Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9lCFQ2i9OqC-5Jv37cAxG5DfNxc.cer
File:                     9lCFQ2i9OqC-5Jv37cAxG5DfNxc.cer (raw, json)
Hash identifier:          5XaUNwY93uuxEvB7m2TLEmD+2MyWmBx/+lMsd6neNEs=
Subject key identifier:   F6:50:85:43:68:BD:3A:A0:BE:E4:9B:F7:ED:C0:31:1B:90:DF:37:17
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC492BE738E8FCBB76731E85817CB6C32
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/d8/c86177-714a-487e-8985-cbe95139b9a6/1/9lCFQ2i9OqC-5Jv37cAxG5DfNxc.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/d8/c86177-714a-487e-8985-cbe95139b9a6/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 10:30:00 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 56617
                          IP: 185.65.71.0/24
                          IP: 2a0d:46c0::/32

Validation:               Failed, certificate revoked on Fri 02 Feb 2024 10:45:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:92:be:73:8e:8f:cb:b7:67:31:e8:58:17:cb:6c:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 10:30:00 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f650854368bd3aa0bee49bf7edc0311b90df3717
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:c4:f7:4f:82:3e:f2:81:ee:1e:e2:c8:2b:ee:
                    f7:0d:1d:75:09:c0:b9:3d:63:5c:39:6b:15:4a:99:
                    3d:36:db:ea:97:76:03:92:1b:f5:f8:3f:e7:40:79:
                    e9:b6:44:ae:0c:50:bd:0e:59:77:25:d1:72:e2:c4:
                    3c:51:74:39:9d:4b:21:6a:66:0c:c8:e9:16:9d:c8:
                    0a:f7:93:97:08:24:58:e8:b9:f8:8b:4c:c0:db:fe:
                    35:aa:4c:69:2e:53:e1:21:96:34:26:db:28:bc:0b:
                    67:9a:44:79:58:ce:87:4c:fb:b0:6c:e3:a0:1e:f6:
                    a2:62:58:97:b7:72:6f:4f:b9:d7:ec:a0:a6:cf:d0:
                    48:8e:8c:f6:c9:f9:f2:68:55:75:c9:93:5d:07:0e:
                    2b:a5:b9:b8:fe:1e:d7:3b:d9:ef:02:46:35:06:69:
                    7e:bf:ee:8f:38:ab:c5:34:6f:db:f6:51:bc:99:96:
                    8e:ed:8b:a4:b8:77:1c:49:a3:56:06:6f:e0:9b:d6:
                    a0:29:90:f7:d9:82:ac:78:6c:46:19:dd:2d:32:5f:
                    df:9f:44:e3:9b:76:d2:de:8f:67:fc:68:e1:1a:ee:
                    cc:ef:bc:2f:9a:8a:15:12:c0:5a:ab:0e:3e:c8:aa:
                    7b:a1:8f:ab:7f:44:c2:38:6d:20:6c:f5:7d:03:64:
                    5d:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:50:85:43:68:BD:3A:A0:BE:E4:9B:F7:ED:C0:31:1B:90:DF:37:17
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/c86177-714a-487e-8985-cbe95139b9a6/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/c86177-714a-487e-8985-cbe95139b9a6/1/9lCFQ2i9OqC-5Jv37cAxG5DfNxc.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.65.71.0/24
                IPv6:
                  2a0d:46c0::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  56617

    Signature Algorithm: sha256WithRSAEncryption
         63:10:d1:13:b8:81:b8:74:f4:7d:57:85:1b:19:b9:7d:7d:7f:
         11:17:64:1d:29:d2:e6:16:d9:d0:a3:90:59:dc:d1:1c:dd:8f:
         7a:2c:07:f4:e4:ee:9a:1d:45:05:ec:be:80:dc:41:fc:e0:78:
         ec:fd:55:4b:ef:01:db:25:62:2f:e0:58:e3:68:6e:d3:2b:9a:
         e5:76:7f:66:74:4b:e8:c3:5d:86:63:91:e0:fc:ac:1f:04:71:
         fd:88:d0:6e:6a:c4:95:ef:82:c4:89:d7:21:18:02:b6:c1:e4:
         a9:66:0d:01:a9:22:e5:d5:73:87:9d:14:b7:5d:4c:63:2e:87:
         0d:3c:17:9b:c0:a8:d7:03:6c:c5:de:9f:66:3e:da:93:fe:4e:
         72:c0:ae:0c:d0:2b:79:0e:87:c9:70:db:c8:68:79:68:ad:6b:
         b1:c4:c3:be:ec:9e:51:28:b0:a7:85:c6:1c:16:81:f8:7c:f6:
         c2:15:a0:ac:f4:05:de:92:ba:dc:f7:d9:9b:85:f4:d9:7f:6b:
         66:f6:b5:8a:e4:94:5d:25:03:33:2f:f3:f7:fd:12:a8:40:2d:
         3c:48:0c:28:00:86:94:44:88:2e:c2:3e:6a:57:63:ae:c6:2b:
         c7:b3:a6:e2:77:0e:7b:aa:29:89:2f:50:e8:76:2d:e2:b4:88:
         90:71:0b:a8
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzEkr5zjo/Lt2cx6FgXy2wyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTAzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjUwODU0MzY4YmQzYWEwYmVlNDliZjdlZGMwMzExYjkwZGYzNzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMT3T4I+8oHuHuLIK+73DR11CcC5
PWNcOWsVSpk9Ntvql3YDkhv1+D/nQHnptkSuDFC9Dll3JdFy4sQ8UXQ5nUshamYM
yOkWncgK95OXCCRY6Ln4i0zA2/41qkxpLlPhIZY0JtsovAtnmkR5WM6HTPuwbOOg
HvaiYliXt3JvT7nX7KCmz9BIjoz2yfnyaFV1yZNdBw4rpbm4/h7XO9nvAkY1Bml+
v+6POKvFNG/b9lG8mZaO7YukuHccSaNWBm/gm9agKZD32YKseGxGGd0tMl/fn0Tj
m3bS3o9n/GjhGu7M77wvmooVEsBaqw4+yKp7oY+rf0TCOG0gbPV9A2RdKQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFPZQhUNovTqgvuSb9+3AMRuQ3zcXMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q4L2M4NjE3
Ny03MTRhLTQ4N2UtODk4NS1jYmU5NTEzOWI5YTYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgvYzg2MTc3
LTcxNGEtNDg3ZS04OTg1LWNiZTk1MTM5YjlhNi8xLzlsQ0ZRMmk5T3FDLTVKdjM3
Y0F4RzVEZk54Yy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAuUFHMA0EAgACMAcDBQAqDUbAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDdKTANBgkqhkiG9w0BAQsFAAOCAQEAYxDRE7iBuHT0
fVeFGxm5fX1/ERdkHSnS5hbZ0KOQWdzRHN2PeiwH9OTumh1FBey+gNxB/OB47P1V
S+8B2yViL+BY42hu0yua5XZ/ZnRL6MNdhmOR4PysHwRx/YjQbmrEle+CxInXIRgC
tsHkqWYNAaki5dVzh50Ut11MYy6HDTwXm8Co1wNsxd6fZj7ak/5OcsCuDNAreQ6H
yXDbyGh5aK1rscTDvuyeUSiwp4XGHBaB+Hz2whWgrPQF3pK63PfZm4X02X9rZva1
iuSUXSUDMy/z9/0SqEAtPEgMKACGlESILsI+aldjrsYrx7Om4ncOe6opiS9Q6HYt
4rSIkHELqA==
-----END CERTIFICATE-----
Generated at Fri Feb 2 14:46:19 2024 by rpki-client on console-fra.rpki-client.org