Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/J322q3eePVMzyXqyKFuYgAHF4MY.cer
File:                     J322q3eePVMzyXqyKFuYgAHF4MY.cer (raw, json)
Hash identifier:          vphuoxf2D57E2N7EZBii9p71Pcn5fxFCrhsqdoQKHyE=
Subject key identifier:   27:7D:B6:AB:77:9E:3D:53:33:C9:7A:B2:28:5B:98:80:01:C5:E0:C6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B797EA67AE53EDD0F5B5010C39C91BAE1
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/74c1572c-e97c-4100-aeff-1373f4e9433a/0/277DB6AB779E3D5333C97AB2285B988001C5E0C6.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/74c1572c-e97c-4100-aeff-1373f4e9433a/0/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 12:18:21 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 215241
Validation:               Failed, certificate revoked on Tue 24 Feb 2026 07:50:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:7e:a6:7a:e5:3e:dd:0f:5b:50:10:c3:9c:91:ba:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 12:18:21 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=277db6ab779e3d5333c97ab2285b988001c5e0c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:2e:88:0d:77:1f:fe:4c:68:9f:e2:f3:72:0b:
                    aa:c4:d6:ca:e1:87:4b:a7:0d:6b:20:53:63:f7:91:
                    48:f1:9c:f6:8d:82:92:8b:9a:fa:ed:76:e8:c1:b3:
                    40:dc:d3:09:fa:d6:06:11:72:80:c1:15:2e:cd:25:
                    14:06:62:d6:9e:38:2f:ba:1b:55:f5:a3:1d:6f:b4:
                    d6:36:d5:61:e8:3b:20:64:56:e5:fe:a5:f9:f5:e2:
                    b8:af:35:c6:61:d1:4b:5d:ce:44:10:b4:2d:65:8b:
                    ae:45:02:49:0d:63:f0:ec:a9:6f:9b:f1:92:c0:0b:
                    b5:7d:36:21:4c:17:31:6a:65:45:e8:b4:ed:d1:59:
                    1f:cd:46:9a:f3:40:45:b7:0a:53:12:d2:89:34:21:
                    1e:c8:3f:9c:4f:b9:fc:f4:a2:b6:ea:00:9e:0c:18:
                    3f:0c:f9:0a:6a:99:a9:2f:3a:a0:f3:5e:d4:6d:b0:
                    dd:98:2f:42:51:09:93:a2:99:0c:05:b7:f8:57:56:
                    7e:c1:74:d9:58:5a:8f:ea:01:68:f4:19:18:94:99:
                    ec:57:73:43:8b:ca:0d:ce:b0:f4:55:29:c0:86:b5:
                    99:24:eb:f4:f1:48:8f:5c:2f:65:c7:2b:46:3c:c1:
                    68:42:4a:2d:a1:8e:86:92:0a:8d:d4:8d:85:22:35:
                    f5:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:7D:B6:AB:77:9E:3D:53:33:C9:7A:B2:28:5B:98:80:01:C5:E0:C6
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/74c1572c-e97c-4100-aeff-1373f4e9433a/0/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/74c1572c-e97c-4100-aeff-1373f4e9433a/0/277DB6AB779E3D5333C97AB2285B988001C5E0C6.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  215241

    Signature Algorithm: sha256WithRSAEncryption
         9f:6a:72:d2:4f:ef:d6:33:ff:f9:53:62:c1:2e:a7:9b:5b:7d:
         0a:c3:3d:ad:dc:e3:95:4f:5e:6f:28:9a:c4:9a:b8:18:ba:96:
         57:a1:a5:f4:85:e0:81:23:ed:95:41:a7:02:24:27:9d:9f:a9:
         55:6a:47:78:d5:e7:73:01:f4:64:91:9d:5d:70:e6:fb:29:f9:
         60:d9:54:27:4b:bb:7b:a9:14:b6:45:dd:ec:8c:e3:d9:ea:01:
         ae:a1:dc:c1:99:2c:1d:e9:9f:29:de:02:64:06:92:10:94:80:
         6f:78:52:47:71:7d:ed:d3:5e:4c:ae:f4:fd:50:49:6f:14:ab:
         d2:9b:bf:c2:7e:78:86:39:ee:0b:91:f3:20:84:d1:f2:1b:80:
         d9:21:9b:eb:bd:c5:8b:df:ef:82:d1:32:9f:b3:6c:4b:51:30:
         36:b2:a7:3b:5e:b7:91:77:2d:12:d5:28:ae:1e:ec:e2:58:e2:
         16:54:67:c0:3b:81:d0:57:d5:cd:fd:51:be:ca:09:e1:13:cc:
         fc:ea:dc:a6:dd:af:c7:1d:d2:11:2f:cb:0e:8d:34:3b:9d:3b:
         76:88:24:22:97:71:df:8a:4c:09:30:cc:48:54:af:6c:80:28:
         d2:9c:4a:3e:a9:8c:bb:67:06:63:2e:0c:ae:41:a2:95:66:01:
         77:9a:0b:d7
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAZt5fqZ65T7dD1tQEMOckbrhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMTIxODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzdkYjZhYjc3OWUzZDUzMzNjOTdhYjIyODViOTg4MDAxYzVlMGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApS6IDXcf/kxon+LzcguqxNbK4YdL
pw1rIFNj95FI8Zz2jYKSi5r67XbowbNA3NMJ+tYGEXKAwRUuzSUUBmLWnjgvuhtV
9aMdb7TWNtVh6DsgZFbl/qX59eK4rzXGYdFLXc5EELQtZYuuRQJJDWPw7Klvm/GS
wAu1fTYhTBcxamVF6LTt0VkfzUaa80BFtwpTEtKJNCEeyD+cT7n89KK26gCeDBg/
DPkKapmpLzqg817UbbDdmC9CUQmTopkMBbf4V1Z+wXTZWFqP6gFo9BkYlJnsV3ND
i8oNzrD0VSnAhrWZJOv08UiPXC9lxytGPMFoQkotoY6GkgqN1I2FIjX1JwIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFCd9tqt3nj1TM8l6sihbmIABxeDGMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzc0YzE1
NzJjLWU5N2MtNDEwMC1hZWZmLTEzNzNmNGU5NDMzYS8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzRj
MTU3MmMtZTk3Yy00MTAwLWFlZmYtMTM3M2Y0ZTk0MzNhLzAvMjc3REI2QUI3NzlF
M0Q1MzMzQzk3QUIyMjg1Qjk4ODAwMUM1RTBDNi5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDSMkw
DQYJKoZIhvcNAQELBQADggEBAJ9qctJP79Yz//lTYsEup5tbfQrDPa3c45VPXm8o
msSauBi6llehpfSF4IEj7ZVBpwIkJ52fqVVqR3jV53MB9GSRnV1w5vsp+WDZVCdL
u3upFLZF3eyM49nqAa6h3MGZLB3pnyneAmQGkhCUgG94Ukdxfe3TXkyu9P1QSW8U
q9Kbv8J+eIY57guR8yCE0fIbgNkhm+u9xYvf74LRMp+zbEtRMDaypztet5F3LRLV
KK4e7OJY4hZUZ8A7gdBX1c39Ub7KCeETzPzq3Kbdr8cd0hEvyw6NNDudO3aIJCKX
cd+KTAkwzEhUr2yAKNKcSj6pjLtnBmMuDK5BopVmAXeaC9c=
-----END CERTIFICATE-----