Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3x4tS9NitiuARQIdw1CxIOVTAmU.cer
File:                     3x4tS9NitiuARQIdw1CxIOVTAmU.cer (raw, json)
Hash identifier:          lQCIwLhZub3aOxSxbWgPqfHvB8/E4uPNojQJMG8BUJU=
Subject key identifier:   DF:1E:2D:4B:D3:62:B6:2B:80:45:02:1D:C3:50:B1:20:E5:53:02:65
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01971710C7424E1DB881032DADCF0D964BB4
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/79/2879fb-629c-4abf-a35f-03afae688657/1/3x4tS9NitiuARQIdw1CxIOVTAmU.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/79/2879fb-629c-4abf-a35f-03afae688657/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 28 May 2025 13:24:25 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 62282
                          IP: 37.156.216.0/21
                          IP: 185.38.164.0/22
                          IP: 185.79.244.0/22
                          IP: 185.193.24.0/22
                          IP: 2a01:41a0::/32
Validation:               Failed, certificate revoked on Fri 06 Jun 2025 09:54:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:17:10:c7:42:4e:1d:b8:81:03:2d:ad:cf:0d:96:4b:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: May 28 13:24:25 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=df1e2d4bd362b62b8045021dc350b120e5530265
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:7e:26:7c:3c:22:87:bd:00:e8:56:db:7c:5e:
                    3b:54:67:67:81:7d:53:59:64:72:a1:1e:6e:de:5b:
                    c1:71:0e:00:93:4a:74:18:7a:78:92:01:8e:e9:2c:
                    f8:7b:36:65:64:45:4f:83:4e:c8:ed:08:56:45:e1:
                    b0:9a:05:4b:36:07:ad:96:d2:2c:7d:e0:74:d0:60:
                    56:e0:0f:1f:21:11:44:c5:b9:89:42:ab:cf:70:6c:
                    58:26:b3:3b:f9:74:b2:3a:e9:ae:6e:84:13:18:91:
                    d4:e0:3b:d4:e6:8b:6a:ed:d0:34:75:c4:40:34:ec:
                    90:d3:a6:6f:43:45:04:a2:47:18:27:31:00:b9:05:
                    9a:91:20:c9:f6:40:c3:0c:b2:dd:30:5f:cf:da:99:
                    da:48:6a:41:61:8d:66:e3:d4:26:0e:2a:b8:cb:13:
                    dc:fc:17:5f:bb:bf:b4:5c:f5:26:7a:7f:28:b6:86:
                    f2:ec:0a:a7:3f:d6:3d:eb:dd:02:c5:1d:91:cf:43:
                    6a:5d:73:16:40:8a:60:80:42:82:a4:75:27:fe:0f:
                    d4:03:cf:b0:81:9f:1a:d8:0c:9c:4e:65:75:f9:15:
                    5f:83:fd:9e:bc:d6:a3:b9:f8:c8:74:69:21:ed:03:
                    96:fd:1d:0a:81:87:5e:12:60:6b:b6:fc:98:87:45:
                    ee:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:1E:2D:4B:D3:62:B6:2B:80:45:02:1D:C3:50:B1:20:E5:53:02:65
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/2879fb-629c-4abf-a35f-03afae688657/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/2879fb-629c-4abf-a35f-03afae688657/1/3x4tS9NitiuARQIdw1CxIOVTAmU.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.156.216.0/21
                  185.38.164.0/22
                  185.79.244.0/22
                  185.193.24.0/22
                IPv6:
                  2a01:41a0::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  62282

    Signature Algorithm: sha256WithRSAEncryption
         a6:18:e4:5b:48:33:64:f4:4e:84:c4:48:7d:59:97:54:28:7b:
         8c:af:b5:91:ac:da:30:a2:64:31:c0:bf:14:e6:cd:66:2b:ae:
         de:70:f7:0e:26:8c:fd:70:45:6b:8e:34:16:05:01:3b:8d:cf:
         9c:a2:83:a9:b9:19:0a:76:09:cf:df:a3:9a:ac:33:51:18:ed:
         9a:ff:e9:c5:5c:83:ba:a2:48:aa:68:ae:df:3e:46:83:d6:61:
         f2:8b:2b:2f:78:16:c3:6c:2c:76:4a:82:d1:59:67:c6:1b:60:
         8b:fe:a4:db:82:41:16:c2:da:7a:8f:05:8f:0b:78:aa:09:b7:
         dd:86:c1:97:25:0d:5e:f8:6b:2d:df:25:7b:61:8d:46:66:c0:
         f0:22:48:fc:2c:67:f5:8f:e8:5c:9b:59:6b:bd:3d:ad:c5:e1:
         fc:59:ce:f5:28:64:0c:99:91:07:be:67:42:fa:eb:a6:d5:4b:
         f2:90:58:58:f0:56:4a:9c:02:de:58:64:99:73:52:0b:54:12:
         01:72:e3:0d:b2:42:78:cd:8e:6e:65:fa:39:62:b2:7e:4b:cd:
         14:b1:35:08:ca:1d:30:95:56:41:18:06:c3:16:44:9a:40:64:
         09:8a:51:94:04:6d:f6:b1:16:52:f6:5a:fd:08:94:3a:40:80:
         b6:f9:21:b4
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAZcXEMdCTh24gQMtrc8Nlku0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNTI4MTMyNDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjFlMmQ0YmQzNjJiNjJiODA0NTAyMWRjMzUwYjEyMGU1NTMwMjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzH4mfDwih70A6FbbfF47VGdngX1T
WWRyoR5u3lvBcQ4Ak0p0GHp4kgGO6Sz4ezZlZEVPg07I7QhWReGwmgVLNgetltIs
feB00GBW4A8fIRFExbmJQqvPcGxYJrM7+XSyOumuboQTGJHU4DvU5otq7dA0dcRA
NOyQ06ZvQ0UEokcYJzEAuQWakSDJ9kDDDLLdMF/P2pnaSGpBYY1m49QmDiq4yxPc
/Bdfu7+0XPUmen8otoby7AqnP9Y9690CxR2Rz0NqXXMWQIpggEKCpHUn/g/UA8+w
gZ8a2AycTmV1+RVfg/2evNajufjIdGkh7QOW/R0KgYdeEmBrtvyYh0XuCQIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFN8eLUvTYrYrgEUCHcNQsSDlUwJlMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc5LzI4Nzlm
Yi02MjljLTRhYmYtYTM1Zi0wM2FmYWU2ODg2NTcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkvMjg3OWZi
LTYyOWMtNGFiZi1hMzVmLTAzYWZhZTY4ODY1Ny8xLzN4NHRTOU5pdGl1QVJRSWR3
MUN4SU9WVEFtVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUF
BwEHAQH/BDEwLzAeBAIAATAYAwQDJZzYAwQCuSakAwQCuU/0AwQCucEYMA0EAgAC
MAcDBQAqAUGgMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwDzSjANBgkqhkiG9w0B
AQsFAAOCAQEAphjkW0gzZPROhMRIfVmXVCh7jK+1kazaMKJkMcC/FObNZiuu3nD3
DiaM/XBFa440FgUBO43PnKKDqbkZCnYJz9+jmqwzURjtmv/pxVyDuqJIqmiu3z5G
g9Zh8osrL3gWw2wsdkqC0Vlnxhtgi/6k24JBFsLaeo8Fjwt4qgm33YbBlyUNXvhr
Ld8le2GNRmbA8CJI/Cxn9Y/oXJtZa709rcXh/FnO9ShkDJmRB75nQvrrptVL8pBY
WPBWSpwC3lhkmXNSC1QSAXLjDbJCeM2ObmX6OWKyfkvNFLE1CModMJVWQRgGwxZE
mkBkCYpRlARt9rEWUvZa/QiUOkCAtvkhtA==
-----END CERTIFICATE-----