Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/B6B4R98MIWSYj-DuOeTdB9hZgKo.cer
File:                     B6B4R98MIWSYj-DuOeTdB9hZgKo.cer (raw, json)
Hash identifier:          FQWqIyENsXvoxyE9W0yGg8XexOt4ebcw6m8Fp6nprw8=
Subject key identifier:   07:A0:78:47:DF:0C:21:64:98:8F:E0:EE:39:E4:DD:07:D8:59:80:AA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019420D5B36A4B879E2461DD3E6CF49C1A17
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki-repo.as207960.net/repo/rpki_ca_b3da5785f0c841ac8dd815b7354623df/1/07A07847DF0C2164988FE0EE39E4DD07D85980AA.mft
caRepository:             rsync://rpki-repo.as207960.net/repo/rpki_ca_b3da5785f0c841ac8dd815b7354623df/1/
Notify URL:               https://rpki.as207960.net/rrdp/notification.xml
Certificate not before:   Wed 01 Jan 2025 07:47:43 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 202076
                          IP: 185.0.2.0/24
                          IP: 2001:7f8:137::/48
Validation:               Failed, certificate revoked on Thu 16 Jan 2025 10:34:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:20:d5:b3:6a:4b:87:9e:24:61:dd:3e:6c:f4:9c:1a:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 07:47:43 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=07a07847df0c2164988fe0ee39e4dd07d85980aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:40:e1:fc:79:23:36:06:be:66:e0:78:ae:88:
                    90:15:95:27:f7:11:26:d8:6c:59:78:8d:c7:ba:dc:
                    66:d5:f6:dd:91:b5:46:2b:9b:c4:8e:54:7f:32:c5:
                    f7:74:6d:13:45:e2:e7:a2:4e:cc:31:56:73:c1:c4:
                    5c:00:97:77:53:1f:f8:42:be:f4:8e:c9:71:ad:cf:
                    ab:3c:73:a5:20:14:68:e3:80:a0:69:3c:b6:e0:59:
                    4e:c5:02:ba:62:8f:e0:5f:1c:14:58:0d:a2:db:7c:
                    57:89:0f:04:f5:24:1e:e2:4d:12:d4:7a:95:be:68:
                    43:b2:21:b6:f2:57:d0:16:3b:2d:4c:93:03:30:51:
                    61:ca:81:71:b1:99:ee:cd:19:bb:f1:4d:69:84:af:
                    c7:33:82:4c:57:16:e5:15:c4:8c:a5:64:16:10:5f:
                    b7:89:70:9d:31:3b:9c:c1:7c:fd:e4:d4:63:4c:d1:
                    6f:03:4d:4d:51:d4:36:e8:95:98:7a:37:70:fb:b9:
                    f1:5e:55:ab:b8:ff:af:94:51:9b:7d:82:f1:81:c8:
                    7b:cc:64:a0:63:f4:ea:c4:4a:46:7d:04:e5:1e:19:
                    31:6a:07:a1:b3:9f:64:1a:5e:8f:97:6e:04:85:f6:
                    e4:bf:cf:40:9e:2c:06:be:d4:8d:21:26:3e:5f:ef:
                    40:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:A0:78:47:DF:0C:21:64:98:8F:E0:EE:39:E4:DD:07:D8:59:80:AA
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki-repo.as207960.net/repo/rpki_ca_b3da5785f0c841ac8dd815b7354623df/1/
                RPKI Manifest - URI:rsync://rpki-repo.as207960.net/repo/rpki_ca_b3da5785f0c841ac8dd815b7354623df/1/07A07847DF0C2164988FE0EE39E4DD07D85980AA.mft
                RPKI Notify - URI:https://rpki.as207960.net/rrdp/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.0.2.0/24
                IPv6:
                  2001:7f8:137::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  202076

    Signature Algorithm: sha256WithRSAEncryption
         13:ef:e3:d7:3a:56:5a:56:45:8e:48:0f:e2:bb:ac:01:44:8c:
         8f:96:8d:30:f0:cc:4a:70:19:8f:ec:23:8d:f9:dc:ba:ab:32:
         6a:5a:8f:df:df:62:b2:37:fa:76:2b:81:cc:68:e5:d0:dd:52:
         3b:06:78:bb:f7:2b:40:78:20:c1:8c:2d:cc:e2:e4:6d:8e:7d:
         c9:8e:a0:18:99:8c:22:33:c7:e5:9e:4f:6b:d6:fa:4f:67:c7:
         eb:42:cc:5f:13:45:cb:4e:11:76:8b:46:3b:7f:8a:a9:bd:ab:
         3a:73:17:18:5c:5d:57:55:48:0f:46:78:07:92:60:77:b3:57:
         46:fa:79:36:5a:8c:96:19:24:e0:be:a3:d9:26:04:03:67:c1:
         3d:41:a5:2e:37:49:5a:e4:bc:62:95:d9:88:40:19:85:b8:a9:
         8b:74:29:16:89:43:c0:85:46:c2:cf:d5:6e:09:e6:ee:ea:0d:
         49:ba:ad:b0:44:07:59:c3:ce:a0:55:89:1a:a3:78:25:31:d9:
         4d:69:33:78:10:63:af:2a:c8:51:c1:38:93:57:72:d9:36:37:
         65:5c:96:ec:43:7b:97:45:68:96:d5:25:99:21:39:03:e2:cc:
         a4:27:4c:c9:92:86:b7:65:b3:3e:43:40:22:f4:64:cd:23:d7:
         77:66:8e:34
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAZQg1bNqS4eeJGHdPmz0nBoXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDc0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2EwNzg0N2RmMGMyMTY0OTg4ZmUwZWUzOWU0ZGQwN2Q4NTk4MGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokDh/HkjNga+ZuB4roiQFZUn9xEm
2GxZeI3Hutxm1fbdkbVGK5vEjlR/MsX3dG0TReLnok7MMVZzwcRcAJd3Ux/4Qr70
jslxrc+rPHOlIBRo44CgaTy24FlOxQK6Yo/gXxwUWA2i23xXiQ8E9SQe4k0S1HqV
vmhDsiG28lfQFjstTJMDMFFhyoFxsZnuzRm78U1phK/HM4JMVxblFcSMpWQWEF+3
iXCdMTucwXz95NRjTNFvA01NUdQ26JWYejdw+7nxXlWruP+vlFGbfYLxgch7zGSg
Y/TqxEpGfQTlHhkxagehs59kGl6Pl24Ehfbkv89AniwGvtSNISY+X+9APQIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFAegeEffDCFkmI/g7jnk3QfYWYCqMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE2BggrBgEFBQcBCwSCASgwggEkMFsGCCsGAQUFBzAFhk9y
c3luYzovL3Jwa2ktcmVwby5hczIwNzk2MC5uZXQvcmVwby9ycGtpX2NhX2IzZGE1
Nzg1ZjBjODQxYWM4ZGQ4MTViNzM1NDYyM2RmLzEvMIGHBggrBgEFBQcwCoZ7cnN5
bmM6Ly9ycGtpLXJlcG8uYXMyMDc5NjAubmV0L3JlcG8vcnBraV9jYV9iM2RhNTc4
NWYwYzg0MWFjOGRkODE1YjczNTQ2MjNkZi8xLzA3QTA3ODQ3REYwQzIxNjQ5ODhG
RTBFRTM5RTRERDA3RDg1OTgwQUEubWZ0MDsGCCsGAQUFBzANhi9odHRwczovL3Jw
a2kuYXMyMDc5NjAubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQ
ME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEALkAAjAPBAIA
AjAJAwcAIAEH+AE3MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMVXDANBgkqhkiG
9w0BAQsFAAOCAQEAE+/j1zpWWlZFjkgP4rusAUSMj5aNMPDMSnAZj+wjjfncuqsy
alqP399isjf6diuBzGjl0N1SOwZ4u/crQHggwYwtzOLkbY59yY6gGJmMIjPH5Z5P
a9b6T2fH60LMXxNFy04RdotGO3+Kqb2rOnMXGFxdV1VID0Z4B5Jgd7NXRvp5NlqM
lhkk4L6j2SYEA2fBPUGlLjdJWuS8YpXZiEAZhbipi3QpFolDwIVGws/Vbgnm7uoN
SbqtsEQHWcPOoFWJGqN4JTHZTWkzeBBjryrIUcE4k1dy2TY3ZVyW7EN7l0VoltUl
mSE5A+LMpCdMyZKGt2WzPkNAIvRkzSPXd2aONA==
-----END CERTIFICATE-----