Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8cSYM_Q5ueBnfY078fUt-_ssYk8.cer
File:                     8cSYM_Q5ueBnfY078fUt-_ssYk8.cer (raw, json)
Hash identifier:          7syenwkefOBSFscRUjubKwkM9x9r/1NGhFa9uwYzcz8=
Subject key identifier:   F1:C4:98:33:F4:39:B9:E0:67:7D:8D:3B:F1:F5:2D:FB:FB:2C:62:4F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7B36739CD79F1097000F7ABC885C1ABF
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/81/3ae379-79e1-46ab-b04d-0f0fa6b6e4bd/1/8cSYM_Q5ueBnfY078fUt-_ssYk8.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/81/3ae379-79e1-46ab-b04d-0f0fa6b6e4bd/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 20:18:44 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 31097
                          IP: 194.11.206.0 -- 194.11.213.255
Validation:               Failed, certificate revoked on Wed 14 Jan 2026 10:16:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:36:73:9c:d7:9f:10:97:00:0f:7a:bc:88:5c:1a:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 20:18:44 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=f1c49833f439b9e0677d8d3bf1f52dfbfb2c624f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:18:24:41:ea:41:c0:fd:15:ee:5c:ad:e0:52:
                    7b:eb:bf:ce:a8:53:1c:5e:7f:40:fb:84:5c:df:7d:
                    48:68:35:8f:3e:19:fb:4e:92:30:14:7a:6f:92:69:
                    71:ed:d9:19:0e:15:52:86:09:51:6a:5b:7e:12:6b:
                    d5:e6:2f:d7:81:79:ba:bf:dc:0d:20:a7:9e:b1:73:
                    8d:1e:f2:be:76:75:c9:42:20:d6:aa:fd:a7:db:f1:
                    e9:47:e2:75:9d:bc:03:75:b3:41:dd:3b:46:a9:e7:
                    3d:4c:f0:97:6f:ff:30:27:fe:81:8c:e6:4d:e7:5a:
                    50:00:f8:69:20:11:4b:7c:a5:61:b6:75:3f:c9:e8:
                    17:64:c1:53:18:88:09:60:8d:cd:e0:b0:2e:a5:00:
                    12:3e:a6:d5:ef:73:72:eb:fa:dd:a2:0d:17:22:19:
                    89:95:a8:68:5a:ed:3a:6e:8f:c7:94:29:c3:71:49:
                    53:a9:cf:f1:96:d4:ad:43:f0:12:7b:4f:81:fe:a0:
                    c6:b4:97:75:01:26:3a:9d:a7:c7:a6:aa:1e:31:36:
                    68:7b:6e:df:5b:c9:62:78:e4:c1:5e:59:1d:31:ed:
                    b6:4b:ad:5f:f7:09:77:28:73:1d:82:b2:db:40:04:
                    78:64:1d:30:0f:1a:0c:56:75:dd:7d:93:c7:e8:fd:
                    f0:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:C4:98:33:F4:39:B9:E0:67:7D:8D:3B:F1:F5:2D:FB:FB:2C:62:4F
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/3ae379-79e1-46ab-b04d-0f0fa6b6e4bd/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/3ae379-79e1-46ab-b04d-0f0fa6b6e4bd/1/8cSYM_Q5ueBnfY078fUt-_ssYk8.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.11.206.0-194.11.213.255

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  31097

    Signature Algorithm: sha256WithRSAEncryption
         2e:61:9f:51:ee:b9:dd:a3:2f:06:44:7b:00:f5:89:a0:97:6e:
         0f:ff:46:2c:2d:3a:7b:79:6a:05:a2:e5:73:c3:42:64:57:06:
         a6:72:20:c6:16:69:cc:4f:b6:ee:fc:3e:b4:15:c3:6b:96:5d:
         aa:8e:27:ae:0c:9d:ea:a8:a4:43:ba:b4:96:f5:59:95:d8:d2:
         19:6f:1b:37:46:d7:af:93:e8:55:2a:04:d5:81:68:39:78:6a:
         59:9a:66:ff:fd:1f:e8:a3:d4:e7:f3:13:a6:12:58:8e:f2:ba:
         9d:c3:c7:7a:05:e1:13:7e:f7:ba:91:5a:6d:a7:3b:72:33:97:
         e4:61:a1:4e:fe:5b:dc:8b:6b:c1:b5:fe:0f:21:86:f8:14:5f:
         31:4f:32:5c:19:b1:63:1b:b6:ab:03:b5:c1:fa:8a:d2:6f:5d:
         4e:99:06:03:1c:8c:ae:b1:ab:f5:16:b9:a1:6a:4d:73:ac:08:
         e0:07:47:b5:a4:c0:f2:30:e5:20:50:81:4f:0f:46:c1:35:9f:
         f6:1d:75:c6:ff:79:56:e2:57:29:87:c5:24:b2:89:fe:fb:65:
         14:16:5a:63:92:7a:1f:9a:fe:fb:4d:f8:6f:64:d8:ec:16:ba:
         ff:eb:9a:3b:08:21:3e:fc:4a:88:8e:3f:27:10:9d:af:97:22:
         2d:18:2e:a4
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAZt7NnOc158QlwAPeryIXBq/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMjAxODQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWM0OTgzM2Y0MzliOWUwNjc3ZDhkM2JmMWY1MmRmYmZiMmM2MjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRgkQepBwP0V7lyt4FJ767/OqFMc
Xn9A+4Rc331IaDWPPhn7TpIwFHpvkmlx7dkZDhVShglRalt+EmvV5i/XgXm6v9wN
IKeesXONHvK+dnXJQiDWqv2n2/HpR+J1nbwDdbNB3TtGqec9TPCXb/8wJ/6BjOZN
51pQAPhpIBFLfKVhtnU/yegXZMFTGIgJYI3N4LAupQASPqbV73Ny6/rdog0XIhmJ
lahoWu06bo/HlCnDcUlTqc/xltStQ/ASe0+B/qDGtJd1ASY6nafHpqoeMTZoe27f
W8lieOTBXlkdMe22S61f9wl3KHMdgrLbQAR4ZB0wDxoMVnXdfZPH6P3w5wIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFPHEmDP0ObngZ32NO/H1Lfv7LGJPMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgxLzNhZTM3
OS03OWUxLTQ2YWItYjA0ZC0wZjBmYTZiNmU0YmQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEvM2FlMzc5
LTc5ZTEtNDZhYi1iMDRkLTBmMGZhNmI2ZTRiZC8xLzhjU1lNX1E1dWVCbmZZMDc4
ZlV0LV9zc1lrOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCcGCCsGAQUF
BwEHAQH/BBgwFjAUBAIAATAOMAwDBAHCC84DBAHCC9QwGQYIKwYBBQUHAQgBAf8E
CjAIoAYwBAICeXkwDQYJKoZIhvcNAQELBQADggEBAC5hn1Huud2jLwZEewD1iaCX
bg//RiwtOnt5agWi5XPDQmRXBqZyIMYWacxPtu78PrQVw2uWXaqOJ64MneqopEO6
tJb1WZXY0hlvGzdG16+T6FUqBNWBaDl4almaZv/9H+ij1OfzE6YSWI7yup3Dx3oF
4RN+97qRWm2nO3Izl+RhoU7+W9yLa8G1/g8hhvgUXzFPMlwZsWMbtqsDtcH6itJv
XU6ZBgMcjK6xq/UWuaFqTXOsCOAHR7WkwPIw5SBQgU8PRsE1n/Yddcb/eVbiVymH
xSSyif77ZRQWWmOSeh+a/vtN+G9k2OwWuv/rmjsIIT78SoiOPycQna+XIi0YLqQ=
-----END CERTIFICATE-----