Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Iv1sFTtG7k9iHadP1XKYO8r_BjI.cer
File:                     Iv1sFTtG7k9iHadP1XKYO8r_BjI.cer (raw, json)
Hash identifier:          uXxMHhLZVu3rj0nWsnMljfvkR3wtiKOa2D2k2M/IO+s=
Subject key identifier:   22:FD:6C:15:3B:46:EE:4F:62:1D:A7:4F:D5:72:98:3B:CA:FF:06:32
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856C3EAAA8469D088F1A85A15726C72A84
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/b4/085cf7-d4ec-4817-88a9-7becf292e8df/1/Iv1sFTtG7k9iHadP1XKYO8r_BjI.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/b4/085cf7-d4ec-4817-88a9-7becf292e8df/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 01 Jan 2023 07:32:04 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 211032
                          IP: 185.222.42.0/24

Validation:               Failed, certificate revoked on Tue 19 Dec 2023 11:23:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:3e:aa:a8:46:9d:08:8f:1a:85:a1:57:26:c7:2a:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 07:32:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=22fd6c153b46ee4f621da74fd572983bcaff0632
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:6d:20:86:9b:54:b3:00:5f:02:79:02:71:ff:
                    82:05:6c:6a:06:9c:2d:15:e6:ae:46:b7:30:c3:8e:
                    9e:13:1c:09:be:b9:7c:ce:e2:01:e7:cb:2d:36:f0:
                    1b:8a:0f:26:24:cf:08:2c:6f:40:af:8b:5e:23:9c:
                    95:52:b0:32:4c:87:83:88:e3:93:5f:7d:19:32:2b:
                    eb:58:e6:13:23:92:11:d1:55:e8:59:4e:d0:89:d5:
                    38:58:4e:50:10:1a:47:4b:9b:fb:50:7d:5a:bd:1b:
                    73:09:56:92:9c:c9:be:5e:0b:96:f9:04:b3:c7:51:
                    30:3d:a7:4f:30:90:73:e0:ac:95:5a:4d:6c:cb:15:
                    0a:e2:72:f4:7e:be:bb:12:03:ed:90:9f:64:18:4c:
                    5d:21:0c:6d:62:55:3d:69:f1:53:67:ad:e3:52:a9:
                    71:2e:c9:b5:7c:72:a0:08:d4:37:a2:f3:03:a2:7d:
                    a7:ca:db:01:75:39:99:2c:42:97:69:90:0d:70:3b:
                    61:c4:1c:a3:bf:42:54:04:58:8a:7b:c0:14:c2:20:
                    9f:07:f8:9d:0c:e9:bb:1e:b6:c7:ad:5f:e1:e0:db:
                    7b:e3:b4:ea:8f:f0:7f:bc:04:90:ac:df:29:93:69:
                    a6:5e:b9:cf:cf:a2:ce:2b:1f:82:5c:7b:9d:92:ef:
                    1c:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:FD:6C:15:3B:46:EE:4F:62:1D:A7:4F:D5:72:98:3B:CA:FF:06:32
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/085cf7-d4ec-4817-88a9-7becf292e8df/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/085cf7-d4ec-4817-88a9-7becf292e8df/1/Iv1sFTtG7k9iHadP1XKYO8r_BjI.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.222.42.0/24

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  211032

    Signature Algorithm: sha256WithRSAEncryption
         77:9d:d5:4a:d2:9b:d6:a4:5d:10:d9:82:c6:e3:37:3b:91:08:
         bb:47:3e:db:45:fe:5a:62:7a:aa:44:04:58:7b:da:ad:9c:b5:
         23:41:e2:ba:89:2f:7b:8f:cd:f9:d9:92:c0:8c:59:b3:06:2b:
         2a:8c:48:32:95:11:6d:50:91:a8:79:25:8a:6a:54:02:98:db:
         43:89:ec:58:c3:bd:88:98:7e:6e:7e:32:c1:8d:15:74:27:dc:
         45:97:a5:b9:ee:7c:15:83:96:8c:53:40:a2:1b:50:07:5f:85:
         ff:15:3f:54:cf:87:cc:92:92:c6:48:56:e0:5d:f6:5f:29:b8:
         d1:52:f5:5d:c6:74:8a:3a:0f:5c:59:c6:00:2a:93:b2:5c:9b:
         31:02:58:de:b2:24:d5:cb:87:5c:65:00:4a:14:e5:8f:bd:7d:
         98:f9:dd:6a:45:69:f4:63:a3:b7:40:81:14:eb:23:a5:a0:b5:
         c5:0a:51:18:95:b8:63:9e:31:84:e3:b0:05:1e:c6:f8:c8:4a:
         8d:28:d9:36:d8:52:7d:aa:b0:d2:62:96:af:c6:fb:4c:45:bf:
         83:68:4f:da:8c:21:c4:b4:c7:da:40:80:7d:17:2f:38:5f:ab:
         73:28:ad:c9:2b:55:36:73:63:9c:98:96:3d:51:7e:9e:a5:7f:
         8b:34:e0:00
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYVsPqqoRp0IjxqFoVcmxyqEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMDczMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmZkNmMxNTNiNDZlZTRmNjIxZGE3NGZkNTcyOTgzYmNhZmYwNjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4m0ghptUswBfAnkCcf+CBWxqBpwt
FeauRrcww46eExwJvrl8zuIB58stNvAbig8mJM8ILG9Ar4teI5yVUrAyTIeDiOOT
X30ZMivrWOYTI5IR0VXoWU7QidU4WE5QEBpHS5v7UH1avRtzCVaSnMm+XguW+QSz
x1EwPadPMJBz4KyVWk1syxUK4nL0fr67EgPtkJ9kGExdIQxtYlU9afFTZ63jUqlx
Lsm1fHKgCNQ3ovMDon2nytsBdTmZLEKXaZANcDthxByjv0JUBFiKe8AUwiCfB/id
DOm7HrbHrV/h4Nt747Tqj/B/vASQrN8pk2mmXrnPz6LOKx+CXHudku8czwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFCL9bBU7Ru5PYh2nT9VymDvK/wYyMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I0LzA4NWNm
Ny1kNGVjLTQ4MTctODhhOS03YmVjZjI5MmU4ZGYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQvMDg1Y2Y3
LWQ0ZWMtNDgxNy04OGE5LTdiZWNmMjkyZThkZi8xL0l2MXNGVHRHN2s5aUhhZFAx
WEtZTzhyX0JqSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAud4qMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwM4WDANBgkqhkiG9w0BAQsFAAOCAQEAd53VStKb1qRdENmCxuM3O5EIu0c+20X+
WmJ6qkQEWHvarZy1I0Hiuokve4/N+dmSwIxZswYrKoxIMpURbVCRqHklimpUApjb
Q4nsWMO9iJh+bn4ywY0VdCfcRZelue58FYOWjFNAohtQB1+F/xU/VM+HzJKSxkhW
4F32Xym40VL1XcZ0ijoPXFnGACqTslybMQJY3rIk1cuHXGUAShTlj719mPndakVp
9GOjt0CBFOsjpaC1xQpRGJW4Y54xhOOwBR7G+MhKjSjZNthSfaqw0mKWr8b7TEW/
g2hP2owhxLTH2kCAfRcvOF+rcyityStVNnNjnJiWPVF+nqV/izTgAA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:29:47 2024 by rpki-client on console-ams.rpki-client.org