Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/JXjmbXV_leptaTqn-E_LJ0l1yLs.cer
File:                     JXjmbXV_leptaTqn-E_LJ0l1yLs.cer (raw, json)
Hash identifier:          ItEKGOT23yVESlpVpt3PnQzAcfqelOwlkxzOFAfYTYk=
Subject key identifier:   25:78:E6:6D:75:7F:95:EA:6D:69:3A:A7:F8:4F:CB:27:49:75:C8:BB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01942747A190FCAAF5D3ADC6C18C1AD64F8E
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/7e/c5b5d9-0ae7-4629-a01b-fbad637c4142/1/JXjmbXV_leptaTqn-E_LJ0l1yLs.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/7e/c5b5d9-0ae7-4629-a01b-fbad637c4142/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 13:49:53 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 203918
                          IP: 2001:67c:2e90::/48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:27:47:a1:90:fc:aa:f5:d3:ad:c6:c1:8c:1a:d6:4f:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 13:49:53 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=2578e66d757f95ea6d693aa7f84fcb274975c8bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:ec:90:ed:60:2d:c6:77:fb:0d:69:23:6a:5e:
                    b4:fd:13:f3:ec:2a:bf:86:58:73:23:63:db:04:4e:
                    d4:e4:6b:c7:8e:81:e0:f7:ce:1f:89:04:99:1e:23:
                    91:6c:13:d6:43:e3:98:17:32:ae:05:55:26:20:8a:
                    9e:c9:56:5f:32:aa:6b:5c:c8:f8:bb:db:85:1d:6b:
                    aa:70:14:eb:1e:71:b8:93:7e:18:68:c8:e6:38:ae:
                    e8:c3:e2:ea:aa:f2:f6:f9:30:fd:5f:5a:89:d6:a1:
                    32:9d:21:bb:fd:b2:b1:17:6b:59:22:f3:a0:95:38:
                    59:cf:9a:99:a2:08:c6:00:e6:51:41:39:2e:a7:64:
                    64:a6:62:f6:57:ec:ad:86:9f:e9:00:e7:0e:c4:71:
                    3c:df:ca:58:47:58:4e:2d:02:54:b7:ac:af:6c:1c:
                    0d:98:ee:72:86:0d:2c:37:b9:79:f0:5c:16:fe:5d:
                    32:03:d6:02:c7:04:da:68:b4:c7:50:9d:8b:44:d3:
                    73:a6:61:59:da:4b:b8:8c:7e:19:fa:59:61:ef:0e:
                    5f:b5:6f:55:ea:21:75:e9:9f:a3:da:73:c2:fb:f7:
                    e8:de:e7:79:14:a5:bf:3c:27:5d:dd:34:0a:fc:b4:
                    a1:a6:0c:51:9b:4b:8e:22:49:91:db:48:ee:46:1b:
                    3c:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:78:E6:6D:75:7F:95:EA:6D:69:3A:A7:F8:4F:CB:27:49:75:C8:BB
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c5b5d9-0ae7-4629-a01b-fbad637c4142/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c5b5d9-0ae7-4629-a01b-fbad637c4142/1/JXjmbXV_leptaTqn-E_LJ0l1yLs.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:2e90::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  203918

    Signature Algorithm: sha256WithRSAEncryption
         3f:31:9f:b7:8f:6c:7b:db:41:6c:1e:cd:12:30:98:03:c1:ea:
         a6:35:be:7f:48:a9:98:aa:ee:05:b0:94:eb:0d:79:c5:71:3a:
         ce:02:7a:1e:73:5e:6e:3d:62:d3:d3:29:64:e4:7f:f0:b4:a4:
         68:3b:43:2e:76:ce:c2:da:72:0b:38:60:6d:23:48:63:e5:f3:
         c8:fa:4b:8a:35:e1:22:1d:0f:f8:31:52:7a:05:11:3e:ea:3b:
         77:25:40:8f:83:c4:ee:48:32:8b:c9:a4:2f:0e:32:34:c3:2b:
         4b:10:fb:9b:d5:e2:c0:bb:4c:3e:e7:97:0b:70:6a:23:0a:a5:
         70:e7:c0:6d:79:71:3e:aa:79:e4:ef:ed:5c:1d:9e:d9:eb:b1:
         77:a2:44:b4:2e:97:8c:80:72:c2:74:e6:6b:8d:82:35:71:d3:
         35:58:56:9c:7b:f4:6e:c4:ca:ae:9d:66:cb:a9:cf:f6:43:34:
         f2:af:e3:e5:74:6d:61:76:c2:b6:2f:d3:78:a4:08:fd:10:80:
         4b:f4:fd:70:c2:7e:6c:f5:7d:08:8f:e3:c7:44:ee:e0:f3:35:
         72:dc:bf:a9:b2:2d:64:39:e3:06:6d:b3:9d:97:b4:f5:02:8a:
         b9:fc:32:95:db:d7:f7:39:d9:4b:b5:f2:53:6b:8b:00:89:a7:
         d1:ac:4d:b7
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAZQnR6GQ/Kr1063GwYwa1k+OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTM0OTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTc4ZTY2ZDc1N2Y5NWVhNmQ2OTNhYTdmODRmY2IyNzQ5NzVjOGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0uyQ7WAtxnf7DWkjal60/RPz7Cq/
hlhzI2PbBE7U5GvHjoHg984fiQSZHiORbBPWQ+OYFzKuBVUmIIqeyVZfMqprXMj4
u9uFHWuqcBTrHnG4k34YaMjmOK7ow+LqqvL2+TD9X1qJ1qEynSG7/bKxF2tZIvOg
lThZz5qZogjGAOZRQTkup2RkpmL2V+ythp/pAOcOxHE838pYR1hOLQJUt6yvbBwN
mO5yhg0sN7l58FwW/l0yA9YCxwTaaLTHUJ2LRNNzpmFZ2ku4jH4Z+llh7w5ftW9V
6iF16Z+j2nPC+/fo3ud5FKW/PCdd3TQK/LShpgxRm0uOIkmR20juRhs8+wIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFCV45m11f5XqbWk6p/hPyydJdci7MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdlL2M1YjVk
OS0wYWU3LTQ2MjktYTAxYi1mYmFkNjM3YzQxNDIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2UvYzViNWQ5
LTBhZTctNDYyOS1hMDFiLWZiYWQ2MzdjNDE0Mi8xL0pYam1iWFZfbGVwdGFUcW4t
RV9MSjBsMXlMcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC6QMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMcjjANBgkqhkiG9w0BAQsFAAOCAQEAPzGft49se9tBbB7NEjCYA8HqpjW+
f0ipmKruBbCU6w15xXE6zgJ6HnNebj1i09MpZOR/8LSkaDtDLnbOwtpyCzhgbSNI
Y+XzyPpLijXhIh0P+DFSegURPuo7dyVAj4PE7kgyi8mkLw4yNMMrSxD7m9XiwLtM
PueXC3BqIwqlcOfAbXlxPqp55O/tXB2e2euxd6JEtC6XjIBywnTma42CNXHTNVhW
nHv0bsTKrp1my6nP9kM08q/j5XRtYXbCti/TeKQI/RCAS/T9cMJ+bPV9CI/jx0Tu
4PM1cty/qbItZDnjBm2znZe09QKKufwyldvX9znZS7XyU2uLAImn0axNtw==
-----END CERTIFICATE-----