Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lSQe0LSbLQfj6JS2GpCwrOXpC58.cer
File:                     lSQe0LSbLQfj6JS2GpCwrOXpC58.cer (raw, json)
Hash identifier:          8Zilzy1XmJe4CnJTuJTwGcFDFGI+GIsN5DsgxIds/+o=
Subject key identifier:   95:24:1E:D0:B4:9B:2D:07:E3:E8:94:B6:1A:90:B0:AC:E5:E9:0B:9F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0187D79152E08E8FFA297F85E8502EFD5ADA
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/b7/b3125a-4c1b-4059-a03d-25ed18a71605/1/lSQe0LSbLQfj6JS2GpCwrOXpC58.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/b7/b3125a-4c1b-4059-a03d-25ed18a71605/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 May 2023 13:47:18 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 44001
                          IP: 91.229.36.0/22

Validation:               Failed, certificate revoked on Tue 30 May 2023 14:55:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:d7:91:52:e0:8e:8f:fa:29:7f:85:e8:50:2e:fd:5a:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: May  1 13:47:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=95241ed0b49b2d07e3e894b61a90b0ace5e90b9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:2e:9d:f4:83:c7:20:d0:c8:56:92:cd:36:42:
                    07:ba:7b:b5:cd:23:f1:99:98:56:df:1a:ed:6b:27:
                    6f:ec:cc:ed:34:a2:1f:58:24:cb:68:e4:f2:a1:bc:
                    75:15:7d:a4:a3:1f:6f:d7:97:73:22:23:da:33:f0:
                    78:07:0c:5e:46:b6:ae:03:e0:36:c2:8d:ba:e6:87:
                    0a:38:25:65:79:11:b0:33:37:12:f8:60:8e:0e:a9:
                    bd:1b:21:e8:64:55:55:cb:91:db:79:43:27:c5:3e:
                    77:7f:8a:ce:e3:35:c6:bd:6b:a5:ec:8f:48:85:a5:
                    59:18:4e:8f:1c:3e:98:1d:c6:95:0e:4c:f9:ad:44:
                    ce:8e:b0:88:02:fe:36:94:bc:b7:3d:15:a4:5d:99:
                    27:21:0a:b4:e6:4c:4b:75:e0:83:45:e8:47:a8:64:
                    da:a9:20:11:6b:6a:f4:21:9f:8a:80:35:d9:ac:90:
                    9e:f3:be:57:0e:d3:33:bc:82:b0:11:98:68:b4:6b:
                    00:2d:a0:4c:04:9d:bd:a1:f9:59:dd:20:63:ed:f2:
                    06:f8:e0:75:1f:2c:a3:86:dc:73:4f:41:e4:26:d7:
                    7e:6e:d8:12:bc:49:ca:ce:de:41:a4:be:e7:e2:64:
                    b5:6a:62:5a:38:3d:97:21:d9:02:7d:b4:49:57:65:
                    0d:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:24:1E:D0:B4:9B:2D:07:E3:E8:94:B6:1A:90:B0:AC:E5:E9:0B:9F
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/b3125a-4c1b-4059-a03d-25ed18a71605/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/b3125a-4c1b-4059-a03d-25ed18a71605/1/lSQe0LSbLQfj6JS2GpCwrOXpC58.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.229.36.0/22

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  44001

    Signature Algorithm: sha256WithRSAEncryption
         8e:a0:a1:50:03:fe:20:95:3f:95:e6:8a:ab:7e:a9:61:fc:27:
         ab:46:c3:1c:eb:87:1c:45:73:51:19:68:ea:16:54:7c:d5:3b:
         57:4b:4a:3b:2d:f3:b6:31:32:c4:3e:25:e2:d6:4d:1d:41:62:
         52:dd:0b:7b:f1:12:d6:8c:87:da:94:67:8c:dc:97:f3:c6:a3:
         8e:88:9d:9e:76:2b:5a:a9:29:e9:b2:b7:d7:a0:d2:7d:cb:99:
         cf:0c:aa:01:f4:51:75:55:9b:3d:4a:b2:9c:5a:6e:16:02:04:
         85:68:53:a7:94:98:59:96:70:54:00:1f:3c:04:62:ef:73:65:
         3b:fb:dd:ba:a7:cf:17:90:eb:74:5e:52:4a:6c:f9:54:3c:f4:
         cc:34:d3:05:29:32:d9:e0:ea:93:1c:79:dd:14:c7:53:5b:ba:
         40:43:9e:19:70:34:5f:f1:ba:db:8e:ee:18:df:4a:3b:9f:56:
         5d:96:4d:18:5e:66:d3:28:30:f1:5f:f1:8e:b5:d3:dd:7d:c5:
         6e:a1:1f:e2:72:7a:a3:d7:a2:cd:d8:3e:4e:6e:07:67:53:55:
         68:cd:82:ce:38:87:a2:a1:16:88:c9:26:ca:df:d7:1b:c5:1a:
         da:5c:68:86:54:77:1a:6a:b2:50:19:dd:b3:0a:82:d2:04:79:
         93:90:53:f2
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYfXkVLgjo/6KX+F6FAu/VraMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwNTAxMTM0NzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTI0MWVkMGI0OWIyZDA3ZTNlODk0YjYxYTkwYjBhY2U1ZTkwYjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsy6d9IPHINDIVpLNNkIHunu1zSPx
mZhW3xrtaydv7MztNKIfWCTLaOTyobx1FX2kox9v15dzIiPaM/B4BwxeRrauA+A2
wo265ocKOCVleRGwMzcS+GCODqm9GyHoZFVVy5HbeUMnxT53f4rO4zXGvWul7I9I
haVZGE6PHD6YHcaVDkz5rUTOjrCIAv42lLy3PRWkXZknIQq05kxLdeCDRehHqGTa
qSARa2r0IZ+KgDXZrJCe875XDtMzvIKwEZhotGsALaBMBJ29oflZ3SBj7fIG+OB1
HyyjhtxzT0HkJtd+btgSvEnKzt5BpL7n4mS1amJaOD2XIdkCfbRJV2UNpwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFJUkHtC0my0H4+iUthqQsKzl6QufMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I3L2IzMTI1
YS00YzFiLTQwNTktYTAzZC0yNWVkMThhNzE2MDUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjcvYjMxMjVh
LTRjMWItNDA1OS1hMDNkLTI1ZWQxOGE3MTYwNS8xL2xTUWUwTFNiTFFmajZKUzJH
cEN3ck9YcEM1OC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCW+UkMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwCr4TANBgkqhkiG9w0BAQsFAAOCAQEAjqChUAP+IJU/leaKq36pYfwnq0bDHOuH
HEVzURlo6hZUfNU7V0tKOy3ztjEyxD4l4tZNHUFiUt0Le/ES1oyH2pRnjNyX88aj
joidnnYrWqkp6bK316DSfcuZzwyqAfRRdVWbPUqynFpuFgIEhWhTp5SYWZZwVAAf
PARi73NlO/vduqfPF5DrdF5SSmz5VDz0zDTTBSky2eDqkxx53RTHU1u6QEOeGXA0
X/G6247uGN9KO59WXZZNGF5m0ygw8V/xjrXT3X3FbqEf4nJ6o9eizdg+Tm4HZ1NV
aM2CzjiHoqEWiMkmyt/XG8Ua2lxohlR3GmqyUBndswqC0gR5k5BT8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:56:05 2024 by rpki-client on console-ams.rpki-client.org