Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/JzqIxXgWaYhQbhNkKtsS9jHgo8I.cer
File:                     JzqIxXgWaYhQbhNkKtsS9jHgo8I.cer (raw, json)
Hash identifier:          raibKHSr97YwEt6s14SnuvYAb+OVrHqzbV6a7VGBmdE=
Subject key identifier:   27:3A:88:C5:78:16:69:88:50:6E:13:64:2A:DB:12:F6:31:E0:A3:C2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC3493CC3BC642BBB890890FC9F61B0E4
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/68/9b4b96-2bdd-4bf5-a022-ee7896e5cc95/1/JzqIxXgWaYhQbhNkKtsS9jHgo8I.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/68/9b4b96-2bdd-4bf5-a022-ee7896e5cc95/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:30:06 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 91.234.202.0/24

Validation:               Failed, certificate revoked on Wed 09 Oct 2024 10:03:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:3c:c3:bc:64:2b:bb:89:08:90:fc:9f:61:b0:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 04:30:06 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=273a88c578166988506e13642adb12f631e0a3c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:8b:dd:fa:a5:0f:c7:2a:6c:1d:18:da:91:e2:
                    be:51:74:d0:71:75:bd:b6:ea:4d:ef:b5:2c:40:dc:
                    7f:4d:2c:22:36:75:0a:6d:7c:92:fc:d1:c1:32:c6:
                    cf:41:de:9e:12:32:f5:33:34:e0:c6:c0:f9:84:5d:
                    da:be:48:29:98:a8:12:be:d9:d5:8c:44:15:6c:d5:
                    dc:17:93:d0:e4:f8:42:a9:cf:87:3e:27:08:82:76:
                    6b:a4:8b:8a:1b:4a:28:03:8d:4d:74:f3:59:2b:ff:
                    c6:51:ac:68:26:79:fd:86:e1:95:f9:ef:85:75:63:
                    a4:9b:17:0f:74:ee:f5:00:9a:2e:1a:2a:d6:80:e6:
                    9b:70:c6:78:79:12:69:a4:0e:74:59:ce:6c:fb:28:
                    99:8e:5d:ba:31:03:82:b1:97:cc:52:ea:ad:4e:7a:
                    c6:bd:76:e9:9b:da:a1:27:4c:dd:ad:3e:17:0e:53:
                    15:4a:a2:e3:a9:62:7b:06:c8:b3:62:7e:b8:28:ba:
                    02:29:28:1b:5a:46:23:20:a1:cc:57:50:65:7d:d4:
                    09:d3:02:0e:2a:8c:a4:85:5e:7c:67:69:de:fe:18:
                    1f:f5:53:24:f7:de:42:7d:8b:7c:90:e8:77:e3:c2:
                    b7:ff:c6:b8:ce:04:5b:9d:16:d0:83:6f:f1:5d:5e:
                    7d:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:3A:88:C5:78:16:69:88:50:6E:13:64:2A:DB:12:F6:31:E0:A3:C2
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/9b4b96-2bdd-4bf5-a022-ee7896e5cc95/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/9b4b96-2bdd-4bf5-a022-ee7896e5cc95/1/JzqIxXgWaYhQbhNkKtsS9jHgo8I.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.234.202.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:53:de:7b:c8:a2:5b:1f:2f:1e:d6:12:95:26:9b:0f:fe:5f:
         47:a8:4c:2b:e7:6e:a7:43:32:87:2c:64:3a:50:48:da:1f:ba:
         d0:3a:d8:7a:61:c8:1a:7d:a1:0f:b5:6b:41:b8:2d:9d:74:e1:
         0d:c8:1e:d6:8f:8d:8c:26:50:25:0c:d4:aa:6f:2a:b4:f8:7e:
         56:b7:4f:36:ab:54:1e:33:85:2c:3a:60:64:b2:a3:46:63:8a:
         2b:a0:13:00:79:44:81:b1:fa:35:30:7e:62:fb:ca:32:a4:63:
         33:6e:2b:06:2d:4e:a9:d1:38:18:b4:7c:e4:20:93:db:4f:47:
         1b:81:ed:0a:54:1f:8a:1b:d8:95:7d:28:36:a6:bc:73:b1:e8:
         e2:fc:cb:e3:ff:50:cc:55:b0:7a:bb:ac:ad:d8:59:6c:2b:7d:
         b4:63:1e:69:e0:4e:aa:f2:3b:ad:07:d3:ef:e7:3f:b7:a3:71:
         9b:9a:dd:62:63:b0:de:5f:f3:46:24:1c:e5:a0:96:fd:28:b5:
         6b:59:56:26:0b:73:b0:5e:62:6d:68:af:4c:c4:41:db:7c:44:
         ea:e8:9a:30:ea:4f:f3:00:fe:e6:81:b6:10:32:e7:14:9b:2f:
         bf:40:09:a0:4c:28:7d:11:fc:ca:06:f2:a2:5a:02:59:d5:d5:
         31:27:a2:d7
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYzDSTzDvGQru4kIkPyfYbDkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDQzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzNhODhjNTc4MTY2OTg4NTA2ZTEzNjQyYWRiMTJmNjMxZTBhM2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4vd+qUPxypsHRjakeK+UXTQcXW9
tupN77UsQNx/TSwiNnUKbXyS/NHBMsbPQd6eEjL1MzTgxsD5hF3avkgpmKgSvtnV
jEQVbNXcF5PQ5PhCqc+HPicIgnZrpIuKG0ooA41NdPNZK//GUaxoJnn9huGV+e+F
dWOkmxcPdO71AJouGirWgOabcMZ4eRJppA50Wc5s+yiZjl26MQOCsZfMUuqtTnrG
vXbpm9qhJ0zdrT4XDlMVSqLjqWJ7BsizYn64KLoCKSgbWkYjIKHMV1BlfdQJ0wIO
KoykhV58Z2ne/hgf9VMk995CfYt8kOh348K3/8a4zgRbnRbQg2/xXV59/QIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFCc6iMV4FmmIUG4TZCrbEvYx4KPCMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY4LzliNGI5
Ni0yYmRkLTRiZjUtYTAyMi1lZTc4OTZlNWNjOTUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgvOWI0Yjk2
LTJiZGQtNGJmNS1hMDIyLWVlNzg5NmU1Y2M5NS8xL0p6cUl4WGdXYVloUWJoTmtL
dHNTOWpIZ284SS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAW+rKMA0GCSqGSIb3DQEBCwUAA4IBAQB1U957
yKJbHy8e1hKVJpsP/l9HqEwr526nQzKHLGQ6UEjaH7rQOth6YcgafaEPtWtBuC2d
dOENyB7Wj42MJlAlDNSqbyq0+H5Wt082q1QeM4UsOmBksqNGY4oroBMAeUSBsfo1
MH5i+8oypGMzbisGLU6p0TgYtHzkIJPbT0cbge0KVB+KG9iVfSg2prxzseji/Mvj
/1DMVbB6u6yt2FlsK320Yx5p4E6q8jutB9Pv5z+3o3Gbmt1iY7DeX/NGJBzloJb9
KLVrWVYmC3OwXmJtaK9MxEHbfETq6Jow6k/zAP7mgbYQMucUmy+/QAmgTCh9EfzK
BvKiWgJZ1dUxJ6LX
-----END CERTIFICATE-----
Generated at Wed Oct 9 14:50:25 2024 by rpki-client on console-ams.rpki-client.org