Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dthVQ0RextZwy6fLG6mB8J9Yi4M.cer
File:                     dthVQ0RextZwy6fLG6mB8J9Yi4M.cer (raw, json)
Hash identifier:          yNRwRuCZvCjc0gUUWhrO4fKDm2zN7Wf+jmnOKgSbKvI=
Subject key identifier:   76:D8:55:43:44:5E:C6:D6:70:CB:A7:CB:1B:A9:81:F0:9F:58:8B:83
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018B1A0F683D0710328426CE487F762DF5E6
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/9d/785f4c-26a6-4c82-85f8-f6b0eaac4758/1/dthVQ0RextZwy6fLG6mB8J9Yi4M.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/9d/785f4c-26a6-4c82-85f8-f6b0eaac4758/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 10 Oct 2023 14:48:19 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 216184
                          IP: 37.140.242.0/24
                          IP: 2a11:39c0::/29

Validation:               Failed, certificate revoked on Mon 11 Dec 2023 13:09:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:1a:0f:68:3d:07:10:32:84:26:ce:48:7f:76:2d:f5:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Oct 10 14:48:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=76d85543445ec6d670cba7cb1ba981f09f588b83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:53:2f:34:0d:61:52:6d:69:64:92:1b:b0:9e:
                    04:ba:ab:63:88:46:5c:15:26:98:02:56:59:e2:3f:
                    5a:3d:d8:d2:0a:36:2d:31:c7:3a:ef:a1:9b:80:e0:
                    84:e9:b2:b8:6b:ca:09:01:21:e2:07:fe:61:3e:3e:
                    ac:bd:1f:64:18:ab:64:3f:28:5d:85:14:b8:28:df:
                    30:fb:52:77:45:56:59:25:c3:a0:27:c4:f1:cf:66:
                    62:8b:58:62:1d:22:75:64:87:2d:b7:b7:3c:a0:66:
                    85:d0:7a:e5:6b:93:8a:f0:25:4b:37:61:7f:5d:ab:
                    56:07:a4:f7:14:1e:b5:a7:2a:cb:f6:c5:dc:d4:56:
                    79:eb:70:e1:f0:32:4c:ae:f8:93:12:5d:9c:08:22:
                    ec:92:23:ca:7c:f3:26:09:b3:26:ce:84:ad:fc:e6:
                    fa:a9:67:e9:4c:b3:26:05:9b:81:6f:e5:cb:b6:68:
                    7f:86:7c:43:7c:7f:7a:3a:1c:86:d3:2c:11:22:29:
                    b3:29:79:8a:65:59:7e:b6:40:26:84:21:7d:08:1e:
                    57:1a:76:07:0f:68:cf:be:2c:a8:99:9f:a1:bc:37:
                    8e:1b:e4:41:a2:99:66:a2:09:ed:9f:f3:02:a4:35:
                    fd:c5:6f:fe:8e:67:95:3c:4a:4d:7d:b2:0c:df:8a:
                    19:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:D8:55:43:44:5E:C6:D6:70:CB:A7:CB:1B:A9:81:F0:9F:58:8B:83
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/785f4c-26a6-4c82-85f8-f6b0eaac4758/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/785f4c-26a6-4c82-85f8-f6b0eaac4758/1/dthVQ0RextZwy6fLG6mB8J9Yi4M.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.140.242.0/24
                IPv6:
                  2a11:39c0::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  216184

    Signature Algorithm: sha256WithRSAEncryption
         02:26:d2:ac:ef:59:8d:1a:d6:a5:01:d9:eb:b7:e4:46:75:a8:
         73:f0:e1:d0:f2:60:b7:51:6c:a0:a0:3c:f9:68:c9:66:a0:27:
         28:9c:13:34:78:f9:f6:85:2d:0f:6e:ed:0f:5a:ba:1d:86:63:
         be:98:fe:d0:cb:c4:03:d6:2d:a7:15:f1:89:be:60:66:26:29:
         7a:9d:74:b5:f5:f5:26:f7:30:09:76:94:cd:cf:25:e3:7d:ca:
         4b:26:c3:25:49:5e:99:ca:94:cf:33:a3:83:c0:e2:32:84:cc:
         22:8f:cf:bf:09:db:0b:f5:e6:ed:55:c2:ed:20:2e:f5:f3:7f:
         c2:7e:a8:b1:f8:6c:c4:8a:77:f6:9b:29:a3:7d:63:92:e4:5e:
         ae:9a:6c:b3:47:39:55:4c:70:d2:c6:38:f9:56:e9:b1:08:28:
         0f:8c:55:87:5a:c2:d3:d7:e7:04:f4:2a:d8:1b:8a:27:f8:d2:
         ad:23:fa:87:c7:90:18:97:3b:ba:94:37:2e:9c:3b:47:9f:1e:
         0d:7f:8a:e5:aa:f4:4a:0b:ea:20:c6:c5:12:d0:d9:8e:fd:be:
         90:31:03:8b:2d:eb:84:86:32:da:e9:65:e5:e0:1b:8c:8f:a7:
         b9:bc:ed:c5:0e:cf:86:86:a0:b1:46:03:41:da:c2:db:82:15:
         27:a1:c4:d1
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYsaD2g9BxAyhCbOSH92LfXmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMxMDEwMTQ0ODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmQ4NTU0MzQ0NWVjNmQ2NzBjYmE3Y2IxYmE5ODFmMDlmNTg4YjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFMvNA1hUm1pZJIbsJ4EuqtjiEZc
FSaYAlZZ4j9aPdjSCjYtMcc676GbgOCE6bK4a8oJASHiB/5hPj6svR9kGKtkPyhd
hRS4KN8w+1J3RVZZJcOgJ8Txz2Zii1hiHSJ1ZIctt7c8oGaF0Hrla5OK8CVLN2F/
XatWB6T3FB61pyrL9sXc1FZ563Dh8DJMrviTEl2cCCLskiPKfPMmCbMmzoSt/Ob6
qWfpTLMmBZuBb+XLtmh/hnxDfH96OhyG0ywRIimzKXmKZVl+tkAmhCF9CB5XGnYH
D2jPviyomZ+hvDeOG+RBoplmogntn/MCpDX9xW/+jmeVPEpNfbIM34oZ7wIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFHbYVUNEXsbWcMunyxupgfCfWIuDMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzlkLzc4NWY0
Yy0yNmE2LTRjODItODVmOC1mNmIwZWFhYzQ3NTgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQvNzg1ZjRj
LTI2YTYtNGM4Mi04NWY4LWY2YjBlYWFjNDc1OC8xL2R0aFZRMFJleHRad3k2ZkxH
Nm1COEo5WWk0TS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAJYzyMA0EAgACMAcDBQMqETnAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNMeDANBgkqhkiG9w0BAQsFAAOCAQEAAibSrO9ZjRrW
pQHZ67fkRnWoc/Dh0PJgt1FsoKA8+WjJZqAnKJwTNHj59oUtD27tD1q6HYZjvpj+
0MvEA9YtpxXxib5gZiYpep10tfX1JvcwCXaUzc8l433KSybDJUlemcqUzzOjg8Di
MoTMIo/PvwnbC/Xm7VXC7SAu9fN/wn6osfhsxIp39pspo31jkuRerppss0c5VUxw
0sY4+VbpsQgoD4xVh1rC09fnBPQq2BuKJ/jSrSP6h8eQGJc7upQ3Lpw7R58eDX+K
5ar0SgvqIMbFEtDZjv2+kDEDiy3rhIYy2ull5eAbjI+nubztxQ7PhoagsUYDQdrC
24IVJ6HE0Q==
-----END CERTIFICATE-----