Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/B9NivdfKboDiwkRDdZe9R-96T94.cer
File:                     B9NivdfKboDiwkRDdZe9R-96T94.cer (raw, json)
Hash identifier:          vfF+P4F9BHovpKA7qy7EO5yFoFDrlC8qYA3Ttjv6jsE=
Subject key identifier:   07:D3:62:BD:D7:CA:6E:80:E2:C2:44:43:75:97:BD:47:EF:7A:4F:DE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018E15D3D4E48B61F182597ACF77C5588155
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/21a797f9-3c10-4536-aa64-09ca2d9545c8/0/07D362BDD7CA6E80E2C244437597BD47EF7A4FDE.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/21a797f9-3c10-4536-aa64-09ca2d9545c8/0/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Wed 06 Mar 2024 22:13:07 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 43607
                          AS: 215569
                          IP: 193.17.2.0/24
                          IP: 2a07:2480::/29

Validation:               Failed, certificate revoked on Thu 18 Jul 2024 10:18:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:15:d3:d4:e4:8b:61:f1:82:59:7a:cf:77:c5:58:81:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Mar  6 22:13:07 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=07d362bdd7ca6e80e2c244437597bd47ef7a4fde
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:f9:a1:71:19:d5:ab:37:dc:3a:47:f2:d8:df:
                    ae:e7:0e:59:b9:3d:79:b2:d5:1c:a6:43:dc:35:ca:
                    ba:30:82:aa:75:71:cd:11:03:59:ce:97:f3:25:91:
                    6e:2a:4a:21:22:a0:be:93:6e:57:f8:c1:e1:10:2c:
                    ad:19:54:4d:17:7a:fe:42:2b:25:bb:34:48:93:dd:
                    fa:f5:60:7e:85:75:93:54:6d:77:ec:ea:1b:b4:82:
                    c9:5b:32:21:6d:be:e9:bb:d4:29:c4:65:fb:a4:c6:
                    28:f0:7c:b9:81:84:f7:86:3c:d9:d4:c5:99:ed:d0:
                    0d:82:cd:02:ee:9a:d2:66:36:89:08:62:aa:87:81:
                    ed:4d:56:27:e4:e1:29:26:fb:63:ad:79:0d:d3:f1:
                    f1:8a:ce:b8:b4:e5:d1:2b:71:40:cf:11:e8:af:72:
                    f2:e3:37:4b:7d:a0:2e:0c:51:b1:58:a4:8b:23:51:
                    23:9f:59:be:bf:4d:e4:c5:d5:1b:57:bf:09:cb:a1:
                    3c:32:6a:37:fd:ea:3c:1e:f4:37:6b:1c:8e:e6:6b:
                    99:bf:fd:e7:93:2a:f4:e2:4e:51:f2:4b:27:c3:81:
                    70:29:52:62:a0:a1:26:62:89:b6:f4:cc:1e:78:2c:
                    32:b3:70:86:06:0f:2c:15:00:6f:00:6c:0c:c8:74:
                    6e:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:D3:62:BD:D7:CA:6E:80:E2:C2:44:43:75:97:BD:47:EF:7A:4F:DE
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/21a797f9-3c10-4536-aa64-09ca2d9545c8/0/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/21a797f9-3c10-4536-aa64-09ca2d9545c8/0/07D362BDD7CA6E80E2C244437597BD47EF7A4FDE.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.17.2.0/24
                IPv6:
                  2a07:2480::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  43607
                  215569

    Signature Algorithm: sha256WithRSAEncryption
         3e:12:44:87:60:99:6d:75:7f:a2:95:ec:b0:a9:b1:48:81:ab:
         8c:70:64:24:67:09:47:3d:90:6f:c9:f6:5c:64:79:86:a1:c7:
         48:36:a3:8c:11:2c:3f:6e:cc:ac:c0:fb:92:04:e4:9d:be:78:
         1d:fa:92:eb:e6:fb:5b:19:7e:b0:f5:00:9d:e8:3b:3b:eb:b9:
         bb:03:25:24:f2:5d:96:5c:b2:39:ad:7b:c7:f8:a6:e4:d5:a7:
         80:df:fd:ea:43:c5:ad:5e:fd:c8:99:e5:52:4d:f1:7e:52:e5:
         4a:57:94:2f:7e:e4:75:91:f1:79:47:9b:5b:a4:9a:f0:8a:60:
         d0:0c:b3:31:02:ec:15:17:cf:6d:36:a0:25:4b:45:01:89:c1:
         8f:b3:82:8a:80:3e:e4:d8:c6:86:bb:36:a0:bc:48:df:01:2b:
         18:ac:ad:4f:31:6a:3f:2b:22:3b:51:90:d4:d4:c8:ef:03:b7:
         bc:49:91:f1:18:95:c8:09:b5:83:48:d4:2a:10:ff:2d:3e:5a:
         7c:88:39:df:43:db:6c:db:59:70:f7:34:a6:4f:a2:0b:e5:44:
         f4:28:fe:fb:30:d1:2a:47:27:25:e0:7e:5a:c6:9b:60:6e:22:
         5c:63:52:22:2a:74:5f:88:8f:22:0e:26:95:c9:e6:5e:c4:ed:
         75:eb:37:ca
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAY4V09Tki2Hxgll6z3fFWIFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMzA2MjIxMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2QzNjJiZGQ3Y2E2ZTgwZTJjMjQ0NDM3NTk3YmQ0N2VmN2E0ZmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfmhcRnVqzfcOkfy2N+u5w5ZuT15
stUcpkPcNcq6MIKqdXHNEQNZzpfzJZFuKkohIqC+k25X+MHhECytGVRNF3r+Qisl
uzRIk9369WB+hXWTVG137OobtILJWzIhbb7pu9QpxGX7pMYo8Hy5gYT3hjzZ1MWZ
7dANgs0C7prSZjaJCGKqh4HtTVYn5OEpJvtjrXkN0/Hxis64tOXRK3FAzxHor3Ly
4zdLfaAuDFGxWKSLI1Ejn1m+v03kxdUbV78Jy6E8Mmo3/eo8HvQ3axyO5muZv/3n
kyr04k5R8ksnw4FwKVJioKEmYom29MweeCwys3CGBg8sFQBvAGwMyHRuCwIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFAfTYr3Xym6A4sJEQ3WXvUfvek/eMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzIxYTc5
N2Y5LTNjMTAtNDUzNi1hYTY0LTA5Y2EyZDk1NDVjOC8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjFh
Nzk3ZjktM2MxMC00NTM2LWFhNjQtMDljYTJkOTU0NWM4LzAvMDdEMzYyQkREN0NB
NkU4MEUyQzI0NDQzNzU5N0JENDdFRjdBNEZERS5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgME
AMERAjANBAIAAjAHAwUDKgckgDAfBggrBgEFBQcBCAEB/wQQMA6gDDAKAgMAqlcC
AwNKETANBgkqhkiG9w0BAQsFAAOCAQEAPhJEh2CZbXV/opXssKmxSIGrjHBkJGcJ
Rz2Qb8n2XGR5hqHHSDajjBEsP27MrMD7kgTknb54HfqS6+b7Wxl+sPUAneg7O+u5
uwMlJPJdllyyOa17x/im5NWngN/96kPFrV79yJnlUk3xflLlSleUL37kdZHxeUeb
W6Sa8Ipg0AyzMQLsFRfPbTagJUtFAYnBj7OCioA+5NjGhrs2oLxI3wErGKytTzFq
PysiO1GQ1NTI7wO3vEmR8RiVyAm1g0jUKhD/LT5afIg530PbbNtZcPc0pk+iC+VE
9Cj++zDRKkcnJeB+WsabYG4iXGNSIip0X4iPIg4mlcnmXsTtdes3yg==
-----END CERTIFICATE-----
Generated at Thu Jul 18 13:36:56 2024 by rpki-client on console-fra.rpki-client.org