Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bS1v21ZgnVxmXQsFSQ6GSaD_xkQ.cer
File:                     bS1v21ZgnVxmXQsFSQ6GSaD_xkQ.cer (raw, json)
Hash identifier:          +PfNxcQvMVEdIkczQKfs2Dq3N2t0WugQVvaCz0U9xhY=
Subject key identifier:   6D:2D:6F:DB:56:60:9D:5C:66:5D:0B:05:49:0E:86:49:A0:FF:C6:44
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC72611A9C3BBF6CDDD6F5E4BB999F55E
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/17/51b7f1-b7ae-41a7-80c4-cb7d5e64fb00/1/bS1v21ZgnVxmXQsFSQ6GSaD_xkQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/17/51b7f1-b7ae-41a7-80c4-cb7d5e64fb00/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 22:30:10 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 64405
                          IP: 185.139.248.0/22
                          IP: 2a07:1900::/29

Validation:               Failed, certificate revoked on Thu 18 Apr 2024 09:34:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:26:11:a9:c3:bb:f6:cd:dd:6f:5e:4b:b9:99:f5:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 22:30:10 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6d2d6fdb56609d5c665d0b05490e8649a0ffc644
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:f8:1d:30:39:05:f4:09:27:9c:d1:44:4d:c6:
                    79:2f:f4:c6:b4:94:d8:73:90:fd:90:c1:7e:5e:fc:
                    0d:1f:b1:87:93:be:ef:09:4b:c6:e9:ba:50:c6:5e:
                    62:48:58:4d:f5:4e:0c:f4:52:d5:40:b7:35:ad:81:
                    a3:40:83:f8:87:84:a9:b6:ac:c5:36:2c:6c:e5:5a:
                    be:94:16:d6:bd:03:7f:fc:3d:12:2c:07:fb:f4:ac:
                    54:da:eb:f1:2f:5d:32:b6:12:56:28:a4:a3:de:35:
                    c5:3b:7b:01:a5:02:5c:b4:27:39:09:50:4c:c8:50:
                    b9:44:92:a6:6e:22:42:60:61:a6:d5:78:e3:08:cc:
                    b2:1a:dc:cc:a7:e3:ee:a0:88:c3:8f:d3:1e:42:48:
                    3f:ed:3d:1a:06:59:f7:bd:67:1c:d4:a1:39:49:97:
                    07:27:b5:ba:13:51:d4:af:b7:ce:b1:27:92:fc:79:
                    46:bf:13:c9:5f:74:b1:53:88:a2:0b:50:35:9f:88:
                    85:8c:10:93:ce:cd:a2:59:66:21:4b:99:ee:30:51:
                    fa:47:8c:aa:a7:cb:c1:5c:78:00:c9:03:d6:90:3b:
                    81:bc:7e:2c:5d:3a:80:7f:db:ff:e8:14:a6:bf:0a:
                    8c:7b:59:3b:be:07:c7:cf:96:b1:1f:d8:ef:9d:49:
                    3a:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:2D:6F:DB:56:60:9D:5C:66:5D:0B:05:49:0E:86:49:A0:FF:C6:44
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/51b7f1-b7ae-41a7-80c4-cb7d5e64fb00/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/51b7f1-b7ae-41a7-80c4-cb7d5e64fb00/1/bS1v21ZgnVxmXQsFSQ6GSaD_xkQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.139.248.0/22
                IPv6:
                  2a07:1900::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  64405

    Signature Algorithm: sha256WithRSAEncryption
         5c:01:3e:25:38:ce:21:20:9e:a2:26:ed:35:4c:21:c2:c5:28:
         72:0e:8a:8f:4b:19:aa:fb:25:d8:6f:2d:73:cf:76:9a:ce:6e:
         bf:7c:f6:a3:2e:a7:0d:60:19:ad:b8:41:46:ea:d6:c2:ba:49:
         27:2a:44:50:b7:4e:f3:71:57:8d:62:3f:64:13:f9:90:96:3c:
         d9:dd:21:24:2b:67:83:03:7a:fa:2d:4f:5e:20:b4:5d:67:ae:
         0a:63:7f:7d:f2:97:9e:ac:64:48:ac:46:a2:a6:13:ec:51:38:
         83:74:d4:63:03:77:0e:e5:59:2c:32:67:00:87:af:68:a4:7c:
         3a:99:95:c9:e8:ad:1a:5b:3e:6b:06:e0:12:7b:c2:8b:85:70:
         62:7c:3f:d1:16:16:2f:2e:9b:1a:08:ac:cb:56:68:8b:13:25:
         f0:83:0b:4f:6a:93:70:ce:f4:01:62:26:08:21:3a:74:c3:d3:
         df:dc:04:b3:61:c5:23:5f:d0:81:1e:34:83:d8:7d:fa:8f:f7:
         a5:10:ec:1f:4a:4a:14:77:28:04:21:35:e7:ef:24:51:16:95:
         a6:f6:33:ef:fd:57:d7:e2:b0:95:cb:ed:bf:7c:38:1c:ce:e5:
         f0:b0:df:6d:ca:68:03:82:c6:0a:55:c4:97:b3:c5:6f:52:42:
         4d:c0:92:68
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzHJhGpw7v2zd1vXku5mfVeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjIzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDJkNmZkYjU2NjA5ZDVjNjY1ZDBiMDU0OTBlODY0OWEwZmZjNjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvgdMDkF9AknnNFETcZ5L/TGtJTY
c5D9kMF+XvwNH7GHk77vCUvG6bpQxl5iSFhN9U4M9FLVQLc1rYGjQIP4h4SptqzF
Nixs5Vq+lBbWvQN//D0SLAf79KxU2uvxL10ythJWKKSj3jXFO3sBpQJctCc5CVBM
yFC5RJKmbiJCYGGm1XjjCMyyGtzMp+PuoIjDj9MeQkg/7T0aBln3vWcc1KE5SZcH
J7W6E1HUr7fOsSeS/HlGvxPJX3SxU4iiC1A1n4iFjBCTzs2iWWYhS5nuMFH6R4yq
p8vBXHgAyQPWkDuBvH4sXTqAf9v/6BSmvwqMe1k7vgfHz5axH9jvnUk6wwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFG0tb9tWYJ1cZl0LBUkOhkmg/8ZEMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE3LzUxYjdm
MS1iN2FlLTQxYTctODBjNC1jYjdkNWU2NGZiMDAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcvNTFiN2Yx
LWI3YWUtNDFhNy04MGM0LWNiN2Q1ZTY0ZmIwMC8xL2JTMXYyMVpnblZ4bVhRc0ZT
UTZHU2FEX3hrUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuYv4MA0EAgACMAcDBQMqBxkAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwD7lTANBgkqhkiG9w0BAQsFAAOCAQEAXAE+JTjOISCe
oibtNUwhwsUocg6Kj0sZqvsl2G8tc892ms5uv3z2oy6nDWAZrbhBRurWwrpJJypE
ULdO83FXjWI/ZBP5kJY82d0hJCtngwN6+i1PXiC0XWeuCmN/ffKXnqxkSKxGoqYT
7FE4g3TUYwN3DuVZLDJnAIevaKR8OpmVyeitGls+awbgEnvCi4VwYnw/0RYWLy6b
Ggisy1ZoixMl8IMLT2qTcM70AWImCCE6dMPT39wEs2HFI1/QgR40g9h9+o/3pRDs
H0pKFHcoBCE15+8kURaVpvYz7/1X1+Kwlcvtv3w4HM7l8LDfbcpoA4LGClXEl7PF
b1JCTcCSaA==
-----END CERTIFICATE-----