Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/HCFjJ6XLg_EgeBEUNxDiJ8BTPzI.cer
File:                     HCFjJ6XLg_EgeBEUNxDiJ8BTPzI.cer (raw, json)
Hash identifier:          +DjdPI+o+940fD7xrVBEoburqtoyO/J6q6C5WMci820=
Subject key identifier:   1C:21:63:27:A5:CB:83:F1:20:78:11:14:37:10:E2:27:C0:53:3F:32
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856E65E0F6239B70D069A2FC203D9D56DA
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/8b/dabf99-1c3b-47c9-8df1-3aa52333da4f/1/HCFjJ6XLg_EgeBEUNxDiJ8BTPzI.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/8b/dabf99-1c3b-47c9-8df1-3aa52333da4f/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 01 Jan 2023 17:34:08 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 52147
                          IP: 185.118.116.0/22
                          IP: 2a03:6360::/32

Validation:               Failed, certificate revoked on Thu 13 Jul 2023 12:29:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:65:e0:f6:23:9b:70:d0:69:a2:fc:20:3d:9d:56:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 17:34:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1c216327a5cb83f1207811143710e227c0533f32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:8e:98:49:8b:18:ea:e7:16:52:11:43:8f:fc:
                    ed:b9:40:65:50:e0:09:d4:59:04:f5:b0:7b:43:2d:
                    2b:d8:8a:89:80:b0:fd:80:09:30:aa:53:a2:ba:68:
                    26:10:5f:58:d4:fa:4d:cf:6b:af:b5:94:b3:7f:8d:
                    b9:8b:30:07:95:55:31:2f:ea:02:c5:6f:a2:9c:1a:
                    e1:6f:10:bc:ed:79:66:0a:aa:72:6b:1b:98:62:75:
                    0b:3f:8f:be:a1:56:99:d3:da:ea:66:74:d5:73:f9:
                    3b:65:9f:b3:fd:8a:36:41:c2:bb:d2:9b:35:ed:0d:
                    78:71:42:3a:87:99:96:22:e7:c0:77:36:cb:d4:5a:
                    a1:e1:66:67:fc:55:59:60:51:1e:73:be:76:64:4a:
                    64:31:73:29:68:6a:44:f9:77:5f:35:1a:1a:f3:0e:
                    0d:e3:dc:1b:ba:72:70:68:e4:34:87:91:60:6f:32:
                    87:af:89:0b:7b:a1:48:5b:61:90:3c:2a:ee:8c:b7:
                    15:25:56:7e:13:0a:f2:56:2e:6b:3e:d7:e9:a8:40:
                    39:46:59:ad:53:67:1c:19:20:9d:f0:b9:7d:91:1c:
                    dc:da:07:ff:60:b1:02:ce:34:51:0c:42:1a:ad:9d:
                    26:82:af:47:20:ed:65:5c:a9:46:3c:68:af:b2:1e:
                    9b:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:21:63:27:A5:CB:83:F1:20:78:11:14:37:10:E2:27:C0:53:3F:32
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/dabf99-1c3b-47c9-8df1-3aa52333da4f/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/dabf99-1c3b-47c9-8df1-3aa52333da4f/1/HCFjJ6XLg_EgeBEUNxDiJ8BTPzI.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.118.116.0/22
                IPv6:
                  2a03:6360::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  52147

    Signature Algorithm: sha256WithRSAEncryption
         20:17:08:35:dc:71:65:2e:5b:af:54:18:e0:cf:38:61:38:3e:
         92:2b:30:f0:53:15:04:f1:30:c0:58:6f:79:1f:b6:9c:a5:12:
         3f:cc:ac:70:41:4e:fb:83:e2:ce:eb:ab:15:7e:bb:aa:30:2c:
         96:d5:48:f9:61:ae:50:9f:ef:b0:61:42:91:4e:4f:7a:f3:8f:
         34:7e:a4:b9:90:d2:b1:9c:37:38:98:a4:02:e5:a0:49:e4:1f:
         b8:c7:76:1e:9e:d6:a8:95:d0:03:fe:ae:32:4f:2e:21:8b:ce:
         b3:64:b7:d5:d4:1c:ef:3d:69:f7:f0:b0:cb:f6:8a:eb:0e:60:
         27:21:b7:7b:b0:56:e1:d1:33:e5:11:24:d3:a8:85:4c:be:a1:
         6a:bd:f5:0e:0b:b6:ef:ce:4d:7a:b9:d7:e0:73:ea:db:bf:37:
         9c:8f:9b:f5:94:d8:e8:24:4b:e3:60:40:84:0f:32:b5:b3:bf:
         81:3e:36:06:a0:8c:d0:c1:ca:7b:c7:45:b7:cc:7c:26:cf:f1:
         67:40:24:48:9d:a2:c2:79:50:ae:0f:9d:15:98:d6:55:49:b4:
         be:f3:6d:c2:b5:55:28:95:72:b2:ba:fc:7e:3c:cd:72:7e:7a:
         a1:48:d5:5f:01:2c:fb:3b:0f:c7:d4:86:8b:ae:33:ce:01:c2:
         2c:27:ad:e4
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYVuZeD2I5tw0Gmi/CA9nVbaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTczNDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzIxNjMyN2E1Y2I4M2YxMjA3ODExMTQzNzEwZTIyN2MwNTMzZjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyI6YSYsY6ucWUhFDj/ztuUBlUOAJ
1FkE9bB7Qy0r2IqJgLD9gAkwqlOiumgmEF9Y1PpNz2uvtZSzf425izAHlVUxL+oC
xW+inBrhbxC87XlmCqpyaxuYYnULP4++oVaZ09rqZnTVc/k7ZZ+z/Yo2QcK70ps1
7Q14cUI6h5mWIufAdzbL1Fqh4WZn/FVZYFEec752ZEpkMXMpaGpE+XdfNRoa8w4N
49wbunJwaOQ0h5FgbzKHr4kLe6FIW2GQPCrujLcVJVZ+EwryVi5rPtfpqEA5Rlmt
U2ccGSCd8Ll9kRzc2gf/YLECzjRRDEIarZ0mgq9HIO1lXKlGPGivsh6b+QIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFBwhYyely4PxIHgRFDcQ4ifAUz8yMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhiL2RhYmY5
OS0xYzNiLTQ3YzktOGRmMS0zYWE1MjMzM2RhNGYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIvZGFiZjk5
LTFjM2ItNDdjOS04ZGYxLTNhYTUyMzMzZGE0Zi8xL0hDRmpKNlhMZ19FZ2VCRVVO
eERpSjhCVFB6SS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuXZ0MA0EAgACMAcDBQAqA2NgMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDLszANBgkqhkiG9w0BAQsFAAOCAQEAIBcINdxxZS5b
r1QY4M84YTg+kisw8FMVBPEwwFhveR+2nKUSP8yscEFO+4PizuurFX67qjAsltVI
+WGuUJ/vsGFCkU5PevOPNH6kuZDSsZw3OJikAuWgSeQfuMd2Hp7WqJXQA/6uMk8u
IYvOs2S31dQc7z1p9/Cwy/aK6w5gJyG3e7BW4dEz5REk06iFTL6har31Dgu2785N
ernX4HPq2783nI+b9ZTY6CRL42BAhA8ytbO/gT42BqCM0MHKe8dFt8x8Js/xZ0Ak
SJ2iwnlQrg+dFZjWVUm0vvNtwrVVKJVysrr8fjzNcn56oUjVXwEs+zsPx9SGi64z
zgHCLCet5A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:43:03 2024 by rpki-client on console-fra.rpki-client.org