Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3x4tS9NitiuARQIdw1CxIOVTAmU.cer
File:                     3x4tS9NitiuARQIdw1CxIOVTAmU.cer (raw, json)
Hash identifier:          cByK+hKImvakGJNGG8c8QK3A+0rehcLu5XBdd8BIRFQ=
Subject key identifier:   DF:1E:2D:4B:D3:62:B6:2B:80:45:02:1D:C3:50:B1:20:E5:53:02:65
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0194214424F781781C94887D4F829BE1A994
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/79/2879fb-629c-4abf-a35f-03afae688657/1/3x4tS9NitiuARQIdw1CxIOVTAmU.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/79/2879fb-629c-4abf-a35f-03afae688657/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 09:48:21 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 62282
                          IP: 37.156.216.0/21
                          IP: 185.38.164.0/22
                          IP: 185.79.244.0/22
                          IP: 185.175.176.0/22
                          IP: 185.193.24.0/22
                          IP: 2a01:41a0::/32
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:21:44:24:f7:81:78:1c:94:88:7d:4f:82:9b:e1:a9:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 09:48:21 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=df1e2d4bd362b62b8045021dc350b120e5530265
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:7e:26:7c:3c:22:87:bd:00:e8:56:db:7c:5e:
                    3b:54:67:67:81:7d:53:59:64:72:a1:1e:6e:de:5b:
                    c1:71:0e:00:93:4a:74:18:7a:78:92:01:8e:e9:2c:
                    f8:7b:36:65:64:45:4f:83:4e:c8:ed:08:56:45:e1:
                    b0:9a:05:4b:36:07:ad:96:d2:2c:7d:e0:74:d0:60:
                    56:e0:0f:1f:21:11:44:c5:b9:89:42:ab:cf:70:6c:
                    58:26:b3:3b:f9:74:b2:3a:e9:ae:6e:84:13:18:91:
                    d4:e0:3b:d4:e6:8b:6a:ed:d0:34:75:c4:40:34:ec:
                    90:d3:a6:6f:43:45:04:a2:47:18:27:31:00:b9:05:
                    9a:91:20:c9:f6:40:c3:0c:b2:dd:30:5f:cf:da:99:
                    da:48:6a:41:61:8d:66:e3:d4:26:0e:2a:b8:cb:13:
                    dc:fc:17:5f:bb:bf:b4:5c:f5:26:7a:7f:28:b6:86:
                    f2:ec:0a:a7:3f:d6:3d:eb:dd:02:c5:1d:91:cf:43:
                    6a:5d:73:16:40:8a:60:80:42:82:a4:75:27:fe:0f:
                    d4:03:cf:b0:81:9f:1a:d8:0c:9c:4e:65:75:f9:15:
                    5f:83:fd:9e:bc:d6:a3:b9:f8:c8:74:69:21:ed:03:
                    96:fd:1d:0a:81:87:5e:12:60:6b:b6:fc:98:87:45:
                    ee:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:1E:2D:4B:D3:62:B6:2B:80:45:02:1D:C3:50:B1:20:E5:53:02:65
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/2879fb-629c-4abf-a35f-03afae688657/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/2879fb-629c-4abf-a35f-03afae688657/1/3x4tS9NitiuARQIdw1CxIOVTAmU.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.156.216.0/21
                  185.38.164.0/22
                  185.79.244.0/22
                  185.175.176.0/22
                  185.193.24.0/22
                IPv6:
                  2a01:41a0::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  62282

    Signature Algorithm: sha256WithRSAEncryption
         02:e1:4e:a5:f8:e3:7d:1b:4d:26:34:c9:d0:b4:05:3b:b0:4f:
         ef:15:36:20:e1:22:8f:90:b9:01:bf:67:0c:02:e5:aa:6c:78:
         03:82:dc:4d:93:27:31:c1:e3:00:02:df:0c:c9:1d:13:f4:6d:
         91:40:d1:ef:52:2a:ec:7c:1a:7b:db:9f:f1:1f:fa:84:0f:76:
         b9:0e:61:52:da:2e:53:36:98:fe:1e:2a:e5:60:71:59:aa:38:
         76:29:7c:85:1b:2c:cd:1e:0c:b5:1b:f2:6b:51:e4:f1:19:ac:
         cb:cf:5c:1a:86:ee:b7:0c:0e:b5:e4:79:a1:b6:04:1d:77:ae:
         a8:d9:c9:94:a3:cf:cb:ef:3a:ad:84:ea:44:71:f8:6e:a0:fe:
         d1:b9:d4:bd:9b:78:e0:f2:94:1e:69:b9:52:36:80:c3:86:ee:
         fb:5b:9f:b8:49:5b:7c:87:e2:15:a3:f4:d1:4b:70:c9:40:33:
         05:00:2a:e8:83:0a:ce:c5:11:e5:a3:f4:dd:86:37:37:fc:7f:
         41:bc:e9:e6:bb:1c:54:ea:b7:ef:98:cc:48:cd:e5:0d:5c:eb:
         a2:bd:4a:d4:65:ad:3c:ca:f8:a1:5c:91:5c:57:93:fe:16:f1:
         ef:f2:64:a3:66:a2:e3:27:09:4e:f1:a1:16:5e:f7:e4:f8:d8:
         a8:48:13:e2
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAZQhRCT3gXgclIh9T4Kb4amUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDk0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjFlMmQ0YmQzNjJiNjJiODA0NTAyMWRjMzUwYjEyMGU1NTMwMjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzH4mfDwih70A6FbbfF47VGdngX1T
WWRyoR5u3lvBcQ4Ak0p0GHp4kgGO6Sz4ezZlZEVPg07I7QhWReGwmgVLNgetltIs
feB00GBW4A8fIRFExbmJQqvPcGxYJrM7+XSyOumuboQTGJHU4DvU5otq7dA0dcRA
NOyQ06ZvQ0UEokcYJzEAuQWakSDJ9kDDDLLdMF/P2pnaSGpBYY1m49QmDiq4yxPc
/Bdfu7+0XPUmen8otoby7AqnP9Y9690CxR2Rz0NqXXMWQIpggEKCpHUn/g/UA8+w
gZ8a2AycTmV1+RVfg/2evNajufjIdGkh7QOW/R0KgYdeEmBrtvyYh0XuCQIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFN8eLUvTYrYrgEUCHcNQsSDlUwJlMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc5LzI4Nzlm
Yi02MjljLTRhYmYtYTM1Zi0wM2FmYWU2ODg2NTcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkvMjg3OWZi
LTYyOWMtNGFiZi1hMzVmLTAzYWZhZTY4ODY1Ny8xLzN4NHRTOU5pdGl1QVJRSWR3
MUN4SU9WVEFtVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEYGCCsGAQUF
BwEHAQH/BDcwNTAkBAIAATAeAwQDJZzYAwQCuSakAwQCuU/0AwQCua+wAwQCucEY
MA0EAgACMAcDBQAqAUGgMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwDzSjANBgkq
hkiG9w0BAQsFAAOCAQEAAuFOpfjjfRtNJjTJ0LQFO7BP7xU2IOEij5C5Ab9nDALl
qmx4A4LcTZMnMcHjAALfDMkdE/RtkUDR71Iq7Hwae9uf8R/6hA92uQ5hUtouUzaY
/h4q5WBxWao4dil8hRsszR4MtRvya1Hk8Rmsy89cGobutwwOteR5obYEHXeuqNnJ
lKPPy+86rYTqRHH4bqD+0bnUvZt44PKUHmm5UjaAw4bu+1ufuElbfIfiFaP00Utw
yUAzBQAq6IMKzsUR5aP03YY3N/x/Qbzp5rscVOq375jMSM3lDVzror1K1GWtPMr4
oVyRXFeT/hbx7/Jko2ai4ycJTvGhFl735PjYqEgT4g==
-----END CERTIFICATE-----