Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1zsg1ivNDnuiUx4E0SwDYCu-3fo.cer
File:                     1zsg1ivNDnuiUx4E0SwDYCu-3fo.cer (raw, json)
Hash identifier:          oo2juy2UQqHaFI0hSbzZodcvfmKaCJKDsWQ8MTDkEJQ=
Subject key identifier:   D7:3B:20:D6:2B:CD:0E:7B:A2:53:1E:04:D1:2C:03:60:2B:BE:DD:FA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC26D2489E14FFA1434795BFC3722F047
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/27/D73B20D62BCD0E7BA2531E04D12C03602BBEDDFA.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/27/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 00:29:41 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 216055

Validation:               Failed, certificate revoked on Sun 30 Jun 2024 11:12:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:24:89:e1:4f:fa:14:34:79:5b:fc:37:22:f0:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 00:29:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d73b20d62bcd0e7ba2531e04d12c03602bbeddfa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:f6:75:e3:64:aa:53:4e:1d:66:d3:65:73:b5:
                    ed:ea:62:80:9b:05:78:2e:99:41:20:f1:c9:53:8b:
                    b4:e0:e6:75:f6:bd:cb:de:05:32:dd:0c:a4:23:49:
                    e9:1b:f9:d6:e1:ad:03:14:db:71:7c:80:49:40:20:
                    eb:b0:83:c5:e8:f4:d7:34:c0:b6:10:df:a1:56:c2:
                    5a:3f:ba:91:5b:3d:aa:f7:52:9e:90:ce:f1:75:9f:
                    fc:95:9b:da:77:9e:3b:bb:6d:57:3f:33:c5:6e:95:
                    25:6e:2d:96:ae:09:f4:08:5b:04:de:aa:a2:0e:90:
                    05:1e:d5:70:71:c3:7f:ed:2b:56:64:5c:8c:9b:13:
                    bb:e1:8c:d2:ee:6f:e2:1a:10:59:a6:d6:4d:5c:2f:
                    60:89:0c:7c:05:85:e2:c9:fc:8a:38:9a:14:a7:e5:
                    24:eb:23:77:93:3b:94:51:e0:80:bd:53:ca:bd:4a:
                    ed:8a:43:5b:ca:6b:44:62:73:f7:cb:cf:ab:37:59:
                    6c:b9:34:58:ca:49:92:65:05:4b:2a:d4:04:71:4d:
                    65:6f:b9:03:20:35:b2:58:5e:de:c6:a9:e9:f9:f6:
                    87:89:4b:ce:7b:a3:be:45:10:55:8f:96:ff:6e:54:
                    a0:cc:28:25:d2:33:13:59:46:a4:60:0f:b8:1f:5b:
                    f3:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:3B:20:D6:2B:CD:0E:7B:A2:53:1E:04:D1:2C:03:60:2B:BE:DD:FA
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/27/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/27/D73B20D62BCD0E7BA2531E04D12C03602BBEDDFA.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  216055

    Signature Algorithm: sha256WithRSAEncryption
         96:10:8f:af:8c:73:b4:a4:70:67:89:14:41:28:37:1a:5d:ff:
         18:77:39:64:06:52:f3:27:13:b6:ea:5f:b2:d0:14:25:9f:61:
         a2:05:68:79:86:ff:f3:e5:be:43:9d:37:1b:3f:33:65:c0:2b:
         f1:66:d2:2c:96:d0:77:0f:b6:e3:bf:c0:cf:d8:e5:79:0b:ae:
         a2:60:ba:1b:ae:67:fa:fc:01:10:ce:cd:61:d7:52:f6:13:c8:
         61:9a:20:4d:9f:5c:69:3d:76:a2:4e:95:1c:e1:36:f3:5d:ac:
         b4:72:6b:ef:60:af:73:64:99:b9:13:da:10:e1:ca:00:e5:3a:
         df:e3:74:f6:08:ef:f2:96:dd:14:5d:08:6c:99:40:27:e4:08:
         b0:ca:c0:81:4b:60:68:d7:92:31:05:9d:47:1b:a4:30:f6:aa:
         cc:c0:31:27:2c:f0:b7:c7:d8:5a:ec:0c:08:0b:74:0c:26:d3:
         51:0d:ed:b9:1a:6f:e2:01:0c:ad:c6:9c:c8:0d:7c:e3:aa:0f:
         50:85:85:a2:ad:45:12:77:57:c6:95:c1:4e:62:38:80:de:de:
         b6:82:bc:6d:0e:d0:74:0a:8c:3d:d6:6c:a3:38:c0:b0:a2:75:
         4f:a9:6e:7b:56:a8:d2:b4:42:a0:da:57:fa:3f:92:5f:c9:b5:
         89:fa:97:8f
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYzCbSSJ4U/6FDR5W/w3IvBHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDAyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzNiMjBkNjJiY2QwZTdiYTI1MzFlMDRkMTJjMDM2MDJiYmVkZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPZ142SqU04dZtNlc7Xt6mKAmwV4
LplBIPHJU4u04OZ19r3L3gUy3QykI0npG/nW4a0DFNtxfIBJQCDrsIPF6PTXNMC2
EN+hVsJaP7qRWz2q91KekM7xdZ/8lZvad547u21XPzPFbpUlbi2Wrgn0CFsE3qqi
DpAFHtVwccN/7StWZFyMmxO74YzS7m/iGhBZptZNXC9giQx8BYXiyfyKOJoUp+Uk
6yN3kzuUUeCAvVPKvUrtikNbymtEYnP3y8+rN1lsuTRYykmSZQVLKtQEcU1lb7kD
IDWyWF7exqnp+faHiUvOe6O+RRBVj5b/blSgzCgl0jMTWUakYA+4H1vzpwIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFNc7INYrzQ57olMeBNEsA2Arvt36MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggFCBggrBgEFBQcBCwSCATQwggEwMGAGCCsGAQUFBzAFhlRy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdiNTc1
ZWE3LTc4NmYtNGIyZC1hNDU1LTc5ZDdmYzQzZWNlZS8yNy8wgY0GCCsGAQUFBzAK
hoGAcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83
YjU3NWVhNy03ODZmLTRiMmQtYTQ1NS03OWQ3ZmM0M2VjZWUvMjcvRDczQjIwRDYy
QkNEMEU3QkEyNTMxRTA0RDEyQzAzNjAyQkJFRERGQS5tZnQwPAYIKwYBBQUHMA2G
MGh0dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnht
bDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMD
S/cwDQYJKoZIhvcNAQELBQADggEBAJYQj6+Mc7SkcGeJFEEoNxpd/xh3OWQGUvMn
E7bqX7LQFCWfYaIFaHmG//PlvkOdNxs/M2XAK/Fm0iyW0HcPtuO/wM/Y5XkLrqJg
uhuuZ/r8ARDOzWHXUvYTyGGaIE2fXGk9dqJOlRzhNvNdrLRya+9gr3NkmbkT2hDh
ygDlOt/jdPYI7/KW3RRdCGyZQCfkCLDKwIFLYGjXkjEFnUcbpDD2qszAMScs8LfH
2FrsDAgLdAwm01EN7bkab+IBDK3GnMgNfOOqD1CFhaKtRRJ3V8aVwU5iOIDe3raC
vG0O0HQKjD3WbKM4wLCidU+pbntWqNK0QqDaV/o/kl/JtYn6l48=
-----END CERTIFICATE-----
Generated at Sun Jun 30 14:50:07 2024 by rpki-client on console-ams.rpki-client.org