Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer
File:                     jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer (raw, json)
Hash identifier:          TDZu0md9gblHviDB3GFHq2cHhV6miAreOtDaKCrBA6c=
Subject key identifier:   8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856ED4128E64448CE658E0616C5F898B72
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/jnR0gfLJj7tw3KjWXCPeT8o3WD0.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 01 Jan 2023 19:34:30 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    IP: 31.40.192.0/22
                          IP: 37.221.108.0/22
                          IP: 77.83.20.0 -- 77.83.27.255
                          IP: 80.76.44.0/22
                          IP: 84.252.64.0/22
                          IP: 85.31.52.0/22
                          IP: 88.218.80.0/22
                          IP: 91.132.124.0/22
                          IP: 93.177.92.0/22
                          IP: 93.177.108.0/22
                          IP: 95.214.80.0/22
                          IP: 176.118.188.0/22
                          IP: 185.177.76.0/22
                          IP: 193.31.124.0/22
                          IP: 193.56.20.0/22
                          IP: 193.142.36.0/22
                          IP: 193.151.188.0/22
                          IP: 193.160.68.0/22
                          IP: 194.53.188.0/22
                          IP: 194.99.24.0/22
                          IP: 212.87.216.0/22
                          IP: 2a06:2dc0::/29
                          IP: 2a07:ccc0::/29
                          IP: 2a09:4d00::/29
                          IP: 2a09:7580::/29
                          IP: 2a09:7780::/29
                          IP: 2a09:8600::/29
                          IP: 2a09:9e80::/29
                          IP: 2a09:b100::/29
                          IP: 2a09:bf00::/29
                          IP: 2a09:c780::/29
                          IP: 2a09:e380::/29
                          IP: 2a09:e580::/29
                          IP: 2a09:f600::/29
                          IP: 2a09:f800::/29
                          IP: 2a0d:69c0::/29
                          IP: 2a0d:6dc0::/29
                          IP: 2a0d:87c0::/29
                          IP: 2a0d:90c0::/29
                          IP: 2a0d:ac40::/29
                          IP: 2a0d:b040::/29
                          IP: 2a0d:cd40::/29
                          IP: 2a0d:e9c0::/29
                          IP: 2a0d:ea40::/29

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:d4:12:8e:64:44:8c:e6:58:e0:61:6c:5f:89:8b:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 19:34:30 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8e747481f2c98fbb70dca8d65c23de4fca37583d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:94:d2:ec:3e:a7:14:9a:b4:0e:8c:23:01:1a:
                    c9:f8:1b:7c:67:7b:c3:7c:e0:36:03:3c:06:d0:6f:
                    88:ce:b6:51:ae:80:24:48:2a:28:cc:a4:0e:1c:0b:
                    45:86:8c:74:ae:74:f8:e1:74:72:fe:98:f7:dc:90:
                    09:17:ea:bd:0e:3d:c2:75:de:7e:d2:93:0e:a6:2b:
                    30:e6:32:8f:d0:a0:9c:80:e5:77:47:b1:3e:5c:fb:
                    91:f2:be:b4:3e:1c:aa:b5:97:66:b4:71:39:28:e9:
                    96:a3:ea:5f:68:6d:97:3b:dc:87:e8:16:15:29:f2:
                    fd:80:d9:53:65:f3:8c:76:32:c6:15:43:d1:31:7d:
                    27:76:2f:2b:4e:5d:66:95:d2:5a:cf:82:b8:4c:b5:
                    7e:38:07:8a:12:c8:e8:14:a4:6a:21:b7:76:2a:fc:
                    f4:ba:aa:4c:ed:e4:a9:ab:d9:59:81:91:af:1c:ba:
                    38:62:53:15:ff:58:02:24:fe:08:72:3f:9e:78:f5:
                    a2:b7:b7:e7:ad:0e:99:94:3d:b2:f7:5b:d8:04:58:
                    38:d0:7a:1b:a0:ef:04:75:52:63:bb:56:51:27:69:
                    3e:b9:7d:cb:d4:f6:84:b9:b3:27:5b:c4:7e:ab:43:
                    c6:fa:ad:ee:cb:39:1c:aa:d3:bd:a8:23:5a:24:38:
                    ab:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/jnR0gfLJj7tw3KjWXCPeT8o3WD0.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.40.192.0/22
                  37.221.108.0/22
                  77.83.20.0-77.83.27.255
                  80.76.44.0/22
                  84.252.64.0/22
                  85.31.52.0/22
                  88.218.80.0/22
                  91.132.124.0/22
                  93.177.92.0/22
                  93.177.108.0/22
                  95.214.80.0/22
                  176.118.188.0/22
                  185.177.76.0/22
                  193.31.124.0/22
                  193.56.20.0/22
                  193.142.36.0/22
                  193.151.188.0/22
                  193.160.68.0/22
                  194.53.188.0/22
                  194.99.24.0/22
                  212.87.216.0/22
                IPv6:
                  2a06:2dc0::/29
                  2a07:ccc0::/29
                  2a09:4d00::/29
                  2a09:7580::/29
                  2a09:7780::/29
                  2a09:8600::/29
                  2a09:9e80::/29
                  2a09:b100::/29
                  2a09:bf00::/29
                  2a09:c780::/29
                  2a09:e380::/29
                  2a09:e580::/29
                  2a09:f600::/29
                  2a09:f800::/29
                  2a0d:69c0::/29
                  2a0d:6dc0::/29
                  2a0d:87c0::/29
                  2a0d:90c0::/29
                  2a0d:ac40::/29
                  2a0d:b040::/29
                  2a0d:cd40::/29
                  2a0d:e9c0::/29
                  2a0d:ea40::/29

    Signature Algorithm: sha256WithRSAEncryption
         3a:a7:84:a1:c2:7b:9e:c2:14:89:dd:e0:18:f3:76:79:31:69:
         ed:d6:20:2f:2b:77:cf:30:75:7a:e8:09:c7:1f:f9:61:ac:72:
         ab:0e:7e:0e:d1:eb:f4:c1:d1:33:3a:39:72:ed:f9:a0:ab:02:
         d3:60:08:54:34:86:9e:9f:25:9e:26:dc:91:78:4b:60:e8:fe:
         f2:1e:8a:f7:03:98:8f:39:4b:dc:c5:6e:b4:3a:8c:2f:49:d9:
         c7:a1:5e:f0:c0:29:01:9d:5e:38:be:6b:95:5f:4a:82:0d:d5:
         e9:a3:ce:f8:bb:e5:61:06:ef:b3:8d:e0:43:be:ab:22:a7:be:
         48:f0:cd:25:4c:63:22:be:a4:d6:07:54:b3:ea:55:ee:8a:f6:
         ad:28:f7:07:82:19:b3:e9:27:82:18:2e:bd:d4:8b:eb:63:33:
         0a:61:6f:82:af:26:69:1a:47:ca:ee:52:11:88:48:7d:97:0f:
         2c:bc:5a:93:c5:7e:c7:59:08:43:d0:f3:91:3a:f6:d4:0c:cc:
         9a:48:6d:8a:2d:c0:65:39:a2:eb:5b:b0:43:90:45:ae:89:04:
         83:87:63:38:32:d9:99:77:56:d9:be:24:2c:9b:3c:54:6f:b6:
         01:8c:d8:d6:f8:c3:af:bd:65:62:7a:7d:df:1c:03:56:4c:ad:
         90:f7:bc:06
-----BEGIN CERTIFICATE-----
MIIGqzCCBZOgAwIBAgISAYVu1BKOZESM5ljgYWxfiYtyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTkzNDMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTc0NzQ4MWYyYzk4ZmJiNzBkY2E4ZDY1YzIzZGU0ZmNhMzc1ODNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ZTS7D6nFJq0DowjARrJ+Bt8Z3vD
fOA2AzwG0G+IzrZRroAkSCoozKQOHAtFhox0rnT44XRy/pj33JAJF+q9Dj3Cdd5+
0pMOpisw5jKP0KCcgOV3R7E+XPuR8r60PhyqtZdmtHE5KOmWo+pfaG2XO9yH6BYV
KfL9gNlTZfOMdjLGFUPRMX0ndi8rTl1mldJaz4K4TLV+OAeKEsjoFKRqIbd2Kvz0
uqpM7eSpq9lZgZGvHLo4YlMV/1gCJP4Icj+eePWit7fnrQ6ZlD2y91vYBFg40Hob
oO8EdVJju1ZRJ2k+uX3L1PaEubMnW8R+q0PG+q3uyzkcqtO9qCNaJDirMwIDAQAB
o4IDtzCCA7MwHQYDVR0OBBYEFI50dIHyyY+7cNyo1lwj3k/KN1g9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ5LzQwZGI2
Yi1kYTg1LTRjOWQtYTk0OC02NTIxZDM5NWYxMzIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkvNDBkYjZi
LWRhODUtNGM5ZC1hOTQ4LTY1MjFkMzk1ZjEzMi8xL2puUjBnZkxKajd0dzNLaldY
Q1BlVDhvM1dEMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBUAYIKwYB
BQUHAQcBAf8EggE/MIIBOzCBjQQCAAEwgYYDBAIfKMADBAIl3WwwDAMEAk1TFAME
Ak1TGAMEAlBMLAMEAlT8QAMEAlUfNAMEAljaUAMEAluEfAMEAl2xXAMEAl2xbAME
Al/WUAMEArB2vAMEArmxTAMEAsEffAMEAsE4FAMEAsGOJAMEAsGXvAMEAsGgRAME
AsI1vAMEAsJjGAMEAtRX2DCBqAQCAAIwgaEDBQMqBi3AAwUDKgfMwAMFAyoJTQAD
BQMqCXWAAwUDKgl3gAMFAyoJhgADBQMqCZ6AAwUDKgmxAAMFAyoJvwADBQMqCceA
AwUDKgnjgAMFAyoJ5YADBQMqCfYAAwUDKgn4AAMFAyoNacADBQMqDW3AAwUDKg2H
wAMFAyoNkMADBQMqDaxAAwUDKg2wQAMFAyoNzUADBQMqDenAAwUDKg3qQDANBgkq
hkiG9w0BAQsFAAOCAQEAOqeEocJ7nsIUid3gGPN2eTFp7dYgLyt3zzB1eugJxx/5
Yaxyqw5+DtHr9MHRMzo5cu35oKsC02AIVDSGnp8lnibckXhLYOj+8h6K9wOYjzlL
3MVutDqML0nZx6Fe8MApAZ1eOL5rlV9Kgg3V6aPO+LvlYQbvs43gQ76rIqe+SPDN
JUxjIr6k1gdUs+pV7or2rSj3B4IZs+knghguvdSL62MzCmFvgq8maRpHyu5SEYhI
fZcPLLxak8V+x1kIQ9DzkTr21AzMmkhtii3AZTmi61uwQ5BFrokEg4djODLZmXdW
2b4kLJs8VG+2AYzY1vjDr71lYnp93xwDVkytkPe8Bg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:03 2023 by rpki-client on console-ams.rpki-client.org