Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CDmWxvLno4hx-MAB9Pi6SnBeh5k.cer
File:                     CDmWxvLno4hx-MAB9Pi6SnBeh5k.cer (raw, json)
Hash identifier:          xX8sJRd3CLlygbNklqmlsR1q/Z9DQ+32SEcveTfPIHQ=
Subject key identifier:   08:39:96:C6:F2:E7:A3:88:71:F8:C0:01:F4:F8:BA:4A:70:5E:87:99
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856B631EC92C0191471DF20E33BC1E7098
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/68/b3b4bb-20f5-48ad-a61b-fe8e5e0bfa0f/1/CDmWxvLno4hx-MAB9Pi6SnBeh5k.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/68/b3b4bb-20f5-48ad-a61b-fe8e5e0bfa0f/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 01 Jan 2023 03:32:16 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 12713
                          IP: 62.75.0.0/17
                          IP: 2a00:1cb8::/32

Validation:               Failed, certificate revoked on Thu 23 Feb 2023 15:56:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:63:1e:c9:2c:01:91:47:1d:f2:0e:33:bc:1e:70:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 03:32:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=083996c6f2e7a38871f8c001f4f8ba4a705e8799
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:f3:bd:36:1f:bc:f5:ae:ec:31:e6:a2:8c:73:
                    86:35:91:a0:b6:fa:c5:c2:96:95:5c:e9:20:d4:d8:
                    d5:62:e3:d3:41:fb:43:e7:de:77:90:bf:48:66:6d:
                    7a:be:be:9a:3a:ff:3c:f4:a6:44:1c:ec:46:22:f1:
                    fc:bf:ba:89:59:f2:6a:b3:37:d0:1e:53:0f:db:d2:
                    6d:27:c0:74:3e:5a:f6:f5:99:13:56:3f:c2:56:98:
                    c9:48:e7:58:0a:b8:41:d4:3f:76:dc:ee:c6:49:a0:
                    cb:2f:4b:d0:8a:41:42:ba:5e:10:bf:fd:4d:0a:d7:
                    91:6c:8d:4d:0a:03:df:d4:94:f2:79:57:eb:92:00:
                    f1:5e:b7:2a:1e:ba:73:0c:aa:58:85:b4:be:b9:76:
                    28:13:c9:a1:d0:cc:ca:34:91:42:5a:3c:59:c6:83:
                    97:cc:d3:f2:ba:d7:60:5f:de:90:23:93:52:b5:7a:
                    f3:10:3d:3d:6d:37:66:a8:d5:62:e4:c3:33:bf:7d:
                    f8:eb:8e:d1:7a:f1:29:10:38:ce:66:6e:8a:b0:e4:
                    3a:79:73:f2:22:cf:9f:66:ac:5f:45:a8:9b:b5:26:
                    ec:d5:d2:96:86:24:e7:64:b0:f9:cb:0f:02:09:54:
                    bd:c5:06:61:8e:98:82:c1:e6:b6:03:43:94:23:27:
                    c4:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:39:96:C6:F2:E7:A3:88:71:F8:C0:01:F4:F8:BA:4A:70:5E:87:99
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/b3b4bb-20f5-48ad-a61b-fe8e5e0bfa0f/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/b3b4bb-20f5-48ad-a61b-fe8e5e0bfa0f/1/CDmWxvLno4hx-MAB9Pi6SnBeh5k.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.75.0.0/17
                IPv6:
                  2a00:1cb8::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  12713

    Signature Algorithm: sha256WithRSAEncryption
         2a:31:63:be:bf:21:8b:27:06:2a:fe:2e:e5:c4:37:5b:6e:8d:
         6c:a9:66:44:ca:79:51:00:00:0b:6d:98:04:77:8f:8b:01:1f:
         0d:d1:b3:de:ee:2e:04:fc:cf:04:44:4a:dc:c0:15:fd:cc:15:
         50:27:cf:ad:e3:57:3b:30:78:d6:91:48:6c:3e:f6:36:92:36:
         a9:5d:04:d7:77:47:c4:a9:44:65:c1:48:1d:9a:0c:05:e2:c8:
         cf:d2:32:f4:ad:6a:95:16:99:ad:25:7d:67:a2:2a:92:b6:e1:
         a0:ba:c2:1f:bb:23:db:2d:8c:92:fb:18:c7:46:69:b5:02:46:
         29:25:13:64:3e:09:50:e7:57:b4:58:da:12:92:8a:9d:b7:ad:
         b2:9f:82:8c:68:24:73:78:83:28:c9:0f:6d:af:2a:51:0d:88:
         92:1f:de:8c:da:64:be:25:94:2a:64:52:d3:40:21:1b:e3:86:
         0d:49:32:14:a2:c0:40:01:a5:fc:5c:b3:96:62:c9:c6:93:d0:
         b7:8f:b0:35:d0:d6:b6:0f:be:b8:2a:fa:46:85:7b:0f:1d:52:
         cd:15:cd:0d:70:1f:2b:d1:29:76:3e:12:5d:01:53:b3:c8:6b:
         63:1c:be:ea:3c:d5:46:f7:c4:eb:13:17:b1:40:39:3f:c1:cd:
         b1:b6:22:ca
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYVrYx7JLAGRRx3yDjO8HnCYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMDMzMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODM5OTZjNmYyZTdhMzg4NzFmOGMwMDFmNGY4YmE0YTcwNWU4Nzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/O9Nh+89a7sMeaijHOGNZGgtvrF
wpaVXOkg1NjVYuPTQftD5953kL9IZm16vr6aOv889KZEHOxGIvH8v7qJWfJqszfQ
HlMP29JtJ8B0Plr29ZkTVj/CVpjJSOdYCrhB1D923O7GSaDLL0vQikFCul4Qv/1N
CteRbI1NCgPf1JTyeVfrkgDxXrcqHrpzDKpYhbS+uXYoE8mh0MzKNJFCWjxZxoOX
zNPyutdgX96QI5NStXrzED09bTdmqNVi5MMzv334647RevEpEDjOZm6KsOQ6eXPy
Is+fZqxfRaibtSbs1dKWhiTnZLD5yw8CCVS9xQZhjpiCwea2A0OUIyfEHwIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFAg5lsby56OIcfjAAfT4ukpwXoeZMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY4L2IzYjRi
Yi0yMGY1LTQ4YWQtYTYxYi1mZThlNWUwYmZhMGYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgvYjNiNGJi
LTIwZjUtNDhhZC1hNjFiLWZlOGU1ZTBiZmEwZi8xL0NEbVd4dkxubzRoeC1NQUI5
UGk2U25CZWg1ay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQHPksAMA0EAgACMAcDBQAqABy4MBkGCCsGAQUF
BwEIAQH/BAowCKAGMAQCAjGpMA0GCSqGSIb3DQEBCwUAA4IBAQAqMWO+vyGLJwYq
/i7lxDdbbo1sqWZEynlRAAALbZgEd4+LAR8N0bPe7i4E/M8ERErcwBX9zBVQJ8+t
41c7MHjWkUhsPvY2kjapXQTXd0fEqURlwUgdmgwF4sjP0jL0rWqVFpmtJX1noiqS
tuGgusIfuyPbLYyS+xjHRmm1AkYpJRNkPglQ51e0WNoSkoqdt62yn4KMaCRzeIMo
yQ9trypRDYiSH96M2mS+JZQqZFLTQCEb44YNSTIUosBAAaX8XLOWYsnGk9C3j7A1
0Na2D764KvpGhXsPHVLNFc0NcB8r0Sl2PhJdAVOzyGtjHL7qPNVG98TrExexQDk/
wc2xtiLK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:51 2024 by rpki-client on console-fra.rpki-client.org