Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/MT9J02KWoVZbhRB8Ka6jiSDfDfo.cer
File:                     MT9J02KWoVZbhRB8Ka6jiSDfDfo.cer (raw, json)
Hash identifier:          rtBaaChhZU3x5Lwan8CcTNDpIyPArg12J59mwYR3D5k=
Subject key identifier:   31:3F:49:D3:62:96:A1:56:5B:85:10:7C:29:AE:A3:89:20:DF:0D:FA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856AF517ACAA270030F3BF32C0697BCFBA
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/fc/d11f09-8f53-4a45-84e5-38f520ac7966/1/MT9J02KWoVZbhRB8Ka6jiSDfDfo.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/fc/d11f09-8f53-4a45-84e5-38f520ac7966/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 01 Jan 2023 01:32:05 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    IP: 193.57.104.0/24
                          IP: 193.57.108.0/24
                          IP: 193.57.127.0/24
                          IP: 193.57.140.0/24
                          IP: 2a0f:8540::/29

Validation:               Failed, certificate revoked on Fri 29 Dec 2023 10:02:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6a:f5:17:ac:aa:27:00:30:f3:bf:32:c0:69:7b:cf:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 01:32:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=313f49d36296a1565b85107c29aea38920df0dfa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:e3:d1:95:7b:0a:b6:46:80:e1:24:13:05:6a:
                    33:73:ea:11:9e:69:8e:da:f0:e8:1d:65:23:95:02:
                    80:ea:34:ea:97:4a:78:ca:db:d2:85:a0:a1:ea:c2:
                    6e:f5:1e:06:f0:e0:5c:ff:b3:b5:73:22:75:93:af:
                    3d:90:f7:05:a0:6d:a2:dd:dc:56:f1:95:8d:f2:1c:
                    e2:01:41:09:20:66:1f:43:9e:f0:d5:eb:82:64:54:
                    c3:e6:36:d9:ef:b2:c2:60:bc:ec:b9:22:b0:b9:16:
                    3e:f6:12:36:59:97:1d:82:a9:f1:49:34:12:ec:96:
                    e5:3a:ff:b2:79:42:4a:c3:87:ff:d3:34:ef:c1:d6:
                    6d:80:41:b8:ef:fb:01:92:a2:5d:00:31:c2:1d:b3:
                    87:6f:df:e7:9d:bc:a2:9b:02:85:80:2c:3d:31:ef:
                    42:5e:9c:1c:b6:ef:b1:17:91:5a:27:47:e3:91:c3:
                    c0:86:f5:88:e6:be:57:9c:92:bc:61:f9:53:03:f3:
                    ac:2c:0b:71:e1:7b:11:33:04:3a:66:ae:53:67:40:
                    38:5c:52:76:2c:09:94:78:7c:2d:30:5e:ed:9a:04:
                    7c:ee:eb:8e:65:1b:fa:eb:29:56:f9:83:f5:cb:97:
                    05:2c:9d:01:cb:ae:4b:12:68:6c:1d:43:76:11:b1:
                    35:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:3F:49:D3:62:96:A1:56:5B:85:10:7C:29:AE:A3:89:20:DF:0D:FA
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/d11f09-8f53-4a45-84e5-38f520ac7966/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/d11f09-8f53-4a45-84e5-38f520ac7966/1/MT9J02KWoVZbhRB8Ka6jiSDfDfo.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.57.104.0/24
                  193.57.108.0/24
                  193.57.127.0/24
                  193.57.140.0/24
                IPv6:
                  2a0f:8540::/29

    Signature Algorithm: sha256WithRSAEncryption
         03:78:df:bc:e1:14:7a:aa:19:9e:35:e7:16:82:1c:fd:bd:da:
         d5:c4:72:75:a4:03:f8:13:62:0e:01:ff:e0:a3:e3:dc:b0:8f:
         10:bc:50:17:0f:53:4e:b1:09:52:b2:04:89:ea:72:5b:81:97:
         b7:d6:ae:77:85:e4:3b:99:84:cc:3f:7b:17:07:fe:36:46:48:
         dc:78:55:57:c0:c0:92:50:8d:c9:cc:c3:7c:26:f4:d8:36:b4:
         91:7f:e0:87:eb:03:6f:61:ba:2d:54:3a:9d:59:87:ad:60:13:
         d4:27:3c:e5:d1:ed:c3:e8:ba:9a:cf:60:4b:2d:73:48:ee:17:
         66:d4:06:8f:dc:c8:c5:84:73:93:56:43:c9:5a:05:6d:3a:79:
         f3:f9:42:78:77:15:c4:5d:6a:46:63:43:68:cf:56:bc:25:f2:
         c2:54:f4:f5:91:a1:86:80:16:4f:e3:c2:28:34:6a:5e:b3:4c:
         01:a3:4b:82:73:47:34:89:2a:eb:87:60:b5:5c:07:7e:65:ba:
         cb:8b:37:63:6b:ef:d1:23:db:77:ae:8a:52:bc:47:fb:f1:01:
         20:8b:c4:07:21:05:54:b2:a2:a2:99:17:1d:2b:5c:08:68:70:
         f2:29:b1:d1:4d:3f:b5:61:ce:fc:7b:19:51:14:39:c0:0e:90:
         f5:59:a9:92
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAYVq9ResqicAMPO/MsBpe8+6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMDEzMjA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTNmNDlkMzYyOTZhMTU2NWI4NTEwN2MyOWFlYTM4OTIwZGYwZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOPRlXsKtkaA4SQTBWozc+oRnmmO
2vDoHWUjlQKA6jTql0p4ytvShaCh6sJu9R4G8OBc/7O1cyJ1k689kPcFoG2i3dxW
8ZWN8hziAUEJIGYfQ57w1euCZFTD5jbZ77LCYLzsuSKwuRY+9hI2WZcdgqnxSTQS
7JblOv+yeUJKw4f/0zTvwdZtgEG47/sBkqJdADHCHbOHb9/nnbyimwKFgCw9Me9C
Xpwctu+xF5FaJ0fjkcPAhvWI5r5XnJK8YflTA/OsLAtx4XsRMwQ6Zq5TZ0A4XFJ2
LAmUeHwtMF7tmgR87uuOZRv66ylW+YP1y5cFLJ0By65LEmhsHUN2EbE1dwIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFDE/SdNilqFWW4UQfCmuo4kg3w36MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZjL2QxMWYw
OS04ZjUzLTRhNDUtODRlNS0zOGY1MjBhYzc5NjYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmMvZDExZjA5
LThmNTMtNGE0NS04NGU1LTM4ZjUyMGFjNzk2Ni8xL01UOUowMktXb1ZaYmhSQjhL
YTZqaVNEZkRmby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUF
BwEHAQH/BDEwLzAeBAIAATAYAwQAwTloAwQAwTlsAwQAwTl/AwQAwTmMMA0EAgAC
MAcDBQMqD4VAMA0GCSqGSIb3DQEBCwUAA4IBAQADeN+84RR6qhmeNecWghz9vdrV
xHJ1pAP4E2IOAf/go+PcsI8QvFAXD1NOsQlSsgSJ6nJbgZe31q53heQ7mYTMP3sX
B/42RkjceFVXwMCSUI3JzMN8JvTYNrSRf+CH6wNvYbotVDqdWYetYBPUJzzl0e3D
6Lqaz2BLLXNI7hdm1AaP3MjFhHOTVkPJWgVtOnnz+UJ4dxXEXWpGY0Noz1a8JfLC
VPT1kaGGgBZP48IoNGpes0wBo0uCc0c0iSrrh2C1XAd+ZbrLizdja+/RI9t3ropS
vEf78QEgi8QHIQVUsqKimRcdK1wIaHDyKbHRTT+1Yc78exlRFDnADpD1WamS
-----END CERTIFICATE-----