Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6Z0tvAE9H4QRZHpSi-Y0aC_0US4.cer
File:                     6Z0tvAE9H4QRZHpSi-Y0aC_0US4.cer (raw, json)
Hash identifier:          hAq0QrAWUpw6IKhZr/lNeG+3GAUs41gf5DxSsXBFZ+E=
Subject key identifier:   E9:9D:2D:BC:01:3D:1F:84:11:64:7A:52:8B:E6:34:68:2F:F4:51:2E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC34960131E749C4B2CB1D8CA5BCD2A09
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/e9/cf34fe-5260-47d3-9160-91c3e3a0ae16/1/6Z0tvAE9H4QRZHpSi-Y0aC_0US4.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/e9/cf34fe-5260-47d3-9160-91c3e3a0ae16/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:30:15 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 202200
                          IP: 2001:67c:4a8::/48

Validation:               Failed, certificate revoked on Mon 08 Apr 2024 09:21:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:60:13:1e:74:9c:4b:2c:b1:d8:ca:5b:cd:2a:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 04:30:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e99d2dbc013d1f8411647a528be634682ff4512e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:9f:31:c7:04:93:4f:25:f7:c1:ee:ed:dd:f6:
                    34:20:d3:b1:d5:93:06:a1:64:e5:73:68:f5:73:96:
                    8e:ba:11:1c:fa:f1:06:1d:e2:67:fe:c5:ca:6a:81:
                    f0:9f:b8:bd:a9:d5:9b:9a:4c:e2:5a:5a:32:c7:b9:
                    7e:1c:cd:b3:8e:c0:93:cf:5a:4b:f7:a0:86:80:1c:
                    5b:d7:20:73:7e:04:00:99:11:46:fc:b3:d9:cb:0a:
                    f3:89:15:c6:02:05:a1:04:22:53:dd:b5:f8:8b:ac:
                    9e:af:14:7d:49:b4:7d:ec:03:a4:86:ef:d1:7b:80:
                    fc:1b:36:2f:cc:71:e2:bc:82:31:19:87:bb:91:24:
                    8a:72:68:78:e5:36:92:c1:27:3d:72:14:c4:eb:ba:
                    11:03:f5:d7:2c:38:f6:e0:34:33:9c:29:df:0e:16:
                    62:37:60:3c:cd:2c:44:98:c2:9c:01:fa:b5:c1:7a:
                    fb:e1:ce:cd:2f:d0:4f:5a:51:62:aa:6e:4f:21:b3:
                    34:01:20:2f:4c:e5:41:88:f4:2e:cb:e7:7b:84:03:
                    6b:27:05:dd:20:2f:14:9f:64:39:28:cb:5a:17:d5:
                    9b:5b:be:e0:44:14:4d:ed:78:ff:c6:31:de:92:d4:
                    ef:9b:7d:52:87:cf:a5:83:4d:da:7e:fc:fb:3c:51:
                    ff:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:9D:2D:BC:01:3D:1F:84:11:64:7A:52:8B:E6:34:68:2F:F4:51:2E
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/cf34fe-5260-47d3-9160-91c3e3a0ae16/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/cf34fe-5260-47d3-9160-91c3e3a0ae16/1/6Z0tvAE9H4QRZHpSi-Y0aC_0US4.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:4a8::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  202200

    Signature Algorithm: sha256WithRSAEncryption
         b0:9b:93:6a:66:26:0f:25:4d:ac:84:ed:f0:34:8f:48:49:e3:
         9c:8e:62:a9:ae:6e:e1:34:32:e6:06:a8:84:b2:cb:46:78:bf:
         89:7a:a4:a7:3b:5f:37:20:88:c1:cf:07:dd:c5:11:86:67:be:
         99:d4:bc:d9:37:1e:6e:aa:91:5b:85:26:3c:f4:42:35:ce:8c:
         3a:da:a7:5d:85:ba:7b:1b:b5:bd:66:76:a4:60:79:5f:0a:54:
         87:ee:95:8c:5f:fb:fb:dd:c8:31:9d:7c:5d:f6:c7:6d:07:b6:
         c8:4f:6c:b5:6f:92:2f:09:5d:a4:fc:f3:e3:45:73:54:e8:22:
         30:22:c3:a4:b1:0d:e6:42:0a:68:e6:f0:e2:82:66:c7:ea:06:
         79:9f:87:e5:54:79:eb:01:ce:9c:72:89:7d:73:2e:da:b0:60:
         7a:b0:86:df:00:86:a6:ce:00:90:c0:2b:57:6b:b6:c4:d8:ea:
         95:87:49:96:6f:23:f9:cf:e0:77:e1:cc:4b:32:15:60:16:be:
         cd:e8:4f:90:7d:ea:5b:d3:60:69:5a:b0:fb:23:dd:ca:2a:43:
         eb:f7:c8:b9:85:57:22:80:d0:e7:9a:c6:a2:0e:e5:4d:8c:a3:
         18:f5:56:6e:5d:4f:fa:e1:21:c3:d1:24:0b:c2:fe:b8:ad:d0:
         ef:df:21:e5
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAYzDSWATHnScSyyx2MpbzSoJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTlkMmRiYzAxM2QxZjg0MTE2NDdhNTI4YmU2MzQ2ODJmZjQ1MTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJ8xxwSTTyX3we7t3fY0INOx1ZMG
oWTlc2j1c5aOuhEc+vEGHeJn/sXKaoHwn7i9qdWbmkziWloyx7l+HM2zjsCTz1pL
96CGgBxb1yBzfgQAmRFG/LPZywrziRXGAgWhBCJT3bX4i6yerxR9SbR97AOkhu/R
e4D8GzYvzHHivIIxGYe7kSSKcmh45TaSwSc9chTE67oRA/XXLDj24DQznCnfDhZi
N2A8zSxEmMKcAfq1wXr74c7NL9BPWlFiqm5PIbM0ASAvTOVBiPQuy+d7hANrJwXd
IC8Un2Q5KMtaF9WbW77gRBRN7Xj/xjHektTvm31Sh8+lg03afvz7PFH/PQIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFOmdLbwBPR+EEWR6UovmNGgv9FEuMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2U5L2NmMzRm
ZS01MjYwLTQ3ZDMtOTE2MC05MWMzZTNhMGFlMTYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkvY2YzNGZl
LTUyNjAtNDdkMy05MTYwLTkxYzNlM2EwYWUxNi8xLzZaMHR2QUU5SDRRUlpIcFNp
LVkwYUNfMFVTNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfASoMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMV2DANBgkqhkiG9w0BAQsFAAOCAQEAsJuTamYmDyVNrITt8DSPSEnjnI5i
qa5u4TQy5gaohLLLRni/iXqkpztfNyCIwc8H3cURhme+mdS82TcebqqRW4UmPPRC
Nc6MOtqnXYW6exu1vWZ2pGB5XwpUh+6VjF/7+93IMZ18XfbHbQe2yE9stW+SLwld
pPzz40VzVOgiMCLDpLEN5kIKaObw4oJmx+oGeZ+H5VR56wHOnHKJfXMu2rBgerCG
3wCGps4AkMArV2u2xNjqlYdJlm8j+c/gd+HMSzIVYBa+zehPkH3qW9NgaVqw+yPd
yipD6/fIuYVXIoDQ55rGog7lTYyjGPVWbl1P+uEhw9EkC8L+uK3Q798h5Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:41 2024 by rpki-client on console-fra.rpki-client.org