Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/nOTdhrz9i49QakCAUWBex022zqA.cer
File:                     nOTdhrz9i49QakCAUWBex022zqA.cer (raw, json)
Hash identifier:          0a58b9d6plV+aAvLBmwQhkKIhyd+PuXl89/7yR3/y10=
Subject key identifier:   9C:E4:DD:86:BC:FD:8B:8F:50:6A:40:80:51:60:5E:C7:4D:B6:CE:A0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856B632DBEB4FAAB409047A2A53E25E408
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/44/b7392f-8c88-4c38-915e-0cf77c1e8584/1/nOTdhrz9i49QakCAUWBex022zqA.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/44/b7392f-8c88-4c38-915e-0cf77c1e8584/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 01 Jan 2023 03:32:20 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    IP: 212.52.29.0/24
                          IP: 2a12:e600::/29

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:63:2d:be:b4:fa:ab:40:90:47:a2:a5:3e:25:e4:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 03:32:20 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9ce4dd86bcfd8b8f506a408051605ec74db6cea0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:35:12:62:db:62:23:d1:4c:9e:06:1a:09:e1:
                    d6:36:f8:1d:72:42:da:4e:32:5b:7c:ac:4b:e7:ba:
                    68:27:63:43:94:ad:2f:ea:3e:6b:d7:54:3b:ef:8d:
                    ba:93:b3:e0:d0:8a:26:d3:71:5a:77:a3:2b:0c:98:
                    b5:c0:b2:01:51:df:d2:41:75:ab:29:9d:7d:3f:55:
                    f7:e5:e6:1a:ac:74:dd:5a:2b:7d:77:6b:33:60:ba:
                    23:4c:e5:2c:03:27:6c:b2:51:cc:e9:ea:29:da:f7:
                    17:56:65:6e:e6:24:b6:2b:0c:6b:7b:ca:83:ed:26:
                    c5:f4:2e:c3:0a:e3:48:d8:9c:08:11:4d:47:60:51:
                    e0:a5:4c:8f:cd:ba:7a:af:2f:cf:34:f0:7e:99:66:
                    d1:ff:d3:a4:59:95:59:3c:c3:84:f3:a0:85:86:a0:
                    db:20:5d:a5:67:45:33:20:61:76:6a:12:df:5c:92:
                    29:9e:08:7d:18:38:3c:d0:24:55:a7:36:e2:8f:c5:
                    34:5d:07:18:d6:cd:32:ef:9b:c5:00:42:36:3b:75:
                    05:d7:46:52:31:a0:c7:1a:35:07:10:03:fc:15:a5:
                    c8:9e:05:66:8e:83:eb:80:97:ec:a1:ec:12:6f:2b:
                    a6:e7:cc:91:c2:40:f1:f3:ef:67:1a:a3:d7:4f:e3:
                    60:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:E4:DD:86:BC:FD:8B:8F:50:6A:40:80:51:60:5E:C7:4D:B6:CE:A0
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/b7392f-8c88-4c38-915e-0cf77c1e8584/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/b7392f-8c88-4c38-915e-0cf77c1e8584/1/nOTdhrz9i49QakCAUWBex022zqA.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.52.29.0/24
                IPv6:
                  2a12:e600::/29

    Signature Algorithm: sha256WithRSAEncryption
         60:6f:52:e7:c5:ef:63:a8:4d:b7:6a:c8:72:80:9c:0a:fc:76:
         6d:f8:53:a1:ce:2b:db:59:05:a3:cd:80:68:02:cb:f7:72:93:
         5d:b5:4c:43:83:00:0a:51:da:bb:d2:6e:ab:33:e0:46:a3:00:
         75:a1:0a:0a:bf:b8:e0:26:80:e7:f0:cf:5f:1c:73:36:43:00:
         0d:be:3c:24:bc:bd:11:de:d7:9e:ac:b6:22:7b:dd:10:f8:5b:
         9b:0f:d3:92:ea:9d:39:dc:9f:eb:5c:40:5f:85:69:ac:fc:a0:
         e9:0f:be:c0:d2:c6:3f:cf:c7:d5:49:41:60:cf:c6:a1:22:18:
         aa:94:7c:f3:22:be:5d:01:29:06:cd:00:04:e6:71:bd:83:f1:
         f0:66:32:dd:0c:3b:e8:2d:28:ef:5e:c5:8f:b0:2e:cc:05:eb:
         f2:10:1a:4e:d8:15:de:b8:7d:08:41:8b:23:a1:dc:ff:97:97:
         51:21:40:25:ed:30:66:41:5b:e9:c5:3b:aa:c3:30:34:db:24:
         1d:4c:eb:e6:65:9f:e4:2a:f4:36:cb:7a:98:42:22:20:10:3a:
         09:69:cc:2e:8c:16:93:2f:4b:41:f1:1b:b9:89:31:b9:72:a7:
         a0:8e:8d:bd:8c:78:3a:4a:4b:49:13:c9:2d:79:2f:0b:55:cd:
         42:5f:e7:83
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVrYy2+tPqrQJBHoqU+JeQIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMDMzMjIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2U0ZGQ4NmJjZmQ4YjhmNTA2YTQwODA1MTYwNWVjNzRkYjZjZWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjUSYttiI9FMngYaCeHWNvgdckLa
TjJbfKxL57poJ2NDlK0v6j5r11Q77426k7Pg0Iom03Fad6MrDJi1wLIBUd/SQXWr
KZ19P1X35eYarHTdWit9d2szYLojTOUsAydsslHM6eop2vcXVmVu5iS2Kwxre8qD
7SbF9C7DCuNI2JwIEU1HYFHgpUyPzbp6ry/PNPB+mWbR/9OkWZVZPMOE86CFhqDb
IF2lZ0UzIGF2ahLfXJIpngh9GDg80CRVpzbij8U0XQcY1s0y75vFAEI2O3UF10ZS
MaDHGjUHEAP8FaXIngVmjoPrgJfsoewSbyum58yRwkDx8+9nGqPXT+NghwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFJzk3Ya8/YuPUGpAgFFgXsdNts6gMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ0L2I3Mzky
Zi04Yzg4LTRjMzgtOTE1ZS0wY2Y3N2MxZTg1ODQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQvYjczOTJm
LThjODgtNGMzOC05MTVlLTBjZjc3YzFlODU4NC8xL25PVGRocno5aTQ5UWFrQ0FV
V0JleDAyMnpxQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQA1DQdMA0EAgACMAcDBQMqEuYAMA0GCSqGSIb3
DQEBCwUAA4IBAQBgb1Lnxe9jqE23ashygJwK/HZt+FOhzivbWQWjzYBoAsv3cpNd
tUxDgwAKUdq70m6rM+BGowB1oQoKv7jgJoDn8M9fHHM2QwANvjwkvL0R3teerLYi
e90Q+FubD9OS6p053J/rXEBfhWms/KDpD77A0sY/z8fVSUFgz8ahIhiqlHzzIr5d
ASkGzQAE5nG9g/HwZjLdDDvoLSjvXsWPsC7MBevyEBpO2BXeuH0IQYsjodz/l5dR
IUAl7TBmQVvpxTuqwzA02yQdTOvmZZ/kKvQ2y3qYQiIgEDoJacwujBaTL0tB8Ru5
iTG5cqegjo29jHg6SktJE8kteS8LVc1CX+eD
-----END CERTIFICATE-----
Generated at Wed Nov 15 14:49:24 2023 by rpki-client on console-fra.rpki-client.org