Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/TiWdgGE5-VPkfDUJBKrO7GzDmh8.cer
File:                     TiWdgGE5-VPkfDUJBKrO7GzDmh8.cer (raw, json)
Hash identifier:          qjABrbzXConkWThaOr2DzmhQyk7UE6lIHrCuTr0T2Tg=
Subject key identifier:   4E:25:9D:80:61:39:F9:53:E4:7C:35:09:04:AA:CE:EC:6C:C3:9A:1F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856D1A9B8C295049111F24BC8BCC9A5CE5
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/07/71c5fd-e36f-42f6-926b-58a2457c6fd5/1/TiWdgGE5-VPkfDUJBKrO7GzDmh8.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/07/71c5fd-e36f-42f6-926b-58a2457c6fd5/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 01 Jan 2023 11:32:18 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    IP: 178.255.221.0/24
                          IP: 2a11:ed80::/29

Validation:               Failed, certificate revoked on Fri 10 Nov 2023 16:20:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:1a:9b:8c:29:50:49:11:1f:24:bc:8b:cc:9a:5c:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 11:32:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4e259d806139f953e47c350904aaceec6cc39a1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:08:15:fb:cd:6b:40:c8:e8:7e:fa:14:b9:f6:
                    f3:0a:44:d8:bd:85:07:39:1d:b9:6d:23:88:69:fd:
                    5e:64:33:06:a2:9b:11:b2:a5:85:b0:70:2b:eb:5a:
                    bf:ba:cd:39:07:1a:96:7d:74:3f:95:84:81:91:c2:
                    18:df:2d:fa:59:7a:9e:dd:44:63:41:2a:96:e9:73:
                    e2:d8:15:db:c9:5c:83:a0:65:d7:e3:85:c6:35:77:
                    c5:ed:1d:ee:d5:6b:69:0d:75:09:d1:4b:2f:f3:99:
                    bc:f0:da:bb:70:1b:4c:fe:23:02:e3:fb:f4:3c:28:
                    5f:51:42:75:38:d1:b8:42:76:02:0c:86:c5:74:06:
                    aa:a3:7c:00:84:ef:5f:fe:c0:73:17:a4:8d:4b:d5:
                    b4:93:cb:e0:4b:69:4e:99:54:f0:38:67:94:8d:df:
                    02:f3:41:6d:1a:1e:86:b2:6f:30:09:be:2a:b1:f9:
                    53:b2:8e:c7:e7:98:78:ec:d2:dc:17:80:a7:a7:e3:
                    be:55:d2:19:1b:44:b1:8d:da:c1:c8:ca:ec:0e:e4:
                    f5:8d:26:ba:39:79:d5:06:ca:a7:6c:e2:29:3a:95:
                    5a:af:bf:17:28:6c:2b:fd:29:08:cc:a4:1b:13:35:
                    43:68:bb:c6:93:20:39:31:28:65:3a:60:9a:be:13:
                    6d:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:25:9D:80:61:39:F9:53:E4:7C:35:09:04:AA:CE:EC:6C:C3:9A:1F
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/71c5fd-e36f-42f6-926b-58a2457c6fd5/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/71c5fd-e36f-42f6-926b-58a2457c6fd5/1/TiWdgGE5-VPkfDUJBKrO7GzDmh8.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.255.221.0/24
                IPv6:
                  2a11:ed80::/29

    Signature Algorithm: sha256WithRSAEncryption
         54:49:d7:cc:1f:13:4e:36:46:2d:97:99:a5:c9:b0:6c:e0:77:
         c9:3f:e9:45:df:e2:63:49:99:3f:10:e2:5d:48:61:26:de:77:
         eb:dc:32:7f:a9:c3:8c:6c:f2:2e:43:73:31:ad:5d:10:2f:84:
         ed:94:51:53:c5:10:db:13:8d:72:db:1f:b0:a5:d3:72:4b:b3:
         da:ff:dd:96:a4:93:aa:8b:a4:4a:8a:ef:35:24:cc:ca:d9:ab:
         c1:72:0b:5c:de:8e:06:47:26:02:45:91:a5:c8:89:f1:fa:10:
         70:7b:c0:13:8d:54:26:3c:e1:87:fc:fb:c1:ad:96:03:15:85:
         ce:15:93:ca:00:e2:a6:30:a2:11:f9:be:21:46:3f:42:be:87:
         74:92:2e:f0:7c:1d:bc:28:f1:ff:43:76:30:78:cb:da:a4:03:
         c0:9e:9b:68:aa:db:31:c2:bf:fb:e0:ec:41:90:67:12:38:ff:
         80:51:ff:84:f8:cf:70:4e:ec:c9:88:0b:99:18:08:86:b1:d7:
         f6:a8:9e:92:93:d6:08:ca:1d:38:f3:b6:47:e6:01:be:87:ab:
         80:2b:a3:75:b4:b0:e8:f5:85:60:30:cd:d0:35:99:95:74:be:
         db:ca:a5:ec:21:63:85:22:4f:b1:5c:a3:cd:0e:65:66:7f:31:
         8c:92:38:f2
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVtGpuMKVBJER8kvIvMmlzlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTEzMjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTI1OWQ4MDYxMzlmOTUzZTQ3YzM1MDkwNGFhY2VlYzZjYzM5YTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjggV+81rQMjofvoUufbzCkTYvYUH
OR25bSOIaf1eZDMGopsRsqWFsHAr61q/us05BxqWfXQ/lYSBkcIY3y36WXqe3URj
QSqW6XPi2BXbyVyDoGXX44XGNXfF7R3u1WtpDXUJ0Usv85m88Nq7cBtM/iMC4/v0
PChfUUJ1ONG4QnYCDIbFdAaqo3wAhO9f/sBzF6SNS9W0k8vgS2lOmVTwOGeUjd8C
80FtGh6Gsm8wCb4qsflTso7H55h47NLcF4Cnp+O+VdIZG0SxjdrByMrsDuT1jSa6
OXnVBsqnbOIpOpVar78XKGwr/SkIzKQbEzVDaLvGkyA5MShlOmCavhNt6wIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFE4lnYBhOflT5Hw1CQSqzuxsw5ofMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA3LzcxYzVm
ZC1lMzZmLTQyZjYtOTI2Yi01OGEyNDU3YzZmZDUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcvNzFjNWZk
LWUzNmYtNDJmNi05MjZiLTU4YTI0NTdjNmZkNS8xL1RpV2RnR0U1LVZQa2ZEVUpC
S3JPN0d6RG1oOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAsv/dMA0EAgACMAcDBQMqEe2AMA0GCSqGSIb3
DQEBCwUAA4IBAQBUSdfMHxNONkYtl5mlybBs4HfJP+lF3+JjSZk/EOJdSGEm3nfr
3DJ/qcOMbPIuQ3MxrV0QL4TtlFFTxRDbE41y2x+wpdNyS7Pa/92WpJOqi6RKiu81
JMzK2avBcgtc3o4GRyYCRZGlyInx+hBwe8ATjVQmPOGH/PvBrZYDFYXOFZPKAOKm
MKIR+b4hRj9Cvod0ki7wfB28KPH/Q3YweMvapAPAnptoqtsxwr/74OxBkGcSOP+A
Uf+E+M9wTuzJiAuZGAiGsdf2qJ6Sk9YIyh0487ZH5gG+h6uAK6N1tLDo9YVgMM3Q
NZmVdL7byqXsIWOFIk+xXKPNDmVmfzGMkjjy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:33:17 2024 by rpki-client on console-ams.rpki-client.org