Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Z39mPNqlmWhoAZsF0Qm6rTVYvjo.cer
File:                     Z39mPNqlmWhoAZsF0Qm6rTVYvjo.cer (raw, json)
Hash identifier:          VzEkR2vGNobk0iKivLS7MOqxhOAS0pmGtGkrpcf3QgI=
Subject key identifier:   67:7F:66:3C:DA:A5:99:68:68:01:9B:05:D1:09:BA:AD:35:58:BE:3A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01946FA50DF98300E36585FBA536B0E43585
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/0229bc11-dc0c-4ee5-838d-077696223e74/0/677F663CDAA5996868019B05D109BAAD3558BE3A.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/0229bc11-dc0c-4ee5-838d-077696223e74/0/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Thu 16 Jan 2025 15:04:35 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 200454
Validation:               Failed, certificate revoked on Mon 20 Jan 2025 04:42:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:6f:a5:0d:f9:83:00:e3:65:85:fb:a5:36:b0:e4:35:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan 16 15:04:35 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=677f663cdaa5996868019b05d109baad3558be3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:ec:12:72:61:14:a9:6d:d2:b2:ee:51:7c:eb:
                    13:a6:e8:a0:76:e0:4c:b9:c1:fa:a4:bc:24:84:f4:
                    e8:eb:8d:6a:d4:8c:18:3c:e7:98:d0:4d:5f:50:c2:
                    4b:e9:50:2b:4c:5a:ba:a7:78:af:54:73:08:15:15:
                    3d:78:6b:12:a1:25:79:85:37:23:fc:c0:39:fc:3e:
                    3e:3e:0a:15:69:78:1a:f4:46:10:a8:8a:5f:eb:ef:
                    c4:7f:76:07:44:4d:24:cc:7b:9b:28:41:f4:c2:53:
                    94:fd:7f:24:55:fe:2c:3f:df:6f:eb:9f:b1:01:a9:
                    5e:4b:fa:b3:c9:ee:f8:af:df:16:af:6c:d3:c1:7f:
                    8f:93:ae:c2:56:35:51:f2:49:5e:39:8f:21:6d:b5:
                    15:49:de:1d:e5:8a:f9:92:16:bb:82:78:5c:81:9b:
                    16:9d:9a:0e:80:92:b1:d9:0b:75:b9:37:ca:56:a6:
                    22:0a:19:1a:95:ce:b9:ca:11:92:60:66:bc:47:96:
                    bc:7d:75:28:bf:d7:f8:47:6f:64:cb:4d:db:9f:a5:
                    61:4c:04:19:b5:57:01:74:ac:61:cf:b9:2e:e8:98:
                    4b:7f:31:5b:2e:bd:7b:cf:48:96:1e:3e:55:5c:30:
                    a3:2a:9e:f6:7c:bc:00:1d:fe:d8:17:4b:16:b1:a6:
                    a1:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:7F:66:3C:DA:A5:99:68:68:01:9B:05:D1:09:BA:AD:35:58:BE:3A
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/0229bc11-dc0c-4ee5-838d-077696223e74/0/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/0229bc11-dc0c-4ee5-838d-077696223e74/0/677F663CDAA5996868019B05D109BAAD3558BE3A.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  200454

    Signature Algorithm: sha256WithRSAEncryption
         42:b9:27:ab:6c:4e:d3:d4:58:1c:b1:95:36:f3:57:98:87:26:
         24:3b:3b:b8:a2:50:0f:bc:4b:92:0f:93:98:5f:ab:83:6d:bb:
         5d:ea:61:0c:0e:5d:b0:4b:3a:da:c9:cb:37:ae:04:fe:e4:db:
         34:db:77:12:34:49:4a:8d:5d:6f:10:92:2a:6d:b1:7a:d5:e5:
         2b:4e:c5:94:29:2c:37:ff:12:35:7b:64:34:24:35:bc:28:2b:
         00:f4:28:b5:aa:8c:6c:86:c8:05:68:40:de:21:46:bb:e0:0a:
         ea:2d:05:0e:11:02:e1:50:0a:b2:e8:21:17:b9:ad:fd:3c:8a:
         5b:fc:f7:34:6e:60:0f:1b:0f:98:bf:54:40:dc:f6:1e:06:7f:
         ec:e2:89:ba:86:a5:ab:02:00:5f:4d:96:f3:5c:46:ca:29:4e:
         74:d1:b4:e3:d0:40:ee:a3:5a:3b:c1:75:94:e0:ac:f3:fe:eb:
         ab:67:20:f2:c1:a4:d5:c1:b8:50:b0:43:d0:83:11:cc:c0:a4:
         01:81:7d:e8:0a:9d:cf:2e:24:e2:70:b4:68:74:d2:e1:c9:c2:
         df:a0:0d:c2:dd:5a:2e:3c:87:e2:4a:fb:8f:c5:e1:28:f8:61:
         a1:58:68:c2:44:35:aa:62:1e:13:87:bb:aa:18:ba:ab:c0:19:
         a0:ad:34:5a
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAZRvpQ35gwDjZYX7pTaw5DWFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTE2MTUwNDM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzdmNjYzY2RhYTU5OTY4NjgwMTliMDVkMTA5YmFhZDM1NThiZTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7OwScmEUqW3Ssu5RfOsTpuigduBM
ucH6pLwkhPTo641q1IwYPOeY0E1fUMJL6VArTFq6p3ivVHMIFRU9eGsSoSV5hTcj
/MA5/D4+PgoVaXga9EYQqIpf6+/Ef3YHRE0kzHubKEH0wlOU/X8kVf4sP99v65+x
AaleS/qzye74r98Wr2zTwX+Pk67CVjVR8kleOY8hbbUVSd4d5Yr5kha7gnhcgZsW
nZoOgJKx2Qt1uTfKVqYiChkalc65yhGSYGa8R5a8fXUov9f4R29ky03bn6VhTAQZ
tVcBdKxhz7ku6JhLfzFbLr17z0iWHj5VXDCjKp72fLwAHf7YF0sWsaahFQIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFGd/ZjzapZloaAGbBdEJuq01WL46MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzAyMjli
YzExLWRjMGMtNGVlNS04MzhkLTA3NzY5NjIyM2U3NC8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDIy
OWJjMTEtZGMwYy00ZWU1LTgzOGQtMDc3Njk2MjIzZTc0LzAvNjc3RjY2M0NEQUE1
OTk2ODY4MDE5QjA1RDEwOUJBQUQzNTU4QkUzQS5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDDwYw
DQYJKoZIhvcNAQELBQADggEBAEK5J6tsTtPUWByxlTbzV5iHJiQ7O7iiUA+8S5IP
k5hfq4Ntu13qYQwOXbBLOtrJyzeuBP7k2zTbdxI0SUqNXW8QkiptsXrV5StOxZQp
LDf/EjV7ZDQkNbwoKwD0KLWqjGyGyAVoQN4hRrvgCuotBQ4RAuFQCrLoIRe5rf08
ilv89zRuYA8bD5i/VEDc9h4Gf+ziibqGpasCAF9NlvNcRsopTnTRtOPQQO6jWjvB
dZTgrPP+66tnIPLBpNXBuFCwQ9CDEczApAGBfegKnc8uJOJwtGh00uHJwt+gDcLd
Wi48h+JK+4/F4Sj4YaFYaMJENapiHhOHu6oYuqvAGaCtNFo=
-----END CERTIFICATE-----