Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8hbxg4mg4ew7bAr56xbcor-_rG4.cer
File:                     8hbxg4mg4ew7bAr56xbcor-_rG4.cer (raw, json)
Hash identifier:          t86wcGem6RdA75NzUIC6+yH4qaxYDNpkojuAxIOLj8o=
Subject key identifier:   F2:16:F1:83:89:A0:E1:EC:3B:6C:0A:F9:EB:16:DC:A2:BF:BF:AC:6E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018EF5A5C02BDEC2A761A77ED795F4E35357
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/6f/cf8818-0b7e-40b6-bcee-fe372afd3bc3/1/8hbxg4mg4ew7bAr56xbcor-_rG4.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/6f/cf8818-0b7e-40b6-bcee-fe372afd3bc3/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 19 Apr 2024 09:17:44 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 2121
                          IP: 193.0.24.0/21
                          IP: 2001:67c:64::/48
Validation:               Failed, certificate revoked on Fri 19 Apr 2024 13:35:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:f5:a5:c0:2b:de:c2:a7:61:a7:7e:d7:95:f4:e3:53:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Apr 19 09:17:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f216f18389a0e1ec3b6c0af9eb16dca2bfbfac6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:db:22:52:c0:a1:ec:87:15:18:c2:3e:b1:2c:
                    d8:d5:ca:f7:82:e7:4b:b2:e8:23:a7:33:ec:ee:51:
                    d8:7b:dd:bd:e6:20:8a:1c:1c:14:c8:60:d6:a3:f7:
                    81:52:fe:0e:b9:dc:be:58:2b:72:22:b6:89:ee:be:
                    c8:51:c1:3c:ed:91:aa:98:3b:35:97:6d:74:18:e7:
                    d2:57:a8:c4:40:31:33:5f:48:6f:9e:bf:69:dc:37:
                    a7:a3:fe:3c:0b:3f:8e:54:57:6e:de:7c:dd:7f:e9:
                    ab:e1:3f:78:c2:21:96:a4:45:dc:b7:10:e6:4a:a8:
                    3b:96:1d:88:28:3b:77:de:a0:07:cc:34:cf:d1:d2:
                    7f:79:59:ca:0f:13:b1:ec:06:a9:b0:46:a0:ea:a2:
                    77:0c:f8:a7:e8:a0:79:12:ff:bd:7e:31:01:04:96:
                    f1:58:89:82:78:61:f0:a1:ef:44:b2:60:5e:b3:5c:
                    6f:06:83:b1:06:5f:75:b1:c6:64:a4:d1:a6:8c:fb:
                    f9:54:aa:b5:a0:01:63:51:72:96:91:08:90:89:ae:
                    a2:a8:8f:a0:6d:de:b0:ee:c7:cf:40:dc:45:3e:ba:
                    a9:f5:f0:32:5d:81:09:d0:68:5a:12:3a:6e:67:5e:
                    c4:d0:8b:fa:72:10:12:aa:6d:f2:04:85:4a:4a:0f:
                    10:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:16:F1:83:89:A0:E1:EC:3B:6C:0A:F9:EB:16:DC:A2:BF:BF:AC:6E
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/cf8818-0b7e-40b6-bcee-fe372afd3bc3/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/cf8818-0b7e-40b6-bcee-fe372afd3bc3/1/8hbxg4mg4ew7bAr56xbcor-_rG4.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  2121

    Signature Algorithm: sha256WithRSAEncryption
         5d:fd:85:27:73:40:04:92:ad:b4:f8:31:eb:36:40:07:2e:4a:
         cd:48:aa:b8:e1:2e:c8:e9:b6:6a:5c:ac:6f:99:3b:fb:10:4f:
         22:97:d4:2f:35:f7:2e:dc:cc:2e:d0:7c:34:0d:9d:24:13:72:
         8a:68:31:30:7e:31:30:b5:c8:f2:28:7a:dd:92:8a:08:05:36:
         6b:d5:95:a2:41:78:30:6d:7d:f6:fb:23:b3:af:d8:51:28:54:
         02:ac:50:52:0c:83:f1:d3:e9:8d:aa:0d:07:74:f1:0f:da:97:
         bb:8f:aa:52:96:86:07:e9:61:48:19:9b:8c:01:e8:26:3c:6b:
         3d:76:cb:52:74:10:a6:20:a2:58:7f:84:a6:25:61:dc:c2:7b:
         20:57:ee:66:ee:e1:0d:85:09:a3:9a:e8:65:7a:1a:eb:d5:8c:
         6c:9d:a4:13:02:9b:57:13:55:a8:74:cc:0b:94:62:16:d1:69:
         57:ac:7a:3b:ac:18:2b:ed:38:ba:1f:dd:2a:da:d3:53:2a:68:
         fd:1f:59:cf:fc:ab:fc:8f:ba:7a:ed:42:e2:42:70:1a:2f:1b:
         fb:83:93:67:6a:62:96:59:49:d7:4d:37:36:5a:f0:9d:99:16:
         f3:43:c1:b1:53:ea:50:54:ba:d2:f0:1a:55:1b:1b:04:7c:6f:
         1e:eb:ae:97
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAY71pcAr3sKnYad+15X041NXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNDE5MDkxNzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjE2ZjE4Mzg5YTBlMWVjM2I2YzBhZjllYjE2ZGNhMmJmYmZhYzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNsiUsCh7IcVGMI+sSzY1cr3gudL
sugjpzPs7lHYe9295iCKHBwUyGDWo/eBUv4Oudy+WCtyIraJ7r7IUcE87ZGqmDs1
l210GOfSV6jEQDEzX0hvnr9p3Deno/48Cz+OVFdu3nzdf+mr4T94wiGWpEXctxDm
Sqg7lh2IKDt33qAHzDTP0dJ/eVnKDxOx7AapsEag6qJ3DPin6KB5Ev+9fjEBBJbx
WImCeGHwoe9EsmBes1xvBoOxBl91scZkpNGmjPv5VKq1oAFjUXKWkQiQia6iqI+g
bd6w7sfPQNxFPrqp9fAyXYEJ0GhaEjpuZ17E0Iv6chASqm3yBIVKSg8QjQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFPIW8YOJoOHsO2wK+esW3KK/v6xuMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZmL2NmODgx
OC0wYjdlLTQwYjYtYmNlZS1mZTM3MmFmZDNiYzMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmYvY2Y4ODE4
LTBiN2UtNDBiNi1iY2VlLWZlMzcyYWZkM2JjMy8xLzhoYnhnNG1nNGV3N2JBcjU2
eGJjb3ItX3JHNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUF
BwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8EAgACMAkDBwAgAQZ8AGQwGQYIKwYB
BQUHAQgBAf8ECjAIoAYwBAICCEkwDQYJKoZIhvcNAQELBQADggEBAF39hSdzQASS
rbT4Mes2QAcuSs1IqrjhLsjptmpcrG+ZO/sQTyKX1C819y7czC7QfDQNnSQTcopo
MTB+MTC1yPIoet2SiggFNmvVlaJBeDBtffb7I7Ov2FEoVAKsUFIMg/HT6Y2qDQd0
8Q/al7uPqlKWhgfpYUgZm4wB6CY8az12y1J0EKYgolh/hKYlYdzCeyBX7mbu4Q2F
CaOa6GV6GuvVjGydpBMCm1cTVah0zAuUYhbRaVesejusGCvtOLof3Sra01MqaP0f
Wc/8q/yPunrtQuJCcBovG/uDk2dqYpZZSddNNzZa8J2ZFvNDwbFT6lBUutLwGlUb
GwR8bx7rrpc=
-----END CERTIFICATE-----