Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lHdOa7BX4UkzH7a9AZCAyzTb8W0.cer
File:                     lHdOa7BX4UkzH7a9AZCAyzTb8W0.cer (raw, json)
Hash identifier:          HQro0juzZ2P1jMe9m7xMZtsH8QMnRr9C5D1NxjoztK8=
Subject key identifier:   94:77:4E:6B:B0:57:E1:49:33:1F:B6:BD:01:90:80:CB:34:DB:F1:6D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856FAFC57DB21F9FFF6D94697A5BDCAD3D
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/3d/57b0c6-1096-48ef-a416-b3d92b198872/1/lHdOa7BX4UkzH7a9AZCAyzTb8W0.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/3d/57b0c6-1096-48ef-a416-b3d92b198872/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 01 Jan 2023 23:34:28 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    IP: 194.104.140.0/24
                          IP: 2a11:6140::/29

Validation:               Failed, certificate revoked on Mon 09 Oct 2023 13:03:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:af:c5:7d:b2:1f:9f:ff:6d:94:69:7a:5b:dc:ad:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 23:34:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=94774e6bb057e149331fb6bd019080cb34dbf16d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:35:4d:b1:b4:82:38:6e:92:ba:9e:19:46:00:
                    8e:4d:da:05:ee:ad:f1:94:72:a1:a7:9a:67:a0:23:
                    ec:29:1d:a3:a9:7a:76:a2:b2:fc:6e:fb:88:8b:c9:
                    7d:dd:66:d6:4b:64:21:8f:da:fa:4a:90:07:a6:b7:
                    9e:f6:d3:4d:b0:54:d3:db:c5:35:36:29:63:94:9a:
                    70:64:21:f8:cd:d5:32:99:2e:fe:be:b2:99:21:c3:
                    55:5a:4c:19:85:27:9b:a6:9d:c5:0a:98:eb:af:78:
                    eb:c9:e6:e1:a7:13:f5:92:b1:c9:63:34:3c:25:b7:
                    6e:56:cd:35:57:06:c3:c3:05:53:b4:8f:0e:cf:27:
                    34:56:97:1f:ce:6b:b3:dd:4c:bd:f2:2b:a0:44:e6:
                    2c:7c:34:c9:80:b7:00:17:c7:9e:11:97:45:7e:49:
                    c5:43:b5:40:c7:c4:92:c1:12:64:7c:27:eb:65:df:
                    e6:56:b1:82:f8:d8:60:93:82:a9:a6:fe:81:53:10:
                    f9:ee:53:8e:1d:81:05:10:6f:85:5b:a2:c5:2f:73:
                    47:89:d9:b0:14:b5:23:0e:5d:12:c8:4d:99:c9:fb:
                    d8:08:e5:b2:fd:c7:e4:83:22:5b:44:5c:80:81:95:
                    97:2f:e3:7b:1d:e3:9d:52:fb:a3:e0:67:5f:d7:e0:
                    84:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:77:4E:6B:B0:57:E1:49:33:1F:B6:BD:01:90:80:CB:34:DB:F1:6D
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/57b0c6-1096-48ef-a416-b3d92b198872/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/57b0c6-1096-48ef-a416-b3d92b198872/1/lHdOa7BX4UkzH7a9AZCAyzTb8W0.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.140.0/24
                IPv6:
                  2a11:6140::/29

    Signature Algorithm: sha256WithRSAEncryption
         0e:f2:d9:c6:5b:20:de:84:09:14:b8:42:7d:59:53:79:7d:19:
         85:34:e9:38:dd:74:23:e0:3d:7d:dd:c7:99:64:ae:c1:e3:07:
         e5:ae:9b:ee:2f:ae:e8:f0:eb:bd:88:c7:51:a8:05:52:7c:d2:
         ca:de:45:9b:cd:04:7f:e9:45:e4:19:0a:83:a7:5d:57:68:d9:
         be:0c:f1:a4:af:be:aa:72:f9:00:b0:f5:c5:75:61:b3:0e:d6:
         04:ac:e4:25:f0:29:29:a5:99:d5:29:cb:a4:e0:78:08:0d:85:
         ae:6b:96:c0:f7:94:d5:0f:55:15:21:70:68:8a:94:b1:76:26:
         2f:0c:c3:3c:c6:45:9d:82:bb:3a:a6:f4:39:b6:61:f6:b2:f2:
         9a:79:26:cc:67:22:19:03:38:f2:6a:d9:31:a4:85:66:ee:84:
         0a:78:72:8c:4e:51:e8:96:e1:ce:39:1a:13:5e:f4:65:0d:d0:
         35:34:d5:8e:28:4b:64:b3:21:04:d7:c3:ad:1b:80:21:ee:40:
         b1:31:ab:90:a3:89:93:6b:b8:9d:33:3e:5b:09:3f:ae:b9:e3:
         1d:e5:fb:70:70:d5:3a:22:93:95:d3:f4:93:86:64:d0:6b:45:
         f5:63:a6:5d:cd:40:35:47:b6:f7:72:30:47:ce:76:29:29:85:
         48:40:18:f4
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVvr8V9sh+f/22UaXpb3K09MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMjMzNDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDc3NGU2YmIwNTdlMTQ5MzMxZmI2YmQwMTkwODBjYjM0ZGJmMTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjVNsbSCOG6Sup4ZRgCOTdoF7q3x
lHKhp5pnoCPsKR2jqXp2orL8bvuIi8l93WbWS2Qhj9r6SpAHpree9tNNsFTT28U1
NiljlJpwZCH4zdUymS7+vrKZIcNVWkwZhSebpp3FCpjrr3jryebhpxP1krHJYzQ8
JbduVs01VwbDwwVTtI8Ozyc0Vpcfzmuz3Uy98iugROYsfDTJgLcAF8eeEZdFfknF
Q7VAx8SSwRJkfCfrZd/mVrGC+Nhgk4Kppv6BUxD57lOOHYEFEG+FW6LFL3NHidmw
FLUjDl0SyE2ZyfvYCOWy/cfkgyJbRFyAgZWXL+N7HeOdUvuj4Gdf1+CEXQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFJR3TmuwV+FJMx+2vQGQgMs02/FtMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNkLzU3YjBj
Ni0xMDk2LTQ4ZWYtYTQxNi1iM2Q5MmIxOTg4NzIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2QvNTdiMGM2
LTEwOTYtNDhlZi1hNDE2LWIzZDkyYjE5ODg3Mi8xL2xIZE9hN0JYNFVrekg3YTlB
WkNBeXpUYjhXMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAwmiMMA0EAgACMAcDBQMqEWFAMA0GCSqGSIb3
DQEBCwUAA4IBAQAO8tnGWyDehAkUuEJ9WVN5fRmFNOk43XQj4D193ceZZK7B4wfl
rpvuL67o8Ou9iMdRqAVSfNLK3kWbzQR/6UXkGQqDp11XaNm+DPGkr76qcvkAsPXF
dWGzDtYErOQl8CkppZnVKcuk4HgIDYWua5bA95TVD1UVIXBoipSxdiYvDMM8xkWd
grs6pvQ5tmH2svKaeSbMZyIZAzjyatkxpIVm7oQKeHKMTlHoluHOORoTXvRlDdA1
NNWOKEtksyEE18OtG4Ah7kCxMauQo4mTa7idMz5bCT+uueMd5ftwcNU6IpOV0/ST
hmTQa0X1Y6ZdzUA1R7b3cjBHznYpKYVIQBj0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:56:02 2024 by rpki-client on console-ams.rpki-client.org