Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/E-37kQ__5H1RrZ0PiDsbZJZp4TU.cer
File:                     E-37kQ__5H1RrZ0PiDsbZJZp4TU.cer (raw, json)
Hash identifier:          cOjOyMZ6GTr5muAQl2R+xMeOWZ1cHtBCraZOzPsb5KI=
Subject key identifier:   13:ED:FB:91:0F:FF:E4:7D:51:AD:9D:0F:88:3B:1B:64:96:69:E1:35
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019425FDBB932EBBC8017091E1B1A951D2B2
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/55/143b5c-c5ab-4d98-ae4b-d141a8692039/1/E-37kQ__5H1RrZ0PiDsbZJZp4TU.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/55/143b5c-c5ab-4d98-ae4b-d141a8692039/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 07:49:33 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 211361
                          IP: 194.48.176.0/22
                          IP: 2a07:5d00::/29
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:25:fd:bb:93:2e:bb:c8:01:70:91:e1:b1:a9:51:d2:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 07:49:33 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=13edfb910fffe47d51ad9d0f883b1b649669e135
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:30:f5:e9:d7:eb:18:5d:97:db:16:d7:20:63:
                    b8:ae:9e:b8:46:59:9b:be:f6:fa:e8:4e:d2:56:41:
                    df:f4:3a:1d:25:57:15:ce:7f:8b:28:17:8b:5e:6d:
                    2f:ba:75:e2:76:f8:af:e9:96:71:cd:38:07:b2:d2:
                    42:fc:1e:b4:22:b0:f3:de:0b:6d:8e:86:8c:b2:b3:
                    bf:dc:55:3a:9e:87:f4:da:51:bb:98:7e:d3:7b:2a:
                    bb:76:36:5f:d9:3c:5b:85:75:53:1d:98:61:22:16:
                    1f:e4:05:88:f9:b7:aa:bd:d6:a8:2e:a3:f6:47:a8:
                    9f:5f:40:8e:63:69:a4:ae:d2:e5:5a:6a:1e:6e:f3:
                    e5:98:2c:d0:22:bd:8e:31:ee:e4:e4:11:17:52:fd:
                    db:68:fc:e2:d3:72:4e:d4:9d:ba:6a:86:43:ba:2d:
                    99:55:79:45:7d:57:e4:a0:4d:99:f0:da:50:15:c9:
                    58:ba:72:23:ca:73:28:3b:0c:80:b1:84:ae:7c:5b:
                    80:ab:9f:c5:e2:80:b9:2c:c3:91:25:c8:6d:51:dd:
                    3d:45:86:31:f4:34:cb:26:2f:14:ee:7a:ba:02:6d:
                    2d:94:1c:3f:53:c3:4c:9e:48:81:1a:3f:f6:4c:ef:
                    e1:91:f1:f9:a2:75:19:7d:d8:8d:5f:72:1b:54:37:
                    e0:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:ED:FB:91:0F:FF:E4:7D:51:AD:9D:0F:88:3B:1B:64:96:69:E1:35
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/143b5c-c5ab-4d98-ae4b-d141a8692039/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/143b5c-c5ab-4d98-ae4b-d141a8692039/1/E-37kQ__5H1RrZ0PiDsbZJZp4TU.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.48.176.0/22
                IPv6:
                  2a07:5d00::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  211361

    Signature Algorithm: sha256WithRSAEncryption
         1b:af:5f:05:83:59:75:4c:f1:79:42:38:6e:b3:18:c6:bb:58:
         f1:15:0b:9e:16:b7:a7:e1:c5:0d:57:35:31:6f:e4:ae:ad:68:
         30:4c:e3:9c:ce:05:e7:c5:1c:3f:28:07:f5:04:31:c9:7c:6d:
         48:ba:ee:1e:f3:a0:cc:99:9d:8d:dc:68:68:ea:7b:cc:ef:ea:
         02:d2:07:2b:12:bb:17:8c:82:ce:94:bc:7f:0c:8d:81:fe:0e:
         1e:90:41:cb:b3:77:7b:ae:e6:fd:47:7b:ea:7c:3e:6c:fc:38:
         a5:a8:56:41:e2:5c:55:06:6e:f7:50:c7:6b:3c:90:f2:ae:8e:
         cd:73:44:a4:df:5b:b8:e0:be:b4:ee:1d:4f:86:69:0b:5c:af:
         3a:e1:27:17:db:27:08:66:42:b6:e4:03:11:1a:53:f0:ad:5b:
         7d:58:d3:03:fa:38:10:a4:43:38:ff:de:30:a1:06:e5:61:0f:
         56:04:02:77:d4:cb:b7:98:83:d8:52:e7:1d:6c:78:0e:dc:41:
         c6:93:70:ef:b5:1d:4b:c0:3e:86:48:ee:5b:b4:18:1e:07:48:
         4e:2b:7d:9f:df:29:2a:ab:b3:a8:56:f4:cc:cc:92:41:17:9a:
         27:f4:2e:96:1c:f3:5b:07:f5:b3:9c:5a:33:2d:ec:15:4b:07:
         83:b4:1b:04
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQl/buTLrvIAXCR4bGpUdKyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDc0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2VkZmI5MTBmZmZlNDdkNTFhZDlkMGY4ODNiMWI2NDk2NjllMTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzD16dfrGF2X2xbXIGO4rp64Rlmb
vvb66E7SVkHf9DodJVcVzn+LKBeLXm0vunXidviv6ZZxzTgHstJC/B60IrDz3gtt
joaMsrO/3FU6nof02lG7mH7Teyq7djZf2TxbhXVTHZhhIhYf5AWI+beqvdaoLqP2
R6ifX0COY2mkrtLlWmoebvPlmCzQIr2OMe7k5BEXUv3baPzi03JO1J26aoZDui2Z
VXlFfVfkoE2Z8NpQFclYunIjynMoOwyAsYSufFuAq5/F4oC5LMORJchtUd09RYYx
9DTLJi8U7nq6Am0tlBw/U8NMnkiBGj/2TO/hkfH5onUZfdiNX3IbVDfgQwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFBPt+5EP/+R9Ua2dD4g7G2SWaeE1MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU1LzE0M2I1
Yy1jNWFiLTRkOTgtYWU0Yi1kMTQxYTg2OTIwMzkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTUvMTQzYjVj
LWM1YWItNGQ5OC1hZTRiLWQxNDFhODY5MjAzOS8xL0UtMzdrUV9fNUgxUnJaMFBp
RHNiWkpacDRUVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCwjCwMA0EAgACMAcDBQMqB10AMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwM5oTANBgkqhkiG9w0BAQsFAAOCAQEAG69fBYNZdUzx
eUI4brMYxrtY8RULnha3p+HFDVc1MW/krq1oMEzjnM4F58UcPygH9QQxyXxtSLru
HvOgzJmdjdxoaOp7zO/qAtIHKxK7F4yCzpS8fwyNgf4OHpBBy7N3e67m/Ud76nw+
bPw4pahWQeJcVQZu91DHazyQ8q6OzXNEpN9buOC+tO4dT4ZpC1yvOuEnF9snCGZC
tuQDERpT8K1bfVjTA/o4EKRDOP/eMKEG5WEPVgQCd9TLt5iD2FLnHWx4DtxBxpNw
77UdS8A+hkjuW7QYHgdITit9n98pKquzqFb0zMySQReaJ/QulhzzWwf1s5xaMy3s
FUsHg7QbBA==
-----END CERTIFICATE-----