Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
File:                     0BugE7webYbw1tWOr6VOJ_raNEQ.cer (raw, json)
Hash identifier:          MMsHejvJJdVYxk8fObFmUg0Ch/fQxa7S7zx8XA1RnWw=
Subject key identifier:   D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019420D65EB8EE2D2DC18801835D381E26AF
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 07:48:27 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    IP: 45.86.92.0/22
                          IP: 78.24.120.0/21
                          IP: 93.92.17.0 -- 93.92.23.255
                          IP: 2a0f:69c0::/29
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:20:d6:5e:b8:ee:2d:2d:c1:88:01:83:5d:38:1e:26:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 07:48:27 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:c6:cc:4f:4c:0b:77:ed:5f:3b:29:6e:9e:ab:
                    ab:14:05:ad:71:c6:50:86:56:d0:b0:12:b8:72:6a:
                    1a:29:f1:eb:e8:cc:08:4a:67:30:eb:1f:b5:ef:f7:
                    dd:e8:df:b9:1b:25:32:25:8d:0d:7c:8c:6f:85:2d:
                    30:9c:45:f2:9c:8e:32:71:63:5c:f8:23:76:d7:a6:
                    7c:d9:d6:8e:72:2c:63:be:42:f1:0e:aa:02:9a:24:
                    95:82:6e:05:60:0b:72:fb:d9:f6:bd:7a:7a:bb:eb:
                    8b:24:b8:a5:62:7f:f2:e6:00:b4:75:78:8a:45:00:
                    5a:28:7f:fc:30:20:d7:34:ed:c3:8d:d3:12:23:b7:
                    36:5c:91:ca:e6:39:76:1a:2f:cb:11:83:bb:86:ab:
                    a3:bf:b9:89:49:32:d4:0d:4c:e8:40:c0:eb:6e:f3:
                    83:54:07:45:10:ba:fe:d0:a4:b9:63:85:24:d6:71:
                    60:33:70:ce:70:26:25:93:27:8b:c0:47:a4:f3:b0:
                    46:44:67:aa:7e:bb:3a:78:97:f4:49:38:cf:1c:67:
                    a2:51:d0:d5:03:7e:17:86:04:d2:1e:36:4c:34:82:
                    66:84:5d:94:5b:05:f9:80:6b:1b:8c:c7:9c:b6:87:
                    38:85:e5:01:bf:94:dc:ae:71:4e:4a:dc:c5:b1:07:
                    fb:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.86.92.0/22
                  78.24.120.0/21
                  93.92.17.0-93.92.23.255
                IPv6:
                  2a0f:69c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         7c:a1:fd:4c:21:55:dd:50:4c:12:ea:c8:f9:eb:89:6f:fb:24:
         95:b9:96:e8:54:84:16:e4:22:4d:fd:e6:12:0e:99:6f:a9:d0:
         01:6e:41:15:08:55:b6:99:87:b8:15:0f:5e:fa:09:37:ef:d7:
         a5:4b:b2:4e:a7:28:89:99:36:22:37:af:37:e4:3a:12:21:ed:
         a7:28:34:99:21:2e:eb:26:9c:bd:33:7c:f4:78:77:75:90:75:
         aa:e0:7c:7c:84:56:3d:9f:06:3b:3f:2b:1b:32:40:59:81:54:
         d5:b4:d7:15:73:71:3c:30:4e:80:49:31:da:69:a9:17:f5:3c:
         1d:7d:cb:de:eb:c9:57:1d:d0:bf:fa:99:ea:4c:c5:3c:ec:58:
         61:04:68:10:94:39:46:16:27:8f:e3:65:a9:4c:87:7a:fd:4d:
         70:a4:e6:81:10:e7:cb:fb:e5:23:03:ec:94:34:5b:68:a7:96:
         b2:19:85:70:44:39:0b:39:ba:a0:2b:1a:25:d8:a3:13:f6:22:
         12:8f:80:47:ba:0e:fd:80:7c:c6:a6:0d:61:20:8f:f8:4d:d5:
         fb:c0:04:82:81:5d:c3:ad:2d:d3:37:ac:a4:f3:5d:13:5f:7a:
         78:d7:0a:98:cb:8a:5c:42:ad:a4:f4:ae:a0:fe:e0:bf:f5:3d:
         14:61:07:99
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgISAZQg1l647i0twYgBg104HiavMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDc0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDFiYTAxM2JjMWU2ZDg2ZjBkNmQ1OGVhZmE1NGUyN2ZhZGEzNDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsbMT0wLd+1fOylunqurFAWtccZQ
hlbQsBK4cmoaKfHr6MwISmcw6x+17/fd6N+5GyUyJY0NfIxvhS0wnEXynI4ycWNc
+CN216Z82daOcixjvkLxDqoCmiSVgm4FYAty+9n2vXp6u+uLJLilYn/y5gC0dXiK
RQBaKH/8MCDXNO3DjdMSI7c2XJHK5jl2Gi/LEYO7hqujv7mJSTLUDUzoQMDrbvOD
VAdFELr+0KS5Y4Uk1nFgM3DOcCYlkyeLwEek87BGRGeqfrs6eJf0STjPHGeiUdDV
A34XhgTSHjZMNIJmhF2UWwX5gGsbjMectoc4heUBv5TcrnFOStzFsQf7LwIDAQAB
o4ICwzCCAr8wHQYDVR0OBBYEFNAboBO8Hm2G8NbVjq+lTif62jREMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E1MjJh
NTJmLTY1MzQtNDE2NS1hNmE3LWVmOWY3NGVmOTQzMS8xLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTUy
MmE1MmYtNjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5NDMxLzEvRDAxQkEwMTNCQzFF
NkQ4NkYwRDZENThFQUZBNTRFMjdGQURBMzQ0NC5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjBCBggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGgME
Ai1WXAMEA04YeDAMAwQAXVwRAwQDXVwQMA0EAgACMAcDBQMqD2nAMA0GCSqGSIb3
DQEBCwUAA4IBAQB8of1MIVXdUEwS6sj564lv+ySVuZboVIQW5CJN/eYSDplvqdAB
bkEVCFW2mYe4FQ9e+gk379elS7JOpyiJmTYiN6835DoSIe2nKDSZIS7rJpy9M3z0
eHd1kHWq4Hx8hFY9nwY7PysbMkBZgVTVtNcVc3E8ME6ASTHaaakX9Twdfcve68lX
HdC/+pnqTMU87FhhBGgQlDlGFieP42WpTId6/U1wpOaBEOfL++UjA+yUNFtop5ay
GYVwRDkLObqgKxol2KMT9iISj4BHug79gHzGpg1hII/4TdX7wASCgV3DrS3TN6yk
810TX3p41wqYy4pcQq2k9K6g/uC/9T0UYQeZ
-----END CERTIFICATE-----