Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
File:                     7qArGX269963Tgon2dTs0_rh6O0.cer (raw, json)
Hash identifier:          AoAEwdNHhKipwcfvVTMe96s/gxoPSjc1DgzEU1Q8Acw=
Subject key identifier:   EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019427B69497F31B8A8C69F0F79A1597E152
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 15:51:04 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 208002
                          IP: 104.247.160.0/19
                          IP: 185.73.128.0/22
                          IP: 185.137.212.0/22
                          IP: 2a03:a5a0::/32
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:27:b6:94:97:f3:1b:8a:8c:69:f0:f7:9a:15:97:e1:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 15:51:04 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:1a:03:cf:2d:75:02:ec:ea:e9:4f:fe:f3:cf:
                    5c:fb:aa:96:72:1d:4e:bf:43:ed:4c:c7:60:e5:51:
                    03:8f:00:27:63:a8:70:37:38:28:b0:0e:80:53:1f:
                    84:96:00:1e:96:0a:5f:75:e3:75:7c:46:21:b4:01:
                    a8:bc:a7:77:86:02:7b:6e:9a:30:2a:e0:84:c4:d4:
                    37:c0:06:0c:e1:5e:89:70:0b:42:2a:f0:8e:b2:ff:
                    8f:4e:e3:75:f4:b8:d1:3b:dd:93:f0:96:34:a1:8b:
                    71:6a:87:ab:92:49:3e:fd:a6:b6:d0:ec:e0:44:cb:
                    f4:9e:5e:56:00:b1:21:df:07:f7:1a:03:b2:26:b8:
                    7b:9e:f6:bb:7d:34:f8:c6:10:58:6b:97:10:8a:de:
                    f6:fd:fc:09:b2:e6:90:2e:77:ca:47:8b:b2:5f:26:
                    2d:cd:a9:31:6b:5e:59:39:58:51:fe:55:cd:48:ad:
                    ae:56:6a:94:08:25:15:07:02:e0:9f:89:22:5d:11:
                    3d:cb:51:d4:86:b5:2b:c9:c2:ef:d1:1d:c5:83:b6:
                    e3:65:c3:11:ff:01:ed:57:c9:7d:8d:4d:76:a3:9c:
                    96:84:20:5a:59:d1:35:b3:1c:b3:97:5e:cd:c7:69:
                    8a:39:32:94:2f:9e:d6:c5:3e:84:d7:44:f9:7b:fc:
                    cd:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.247.160.0/19
                  185.73.128.0/22
                  185.137.212.0/22
                IPv6:
                  2a03:a5a0::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  208002

    Signature Algorithm: sha256WithRSAEncryption
         19:fe:d2:32:e8:14:c9:ac:cf:a3:a8:05:f6:18:b9:6f:c6:f5:
         e0:01:70:03:0b:0f:8a:68:a3:6c:65:8c:c4:fe:a4:38:0f:59:
         fa:6f:ef:ca:7a:ca:cd:fd:c2:68:af:23:0e:d4:94:f0:be:b1:
         28:c1:14:cb:91:b1:14:86:8e:21:77:f4:c9:c3:ef:2e:54:01:
         b7:85:27:35:97:3c:83:2c:74:ed:aa:ec:77:4d:43:22:b2:6c:
         00:cd:b7:d1:94:bc:24:d0:ae:84:ac:39:99:29:bb:d8:7c:fd:
         7e:26:75:aa:ef:fb:59:83:42:35:67:68:6e:c0:e7:39:d3:90:
         80:6f:22:a9:f8:86:b4:10:70:9a:77:9c:08:27:4e:eb:75:b8:
         4d:ad:54:9d:a8:1a:8a:14:2f:88:31:56:1e:be:15:87:2f:5f:
         b9:7d:10:43:d8:fa:20:64:f0:2a:ff:e3:7c:d0:29:79:68:b1:
         57:e0:e7:53:d2:fd:d5:41:0f:35:00:0a:04:4f:65:f0:42:72:
         ae:89:7c:2d:cd:2c:92:f6:c7:c9:18:2d:2d:94:a1:7d:07:72:
         7c:02:de:09:ee:3c:25:4c:e3:5d:6e:6d:cb:77:78:ce:93:f2:
         f6:6c:55:5a:ee:a8:47:a0:94:1a:83:05:dc:8c:86:01:07:21:
         77:7b:03:9d
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAZQntpSX8xuKjGnw95oVl+FSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTU1MTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWEwMmIxOTdkYmFmN2RlYjc0ZTBhMjdkOWQ0ZWNkM2ZhZTFlOGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxoDzy11Auzq6U/+889c+6qWch1O
v0PtTMdg5VEDjwAnY6hwNzgosA6AUx+ElgAelgpfdeN1fEYhtAGovKd3hgJ7bpow
KuCExNQ3wAYM4V6JcAtCKvCOsv+PTuN19LjRO92T8JY0oYtxaoerkkk+/aa20Ozg
RMv0nl5WALEh3wf3GgOyJrh7nva7fTT4xhBYa5cQit72/fwJsuaQLnfKR4uyXyYt
zakxa15ZOVhR/lXNSK2uVmqUCCUVBwLgn4kiXRE9y1HUhrUrycLv0R3Fg7bjZcMR
/wHtV8l9jU12o5yWhCBaWdE1sxyzl17Nx2mKOTKUL57WxT6E10T5e/zNRQIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFO6gKxl9uvfet04KJ9nU7NP64ejtMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA5Lzk3MWIx
MS0yODBlLTRjZWQtYjk5Yy1iYmNjYWI5MTNiNWQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkvOTcxYjEx
LTI4MGUtNGNlZC1iOTljLWJiY2NhYjkxM2I1ZC8xLzdxQXJHWDI2OTk2M1Rnb24y
ZFRzMF9yaDZPMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF
BwEHAQH/BCswKTAYBAIAATASAwQFaPegAwQCuUmAAwQCuYnUMA0EAgACMAcDBQAq
A6WgMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMsgjANBgkqhkiG9w0BAQsFAAOC
AQEAGf7SMugUyazPo6gF9hi5b8b14AFwAwsPimijbGWMxP6kOA9Z+m/vynrKzf3C
aK8jDtSU8L6xKMEUy5GxFIaOIXf0ycPvLlQBt4UnNZc8gyx07arsd01DIrJsAM23
0ZS8JNCuhKw5mSm72Hz9fiZ1qu/7WYNCNWdobsDnOdOQgG8iqfiGtBBwmnecCCdO
63W4Ta1UnagaihQviDFWHr4Vhy9fuX0QQ9j6IGTwKv/jfNApeWixV+DnU9L91UEP
NQAKBE9l8EJyrol8Lc0skvbHyRgtLZShfQdyfALeCe48JUzjXW5ty3d4zpPy9mxV
Wu6oR6CUGoMF3IyGAQchd3sDnQ==
-----END CERTIFICATE-----