Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/nWz2idSa8woXuBDn8nWHL9kW2Fg.cer
File:                     nWz2idSa8woXuBDn8nWHL9kW2Fg.cer (raw, json)
Hash identifier:          RuBQ/WIiozVx+dofnkTCCikARG0dQL5is/vCButgIVk=
Subject key identifier:   9D:6C:F6:89:D4:9A:F3:0A:17:B8:10:E7:F2:75:87:2F:D9:16:D8:58
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC34962D5C6B024E6EC77EFF6B616C37D
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/65/748359-eb6d-45f7-b5cb-4fd381b07f7d/1/nWz2idSa8woXuBDn8nWHL9kW2Fg.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/65/748359-eb6d-45f7-b5cb-4fd381b07f7d/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 04:30:15 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 196682
                          IP: 91.219.28.0/22
                          IP: 193.9.28.0/24
                          IP: 2001:678:108::/48

Validation:               Failed, certificate revoked on Mon 02 Sep 2024 07:27:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:62:d5:c6:b0:24:e6:ec:77:ef:f6:b6:16:c3:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 04:30:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9d6cf689d49af30a17b810e7f275872fd916d858
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:5d:3e:f9:54:69:4b:98:26:aa:79:dc:00:6a:
                    9b:58:4c:c2:05:49:b9:05:fc:65:cd:59:57:1b:72:
                    38:49:4f:54:04:a4:b7:79:96:69:21:ec:2b:9e:8d:
                    cb:df:a4:d0:fe:3c:b2:71:90:e0:a7:dc:cf:2c:ab:
                    07:ac:0b:fe:44:d2:89:bb:b9:3b:a7:8f:de:21:84:
                    b3:34:4d:ee:43:8f:59:b6:a9:aa:16:71:06:8a:ae:
                    b3:47:e5:e6:4f:92:51:f1:df:b7:56:c4:47:1a:fd:
                    c2:c1:22:81:38:56:c9:cb:c8:19:6c:6b:22:0c:a4:
                    14:a9:7b:ce:24:a8:1d:92:fe:02:cf:e0:2c:a4:b1:
                    de:e1:d8:a0:0b:8d:ad:a6:cc:36:14:c9:8c:2b:cb:
                    57:8e:cf:23:2a:c9:c7:0e:23:29:88:40:d6:52:a9:
                    1a:11:eb:50:63:7a:65:8a:6b:f2:a5:72:24:3d:2b:
                    fd:f5:b5:4d:f4:b2:cb:5f:c7:35:ca:28:13:05:09:
                    69:5b:b0:05:8f:39:a9:d9:28:a7:87:32:f2:5e:7a:
                    2c:da:01:54:18:b0:0c:7f:f2:09:86:c3:ac:9d:4d:
                    77:1c:48:ee:01:55:fb:ea:cc:29:d0:39:f4:50:df:
                    d0:69:35:a5:a4:e4:32:67:0b:bd:15:b2:32:ad:33:
                    fb:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:6C:F6:89:D4:9A:F3:0A:17:B8:10:E7:F2:75:87:2F:D9:16:D8:58
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/748359-eb6d-45f7-b5cb-4fd381b07f7d/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/748359-eb6d-45f7-b5cb-4fd381b07f7d/1/nWz2idSa8woXuBDn8nWHL9kW2Fg.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.219.28.0/22
                  193.9.28.0/24
                IPv6:
                  2001:678:108::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  196682

    Signature Algorithm: sha256WithRSAEncryption
         10:76:56:77:5a:4b:4d:05:8d:9a:fc:6b:32:1a:06:84:ec:ff:
         cd:f1:7a:c3:8a:5d:9a:02:aa:76:bb:22:76:70:fe:f6:4a:a3:
         1d:6c:14:91:e7:3c:a8:6a:fa:3a:40:db:24:6d:ff:a7:35:14:
         11:3a:f7:29:2b:62:8d:d0:d0:04:c0:c2:81:f9:3a:f9:43:a6:
         1b:d4:00:00:50:52:38:d0:76:d9:ad:01:8f:1b:01:9c:57:0a:
         a6:3a:c9:36:1b:30:8f:0e:f5:8d:0c:ad:a4:1e:c7:f6:78:df:
         60:e3:e0:c1:24:6b:b4:e2:e8:4d:4d:aa:b1:c2:d7:83:8f:c7:
         c0:f4:aa:1d:d1:71:54:64:a4:c6:ab:36:c5:20:da:6e:a5:37:
         ac:9d:bf:fe:2e:c2:63:7b:2e:ed:9d:fe:93:6f:ee:c3:ab:de:
         be:8e:75:b7:9a:09:9e:8c:aa:2f:75:cf:ce:4d:99:fe:bb:68:
         28:54:80:5d:48:ef:da:e1:7a:e8:b7:d2:4d:52:d2:fb:50:79:
         2b:8b:ed:83:bc:47:13:81:75:83:b1:e7:55:4b:82:e4:c0:50:
         bc:d0:57:49:d9:20:95:58:ed:d8:dd:a2:19:e2:8c:d7:b9:bc:
         e9:eb:1f:17:e9:bb:8e:49:cb:5a:e5:1a:5c:f2:f8:68:6b:52:
         1b:dd:da:7a
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAYzDSWLVxrAk5ux37/a2FsN9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDZjZjY4OWQ0OWFmMzBhMTdiODEwZTdmMjc1ODcyZmQ5MTZkODU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxV0++VRpS5gmqnncAGqbWEzCBUm5
BfxlzVlXG3I4SU9UBKS3eZZpIewrno3L36TQ/jyycZDgp9zPLKsHrAv+RNKJu7k7
p4/eIYSzNE3uQ49ZtqmqFnEGiq6zR+XmT5JR8d+3VsRHGv3CwSKBOFbJy8gZbGsi
DKQUqXvOJKgdkv4Cz+AspLHe4digC42tpsw2FMmMK8tXjs8jKsnHDiMpiEDWUqka
EetQY3plimvypXIkPSv99bVN9LLLX8c1yigTBQlpW7AFjzmp2SinhzLyXnos2gFU
GLAMf/IJhsOsnU13HEjuAVX76swp0Dn0UN/QaTWlpOQyZwu9FbIyrTP75QIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFJ1s9onUmvMKF7gQ5/J1hy/ZFthYMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY1Lzc0ODM1
OS1lYjZkLTQ1ZjctYjVjYi00ZmQzODFiMDdmN2QvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUvNzQ4MzU5
LWViNmQtNDVmNy1iNWNiLTRmZDM4MWIwN2Y3ZC8xL25XejJpZFNhOHdvWHVCRG44
bldITDlrVzJGZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUF
BwEHAQH/BCcwJTASBAIAATAMAwQCW9scAwQAwQkcMA8EAgACMAkDBwAgAQZ4AQgw
GgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAwBKMA0GCSqGSIb3DQEBCwUAA4IBAQAQ
dlZ3WktNBY2a/GsyGgaE7P/N8XrDil2aAqp2uyJ2cP72SqMdbBSR5zyoavo6QNsk
bf+nNRQROvcpK2KN0NAEwMKB+Tr5Q6Yb1AAAUFI40HbZrQGPGwGcVwqmOsk2GzCP
DvWNDK2kHsf2eN9g4+DBJGu04uhNTaqxwteDj8fA9Kod0XFUZKTGqzbFINpupTes
nb/+LsJjey7tnf6Tb+7Dq96+jnW3mgmejKovdc/OTZn+u2goVIBdSO/a4Xrot9JN
UtL7UHkri+2DvEcTgXWDsedVS4LkwFC80FdJ2SCVWO3Y3aIZ4ozXubzp6x8X6buO
Scta5Rpc8vhoa1Ib3dp6
-----END CERTIFICATE-----
Generated at Mon Sep 2 10:21:49 2024 by rpki-client on console-ams.rpki-client.org