zNmE4NmYwZDBlMTMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgvYmJmMzE5
LTE1YTktNDBkOS1iZWVjLTM2YTg2ZjBkMGUxMy8xLzFiYlNvS2pGT09rWC01U3Fs
bmthTy1lNEJqby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCLYEQMA0EAgACMAcDBQMqDjZAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMuITANBgkqhkiG9w0BAQsFAAOCAQEAiB2M+0oCPd2s
b6gm3IJRnkM4d+bB4S7e960pEcE8jsvrPi0bT+X29JgVjn/nUkSfV+yfQnybkiBQ
Th6MzEfVSJFmME3l7FzH0xhJ0lJPPWAAfTH1WGPf5AQNRZWmrE8bGZDaj/OWjkKn
QTd5DiYZtz67ocjQNZru9ylKwqxxu7Sj0/12KfJ+4cwRcWUZvQLvSZUcR+uUF/4s
0SVl7ilU1laP/D1E5eLGaKBeq+JOX9G8DNw0lNURw2X4zP45wxQCALUTaNK9BHUB
+Z10nWZNYB1GENPHp8K4tmlbtphzy/lsCLoinSUCgNHtCgxD9akxAI8iB4M3OE/J
BA7dr9Rl5g==
-----END CERTIFICATE-----
Generated at Fri Dec 20 19:30:58 2024 by rpki-client on console-ams.rpki-client.org