Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6_q_pigGP2uOmIhWb18_z6eYxiE.cer
File:                     6_q_pigGP2uOmIhWb18_z6eYxiE.cer (raw, json)
Hash identifier:          PHpeNH0qNyBTllXisIXOdoiaO+l1GS+fgTLXq52fnPg=
Subject key identifier:   EB:FA:BF:A6:28:06:3F:6B:8E:98:88:56:6F:5F:3F:CF:A7:98:C6:21
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0194228D4388A8F2766E91B1E1C2598F9BEE
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/bd/a3a311-3784-4818-abf9-e5fd6e9842ab/1/6_q_pigGP2uOmIhWb18_z6eYxiE.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/bd/a3a311-3784-4818-abf9-e5fd6e9842ab/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 15:47:50 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    IP: 80.79.144.0/20
                          IP: 185.125.156.0/22
                          IP: 2a06:b900::/29
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:22:8d:43:88:a8:f2:76:6e:91:b1:e1:c2:59:8f:9b:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 15:47:50 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=ebfabfa628063f6b8e9888566f5f3fcfa798c621
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:30:71:c7:ee:a7:60:89:ff:7c:3f:37:1e:7e:
                    61:bf:43:67:35:92:43:47:54:db:d8:3a:4c:fc:68:
                    b9:bc:d5:b3:39:52:ba:bf:da:71:ef:a8:07:82:4e:
                    72:ee:0f:8c:90:df:6d:59:5e:77:1e:06:5c:f3:96:
                    5f:04:26:1b:19:19:ee:21:86:80:b7:67:72:85:ce:
                    b8:de:54:03:3c:0f:3e:ee:00:c9:6d:bb:a6:b9:7c:
                    75:ed:45:0a:48:c5:bd:c9:39:ca:bd:0d:82:5a:f3:
                    17:3a:a7:e1:a7:e4:33:a7:cc:36:2d:a0:86:01:31:
                    9b:83:37:86:1f:61:7c:a8:0e:cd:4b:78:d0:cb:66:
                    81:09:16:b7:cb:cf:69:00:50:95:1b:a2:cf:05:53:
                    1b:ec:36:5b:c1:28:48:9c:f0:98:e1:03:57:52:48:
                    a9:d1:32:6c:85:ae:a1:4c:b0:22:d5:2b:f8:ee:b0:
                    7c:97:83:a8:bd:8b:3a:ad:d5:08:03:b1:ba:88:32:
                    49:20:86:8a:e0:02:0b:0f:1c:6e:5b:5c:24:3d:66:
                    60:5a:32:fe:3e:1c:a3:67:1d:dd:06:82:3d:d7:f6:
                    4b:38:74:d6:7a:4d:cd:64:b3:76:bd:e6:29:6a:b7:
                    d2:3a:cc:b9:fc:e8:fc:7b:f0:aa:72:57:b1:e6:f6:
                    c7:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:FA:BF:A6:28:06:3F:6B:8E:98:88:56:6F:5F:3F:CF:A7:98:C6:21
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a3a311-3784-4818-abf9-e5fd6e9842ab/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a3a311-3784-4818-abf9-e5fd6e9842ab/1/6_q_pigGP2uOmIhWb18_z6eYxiE.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.79.144.0/20
                  185.125.156.0/22
                IPv6:
                  2a06:b900::/29

    Signature Algorithm: sha256WithRSAEncryption
         44:5b:53:1d:6e:42:16:ae:bc:07:7a:cc:23:df:28:f6:7c:72:
         65:56:59:2f:d7:b5:e3:e0:e1:21:4e:16:27:cd:2d:d6:7b:9f:
         5f:6f:6e:4e:cc:42:15:c2:f2:d1:61:29:04:7b:d5:e2:55:5c:
         36:4e:31:37:30:a3:b6:9b:8a:c9:ae:fd:d2:f0:20:b5:0d:e6:
         71:5d:c1:b4:49:69:17:64:65:1f:87:ca:4b:ae:cb:88:2e:85:
         be:3e:29:36:73:9f:4c:a2:4a:b3:ad:96:a8:7e:33:3f:b5:b1:
         63:14:0d:f5:33:4e:cd:4e:54:2d:2b:6b:95:d1:80:91:40:e9:
         0a:e9:a0:a0:06:f9:72:9a:52:b6:f1:a1:c1:1c:6f:93:bc:26:
         75:01:88:5c:73:d3:03:d1:2e:8b:fb:c1:13:27:a8:80:19:b8:
         fa:14:29:75:6f:61:39:1b:ba:27:54:01:64:54:12:d5:74:57:
         65:af:b2:48:7c:d8:31:2f:d3:e0:58:07:34:d6:c2:04:0b:d5:
         4a:66:eb:52:07:98:06:84:af:44:64:98:1d:ba:de:f3:1e:d0:
         54:af:1d:11:41:18:66:98:c8:42:38:65:22:ea:65:2b:62:38:
         42:88:d2:fd:41:5e:7c:e8:ed:c4:1b:cc:2d:f2:1e:27:26:77:
         7d:05:f5:ed
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAZQijUOIqPJ2bpGx4cJZj5vuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTU0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmZhYmZhNjI4MDYzZjZiOGU5ODg4NTY2ZjVmM2ZjZmE3OThjNjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTBxx+6nYIn/fD83Hn5hv0NnNZJD
R1Tb2DpM/Gi5vNWzOVK6v9px76gHgk5y7g+MkN9tWV53HgZc85ZfBCYbGRnuIYaA
t2dyhc643lQDPA8+7gDJbbumuXx17UUKSMW9yTnKvQ2CWvMXOqfhp+Qzp8w2LaCG
ATGbgzeGH2F8qA7NS3jQy2aBCRa3y89pAFCVG6LPBVMb7DZbwShInPCY4QNXUkip
0TJsha6hTLAi1Sv47rB8l4OovYs6rdUIA7G6iDJJIIaK4AILDxxuW1wkPWZgWjL+
PhyjZx3dBoI91/ZLOHTWek3NZLN2veYparfSOsy5/Oj8e/Cqclex5vbH8QIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFOv6v6YoBj9rjpiIVm9fP8+nmMYhMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JkL2EzYTMx
MS0zNzg0LTQ4MTgtYWJmOS1lNWZkNmU5ODQyYWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQvYTNhMzEx
LTM3ODQtNDgxOC1hYmY5LWU1ZmQ2ZTk4NDJhYi8xLzZfcV9waWdHUDJ1T21JaFdi
MThfejZlWXhpRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQEUE+QAwQCuX2cMA0EAgACMAcDBQMqBrkAMA0G
CSqGSIb3DQEBCwUAA4IBAQBEW1MdbkIWrrwHeswj3yj2fHJlVlkv17Xj4OEhThYn
zS3We59fb25OzEIVwvLRYSkEe9XiVVw2TjE3MKO2m4rJrv3S8CC1DeZxXcG0SWkX
ZGUfh8pLrsuILoW+Pik2c59MokqzrZaofjM/tbFjFA31M07NTlQtK2uV0YCRQOkK
6aCgBvlymlK28aHBHG+TvCZ1AYhcc9MD0S6L+8ETJ6iAGbj6FCl1b2E5G7onVAFk
VBLVdFdlr7JIfNgxL9PgWAc01sIEC9VKZutSB5gGhK9EZJgdut7zHtBUrx0RQRhm
mMhCOGUi6mUrYjhCiNL9QV586O3EG8wt8h4nJnd9BfXt
-----END CERTIFICATE-----