Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
File:                     WuRDcClllTn1T5ALNeQ74GqUs3s.cer (raw, json)
Hash identifier:          IoLQtiVUi3DIPmNdSvk/rZVGAntX54A6JEQS37+k2Ss=
Subject key identifier:   5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0190B67E59DC842D575915B63B0CA7F1970B
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Mon 15 Jul 2024 13:04:12 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 62079
                          AS: 207841
                          IP: 185.1.232.0/24
                          IP: 193.57.144.0/24
                          IP: 193.57.159.0/24
                          IP: 193.57.167.0 -- 193.57.168.255
                          IP: 195.200.20.0/23
                          IP: 2001:7f8:123::/48
                          IP: 2a0f:85c0::/29

Validation:               Failed, certificate revoked on Fri 23 Aug 2024 08:01:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:b6:7e:59:dc:84:2d:57:59:15:b6:3b:0c:a7:f1:97:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jul 15 13:04:12 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5ae4437029659539f54f900b35e43be06a94b37b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:9c:9b:b3:78:9e:89:07:10:3e:3a:77:4f:f4:
                    6d:56:90:7c:18:99:c6:43:a4:17:39:ee:c3:9a:94:
                    ba:94:14:c6:b1:84:6c:7f:9d:10:06:f6:77:cc:7f:
                    d1:23:0a:85:a4:3c:8c:95:80:8a:2e:96:d5:f4:f3:
                    0f:14:bb:46:99:fd:3f:98:1a:04:b0:16:62:3c:96:
                    cc:fa:9e:3c:f1:fa:67:8c:17:40:b2:9d:e4:ac:3b:
                    ee:eb:ce:4b:ee:e8:f5:e3:2b:b7:ee:53:c1:97:67:
                    7e:ea:3f:9d:f4:30:a5:48:db:34:56:38:39:31:86:
                    50:7d:d6:69:bd:5e:60:e6:03:2a:39:49:c7:ce:dd:
                    ed:bd:df:12:ce:4b:ce:55:8e:0a:48:a8:db:f6:16:
                    df:48:44:1b:23:4f:04:41:4c:61:d4:26:1d:b1:ef:
                    12:3d:99:23:4e:fb:ee:1c:43:3b:49:ef:60:ff:80:
                    70:fb:f9:4e:81:a4:98:09:39:e4:ce:1d:d8:7d:83:
                    04:7c:08:50:04:8f:39:0a:a1:d6:83:9a:b0:9b:c8:
                    46:52:6e:94:15:01:e6:77:2f:ec:5d:db:eb:89:1b:
                    f1:70:75:ba:1b:28:36:b5:a0:d9:63:6d:59:38:97:
                    ff:c3:a0:81:c9:4e:96:2d:c2:cc:9c:16:a1:e6:44:
                    be:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.1.232.0/24
                  193.57.144.0/24
                  193.57.159.0/24
                  193.57.167.0-193.57.168.255
                  195.200.20.0/23
                IPv6:
                  2001:7f8:123::/48
                  2a0f:85c0::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  62079
                  207841

    Signature Algorithm: sha256WithRSAEncryption
         09:89:1d:5f:e2:cd:c2:04:a2:47:76:f3:6a:66:3b:46:d8:5b:
         21:a7:ed:bd:a7:c9:e2:50:09:c9:5a:fb:72:f7:8b:5b:37:7b:
         9d:08:62:19:59:ba:e4:3b:bf:ed:78:de:4f:cc:e7:1b:5a:4d:
         90:42:a2:29:10:8a:90:44:b7:2b:03:09:4b:7b:10:a2:eb:6c:
         61:ed:b4:9a:df:3c:8f:8b:ac:ba:e8:9d:b0:c2:1f:93:79:f6:
         ab:e9:3d:f0:62:75:cb:af:90:80:e0:72:82:55:cd:bf:eb:3f:
         e5:42:98:8b:60:f3:5f:31:c4:71:bf:e0:96:e2:c4:45:46:88:
         23:94:b6:43:04:c8:8a:cd:c3:82:46:b5:25:58:07:7d:21:bf:
         4a:e7:10:da:c4:63:89:0a:7a:4b:f6:bf:f3:c0:cb:36:fc:eb:
         6f:18:ac:c5:d1:d2:49:4b:09:4d:bd:40:fb:e8:06:85:71:58:
         8a:46:d9:d4:e2:4e:ec:a3:5f:7c:52:dc:e4:c9:6e:aa:23:bb:
         fc:a6:0f:53:ea:09:65:a3:73:b7:82:55:c8:5c:86:47:7f:6f:
         dc:a8:44:aa:fe:cc:d1:d1:c3:7a:29:18:81:09:6c:51:41:7b:
         fb:0e:74:7c:dd:35:70:f5:31:f0:6e:11:c4:20:e3:d4:e0:9c:
         d4:f3:f5:b9
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAZC2flnchC1XWRW2Owyn8ZcLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNzE1MTMwNDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWU0NDM3MDI5NjU5NTM5ZjU0ZjkwMGIzNWU0M2JlMDZhOTRiMzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupybs3ieiQcQPjp3T/RtVpB8GJnG
Q6QXOe7DmpS6lBTGsYRsf50QBvZ3zH/RIwqFpDyMlYCKLpbV9PMPFLtGmf0/mBoE
sBZiPJbM+p488fpnjBdAsp3krDvu685L7uj14yu37lPBl2d+6j+d9DClSNs0Vjg5
MYZQfdZpvV5g5gMqOUnHzt3tvd8SzkvOVY4KSKjb9hbfSEQbI08EQUxh1CYdse8S
PZkjTvvuHEM7Se9g/4Bw+/lOgaSYCTnkzh3YfYMEfAhQBI85CqHWg5qwm8hGUm6U
FQHmdy/sXdvriRvxcHW6Gyg2taDZY21ZOJf/w6CByU6WLcLMnBah5kS+swIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFFrkQ3ApZZU59U+QCzXkO+BqlLN7MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBh
ZGQzLWE4OGUtNGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmMy
MGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhmMTk2LzAvNUFFNDQzNzAyOTY1
OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjBXBggrBgEFBQcBBwEB/wRIMEYwLAQCAAEwJgME
ALkB6AMEAME5kAMEAME5nzAMAwQAwTmnAwQAwTmoAwQBw8gUMBYEAgACMBADBwAg
AQf4ASMDBQMqD4XAMB8GCCsGAQUFBwEIAQH/BBAwDqAMMAoCAwDyfwIDAyvhMA0G
CSqGSIb3DQEBCwUAA4IBAQAJiR1f4s3CBKJHdvNqZjtG2Fshp+29p8niUAnJWvty
94tbN3udCGIZWbrkO7/teN5PzOcbWk2QQqIpEIqQRLcrAwlLexCi62xh7bSa3zyP
i6y66J2wwh+Tefar6T3wYnXLr5CA4HKCVc2/6z/lQpiLYPNfMcRxv+CW4sRFRogj
lLZDBMiKzcOCRrUlWAd9Ib9K5xDaxGOJCnpL9r/zwMs2/OtvGKzF0dJJSwlNvUD7
6AaFcViKRtnU4k7so198UtzkyW6qI7v8pg9T6gllo3O3glXIXIZHf2/cqESq/szR
0cN6KRiBCWxRQXv7DnR83TVw9THwbhHEIOPU4JzU8/W5
-----END CERTIFICATE-----