Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/BdZYWUtlNkssLlampF67BoR7OEk.cer
File:                     BdZYWUtlNkssLlampF67BoR7OEk.cer (raw, json)
Hash identifier:          VWi8o1kjoyvt05+JGdvKZQIQpT1tgrX2oy4Xxlwu090=
Subject key identifier:   05:D6:58:59:4B:65:36:4B:2C:2E:56:A6:A4:5E:BB:06:84:7B:38:49
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856EFA3A597839146154890D02C5D4619A
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/BdZYWUtlNkssLlampF67BoR7OEk.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 01 Jan 2023 20:16:10 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 24935
                          IP: 37.235.88.0/21
                          IP: 45.138.192.0/22
                          IP: 46.29.120.0/21
                          IP: 185.67.148.0/22
                          IP: 185.75.140.0/22
                          IP: 185.161.44.0/22
                          IP: 185.252.156.0/22
                          IP: 194.213.30.0/24
                          IP: 195.74.80.0/24
                          IP: 2a02:21c8::/32

Validation:               Failed, certificate revoked on Thu 07 Dec 2023 10:55:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:fa:3a:59:78:39:14:61:54:89:0d:02:c5:d4:61:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 20:16:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=05d658594b65364b2c2e56a6a45ebb06847b3849
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:d0:19:fe:06:e2:80:a9:18:e4:ae:33:e6:5a:
                    29:ce:3a:4a:6b:7b:0c:6b:c8:5e:a2:56:f0:04:5e:
                    fb:8f:12:e9:92:7c:52:e1:45:6e:50:1d:18:1a:16:
                    7b:c6:cf:1c:e6:f5:93:a1:78:5e:d7:52:ff:b2:57:
                    57:e4:78:a1:1c:b2:f4:65:1d:59:54:f5:b3:0b:e5:
                    a3:77:07:3b:1e:c3:05:d6:d9:22:75:0a:95:1b:d9:
                    b5:4f:cd:c9:c6:fa:c0:7d:2e:57:fc:a4:5e:45:11:
                    24:1b:11:37:c1:74:b3:4d:ab:a0:77:b1:51:e4:c3:
                    45:29:73:bf:b7:99:ea:fd:d5:d7:a3:18:2d:85:86:
                    90:40:db:93:44:33:1f:16:73:79:8d:f0:6a:aa:e5:
                    03:c6:10:21:43:af:f7:a3:b4:fb:82:46:f5:ef:e8:
                    93:7c:8c:51:e4:b2:ae:df:59:ee:f2:95:21:02:fc:
                    9f:cd:d9:9b:be:81:b0:68:92:5c:de:37:38:26:da:
                    a8:d5:a8:e7:3b:8f:87:e9:d7:a2:ef:3e:3f:b1:ac:
                    dd:01:8b:50:ec:53:6c:d2:be:4b:2d:0a:35:de:75:
                    bc:13:3f:9f:3c:c0:97:99:81:e0:57:48:b3:a0:4c:
                    f8:93:8a:f1:5b:70:be:02:a7:5e:87:72:c8:49:5f:
                    4f:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:D6:58:59:4B:65:36:4B:2C:2E:56:A6:A4:5E:BB:06:84:7B:38:49
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/BdZYWUtlNkssLlampF67BoR7OEk.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.235.88.0/21
                  45.138.192.0/22
                  46.29.120.0/21
                  185.67.148.0/22
                  185.75.140.0/22
                  185.161.44.0/22
                  185.252.156.0/22
                  194.213.30.0/24
                  195.74.80.0/24
                IPv6:
                  2a02:21c8::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  24935

    Signature Algorithm: sha256WithRSAEncryption
         93:c0:38:83:68:86:e3:83:73:df:c6:5a:98:6f:e8:bb:ea:8c:
         53:11:40:66:d8:0f:7d:f7:b0:dd:6c:7d:13:4e:00:d8:f9:77:
         67:ab:6a:93:d7:4b:35:62:6c:e1:e4:a6:ea:44:bb:65:99:35:
         20:31:ac:60:8f:ab:d8:66:f2:2d:55:3c:16:e6:ac:94:b7:96:
         8e:12:cd:75:c0:87:f2:c6:d9:dd:94:8a:e9:04:e8:98:2f:b6:
         03:6b:39:37:cb:88:45:81:65:8d:60:71:33:47:f0:6b:1b:c4:
         25:50:cb:5b:cb:39:47:5e:d2:7c:3c:b9:c5:54:6d:52:4b:6a:
         d8:d1:9a:87:6c:ba:34:07:5d:09:60:f6:41:fc:07:82:fe:15:
         15:ce:1e:bc:3c:7d:f6:81:01:04:e5:11:ef:72:2c:13:d3:1d:
         6e:cb:f1:ad:ef:26:2a:68:0b:2a:6f:f5:6b:05:e8:5f:1d:56:
         5f:4b:49:52:e0:17:b3:6c:7f:4d:ce:95:19:6d:da:c1:46:b8:
         e1:b9:9a:c9:ee:a9:6c:d5:01:23:b9:3a:f1:3b:ba:0c:73:b5:
         de:bb:64:ca:89:61:d6:1f:3b:95:80:2b:ae:0e:df:49:e2:29:
         e4:1f:d5:c1:5e:dd:85:38:93:9d:b6:e6:75:de:92:be:0c:f9:
         54:0b:fa:79
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAYVu+jpZeDkUYVSJDQLF1GGaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMjAxNjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWQ2NTg1OTRiNjUzNjRiMmMyZTU2YTZhNDVlYmIwNjg0N2IzODQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3dAZ/gbigKkY5K4z5lopzjpKa3sM
a8heolbwBF77jxLpknxS4UVuUB0YGhZ7xs8c5vWToXhe11L/sldX5HihHLL0ZR1Z
VPWzC+Wjdwc7HsMF1tkidQqVG9m1T83JxvrAfS5X/KReRREkGxE3wXSzTaugd7FR
5MNFKXO/t5nq/dXXoxgthYaQQNuTRDMfFnN5jfBqquUDxhAhQ6/3o7T7gkb17+iT
fIxR5LKu31nu8pUhAvyfzdmbvoGwaJJc3jc4Jtqo1ajnO4+H6dei7z4/sazdAYtQ
7FNs0r5LLQo13nW8Ez+fPMCXmYHgV0izoEz4k4rxW3C+Aqdeh3LISV9PwQIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFAXWWFlLZTZLLC5WpqReuwaEezhJMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRhLzliMWY5
NS0zYjE4LTQ4MTItOTI0ZS03YmZkYTYyNTQ0Y2UvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEvOWIxZjk1
LTNiMTgtNDgxMi05MjRlLTdiZmRhNjI1NDRjZS8xL0JkWllXVXRsTmtzc0xsYW1w
RjY3Qm9SN09Fay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF4GCCsGAQUF
BwEHAQH/BE8wTTA8BAIAATA2AwQDJetYAwQCLYrAAwQDLh14AwQCuUOUAwQCuUuM
AwQCuaEsAwQCufycAwQAwtUeAwQAw0pQMA0EAgACMAcDBQAqAiHIMBkGCCsGAQUF
BwEIAQH/BAowCKAGMAQCAmFnMA0GCSqGSIb3DQEBCwUAA4IBAQCTwDiDaIbjg3Pf
xlqYb+i76oxTEUBm2A9997DdbH0TTgDY+Xdnq2qT10s1Ymzh5KbqRLtlmTUgMaxg
j6vYZvItVTwW5qyUt5aOEs11wIfyxtndlIrpBOiYL7YDazk3y4hFgWWNYHEzR/Br
G8QlUMtbyzlHXtJ8PLnFVG1SS2rY0ZqHbLo0B10JYPZB/AeC/hUVzh68PH32gQEE
5RHvciwT0x1uy/Gt7yYqaAsqb/VrBehfHVZfS0lS4BezbH9NzpUZbdrBRrjhuZrJ
7qls1QEjuTrxO7oMc7Xeu2TKiWHWHzuVgCuuDt9J4inkH9XBXt2FOJOdtuZ13pK+
DPlUC/p5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:44 2024 by rpki-client on console-fra.rpki-client.org