Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bcDQX47p6Vj8ld5l3FmiFBxfHv0.cer
File:                     bcDQX47p6Vj8ld5l3FmiFBxfHv0.cer (raw, json)
Hash identifier:          dTxff9+2ahKmx4NtySYcYePEx4DHxCv+hKJ8cC0LWQI=
Subject key identifier:   6D:C0:D0:5F:8E:E9:E9:58:FC:95:DE:65:DC:59:A2:14:1C:5F:1E:FD
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01949275B85922AD68FE3EE9D07F862080C1
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/a7/1d57dd-5599-45a7-ab03-4d6ce0766eb5/1/bcDQX47p6Vj8ld5l3FmiFBxfHv0.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/a7/1d57dd-5599-45a7-ab03-4d6ce0766eb5/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 23 Jan 2025 09:19:36 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    IP: 185.71.64.0/22
                          IP: 185.121.240.0/22
                          IP: 2a06:a180::/29
Validation:               Failed, certificate revoked on Fri 24 Jan 2025 10:34:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:92:75:b8:59:22:ad:68:fe:3e:e9:d0:7f:86:20:80:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan 23 09:19:36 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=6dc0d05f8ee9e958fc95de65dc59a2141c5f1efd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:a6:46:d3:1d:33:f0:f0:94:1b:4f:12:73:9a:
                    1a:9e:1f:87:0e:77:ef:64:06:c0:c4:89:f5:8a:f4:
                    9b:da:8f:84:06:46:b0:2b:d7:4a:26:ff:7e:56:82:
                    98:e1:b3:83:26:b7:a4:cf:b7:58:0f:d8:1f:6a:6d:
                    bf:83:9e:3a:11:81:21:0e:95:e8:77:14:54:a1:8b:
                    26:07:22:30:13:cd:a8:16:e8:3f:1f:0f:c4:5c:fd:
                    9c:ba:49:9e:31:cd:9d:5d:19:45:df:15:7f:3e:5f:
                    f4:6c:67:63:c5:c4:95:26:d1:c5:b9:d8:5d:68:d6:
                    8c:22:0f:1a:ec:cc:4d:19:56:03:6c:2c:54:62:84:
                    9c:9d:3c:94:4a:f3:70:fa:60:c9:03:08:f9:38:0d:
                    e6:bd:1d:36:20:be:b1:4f:f6:67:02:a6:09:89:3b:
                    c6:e2:11:d5:dd:0a:2b:ad:0a:14:43:75:ae:06:7a:
                    25:ca:7b:03:9f:fb:c6:bc:b6:3b:18:d3:c8:ff:56:
                    07:19:9e:a7:4c:dc:5e:85:a5:a3:cd:7d:83:9e:4d:
                    6f:7f:3d:23:16:80:0e:85:80:dd:8b:aa:72:29:8f:
                    b3:70:d3:d3:82:20:af:88:58:32:29:17:c7:49:ee:
                    b5:93:5d:73:05:f3:85:ed:2f:9f:67:48:94:97:cd:
                    b8:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:C0:D0:5F:8E:E9:E9:58:FC:95:DE:65:DC:59:A2:14:1C:5F:1E:FD
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1d57dd-5599-45a7-ab03-4d6ce0766eb5/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1d57dd-5599-45a7-ab03-4d6ce0766eb5/1/bcDQX47p6Vj8ld5l3FmiFBxfHv0.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.71.64.0/22
                  185.121.240.0/22
                IPv6:
                  2a06:a180::/29

    Signature Algorithm: sha256WithRSAEncryption
         9b:26:fa:26:a1:1d:36:41:7a:bf:87:fe:b7:62:08:18:4b:07:
         ac:28:24:29:9e:3f:31:c9:83:94:c1:cb:2f:08:ce:01:3d:ae:
         44:dd:a5:12:56:9a:f9:cf:80:41:fc:df:93:02:e7:98:ae:e3:
         4b:b5:2c:07:44:dc:d0:da:26:43:5a:d6:fa:90:30:0c:92:62:
         71:99:2c:ce:6b:6a:ff:db:50:99:2f:85:44:b4:57:ed:eb:7c:
         7e:33:b0:72:86:a2:23:ef:a4:e1:e8:55:ed:87:ea:d6:9c:1b:
         f2:ac:36:28:93:a5:bf:86:ef:ff:14:c4:10:2e:41:e6:94:13:
         1d:64:78:3d:c2:cd:2b:51:1b:ea:a5:ae:55:64:f8:17:0f:32:
         1c:71:79:f1:fa:6b:16:7a:ab:64:98:52:d7:f4:51:24:b4:11:
         38:49:3b:ca:97:b5:71:bc:e1:98:8c:fb:13:36:47:b0:e4:23:
         87:e9:6c:7b:55:50:09:a4:08:43:bc:d0:da:8b:d8:5e:69:cc:
         56:1f:0c:6c:c0:56:42:e0:58:96:3b:a0:13:ca:cb:ef:ee:5b:
         3a:82:dd:c1:7a:49:7c:71:e1:89:2d:93:74:89:7b:01:27:17:
         52:98:d8:b9:29:c1:72:8d:74:1c:31:39:e8:0f:1d:2f:51:28:
         83:a2:03:f3
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAZSSdbhZIq1o/j7p0H+GIIDBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTIzMDkxOTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGMwZDA1ZjhlZTllOTU4ZmM5NWRlNjVkYzU5YTIxNDFjNWYxZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKZG0x0z8PCUG08Sc5oanh+HDnfv
ZAbAxIn1ivSb2o+EBkawK9dKJv9+VoKY4bODJrekz7dYD9gfam2/g546EYEhDpXo
dxRUoYsmByIwE82oFug/Hw/EXP2cukmeMc2dXRlF3xV/Pl/0bGdjxcSVJtHFudhd
aNaMIg8a7MxNGVYDbCxUYoScnTyUSvNw+mDJAwj5OA3mvR02IL6xT/ZnAqYJiTvG
4hHV3QorrQoUQ3WuBnolynsDn/vGvLY7GNPI/1YHGZ6nTNxehaWjzX2Dnk1vfz0j
FoAOhYDdi6pyKY+zcNPTgiCviFgyKRfHSe61k11zBfOF7S+fZ0iUl824UwIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFG3A0F+O6elY/JXeZdxZohQcXx79MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E3LzFkNTdk
ZC01NTk5LTQ1YTctYWIwMy00ZDZjZTA3NjZlYjUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcvMWQ1N2Rk
LTU1OTktNDVhNy1hYjAzLTRkNmNlMDc2NmViNS8xL2JjRFFYNDdwNlZqOGxkNWwz
Rm1pRkJ4Zkh2MC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCuUdAAwQCuXnwMA0EAgACMAcDBQMqBqGAMA0G
CSqGSIb3DQEBCwUAA4IBAQCbJvomoR02QXq/h/63YggYSwesKCQpnj8xyYOUwcsv
CM4BPa5E3aUSVpr5z4BB/N+TAueYruNLtSwHRNzQ2iZDWtb6kDAMkmJxmSzOa2r/
21CZL4VEtFft63x+M7ByhqIj76Th6FXth+rWnBvyrDYok6W/hu//FMQQLkHmlBMd
ZHg9ws0rURvqpa5VZPgXDzIccXnx+msWeqtkmFLX9FEktBE4STvKl7VxvOGYjPsT
Nkew5COH6Wx7VVAJpAhDvNDai9heacxWHwxswFZC4FiWO6ATysvv7ls6gt3Bekl8
ceGJLZN0iXsBJxdSmNi5KcFyjXQcMTnoDx0vUSiDogPz
-----END CERTIFICATE-----