Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/D6SU_hOwHMuSLVjZnHc8KOwi3zs.cer
File:                     D6SU_hOwHMuSLVjZnHc8KOwi3zs.cer (raw, json)
Hash identifier:          CjegqzMCkVZI5SdRYQHBOj8NtZbO7uZEVr6vB7SOt2M=
Subject key identifier:   0F:A4:94:FE:13:B0:1C:CB:92:2D:58:D9:9C:77:3C:28:EC:22:DF:3B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856D89A9E4CEBE9F2FF57E600D678315ED
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/81/af04a2-7166-440c-b67a-a7e2e4a57632/1/D6SU_hOwHMuSLVjZnHc8KOwi3zs.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/81/af04a2-7166-440c-b67a-a7e2e4a57632/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 01 Jan 2023 13:33:36 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 210072
                          IP: 2001:67c:afc::/48

Validation:               Failed, certificate revoked on Tue 19 Dec 2023 15:09:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:89:a9:e4:ce:be:9f:2f:f5:7e:60:0d:67:83:15:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 13:33:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0fa494fe13b01ccb922d58d99c773c28ec22df3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:ae:61:07:ff:67:3b:37:fd:fb:c0:94:e0:2a:
                    a0:3e:4b:34:95:f0:41:1e:96:4b:fb:c8:f3:64:2c:
                    1d:ec:94:e9:88:1d:fe:8f:cc:30:bf:28:4c:75:26:
                    1e:86:2b:4b:65:fc:d0:c7:01:1d:37:7c:7b:9a:6c:
                    fe:0d:68:92:d1:06:b6:e6:a9:8d:9b:ad:2d:79:92:
                    71:69:6e:20:85:24:3e:e9:39:32:3a:a9:7f:9c:b9:
                    c3:61:89:cf:ee:21:35:e2:21:00:09:87:9c:5c:41:
                    1d:d9:1e:ff:97:9a:cf:98:ab:3a:55:2a:9f:c7:18:
                    aa:6d:1b:8c:b2:47:81:52:44:43:a3:15:30:22:5f:
                    be:c7:92:f0:c3:37:8f:80:4d:91:68:f9:1f:2f:b0:
                    de:bd:94:e9:62:44:06:80:85:37:4e:2d:3e:05:a2:
                    4c:b2:6e:c1:7e:6e:30:0a:ce:df:0d:2b:0e:bf:f3:
                    ce:ce:74:38:2f:dc:4c:c5:88:e0:d7:3d:af:5f:c5:
                    db:18:de:28:fb:ed:68:6f:98:92:26:ee:58:31:bf:
                    3a:77:fb:b3:1b:0f:b6:5d:db:d6:39:a2:a9:bf:c5:
                    2f:b4:9d:d5:9b:8a:b6:4a:8e:14:86:cf:a3:a2:12:
                    63:3f:6e:9f:c8:25:ce:ae:85:e2:e2:3f:e5:53:16:
                    5a:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:A4:94:FE:13:B0:1C:CB:92:2D:58:D9:9C:77:3C:28:EC:22:DF:3B
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/af04a2-7166-440c-b67a-a7e2e4a57632/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/af04a2-7166-440c-b67a-a7e2e4a57632/1/D6SU_hOwHMuSLVjZnHc8KOwi3zs.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:afc::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  210072

    Signature Algorithm: sha256WithRSAEncryption
         28:1d:4b:96:33:d7:9a:c4:f3:55:0b:4b:33:16:0f:bb:8f:42:
         58:62:25:f8:db:c6:23:91:0e:7d:66:2b:da:1e:bd:bd:65:ea:
         ac:8f:51:66:2f:d2:e1:3f:03:87:8d:16:01:7e:cf:08:6f:13:
         d4:3d:71:e8:10:05:6f:b8:b3:bb:c9:cb:f3:75:65:e5:7b:44:
         69:e0:cf:42:87:07:e6:81:95:ba:49:90:84:aa:ea:bf:81:ca:
         99:72:c4:81:b4:86:1d:8f:5d:2c:8b:5a:7d:dd:5b:56:4f:0a:
         c9:d8:1c:f5:de:0e:79:13:59:bb:b6:21:c0:ef:ec:51:b9:fd:
         56:74:c4:27:07:45:08:27:80:fd:a2:64:9a:74:69:18:d5:30:
         31:2b:b5:31:e0:c0:02:d2:61:8e:b1:1e:63:b2:31:1f:0f:bf:
         dd:dc:6e:80:23:a8:41:da:21:7f:82:65:45:04:d3:25:d5:f6:
         47:82:eb:07:00:b8:c2:2b:45:a2:1b:0f:95:c2:32:e1:63:61:
         e6:74:a2:eb:8a:b5:37:77:31:85:cc:38:82:f3:5e:42:58:33:
         ec:10:13:f1:4f:a3:30:b6:3e:27:5f:7e:ed:b7:79:3d:3e:15:
         b6:dc:c8:57:28:d8:d4:54:2b:b5:72:15:50:64:11:db:23:f7:
         ea:13:89:b4
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAYVtiankzr6fL/V+YA1ngxXtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTMzMzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmE0OTRmZTEzYjAxY2NiOTIyZDU4ZDk5Yzc3M2MyOGVjMjJkZjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh65hB/9nOzf9+8CU4CqgPks0lfBB
HpZL+8jzZCwd7JTpiB3+j8wwvyhMdSYehitLZfzQxwEdN3x7mmz+DWiS0Qa25qmN
m60teZJxaW4ghSQ+6TkyOql/nLnDYYnP7iE14iEACYecXEEd2R7/l5rPmKs6VSqf
xxiqbRuMskeBUkRDoxUwIl++x5LwwzePgE2RaPkfL7DevZTpYkQGgIU3Ti0+BaJM
sm7Bfm4wCs7fDSsOv/POznQ4L9xMxYjg1z2vX8XbGN4o++1ob5iSJu5YMb86d/uz
Gw+2XdvWOaKpv8UvtJ3Vm4q2So4Uhs+johJjP26fyCXOroXi4j/lUxZa1wIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFA+klP4TsBzLki1Y2Zx3PCjsIt87MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgxL2FmMDRh
Mi03MTY2LTQ0MGMtYjY3YS1hN2UyZTRhNTc2MzIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEvYWYwNGEy
LTcxNjYtNDQwYy1iNjdhLWE3ZTJlNGE1NzYzMi8xL0Q2U1VfaE93SE11U0xWalpu
SGM4S093aTN6cy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAr8MBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwM0mDANBgkqhkiG9w0BAQsFAAOCAQEAKB1LljPXmsTzVQtLMxYPu49CWGIl
+NvGI5EOfWYr2h69vWXqrI9RZi/S4T8Dh40WAX7PCG8T1D1x6BAFb7izu8nL83Vl
5XtEaeDPQocH5oGVukmQhKrqv4HKmXLEgbSGHY9dLItafd1bVk8Kydgc9d4OeRNZ
u7YhwO/sUbn9VnTEJwdFCCeA/aJkmnRpGNUwMSu1MeDAAtJhjrEeY7IxHw+/3dxu
gCOoQdohf4JlRQTTJdX2R4LrBwC4witFohsPlcIy4WNh5nSi64q1N3cxhcw4gvNe
Qlgz7BAT8U+jMLY+J19+7bd5PT4VttzIVyjY1FQrtXIVUGQR2yP36hOJtA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:27:50 2024 by rpki-client on console-ams.rpki-client.org