Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7ZAKVVGLZ57cePqpiD7G5gNa5xw.cer
File:                     7ZAKVVGLZ57cePqpiD7G5gNa5xw.cer (raw, json)
Hash identifier:          EyX6AcTlQbABLvpyNzUSt0hy0xA+Zbt01rXNo7SNQoA=
Subject key identifier:   ED:90:0A:55:51:8B:67:9E:DC:78:FA:A9:88:3E:C6:E6:03:5A:E7:1C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019427B5C244BB4AC751509DA0D79E6A5240
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/0a/fbfacc-a4f0-4bdb-abbb-0f73661d5f35/1/7ZAKVVGLZ57cePqpiD7G5gNa5xw.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/0a/fbfacc-a4f0-4bdb-abbb-0f73661d5f35/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 15:50:10 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 215472
                          IP: 2001:678:b74::/48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:27:b5:c2:44:bb:4a:c7:51:50:9d:a0:d7:9e:6a:52:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 15:50:10 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=ed900a55518b679edc78faa9883ec6e6035ae71c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:cf:35:2b:81:3d:56:83:08:b1:84:0a:a1:37:
                    1d:92:67:63:f0:02:7f:32:a3:8b:07:61:7b:66:22:
                    ea:84:59:f9:ec:d4:4f:a9:f5:67:bc:a0:b6:cf:93:
                    de:f2:57:d2:89:84:64:58:26:66:59:84:91:6d:dc:
                    d1:a4:7e:22:1e:1b:21:16:c3:0c:75:d2:63:47:15:
                    df:40:8e:e0:0a:6c:d9:19:e6:b3:ed:c4:aa:25:81:
                    48:07:5a:82:3a:8b:1c:6c:a5:e2:84:56:63:4e:94:
                    f8:bf:da:0b:5a:69:3d:2c:3c:62:00:49:08:3a:21:
                    fa:2c:ac:b3:ee:6f:c8:e9:63:bb:15:fa:cc:72:e1:
                    1f:be:ab:06:5c:99:13:0d:e7:69:a5:8b:ac:c7:bf:
                    31:d3:98:2e:f3:21:51:c3:f7:c8:da:69:e6:9d:56:
                    55:78:ae:9e:31:35:45:e5:da:1e:80:82:0b:ee:74:
                    49:c2:55:ad:5f:83:62:9b:bd:d3:9d:f5:dd:76:5f:
                    1e:7a:ca:65:09:62:cf:c2:f3:9b:7a:36:6c:e2:6c:
                    6c:16:5c:01:e8:33:20:3e:29:a7:1c:85:dc:7d:41:
                    c0:8d:1d:d9:07:5a:3b:8d:7e:ae:00:86:91:67:32:
                    35:3c:99:9f:6b:82:3e:c4:47:5f:96:3e:e5:71:2b:
                    6d:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:90:0A:55:51:8B:67:9E:DC:78:FA:A9:88:3E:C6:E6:03:5A:E7:1C
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/fbfacc-a4f0-4bdb-abbb-0f73661d5f35/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/fbfacc-a4f0-4bdb-abbb-0f73661d5f35/1/7ZAKVVGLZ57cePqpiD7G5gNa5xw.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:b74::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  215472

    Signature Algorithm: sha256WithRSAEncryption
         30:6b:c1:87:cf:15:4a:a4:a2:73:f7:0e:44:1b:31:4f:62:a5:
         1c:42:01:b6:e2:ee:fd:a1:27:fd:2e:b5:23:a0:a6:6f:59:6a:
         34:f5:07:0d:0a:ac:fb:93:2d:66:56:8c:26:b4:f0:b9:b6:fd:
         ab:00:3e:6f:68:7e:ba:39:36:53:e2:b5:1f:cd:be:83:85:5e:
         a5:22:e6:4c:29:dc:1c:c5:49:1f:01:12:64:35:33:e2:2c:2f:
         79:79:84:2d:47:f2:f0:21:8f:42:87:42:e9:0d:99:16:45:6a:
         ab:c8:04:ab:a8:43:bd:20:85:b2:a7:0c:59:51:2b:f6:9f:54:
         ce:fe:19:66:2f:c5:f5:8e:8d:7a:17:d0:c4:90:c6:84:af:79:
         61:58:68:81:12:6e:9c:09:45:25:4f:6e:25:3f:62:35:e5:c5:
         9f:48:f3:87:58:37:7a:92:ae:e3:1a:39:c8:1d:dd:55:ff:7b:
         b1:45:0b:47:a3:ca:df:b8:95:c9:87:5e:08:5f:00:e0:2c:78:
         7d:df:73:d0:ba:c0:97:2d:bf:6d:88:75:46:41:78:a2:fb:32:
         a8:72:16:50:c2:04:0f:75:7e:8d:cd:b6:3a:59:af:ef:99:1e:
         11:54:d0:32:85:9a:97:51:64:38:99:f5:cb:84:c1:cb:3b:20:
         6c:5a:82:7c
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAZQntcJEu0rHUVCdoNeealJAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTU1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDkwMGE1NTUxOGI2NzllZGM3OGZhYTk4ODNlYzZlNjAzNWFlNzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArs81K4E9VoMIsYQKoTcdkmdj8AJ/
MqOLB2F7ZiLqhFn57NRPqfVnvKC2z5Pe8lfSiYRkWCZmWYSRbdzRpH4iHhshFsMM
ddJjRxXfQI7gCmzZGeaz7cSqJYFIB1qCOoscbKXihFZjTpT4v9oLWmk9LDxiAEkI
OiH6LKyz7m/I6WO7FfrMcuEfvqsGXJkTDedppYusx78x05gu8yFRw/fI2mnmnVZV
eK6eMTVF5doegIIL7nRJwlWtX4Nim73TnfXddl8eesplCWLPwvObejZs4mxsFlwB
6DMgPimnHIXcfUHAjR3ZB1o7jX6uAIaRZzI1PJmfa4I+xEdflj7lcSttAQIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFO2QClVRi2ee3Hj6qYg+xuYDWuccMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBhL2ZiZmFj
Yy1hNGYwLTRiZGItYWJiYi0wZjczNjYxZDVmMzUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEvZmJmYWNj
LWE0ZjAtNGJkYi1hYmJiLTBmNzM2NjFkNWYzNS8xLzdaQUtWVkdMWjU3Y2VQcXBp
RDdHNWdOYTV4dy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAt0MBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwNJsDANBgkqhkiG9w0BAQsFAAOCAQEAMGvBh88VSqSic/cORBsxT2KlHEIB
tuLu/aEn/S61I6Cmb1lqNPUHDQqs+5MtZlaMJrTwubb9qwA+b2h+ujk2U+K1H82+
g4VepSLmTCncHMVJHwESZDUz4iwveXmELUfy8CGPQodC6Q2ZFkVqq8gEq6hDvSCF
sqcMWVEr9p9Uzv4ZZi/F9Y6NehfQxJDGhK95YVhogRJunAlFJU9uJT9iNeXFn0jz
h1g3epKu4xo5yB3dVf97sUULR6PK37iVyYdeCF8A4Cx4fd9z0LrAly2/bYh1RkF4
ovsyqHIWUMIED3V+jc22Olmv75keEVTQMoWal1FkOJn1y4TByzsgbFqCfA==
-----END CERTIFICATE-----