Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/kT9MnGOI8KA0J2IAnjJOwTJxM34.cer
File:                     kT9MnGOI8KA0J2IAnjJOwTJxM34.cer (raw, json)
Hash identifier:          OpAhQ8n6rjta8o19u+mGCPjtgETPWMviYZQSGHD41mc=
Subject key identifier:   91:3F:4C:9C:63:88:F0:A0:34:27:62:00:9E:32:4E:C1:32:71:33:7E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856FB08E711F69B8A96B2776862EFF43BF
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/db/1c7481-e6a0-4a1c-87e6-4027423aa38c/1/kT9MnGOI8KA0J2IAnjJOwTJxM34.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/db/1c7481-e6a0-4a1c-87e6-4027423aa38c/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 01 Jan 2023 23:35:19 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    IP: 185.151.144.0/24
                          IP: 2a11:2000::/29

Validation:               Failed, certificate revoked on Tue 08 Aug 2023 11:35:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:b0:8e:71:1f:69:b8:a9:6b:27:76:86:2e:ff:43:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 23:35:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=913f4c9c6388f0a0342762009e324ec13271337e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:64:aa:93:eb:1f:6d:70:24:32:29:e9:ad:bb:
                    43:b6:a6:f3:0b:1b:c3:de:a5:d9:33:06:ff:01:db:
                    06:2f:64:ff:82:5c:1f:4a:40:69:76:14:4b:7d:a0:
                    36:4f:40:72:bb:e1:7c:33:72:f0:5e:12:fb:25:30:
                    78:e3:0a:88:37:de:a1:5a:3e:78:bd:37:cc:d4:9c:
                    33:1d:54:ad:ba:68:26:8c:aa:e8:ee:dc:b3:47:95:
                    f6:1c:1f:35:24:f5:c5:3d:9e:5a:ea:b5:e6:1c:a0:
                    ac:33:d1:00:be:72:66:7c:59:6c:1f:80:5f:74:dc:
                    46:51:60:3e:2a:e4:d9:19:1e:09:f4:11:0e:76:6a:
                    12:ae:87:42:ed:91:78:05:96:f8:99:d9:36:cd:8f:
                    f5:7e:d9:42:d2:18:7c:5e:fc:5b:76:8f:75:07:5d:
                    ce:7a:3a:06:86:58:1b:66:b4:48:28:e6:a2:ad:fd:
                    f6:24:7a:ed:dc:9c:9a:25:45:29:6f:f5:0a:c8:9b:
                    bf:d9:5a:ea:e9:c4:75:3b:3d:cd:40:76:c3:ad:37:
                    96:84:70:33:85:57:a2:ab:0b:6d:5b:73:4e:35:ee:
                    89:81:2e:97:83:a6:53:67:ce:2f:75:6a:00:01:6a:
                    27:73:86:c8:26:b2:ea:65:67:83:37:85:b0:84:68:
                    a7:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:3F:4C:9C:63:88:F0:A0:34:27:62:00:9E:32:4E:C1:32:71:33:7E
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1c7481-e6a0-4a1c-87e6-4027423aa38c/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1c7481-e6a0-4a1c-87e6-4027423aa38c/1/kT9MnGOI8KA0J2IAnjJOwTJxM34.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.151.144.0/24
                IPv6:
                  2a11:2000::/29

    Signature Algorithm: sha256WithRSAEncryption
         8b:2a:4e:29:0d:ad:ed:af:93:1e:5f:13:9e:65:18:0c:ff:e2:
         24:df:ad:23:6b:be:e3:78:3d:19:a6:9a:f9:9b:47:18:bc:ae:
         36:cc:d3:31:7f:0f:b8:c5:60:3a:e1:00:63:af:55:ea:d4:ea:
         aa:bd:91:36:de:39:24:a1:a1:d7:dd:58:47:90:01:a3:cd:61:
         f4:3b:b2:c8:7c:78:82:dc:0e:17:9c:14:71:93:c9:82:d4:48:
         82:d6:7f:c3:27:f8:23:c9:2e:79:e9:5b:91:03:58:56:ef:23:
         90:9b:ce:71:e0:a0:2c:db:3c:a7:03:8c:1b:b2:e5:ec:22:bb:
         14:68:66:46:96:de:1f:90:5c:d9:a7:b7:d0:4a:e2:34:69:f5:
         0b:35:5f:fc:c7:16:d8:e0:5a:57:74:90:20:d8:77:ab:d6:49:
         f1:d5:58:98:c4:0a:2a:d5:f7:d6:7b:2d:59:2d:ec:38:e0:c6:
         df:fc:ca:3e:6a:90:1f:33:de:3f:ce:45:8d:e8:17:93:be:26:
         3c:d3:a4:e1:d9:ee:97:a5:d3:dd:81:56:7d:6e:ec:6b:7b:2a:
         d9:77:e7:aa:f1:cc:6c:ba:6a:fd:26:62:c2:ac:b6:1d:99:43:
         a3:3c:7a:63:e4:4c:37:9d:eb:3f:9a:37:ce:07:3a:23:d2:fe:
         98:39:89:c5
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVvsI5xH2m4qWsndoYu/0O/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMjMzNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTNmNGM5YzYzODhmMGEwMzQyNzYyMDA5ZTMyNGVjMTMyNzEzMzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGSqk+sfbXAkMinprbtDtqbzCxvD
3qXZMwb/AdsGL2T/glwfSkBpdhRLfaA2T0Byu+F8M3LwXhL7JTB44wqIN96hWj54
vTfM1JwzHVStumgmjKro7tyzR5X2HB81JPXFPZ5a6rXmHKCsM9EAvnJmfFlsH4Bf
dNxGUWA+KuTZGR4J9BEOdmoSrodC7ZF4BZb4mdk2zY/1ftlC0hh8Xvxbdo91B13O
ejoGhlgbZrRIKOairf32JHrt3JyaJUUpb/UKyJu/2Vrq6cR1Oz3NQHbDrTeWhHAz
hVeiqwttW3NONe6JgS6Xg6ZTZ84vdWoAAWonc4bIJrLqZWeDN4WwhGinkQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFJE/TJxjiPCgNCdiAJ4yTsEycTN+MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RiLzFjNzQ4
MS1lNmEwLTRhMWMtODdlNi00MDI3NDIzYWEzOGMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIvMWM3NDgx
LWU2YTAtNGExYy04N2U2LTQwMjc0MjNhYTM4Yy8xL2tUOU1uR09JOEtBMEoySUFu
akpPd1RKeE0zNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAuZeQMA0EAgACMAcDBQMqESAAMA0GCSqGSIb3
DQEBCwUAA4IBAQCLKk4pDa3tr5MeXxOeZRgM/+Ik360ja77jeD0Zppr5m0cYvK42
zNMxfw+4xWA64QBjr1Xq1OqqvZE23jkkoaHX3VhHkAGjzWH0O7LIfHiC3A4XnBRx
k8mC1EiC1n/DJ/gjyS556VuRA1hW7yOQm85x4KAs2zynA4wbsuXsIrsUaGZGlt4f
kFzZp7fQSuI0afULNV/8xxbY4FpXdJAg2Her1knx1ViYxAoq1ffWey1ZLew44Mbf
/Mo+apAfM94/zkWN6BeTviY806Th2e6XpdPdgVZ9buxreyrZd+eq8cxsumr9JmLC
rLYdmUOjPHpj5Ew3nes/mjfOBzoj0v6YOYnF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:55:51 2024 by rpki-client on console-ams.rpki-client.org