Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/J2b4IzyQSdIMFdnrRsm7eXYX3bc.cer
File:                     J2b4IzyQSdIMFdnrRsm7eXYX3bc.cer (raw, json)
Hash identifier:          hxagZubr4GN1emCYXaWbIaAoC1H961vmmsldmBglFCU=
Subject key identifier:   27:66:F8:23:3C:90:49:D2:0C:15:D9:EB:46:C9:BB:79:76:17:DD:B7
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC8DEB0EB6CA4728F60BBBE30A360C1C3
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/17/97e849-2346-4a54-b8e0-dcbfebe79915/1/J2b4IzyQSdIMFdnrRsm7eXYX3bc.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/17/97e849-2346-4a54-b8e0-dcbfebe79915/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 06:31:26 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 77.81.167.0/24
                          IP: 92.114.36.0/24
                          IP: 92.114.53.0/24
                          IP: 92.114.83.0/24
                          IP: 185.128.192.0/22

Validation:               Failed, certificate revoked on Tue 04 Jun 2024 10:50:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:de:b0:eb:6c:a4:72:8f:60:bb:be:30:a3:60:c1:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 06:31:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2766f8233c9049d20c15d9eb46c9bb797617ddb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:33:12:8b:77:e4:fd:07:9f:5e:a2:3c:77:e4:
                    af:d8:11:00:43:35:47:79:62:37:3a:8a:3d:b0:13:
                    62:f8:ec:19:86:94:1a:a2:4c:6b:0a:f2:ad:5c:36:
                    4d:4c:b3:9f:af:eb:a6:1b:d6:81:b8:e6:24:3d:ac:
                    bf:14:74:8c:8f:2d:29:49:72:b0:e9:0d:91:96:9a:
                    6d:ea:3d:7d:a4:34:6d:49:4e:e8:51:99:29:1b:80:
                    46:5a:e4:15:10:e9:56:2b:30:b9:81:26:73:26:47:
                    1b:d9:26:0c:2c:4c:23:e6:e6:d7:f9:97:13:fd:8a:
                    3a:76:27:3c:f6:cc:5b:86:35:24:e8:f5:22:92:dc:
                    8c:ce:c0:7d:ed:b7:0b:1a:84:21:00:83:b0:22:cb:
                    d1:f8:2f:eb:03:dc:92:69:36:be:d7:40:2d:b6:c3:
                    38:d0:c8:61:33:8d:0c:15:a9:97:8c:b6:da:f2:68:
                    cb:d5:54:53:3a:e7:92:42:4d:14:81:a3:0c:01:52:
                    9f:c3:40:df:5e:19:81:bf:63:a4:00:6a:64:c6:a8:
                    3c:c1:1c:0b:de:57:20:97:51:52:38:1a:14:7f:1d:
                    ee:bb:48:35:5f:45:e1:af:4a:61:42:7d:56:34:0b:
                    7d:ae:f1:8f:74:8d:d8:37:6e:e8:bb:ce:98:a3:00:
                    31:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:66:F8:23:3C:90:49:D2:0C:15:D9:EB:46:C9:BB:79:76:17:DD:B7
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/97e849-2346-4a54-b8e0-dcbfebe79915/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/97e849-2346-4a54-b8e0-dcbfebe79915/1/J2b4IzyQSdIMFdnrRsm7eXYX3bc.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.81.167.0/24
                  92.114.36.0/24
                  92.114.53.0/24
                  92.114.83.0/24
                  185.128.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         64:01:a0:00:a2:3f:b1:81:dd:06:0f:5b:8b:02:75:8d:5c:ab:
         ef:9a:24:37:1b:78:d4:1f:26:e9:c8:72:9e:21:cc:10:81:da:
         a3:b0:4e:77:46:79:5b:9c:6c:2f:4f:45:64:48:20:39:92:86:
         ac:90:d0:0c:51:82:3b:48:fc:93:88:32:54:a4:a3:9c:63:3c:
         c6:8d:9d:5e:0c:b5:39:45:db:a2:df:55:f8:9d:42:a9:e5:78:
         bd:5f:85:de:c4:77:4e:39:83:78:bc:08:79:36:44:a5:fc:67:
         07:dc:d4:0b:ad:95:00:f1:af:f3:cb:58:68:8b:5e:01:c1:23:
         ec:7d:e7:b2:87:81:3a:d9:f6:fc:20:c9:b7:ca:f9:b9:b8:8e:
         ed:40:68:c8:91:cf:0a:39:42:10:29:89:fc:5f:36:25:20:b9:
         67:a8:3e:f3:7f:e4:29:d0:00:29:3d:2d:cb:7f:a6:c7:8c:6e:
         fe:55:05:00:a1:72:16:32:bb:06:03:77:49:78:8b:b3:79:0f:
         d8:33:98:bd:8d:c2:cb:d0:44:f3:31:a6:ea:3f:4f:5d:71:d2:
         9b:39:99:9a:41:96:fb:f1:2e:5a:cd:f3:3b:71:f1:a2:93:af:
         fe:fe:64:f3:02:0d:28:6a:d7:36:a5:5b:bf:66:94:fc:16:c2:
         a8:83:f6:7b
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYzI3rDrbKRyj2C7vjCjYMHDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDYzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzY2ZjgyMzNjOTA0OWQyMGMxNWQ5ZWI0NmM5YmI3OTc2MTdkZGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDMSi3fk/QefXqI8d+Sv2BEAQzVH
eWI3Ooo9sBNi+OwZhpQaokxrCvKtXDZNTLOfr+umG9aBuOYkPay/FHSMjy0pSXKw
6Q2Rlppt6j19pDRtSU7oUZkpG4BGWuQVEOlWKzC5gSZzJkcb2SYMLEwj5ubX+ZcT
/Yo6dic89sxbhjUk6PUiktyMzsB97bcLGoQhAIOwIsvR+C/rA9ySaTa+10AttsM4
0MhhM40MFamXjLba8mjL1VRTOueSQk0UgaMMAVKfw0DfXhmBv2OkAGpkxqg8wRwL
3lcgl1FSOBoUfx3uu0g1X0Xhr0phQn1WNAt9rvGPdI3YN27ou86YowAxkQIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFCdm+CM8kEnSDBXZ60bJu3l2F923MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE3Lzk3ZTg0
OS0yMzQ2LTRhNTQtYjhlMC1kY2JmZWJlNzk5MTUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcvOTdlODQ5
LTIzNDYtNGE1NC1iOGUwLWRjYmZlYmU3OTkxNS8xL0oyYjRJenlRU2RJTUZkbnJS
c203ZVhZWDNiYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUF
BwEHAQH/BCgwJjAkBAIAATAeAwQATVGnAwQAXHIkAwQAXHI1AwQAXHJTAwQCuYDA
MA0GCSqGSIb3DQEBCwUAA4IBAQBkAaAAoj+xgd0GD1uLAnWNXKvvmiQ3G3jUHybp
yHKeIcwQgdqjsE53RnlbnGwvT0VkSCA5koaskNAMUYI7SPyTiDJUpKOcYzzGjZ1e
DLU5Rdui31X4nUKp5Xi9X4XexHdOOYN4vAh5NkSl/GcH3NQLrZUA8a/zy1hoi14B
wSPsfeeyh4E62fb8IMm3yvm5uI7tQGjIkc8KOUIQKYn8XzYlILlnqD7zf+Qp0AAp
PS3Lf6bHjG7+VQUAoXIWMrsGA3dJeIuzeQ/YM5i9jcLL0ETzMabqP09dcdKbOZma
QZb78S5azfM7cfGik6/+/mTzAg0oatc2pVu/ZpT8FsKog/Z7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:43:29 2024 by rpki-client on console-fra.rpki-client.org