Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3GsGuFW_l8OXvbhRaUS02xhmP5I.cer
File:                     3GsGuFW_l8OXvbhRaUS02xhmP5I.cer (raw, json)
Hash identifier:          liIWWamkSPhIk7vDXeks8e33kxOTgbPcgA29BWki7cg=
Subject key identifier:   DC:6B:06:B8:55:BF:97:C3:97:BD:B8:51:69:44:B4:DB:18:66:3F:92
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01941F9F33D222FB63EA24A6D74AF448E887
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/39721b99-0b2e-4f77-9a2f-8c335a3e27ad/0/DC6B06B855BF97C397BDB8516944B4DB18663F92.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/39721b99-0b2e-4f77-9a2f-8c335a3e27ad/0/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 02:08:34 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 197919
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:1f:9f:33:d2:22:fb:63:ea:24:a6:d7:4a:f4:48:e8:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 02:08:34 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=dc6b06b855bf97c397bdb8516944b4db18663f92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:cf:ea:7f:a8:60:00:17:23:4a:35:1a:66:f7:
                    bc:9d:70:ff:71:d7:51:d2:f1:f6:ab:74:be:06:43:
                    3b:50:3c:21:65:f0:80:f5:44:d9:f8:30:a3:0b:78:
                    55:ae:24:b8:4f:04:44:ff:8d:fc:46:2c:10:b8:6d:
                    7c:17:dd:bb:46:e8:00:86:46:5e:fc:82:ec:d6:c4:
                    92:45:73:35:dc:8f:ae:db:eb:70:f1:c4:cc:7b:c0:
                    31:be:09:d4:b4:dc:d8:96:01:6f:ca:5e:72:cb:e5:
                    61:6c:6e:05:5a:80:8a:4d:39:f1:c6:56:d0:78:30:
                    18:b1:e2:e7:d0:f5:6e:89:b4:04:10:04:71:d2:1b:
                    ac:33:08:95:cc:16:fd:77:22:24:31:3d:c2:5b:58:
                    ab:42:ec:67:c8:df:18:c5:f8:89:94:72:66:80:36:
                    c7:d1:a0:20:5c:2c:fc:22:a2:a1:ee:3c:cf:e5:41:
                    1a:2c:f7:63:81:db:52:fd:3e:3f:cb:14:ee:f2:59:
                    df:92:c2:a4:f2:5b:cd:7b:0f:00:ef:a6:a7:ec:80:
                    64:0b:5d:e0:2c:a9:13:6a:04:32:76:ce:56:8f:76:
                    3e:1b:5b:a0:65:bf:b8:33:0f:da:89:57:35:47:a6:
                    79:16:dc:a9:b9:11:af:b0:ea:f2:2c:bc:00:c2:40:
                    09:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:6B:06:B8:55:BF:97:C3:97:BD:B8:51:69:44:B4:DB:18:66:3F:92
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/39721b99-0b2e-4f77-9a2f-8c335a3e27ad/0/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/39721b99-0b2e-4f77-9a2f-8c335a3e27ad/0/DC6B06B855BF97C397BDB8516944B4DB18663F92.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  197919

    Signature Algorithm: sha256WithRSAEncryption
         57:1a:2f:3f:48:d1:a0:27:f3:31:35:16:62:33:b7:86:e9:58:
         d0:60:80:01:05:b0:28:da:11:d7:06:1b:f1:b8:df:59:fa:97:
         19:d5:c8:17:fe:68:d0:b4:e4:ac:43:95:74:eb:ad:0c:3f:5f:
         00:85:4f:1a:87:eb:2a:19:13:8b:df:9b:95:83:5b:81:03:49:
         26:91:aa:3d:46:c5:b1:59:bb:23:a5:ea:a6:30:d5:af:f2:3e:
         24:2c:bc:1b:80:97:13:c4:3e:9e:39:c0:63:6a:cf:39:45:5f:
         a7:55:eb:47:84:ad:68:9d:10:1a:de:87:77:2b:13:47:9d:15:
         6c:46:26:ef:2d:f8:a5:b3:a8:57:00:6a:b3:c9:6c:24:b5:74:
         3e:86:10:9b:89:3c:8b:a7:e6:48:80:94:52:5d:43:2a:7b:ab:
         08:f1:68:f9:c0:cd:1a:df:91:d4:55:2a:2d:84:94:12:6e:07:
         1c:2e:32:ba:64:fa:10:5e:68:06:83:3f:a1:23:46:62:84:3b:
         cd:80:55:1e:8d:39:43:36:32:d8:e9:34:a9:0d:68:05:b9:b6:
         9d:98:91:9f:58:13:19:5c:33:70:f9:dd:ba:95:7a:d6:1c:20:
         50:d8:01:1c:b5:41:de:37:60:4c:23:4b:e9:6a:ab:eb:89:0a:
         a6:15:98:4d
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAZQfnzPSIvtj6iSm10r0SOiHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDIwODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzZiMDZiODU1YmY5N2MzOTdiZGI4NTE2OTQ0YjRkYjE4NjYzZjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8/qf6hgABcjSjUaZve8nXD/cddR
0vH2q3S+BkM7UDwhZfCA9UTZ+DCjC3hVriS4TwRE/438RiwQuG18F927RugAhkZe
/ILs1sSSRXM13I+u2+tw8cTMe8AxvgnUtNzYlgFvyl5yy+VhbG4FWoCKTTnxxlbQ
eDAYseLn0PVuibQEEARx0husMwiVzBb9dyIkMT3CW1irQuxnyN8YxfiJlHJmgDbH
0aAgXCz8IqKh7jzP5UEaLPdjgdtS/T4/yxTu8lnfksKk8lvNew8A76an7IBkC13g
LKkTagQyds5Wj3Y+G1ugZb+4Mw/aiVc1R6Z5FtypuRGvsOryLLwAwkAJaQIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFNxrBrhVv5fDl724UWlEtNsYZj+SMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzM5NzIx
Yjk5LTBiMmUtNGY3Ny05YTJmLThjMzM1YTNlMjdhZC8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzk3
MjFiOTktMGIyZS00Zjc3LTlhMmYtOGMzMzVhM2UyN2FkLzAvREM2QjA2Qjg1NUJG
OTdDMzk3QkRCODUxNjk0NEI0REIxODY2M0Y5Mi5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDBR8w
DQYJKoZIhvcNAQELBQADggEBAFcaLz9I0aAn8zE1FmIzt4bpWNBggAEFsCjaEdcG
G/G431n6lxnVyBf+aNC05KxDlXTrrQw/XwCFTxqH6yoZE4vfm5WDW4EDSSaRqj1G
xbFZuyOl6qYw1a/yPiQsvBuAlxPEPp45wGNqzzlFX6dV60eErWidEBreh3crE0ed
FWxGJu8t+KWzqFcAarPJbCS1dD6GEJuJPIun5kiAlFJdQyp7qwjxaPnAzRrfkdRV
Ki2ElBJuBxwuMrpk+hBeaAaDP6EjRmKEO82AVR6NOUM2MtjpNKkNaAW5tp2YkZ9Y
ExlcM3D53bqVetYcIFDYARy1Qd43YEwjS+lqq+uJCqYVmE0=
-----END CERTIFICATE-----