Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/krknliKgzX1YqiukNvvj8gsX6z0.cer
File:                     krknliKgzX1YqiukNvvj8gsX6z0.cer (raw, json)
Hash identifier:          1ie2NTiF0oOAwS0gh1Le9E2qE5dDVZfCEw2JlxMl0pI=
Subject key identifier:   92:B9:27:96:22:A0:CD:7D:58:AA:2B:A4:36:FB:E3:F2:0B:17:EB:3D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC2DAD792B9709BED3B3AC7BAF02F61F9
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/9c/b24bdb-a604-4b2a-908f-c98b88e71948/1/krknliKgzX1YqiukNvvj8gsX6z0.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/9c/b24bdb-a604-4b2a-908f-c98b88e71948/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 02:29:31 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 209428
                          IP: 91.206.229.0/24
                          IP: 2a09:5ec0::/29

Validation:               Failed, certificate revoked on Mon 04 Nov 2024 14:42:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:da:d7:92:b9:70:9b:ed:3b:3a:c7:ba:f0:2f:61:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 02:29:31 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=92b9279622a0cd7d58aa2ba436fbe3f20b17eb3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:03:94:c5:28:44:a3:24:66:54:bd:5c:07:4e:
                    85:b2:e3:b6:f3:36:17:f0:03:e2:1a:dd:c0:73:89:
                    70:d1:00:09:1d:70:76:d1:91:e8:e9:2d:af:24:e5:
                    19:52:7d:dd:29:1c:dc:6d:8b:98:81:46:f8:03:bd:
                    46:61:aa:a1:c9:ce:18:76:7c:55:c0:bf:9b:72:ac:
                    8c:50:48:bf:bf:25:6f:a5:bf:2d:91:fa:58:93:c7:
                    1d:e2:65:f8:46:6e:8a:fe:dd:ee:9b:f8:8e:5c:24:
                    21:5b:e0:24:21:77:05:77:f1:f8:50:c3:79:b4:24:
                    20:8a:13:12:cd:36:02:52:5a:38:97:f3:6f:93:c5:
                    bf:ce:aa:50:7c:cc:90:79:20:97:dc:df:b1:9f:b6:
                    63:f9:d5:70:7c:13:ea:00:75:58:b5:e8:26:c7:58:
                    1e:59:c3:32:57:c6:db:01:32:27:37:12:05:fd:97:
                    80:f4:33:b0:f1:3c:d0:c4:17:cf:74:7b:35:96:94:
                    3f:e6:2d:a9:55:0e:fa:d1:7e:e9:6f:4f:37:aa:c6:
                    b6:7a:c6:e2:f0:d2:33:5c:43:5e:1d:19:f8:af:ab:
                    6c:50:aa:86:24:6d:f3:30:ae:d3:41:16:79:85:55:
                    a5:a0:64:ec:67:77:9e:e5:42:95:cc:0a:25:5c:5d:
                    08:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:B9:27:96:22:A0:CD:7D:58:AA:2B:A4:36:FB:E3:F2:0B:17:EB:3D
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b24bdb-a604-4b2a-908f-c98b88e71948/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b24bdb-a604-4b2a-908f-c98b88e71948/1/krknliKgzX1YqiukNvvj8gsX6z0.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.206.229.0/24
                IPv6:
                  2a09:5ec0::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  209428

    Signature Algorithm: sha256WithRSAEncryption
         9c:14:85:d0:2e:24:73:e4:c9:94:35:dc:6d:31:46:33:f3:96:
         8c:69:82:15:3b:26:7b:ad:d1:df:8a:b5:df:5d:c0:4c:8a:55:
         03:2a:fc:41:38:82:4f:9e:3f:94:ca:ae:48:25:1c:ad:df:33:
         62:7a:67:35:dd:a9:2f:94:0f:d6:1d:39:5e:bb:55:54:b2:4e:
         8a:f3:4b:95:21:a6:e0:83:53:29:0f:2f:13:0e:f2:a0:1f:40:
         a5:db:58:ce:fb:b1:5c:24:2d:72:aa:10:1a:c2:fe:04:5f:41:
         f9:e0:12:93:90:81:01:fc:16:ba:55:63:98:3a:09:75:99:99:
         d1:2b:d1:92:d3:b9:3d:bd:c1:50:bc:08:c6:d3:c2:d9:66:92:
         f2:eb:ce:1f:89:85:cc:50:ff:14:95:19:5f:6a:76:1e:95:06:
         6b:88:49:bb:36:59:27:79:04:96:9e:e6:65:69:f4:0a:19:d3:
         92:8b:d2:a4:02:75:e1:61:ae:a9:18:bc:f2:21:66:96:26:5b:
         5f:af:34:18:5b:08:49:83:5c:e6:b3:44:e6:d9:e8:2f:5d:be:
         4a:43:dd:87:4d:1b:70:06:42:9c:c3:09:c6:1e:0a:b2:60:b8:
         cd:d3:ca:db:28:a6:e0:75:43:58:3e:54:8f:e8:7d:27:75:f4:
         a0:66:2f:5b
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzC2teSuXCb7Ts6x7rwL2H5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmI5Mjc5NjIyYTBjZDdkNThhYTJiYTQzNmZiZTNmMjBiMTdlYjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygOUxShEoyRmVL1cB06FsuO28zYX
8APiGt3Ac4lw0QAJHXB20ZHo6S2vJOUZUn3dKRzcbYuYgUb4A71GYaqhyc4YdnxV
wL+bcqyMUEi/vyVvpb8tkfpYk8cd4mX4Rm6K/t3um/iOXCQhW+AkIXcFd/H4UMN5
tCQgihMSzTYCUlo4l/Nvk8W/zqpQfMyQeSCX3N+xn7Zj+dVwfBPqAHVYtegmx1ge
WcMyV8bbATInNxIF/ZeA9DOw8TzQxBfPdHs1lpQ/5i2pVQ760X7pb083qsa2esbi
8NIzXENeHRn4r6tsUKqGJG3zMK7TQRZ5hVWloGTsZ3ee5UKVzAolXF0IbQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFJK5J5YioM19WKorpDb74/ILF+s9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzljL2IyNGJk
Yi1hNjA0LTRiMmEtOTA4Zi1jOThiODhlNzE5NDgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMvYjI0YmRi
LWE2MDQtNGIyYS05MDhmLWM5OGI4OGU3MTk0OC8xL2tya25saUtnelgxWXFpdWtO
dnZqOGdzWDZ6MC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAW87lMA0EAgACMAcDBQMqCV7AMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMyFDANBgkqhkiG9w0BAQsFAAOCAQEAnBSF0C4kc+TJ
lDXcbTFGM/OWjGmCFTsme63R34q1313ATIpVAyr8QTiCT54/lMquSCUcrd8zYnpn
Nd2pL5QP1h05XrtVVLJOivNLlSGm4INTKQ8vEw7yoB9ApdtYzvuxXCQtcqoQGsL+
BF9B+eASk5CBAfwWulVjmDoJdZmZ0SvRktO5Pb3BULwIxtPC2WaS8uvOH4mFzFD/
FJUZX2p2HpUGa4hJuzZZJ3kElp7mZWn0ChnTkovSpAJ14WGuqRi88iFmliZbX680
GFsISYNc5rNE5tnoL12+SkPdh00bcAZCnMMJxh4KsmC4zdPK2yim4HVDWD5Uj+h9
J3X0oGYvWw==
-----END CERTIFICATE-----
Generated at Mon Nov 4 21:00:43 2024 by rpki-client on console-ams.rpki-client.org