Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/BbvbYp_dDxwzv7GsfPRBIbxebq0.cer
File:                     BbvbYp_dDxwzv7GsfPRBIbxebq0.cer (raw, json)
Hash identifier:          UXeUJcdU10boScjIdnLUOx0dKry6AO1gMNmm9S4eXvk=
Subject key identifier:   05:BB:DB:62:9F:DD:0F:1C:33:BF:B1:AC:7C:F4:41:21:BC:5E:6E:AD
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B30BE209A98718EE70B2264394E17D64A
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/93f083b7-7818-4ccf-8663-9191f8a8616a/0/05BBDB629FDD0F1C33BFB1AC7CF44121BC5E6EAD.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/93f083b7-7818-4ccf-8663-9191f8a8616a/0/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Thu 18 Dec 2025 09:15:25 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 50788
                          IP: 2a0c:31c0::/29
Validation:               Failed, certificate revoked on Fri 19 Dec 2025 09:28:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:30:be:20:9a:98:71:8e:e7:0b:22:64:39:4e:17:d6:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Dec 18 09:15:25 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=05bbdb629fdd0f1c33bfb1ac7cf44121bc5e6ead
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:88:a9:53:f3:4e:68:eb:1e:ec:c6:ef:03:66:
                    30:39:e1:07:9a:22:45:f8:de:5a:89:69:3a:81:78:
                    b1:e6:09:41:dc:70:5d:dd:b3:dd:a5:b3:11:19:9b:
                    93:ca:0d:a7:94:cd:a2:bb:a1:d2:6b:e8:72:29:16:
                    b1:dc:72:4a:9e:ff:0c:d1:fc:d8:2e:6a:c2:b2:21:
                    d8:38:f9:3a:8f:9a:0c:49:fd:84:8d:64:fa:94:ce:
                    a3:a1:95:59:56:50:67:4e:14:73:96:96:89:f0:76:
                    64:dd:3d:b5:0a:c3:f2:99:09:7b:fc:4f:01:12:ed:
                    48:70:2e:ea:9a:90:43:42:8e:0c:04:d9:75:21:5f:
                    04:d2:26:d1:3d:b3:6d:b8:04:33:40:b1:b1:a3:ac:
                    47:7a:fa:32:d7:36:54:c0:8a:df:77:77:43:bc:6f:
                    97:cf:65:4b:e9:92:1f:f3:4c:1f:af:00:52:a4:51:
                    9d:2a:0c:0f:64:6d:fd:3c:65:ae:74:9a:9f:a8:c0:
                    f5:91:91:8c:c2:79:a8:ca:df:49:57:1a:57:54:d1:
                    d1:4a:89:1c:0a:72:2d:c6:c9:14:dc:cf:49:be:e1:
                    44:a6:eb:4b:13:68:d4:7c:7a:34:99:8f:9f:62:c7:
                    3a:50:da:7c:05:52:25:54:6d:13:60:32:86:00:66:
                    29:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:BB:DB:62:9F:DD:0F:1C:33:BF:B1:AC:7C:F4:41:21:BC:5E:6E:AD
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/93f083b7-7818-4ccf-8663-9191f8a8616a/0/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/93f083b7-7818-4ccf-8663-9191f8a8616a/0/05BBDB629FDD0F1C33BFB1AC7CF44121BC5E6EAD.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:31c0::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  50788

    Signature Algorithm: sha256WithRSAEncryption
         6d:35:69:70:e2:6d:39:63:6a:29:47:19:9b:bc:42:55:23:1a:
         a7:51:9a:89:f7:24:bf:c6:8b:1f:55:9e:7b:67:1f:a7:22:21:
         44:58:10:6a:a6:97:e0:58:fe:68:d4:3f:58:03:52:1b:9d:ed:
         bd:08:d5:ac:12:13:00:e2:58:51:8e:19:cf:ab:5c:fb:64:16:
         92:6a:f4:b9:e4:01:5c:c1:b1:eb:34:06:81:7e:37:ec:f6:a5:
         23:5c:c7:df:55:04:6a:a0:40:59:38:f2:c0:08:84:56:16:00:
         b9:95:37:0b:bc:96:e9:1c:05:48:94:ab:2a:fd:29:7f:fe:92:
         a8:05:d7:b7:a6:d9:da:24:25:7d:67:63:cc:d8:e4:7e:84:32:
         02:f7:dd:64:2e:c3:4d:af:a8:51:da:43:2a:f2:e5:fe:63:97:
         23:5e:33:17:00:80:b9:97:a4:4d:5e:7b:f7:7e:bd:bb:6e:40:
         1f:6d:d1:1e:e3:0a:2a:5f:29:53:1a:1e:3d:a3:55:f7:ef:a8:
         99:78:ca:ca:50:dd:e8:44:14:75:7f:3e:4f:b7:97:02:10:95:
         7e:78:7c:f8:cd:88:09:29:15:36:25:d2:ab:9e:f4:ac:da:92:
         a3:fe:c5:ef:ff:65:f4:26:14:58:9d:ea:4d:aa:73:2a:c5:33:
         96:8b:b2:8a
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgISAZswviCamHGO5wsiZDlOF9ZKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUxMjE4MDkxNTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWJiZGI2MjlmZGQwZjFjMzNiZmIxYWM3Y2Y0NDEyMWJjNWU2ZWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4ipU/NOaOse7MbvA2YwOeEHmiJF
+N5aiWk6gXix5glB3HBd3bPdpbMRGZuTyg2nlM2iu6HSa+hyKRax3HJKnv8M0fzY
LmrCsiHYOPk6j5oMSf2EjWT6lM6joZVZVlBnThRzlpaJ8HZk3T21CsPymQl7/E8B
Eu1IcC7qmpBDQo4MBNl1IV8E0ibRPbNtuAQzQLGxo6xHevoy1zZUwIrfd3dDvG+X
z2VL6ZIf80wfrwBSpFGdKgwPZG39PGWudJqfqMD1kZGMwnmoyt9JVxpXVNHRSokc
CnItxskU3M9JvuFEputLE2jUfHo0mY+fYsc6UNp8BVIlVG0TYDKGAGYpeQIDAQAB
o4ICvTCCArkwHQYDVR0OBBYEFAW722Kf3Q8cM7+xrHz0QSG8Xm6tMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzkzZjA4
M2I3LTc4MTgtNGNjZi04NjYzLTkxOTFmOGE4NjE2YS8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTNm
MDgzYjctNzgxOC00Y2NmLTg2NjMtOTE5MWY4YTg2MTZhLzAvMDVCQkRCNjI5RkRE
MEYxQzMzQkZCMUFDN0NGNDQxMjFCQzVFNkVBRC5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF
AyoMMcAwGgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAMZkMA0GCSqGSIb3DQEBCwUA
A4IBAQBtNWlw4m05Y2opRxmbvEJVIxqnUZqJ9yS/xosfVZ57Zx+nIiFEWBBqppfg
WP5o1D9YA1Ibne29CNWsEhMA4lhRjhnPq1z7ZBaSavS55AFcwbHrNAaBfjfs9qUj
XMffVQRqoEBZOPLACIRWFgC5lTcLvJbpHAVIlKsq/Sl//pKoBde3ptnaJCV9Z2PM
2OR+hDIC991kLsNNr6hR2kMq8uX+Y5cjXjMXAIC5l6RNXnv3fr27bkAfbdEe4woq
XylTGh49o1X376iZeMrKUN3oRBR1fz5Pt5cCEJV+eHz4zYgJKRU2JdKrnvSs2pKj
/sXv/2X0JhRYnepNqnMqxTOWi7KK
-----END CERTIFICATE-----