Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34laPuIhG27i33IC8JpCZoDWYmk.cer
File:                     34laPuIhG27i33IC8JpCZoDWYmk.cer (raw, json)
Hash identifier:          INS/ZcvaxXL5UddDtm/uLA7p84AOxmsIU4N9gxJ7k2A=
Subject key identifier:   DF:89:5A:3E:E2:21:1B:6E:E2:DF:72:02:F0:9A:42:66:80:D6:62:69
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019420D5C0AB313D9D2CA05EE8ABA55F563E
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/34laPuIhG27i33IC8JpCZoDWYmk.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 07:47:46 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 215102
                          IP: 94.142.250.0/24
                          IP: 2a12:5940::/29
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:20:d5:c0:ab:31:3d:9d:2c:a0:5e:e8:ab:a5:5f:56:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 07:47:46 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=df895a3ee2211b6ee2df7202f09a426680d66269
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:83:8e:7d:de:51:1b:9d:fb:7b:36:1d:60:af:
                    eb:4e:49:74:02:0c:6f:67:06:80:4b:43:5a:c4:7a:
                    73:94:a8:ce:ea:9e:1f:98:5c:b7:ee:a4:d8:ce:0a:
                    50:9d:d8:b7:bb:1f:8d:a5:69:1f:38:38:c2:3e:fc:
                    e7:24:85:1d:53:dd:67:ce:56:b7:6b:52:81:6d:da:
                    9f:b5:35:93:39:9d:b9:00:d7:fd:7e:bc:15:1b:08:
                    2a:4e:72:84:31:74:42:b2:97:1b:ff:c1:ad:96:90:
                    14:ac:9f:b6:67:6f:bc:6d:ef:7d:3c:67:29:04:ca:
                    28:75:15:5e:a7:8f:af:28:5a:50:78:46:33:59:04:
                    10:e5:c3:34:02:ba:bd:31:fc:34:3f:2f:ad:6b:84:
                    cf:2b:a0:ed:11:3d:f3:c6:14:60:78:67:0d:c5:20:
                    5a:d1:33:cc:72:f8:a8:c9:ef:ef:9a:e3:8b:e8:aa:
                    b9:35:58:94:84:ed:a0:e7:58:70:fa:bf:66:57:1e:
                    1d:94:57:bf:99:fe:43:6a:24:5f:8d:f9:d0:79:d8:
                    23:b5:8a:d9:dc:e3:c7:3f:cc:9e:1d:35:04:0b:d4:
                    e3:ea:1c:0c:40:53:f4:e2:d2:92:ba:b7:10:bd:2b:
                    b1:b4:ea:da:08:cd:6e:e1:e6:b2:9e:f0:77:2e:89:
                    03:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:89:5A:3E:E2:21:1B:6E:E2:DF:72:02:F0:9A:42:66:80:D6:62:69
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/34laPuIhG27i33IC8JpCZoDWYmk.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.142.250.0/24
                IPv6:
                  2a12:5940::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  215102

    Signature Algorithm: sha256WithRSAEncryption
         87:06:f5:2a:9c:5a:3d:ad:8f:e2:08:82:a1:7a:b3:22:0b:b3:
         1b:a1:bb:43:b1:cc:4d:ec:56:32:a5:a2:1b:2f:bf:ac:3d:f3:
         4b:b9:06:ae:76:a9:ca:7d:f3:1c:a4:e1:4b:71:f9:74:ce:3c:
         e2:40:34:e1:ba:d2:55:c4:82:c4:2c:1a:e5:2e:50:21:ac:84:
         a2:2e:ea:e7:db:c5:20:00:f6:40:2f:0b:56:5a:6c:71:a3:a3:
         3a:ff:19:8f:56:4f:29:98:b7:82:9d:69:37:ff:68:fd:a4:78:
         11:9c:0a:2a:55:57:ae:1e:ae:90:dd:6b:bf:f2:c5:00:56:a6:
         68:65:68:1a:88:ba:71:99:a9:d8:a2:fe:f5:ce:6f:ce:58:c5:
         1e:31:c8:3f:a5:68:98:fd:4f:55:74:91:d4:61:76:cb:47:56:
         fb:00:0f:1c:5e:16:62:2a:e5:65:20:22:2e:0a:e4:3e:63:5c:
         ca:e7:c5:98:62:45:11:a5:a7:1a:1a:2d:b9:85:cf:68:84:e7:
         66:49:81:2e:04:fd:88:42:d7:1a:a6:92:47:4d:59:21:44:38:
         4b:5f:a1:73:fc:15:db:ea:c2:c2:03:1c:45:99:e1:09:4d:61:
         8c:b7:e4:45:20:76:1a:c8:5d:e6:48:40:76:0f:6b:7b:02:21:
         14:5a:5b:99
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQg1cCrMT2dLKBe6KulX1Y+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDc0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjg5NWEzZWUyMjExYjZlZTJkZjcyMDJmMDlhNDI2NjgwZDY2MjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoOOfd5RG537ezYdYK/rTkl0Agxv
ZwaAS0NaxHpzlKjO6p4fmFy37qTYzgpQndi3ux+NpWkfODjCPvznJIUdU91nzla3
a1KBbdqftTWTOZ25ANf9frwVGwgqTnKEMXRCspcb/8GtlpAUrJ+2Z2+8be99PGcp
BMoodRVep4+vKFpQeEYzWQQQ5cM0Arq9Mfw0Py+ta4TPK6DtET3zxhRgeGcNxSBa
0TPMcvioye/vmuOL6Kq5NViUhO2g51hw+r9mVx4dlFe/mf5DaiRfjfnQedgjtYrZ
3OPHP8yeHTUEC9Tj6hwMQFP04tKSurcQvSuxtOraCM1u4eaynvB3LokDPQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFN+JWj7iIRtu4t9yAvCaQmaA1mJpMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEwLzFhNzJh
Ny0yNzdkLTQ0ZjUtODdkZS03MGIyZWJkNTE0MzgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAvMWE3MmE3
LTI3N2QtNDRmNS04N2RlLTcwYjJlYmQ1MTQzOC8xLzM0bGFQdUloRzI3aTMzSUM4
SnBDWm9EV1ltay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAXo76MA0EAgACMAcDBQMqEllAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNIPjANBgkqhkiG9w0BAQsFAAOCAQEAhwb1KpxaPa2P
4giCoXqzIguzG6G7Q7HMTexWMqWiGy+/rD3zS7kGrnapyn3zHKThS3H5dM484kA0
4brSVcSCxCwa5S5QIayEoi7q59vFIAD2QC8LVlpscaOjOv8Zj1ZPKZi3gp1pN/9o
/aR4EZwKKlVXrh6ukN1rv/LFAFamaGVoGoi6cZmp2KL+9c5vzljFHjHIP6VomP1P
VXSR1GF2y0dW+wAPHF4WYirlZSAiLgrkPmNcyufFmGJFEaWnGhotuYXPaITnZkmB
LgT9iELXGqaSR01ZIUQ4S1+hc/wV2+rCwgMcRZnhCU1hjLfkRSB2Gshd5khAdg9r
ewIhFFpbmQ==
-----END CERTIFICATE-----