Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25v841gk9uybXJ85qBFQzhYYEic.cer
File:                     25v841gk9uybXJ85qBFQzhYYEic.cer (raw, json)
Hash identifier:          woNB2pT9zaowsm4yaCafqLjnY55gJgFytZ+la7MWUfw=
Subject key identifier:   DB:9B:FC:E3:58:24:F6:EC:9B:5C:9F:39:A8:11:50:CE:16:18:12:27
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019423D6BA07C2B5A0F6BFA5CFA13AB6C3AF
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/4a/b38707-39ce-4ccb-97a0-9b70d60c4800/1/25v841gk9uybXJ85qBFQzhYYEic.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/4a/b38707-39ce-4ccb-97a0-9b70d60c4800/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 21:47:42 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 35765
                          IP: 87.247.192.0/19
                          IP: 195.128.104.0/21
                          IP: 2a03:7660::/32
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:23:d6:ba:07:c2:b5:a0:f6:bf:a5:cf:a1:3a:b6:c3:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 21:47:42 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=db9bfce35824f6ec9b5c9f39a81150ce16181227
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:30:e8:e0:c0:d1:fe:51:52:ea:6b:d9:cd:ee:
                    6c:bb:1c:ba:e9:0b:ca:00:ef:7a:b0:ed:a8:e6:d8:
                    8d:af:1b:a7:fb:82:a6:9c:99:de:bb:70:cc:40:3d:
                    93:65:87:f7:70:2a:2d:5c:a4:89:aa:5c:ae:5c:66:
                    d1:0d:17:72:4f:6f:a6:94:71:bc:4d:7e:40:34:54:
                    92:bd:22:c6:bd:b3:db:a5:77:4b:98:0a:eb:e2:19:
                    47:67:26:aa:6d:37:4b:5c:b7:dc:d6:22:06:ba:af:
                    9e:73:b5:fb:d9:d0:52:3e:1e:dc:3d:bf:95:d3:65:
                    40:a3:3d:a6:d4:b2:d0:7b:4f:d0:e4:b9:34:35:f5:
                    aa:71:6f:60:4c:89:6e:08:de:b2:19:f4:66:15:e6:
                    3a:94:09:d6:02:b3:66:de:e1:a7:df:5d:02:45:4f:
                    14:eb:1e:28:56:ac:7c:b1:60:49:b1:d3:03:34:d6:
                    50:5d:ff:8b:c5:bc:c0:fd:57:eb:4d:5d:06:81:60:
                    30:fe:e3:5d:0d:de:0c:68:c8:08:fc:f3:0a:bd:24:
                    9c:5b:bf:57:13:71:7a:ee:72:ec:38:ba:08:f8:84:
                    bc:95:2d:15:30:6c:23:2c:30:8f:dc:66:56:04:17:
                    e8:35:c8:8c:10:83:d8:e7:e7:8a:96:2f:76:17:d6:
                    16:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:9B:FC:E3:58:24:F6:EC:9B:5C:9F:39:A8:11:50:CE:16:18:12:27
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/b38707-39ce-4ccb-97a0-9b70d60c4800/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/b38707-39ce-4ccb-97a0-9b70d60c4800/1/25v841gk9uybXJ85qBFQzhYYEic.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.247.192.0/19
                  195.128.104.0/21
                IPv6:
                  2a03:7660::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  35765

    Signature Algorithm: sha256WithRSAEncryption
         92:bb:c0:10:0f:72:89:15:9f:79:e8:d6:bd:cf:6c:ca:49:57:
         14:af:35:62:8e:06:ba:7b:fd:fb:53:e0:ed:60:4f:9e:ba:3a:
         1c:af:33:24:b7:72:b0:95:bb:a8:88:02:1d:b7:24:1d:c2:88:
         8b:4c:ed:73:d6:07:a6:c2:f1:de:00:bd:b5:48:05:aa:77:50:
         77:a6:02:33:f0:de:a5:cf:44:9a:4e:b9:9d:0e:47:a0:df:61:
         d6:9a:f4:a0:d4:a9:47:c0:0d:87:20:76:3e:7f:ef:0e:64:5a:
         f7:60:b1:bc:f2:aa:e9:ba:4c:56:8f:e6:ab:59:19:bb:1a:a5:
         6b:6e:14:27:69:8a:82:75:5a:ad:a4:a2:2e:a0:62:31:4a:16:
         bd:d2:b4:d9:91:5f:c1:e3:18:16:dd:63:f5:de:9f:99:7a:f9:
         c9:e2:8b:8a:f8:ac:51:f7:51:ae:d9:d6:74:fc:bb:86:60:b7:
         ad:3d:51:90:01:9b:02:81:76:e4:49:55:2c:fe:6e:c9:17:8e:
         80:b2:66:8a:c2:ce:15:09:79:f9:a0:81:a5:69:b3:9d:ed:31:
         2c:97:1d:4e:c8:e9:65:13:3c:da:f2:ef:c7:b5:ad:2a:d9:e4:
         14:b0:aa:e5:7b:9f:96:9e:41:ed:ee:e6:99:02:66:5b:ae:01:
         ed:58:3b:90
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZQj1roHwrWg9r+lz6E6tsOvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMjE0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjliZmNlMzU4MjRmNmVjOWI1YzlmMzlhODExNTBjZTE2MTgxMjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTDo4MDR/lFS6mvZze5suxy66QvK
AO96sO2o5tiNrxun+4KmnJneu3DMQD2TZYf3cCotXKSJqlyuXGbRDRdyT2+mlHG8
TX5ANFSSvSLGvbPbpXdLmArr4hlHZyaqbTdLXLfc1iIGuq+ec7X72dBSPh7cPb+V
02VAoz2m1LLQe0/Q5Lk0NfWqcW9gTIluCN6yGfRmFeY6lAnWArNm3uGn310CRU8U
6x4oVqx8sWBJsdMDNNZQXf+LxbzA/VfrTV0GgWAw/uNdDd4MaMgI/PMKvSScW79X
E3F67nLsOLoI+IS8lS0VMGwjLDCP3GZWBBfoNciMEIPY5+eKli92F9YWuQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFNub/ONYJPbsm1yfOagRUM4WGBInMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRhL2IzODcw
Ny0zOWNlLTRjY2ItOTdhMC05YjcwZDYwYzQ4MDAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEvYjM4NzA3
LTM5Y2UtNGNjYi05N2EwLTliNzBkNjBjNDgwMC8xLzI1djg0MWdrOXV5YlhKODVx
QkZRemhZWUVpYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQFV/fAAwQDw4BoMA0EAgACMAcDBQAqA3ZgMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwCLtTANBgkqhkiG9w0BAQsFAAOCAQEAkrvA
EA9yiRWfeejWvc9syklXFK81Yo4Gunv9+1Pg7WBPnro6HK8zJLdysJW7qIgCHbck
HcKIi0ztc9YHpsLx3gC9tUgFqndQd6YCM/Depc9Emk65nQ5HoN9h1pr0oNSpR8AN
hyB2Pn/vDmRa92CxvPKq6bpMVo/mq1kZuxqla24UJ2mKgnVaraSiLqBiMUoWvdK0
2ZFfweMYFt1j9d6fmXr5yeKLivisUfdRrtnWdPy7hmC3rT1RkAGbAoF25ElVLP5u
yReOgLJmisLOFQl5+aCBpWmzne0xLJcdTsjpZRM82vLvx7WtKtnkFLCq5Xuflp5B
7e7mmQJmW64B7Vg7kA==
-----END CERTIFICATE-----