Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/vh-2qG2lg2bYfkU6vuUXVhNcTW0.cer
File:                     vh-2qG2lg2bYfkU6vuUXVhNcTW0.cer (raw, json)
Hash identifier:          ylBIlrCm5ix1v4lDUL+0W+jMeHOUx2Hcd8yIbE0Yzng=
Subject key identifier:   BE:1F:B6:A8:6D:A5:83:66:D8:7E:45:3A:BE:E5:17:56:13:5C:4D:6D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01856F41B3CDF8D4277E28BDB361AE272D64
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/13/a47ac4-66ee-4ca4-a121-174dd79717a0/1/vh-2qG2lg2bYfkU6vuUXVhNcTW0.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/13/a47ac4-66ee-4ca4-a121-174dd79717a0/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 01 Jan 2023 21:34:14 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 35288
                          IP: 194.36.122.0/23
                          IP: 194.36.138.0/23

Validation:               Failed, certificate revoked on Mon 04 Dec 2023 15:11:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:41:b3:cd:f8:d4:27:7e:28:bd:b3:61:ae:27:2d:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 21:34:14 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=be1fb6a86da58366d87e453abee51756135c4d6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:3e:45:a0:8a:6e:74:75:37:93:8c:f1:e4:a9:
                    8c:3e:9d:38:b1:9b:71:6c:42:69:59:9c:9a:8d:7a:
                    08:47:f2:05:fa:37:4e:0f:32:80:c0:6c:19:24:30:
                    02:e3:69:f7:73:ce:fa:7d:0d:78:bb:40:ed:31:c2:
                    80:38:b4:a3:12:9b:f0:0b:66:b3:96:39:f0:87:7f:
                    d2:ea:25:19:5c:c4:08:7c:99:e4:d3:bc:73:e1:4c:
                    84:63:cd:43:03:17:1e:d7:d5:97:61:59:1f:da:94:
                    63:69:fa:6e:68:3e:77:10:90:17:06:bf:8c:d5:cf:
                    a9:8d:00:10:05:b7:66:23:a3:1e:e5:e8:df:40:dc:
                    17:d2:94:d2:6b:21:46:e4:7f:6b:d2:3e:b3:92:e1:
                    28:4b:32:f1:84:8c:84:46:a9:76:c4:b0:07:5f:d3:
                    49:e1:f9:4e:d2:a1:fc:90:33:1d:3a:39:e2:3e:8b:
                    c0:62:3a:e1:f3:b3:7d:8a:4d:76:00:2e:98:1c:33:
                    d4:ef:37:c2:b7:f9:6c:ad:54:c8:df:08:ff:20:91:
                    13:4a:93:f1:b0:02:e0:4c:6b:91:40:61:c9:8a:69:
                    0f:87:21:44:6c:77:e4:b8:0c:15:d6:31:bb:d0:e2:
                    85:c9:6a:73:76:1f:46:25:ab:a0:c1:f2:a0:44:e5:
                    08:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:1F:B6:A8:6D:A5:83:66:D8:7E:45:3A:BE:E5:17:56:13:5C:4D:6D
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a47ac4-66ee-4ca4-a121-174dd79717a0/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a47ac4-66ee-4ca4-a121-174dd79717a0/1/vh-2qG2lg2bYfkU6vuUXVhNcTW0.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.36.122.0/23
                  194.36.138.0/23

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  35288

    Signature Algorithm: sha256WithRSAEncryption
         a6:3b:6b:45:ec:79:08:60:8c:fd:14:1b:56:e1:82:73:0a:88:
         10:4e:4b:f3:7b:26:da:cb:56:e5:b9:90:67:f9:d4:a3:9e:4f:
         17:cc:22:01:e8:7a:41:51:d1:bd:19:2c:71:a2:e8:a2:cf:ab:
         75:a8:d4:fe:c6:56:a8:95:be:53:8c:8c:29:45:30:86:c0:da:
         84:8d:ff:32:34:76:59:05:ac:85:c0:da:34:f4:6b:ad:3f:9e:
         95:80:cc:62:18:7e:16:20:d8:20:07:c4:9e:93:83:b2:02:40:
         61:d4:c1:6c:68:fc:8b:1a:6f:06:a5:16:f8:c9:42:9f:e1:27:
         6f:6f:4d:cf:72:77:b7:a6:43:ae:27:67:4d:82:16:99:5a:d8:
         35:bd:0c:f6:9c:4d:3c:3f:4e:36:c3:83:12:20:1f:da:ec:46:
         46:6d:91:56:8f:8a:cb:3c:69:15:02:d4:3f:a3:9a:f5:db:41:
         75:30:70:46:75:bc:58:cc:a8:b2:00:a3:c2:0b:4f:4d:10:87:
         5a:81:bd:95:ba:e8:a8:99:b3:8f:d1:c7:fd:5a:6a:79:dd:33:
         24:66:9b:50:c4:3a:46:5f:82:36:7d:24:48:20:62:1a:65:e4:
         ae:c0:49:42:fa:51:7b:e6:70:75:63:47:83:f2:34:fd:e8:eb:
         ee:80:b9:ca
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYVvQbPN+NQnfii9s2GuJy1kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMjEzNDE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTFmYjZhODZkYTU4MzY2ZDg3ZTQ1M2FiZWU1MTc1NjEzNWM0ZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlz5FoIpudHU3k4zx5KmMPp04sZtx
bEJpWZyajXoIR/IF+jdODzKAwGwZJDAC42n3c876fQ14u0DtMcKAOLSjEpvwC2az
ljnwh3/S6iUZXMQIfJnk07xz4UyEY81DAxce19WXYVkf2pRjafpuaD53EJAXBr+M
1c+pjQAQBbdmI6Me5ejfQNwX0pTSayFG5H9r0j6zkuEoSzLxhIyERql2xLAHX9NJ
4flO0qH8kDMdOjniPovAYjrh87N9ik12AC6YHDPU7zfCt/lsrVTI3wj/IJETSpPx
sALgTGuRQGHJimkPhyFEbHfkuAwV1jG70OKFyWpzdh9GJaugwfKgROUIEQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFL4ftqhtpYNm2H5FOr7lF1YTXE1tMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEzL2E0N2Fj
NC02NmVlLTRjYTQtYTEyMS0xNzRkZDc5NzE3YTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMvYTQ3YWM0
LTY2ZWUtNGNhNC1hMTIxLTE3NGRkNzk3MTdhMC8xL3ZoLTJxRzJsZzJiWWZrVTZ2
dVVYVmhOY1RXMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQBwiR6AwQBwiSKMBoGCCsGAQUFBwEIAQH/BAsw
CaAHMAUCAwCJ2DANBgkqhkiG9w0BAQsFAAOCAQEApjtrRex5CGCM/RQbVuGCcwqI
EE5L83sm2stW5bmQZ/nUo55PF8wiAeh6QVHRvRkscaLoos+rdajU/sZWqJW+U4yM
KUUwhsDahI3/MjR2WQWshcDaNPRrrT+elYDMYhh+FiDYIAfEnpODsgJAYdTBbGj8
ixpvBqUW+MlCn+Enb29Nz3J3t6ZDridnTYIWmVrYNb0M9pxNPD9ONsODEiAf2uxG
Rm2RVo+KyzxpFQLUP6Oa9dtBdTBwRnW8WMyosgCjwgtPTRCHWoG9lbroqJmzj9HH
/Vpqed0zJGabUMQ6Rl+CNn0kSCBiGmXkrsBJQvpRe+ZwdWNHg/I0/ejr7oC5yg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:03:44 2024 by rpki-client on console-fra.rpki-client.org