Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dEQuM6j2FYC2tN_Ego2V4HiR9Lw.cer
File:                     dEQuM6j2FYC2tN_Ego2V4HiR9Lw.cer (raw, json)
Hash identifier:          JEJreox8wfnGRnZg/+imPVrI2ewVcLcinuS8JUY5ceU=
Subject key identifier:   74:44:2E:33:A8:F6:15:80:B6:B4:DF:C4:82:8D:95:E0:78:91:F4:BC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018E411AAB7039524791955C697CD987B5FE
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/ed998082-a17e-46c1-a5a8-7d197c958639/0/74442E33A8F61580B6B4DFC4828D95E07891F4BC.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/ed998082-a17e-46c1-a5a8-7d197c958639/0/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Fri 15 Mar 2024 07:54:10 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 215460
                          IP: 195.60.81.128/26
                          IP: 2001:7f8:154::/48
                          IP: 2a14:7c0::/29

Validation:               Failed, certificate revoked on Tue 28 May 2024 14:53:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:41:1a:ab:70:39:52:47:91:95:5c:69:7c:d9:87:b5:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Mar 15 07:54:10 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=74442e33a8f61580b6b4dfc4828d95e07891f4bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:de:6f:c4:e0:e6:25:61:07:d4:d2:0b:3d:ce:
                    47:cd:bf:36:3f:84:41:88:0a:70:e3:da:89:a4:dc:
                    d4:a5:2d:f7:4f:3b:d6:2e:98:ab:54:1a:23:af:a5:
                    5b:98:e2:2f:23:40:8f:fe:da:df:fb:8a:ec:b0:1e:
                    ae:51:a4:c4:d1:15:95:64:cc:b3:64:3b:a2:db:17:
                    29:a7:3d:5a:3a:87:59:c6:9c:69:cd:23:bc:1f:27:
                    b3:a8:04:b7:ff:73:9b:3d:ea:ae:ee:2d:87:6a:93:
                    1b:c0:a7:cf:70:0b:8d:89:bc:08:5a:23:bf:d0:76:
                    93:2c:49:c8:22:0d:27:09:1a:2a:2e:4b:c2:f9:20:
                    10:45:a4:2b:e8:0f:75:28:a8:43:8c:5a:47:54:04:
                    28:40:8c:6c:91:99:36:f0:a6:0c:72:7d:3b:35:0f:
                    60:5d:e3:45:d8:7b:5f:dc:2a:72:4c:9c:d8:da:d8:
                    0a:cd:25:17:2a:2c:42:61:bd:c8:f8:23:06:be:45:
                    96:71:3e:d5:c9:5f:3f:18:fd:d7:a8:ba:f5:cd:d9:
                    e6:9e:2a:34:a3:28:a4:19:d8:c0:30:36:1b:9f:1d:
                    1e:1d:e6:7b:5f:43:af:0d:9e:aa:5b:85:2a:10:a9:
                    be:38:fa:99:09:1d:62:ed:e1:74:1d:fa:c1:97:4d:
                    27:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:44:2E:33:A8:F6:15:80:B6:B4:DF:C4:82:8D:95:E0:78:91:F4:BC
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/ed998082-a17e-46c1-a5a8-7d197c958639/0/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/ed998082-a17e-46c1-a5a8-7d197c958639/0/74442E33A8F61580B6B4DFC4828D95E07891F4BC.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.60.81.128/26
                IPv6:
                  2001:7f8:154::/48
                  2a14:7c0::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  215460

    Signature Algorithm: sha256WithRSAEncryption
         51:00:45:da:6a:f3:fb:f4:8b:b8:e9:2c:a1:ea:45:fd:60:8e:
         35:f1:3a:1f:d8:f1:bc:f5:31:fe:e7:07:7a:56:9e:de:52:1c:
         74:1a:34:bf:fc:a2:c2:c3:7d:a4:bc:a0:2a:03:32:f7:2d:b5:
         12:3e:96:2b:6f:ea:42:c3:08:6d:53:6d:29:fe:7f:b8:10:20:
         1f:96:87:8d:4f:51:ae:36:35:ed:e1:52:29:c2:aa:22:24:f2:
         7f:fc:23:9e:0e:40:78:5a:9f:11:57:2a:89:79:a4:9b:89:78:
         e1:d4:24:a9:ac:09:3e:6d:59:69:fb:18:43:5d:ae:cb:c1:49:
         12:f1:d1:97:74:4c:0c:98:62:aa:65:6a:45:45:35:bd:a6:fa:
         dc:ec:41:6f:7d:78:09:ee:f9:06:df:10:31:d7:ff:76:42:24:
         31:ea:e7:f5:a1:ec:2a:8e:3e:d9:4a:b2:8c:09:2f:4b:da:a8:
         24:fc:bb:72:ac:9b:85:3c:48:78:dc:bd:bc:7f:44:9f:bc:b3:
         4d:f5:c1:3b:24:f1:96:c2:c1:63:f0:cf:d7:9b:6e:08:64:48:
         44:bb:43:31:dd:bb:c2:8d:21:db:ad:59:4f:c8:41:f9:f6:69:
         10:41:f5:d6:2c:11:6a:94:96:1f:45:74:79:01:8d:b5:34:84:
         cd:31:83:15
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgISAY5BGqtwOVJHkZVcaXzZh7X+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMzE1MDc1NDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDQ0MmUzM2E4ZjYxNTgwYjZiNGRmYzQ4MjhkOTVlMDc4OTFmNGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuN5vxODmJWEH1NILPc5Hzb82P4RB
iApw49qJpNzUpS33TzvWLpirVBojr6VbmOIvI0CP/trf+4rssB6uUaTE0RWVZMyz
ZDui2xcppz1aOodZxpxpzSO8HyezqAS3/3ObPequ7i2HapMbwKfPcAuNibwIWiO/
0HaTLEnIIg0nCRoqLkvC+SAQRaQr6A91KKhDjFpHVAQoQIxskZk28KYMcn07NQ9g
XeNF2Htf3CpyTJzY2tgKzSUXKixCYb3I+CMGvkWWcT7VyV8/GP3XqLr1zdnmnio0
oyikGdjAMDYbnx0eHeZ7X0OvDZ6qW4UqEKm+OPqZCR1i7eF0HfrBl00n4QIDAQAB
o4IC1TCCAtEwHQYDVR0OBBYEFHRELjOo9hWAtrTfxIKNleB4kfS8MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2VkOTk4
MDgyLWExN2UtNDZjMS1hNWE4LTdkMTk3Yzk1ODYzOS8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWQ5
OTgwODItYTE3ZS00NmMxLWE1YTgtN2QxOTdjOTU4NjM5LzAvNzQ0NDJFMzNBOEY2
MTU4MEI2QjRERkM0ODI4RDk1RTA3ODkxRjRCQy5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjA4BggrBgEFBQcBBwEB/wQpMCcwDQQCAAEwBwMF
BsM8UYAwFgQCAAIwEAMHACABB/gBVAMFAyoUB8AwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDA0mkMA0GCSqGSIb3DQEBCwUAA4IBAQBRAEXaavP79Iu46Syh6kX9YI41
8Tof2PG89TH+5wd6Vp7eUhx0GjS//KLCw32kvKAqAzL3LbUSPpYrb+pCwwhtU20p
/n+4ECAfloeNT1GuNjXt4VIpwqoiJPJ//COeDkB4Wp8RVyqJeaSbiXjh1CSprAk+
bVlp+xhDXa7LwUkS8dGXdEwMmGKqZWpFRTW9pvrc7EFvfXgJ7vkG3xAx1/92QiQx
6uf1oewqjj7ZSrKMCS9L2qgk/LtyrJuFPEh43L28f0SfvLNN9cE7JPGWwsFj8M/X
m24IZEhEu0Mx3bvCjSHbrVlPyEH59mkQQfXWLBFqlJYfRXR5AY21NITNMYMV
-----END CERTIFICATE-----