Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/N0MfG-n9wkGQmEec3kV7v3lXF1k.cer
File:                     N0MfG-n9wkGQmEec3kV7v3lXF1k.cer (raw, json)
Hash identifier:          POfVMoRmfK0J6wzI71UT7rHjESU6Bh6QjT3VfoSE0WY=
Subject key identifier:   37:43:1F:1B:E9:FD:C2:41:90:98:47:9C:DE:45:7B:BF:79:57:17:59
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01942067F41D2128E917941B2E8A5C703304
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/ad/b53547-d340-4392-af46-615961312b52/1/N0MfG-n9wkGQmEec3kV7v3lXF1k.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/ad/b53547-d340-4392-af46-615961312b52/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 05:47:51 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 41717
                          IP: 185.211.132.0/22
                          IP: 2a0b:65c0::/29
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:20:67:f4:1d:21:28:e9:17:94:1b:2e:8a:5c:70:33:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 05:47:51 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=37431f1be9fdc2419098479cde457bbf79571759
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:68:24:eb:48:f5:17:fe:c2:44:8b:6a:13:d4:
                    9b:7f:ef:37:43:8f:ed:2f:23:48:dc:8e:f3:fe:4c:
                    bb:12:8a:7f:da:86:d2:ac:90:82:3f:37:13:f8:7d:
                    73:e6:43:c2:e7:6d:29:4d:f1:6a:e1:53:df:60:0c:
                    d5:40:2a:67:97:93:12:fa:a9:b0:16:a2:e7:12:70:
                    f2:d5:f9:91:62:d3:62:6f:b1:b0:0b:8e:6f:22:47:
                    d9:39:f3:01:78:4b:0a:3e:2f:ad:fe:94:b8:ea:78:
                    4a:6f:0d:93:65:e6:71:fc:3c:9b:87:ed:e1:1d:fd:
                    0b:84:00:62:a4:2f:88:e8:f4:6f:4d:e3:e1:c7:59:
                    ba:dd:ed:f5:e7:21:17:d0:6c:61:af:b3:d9:ea:0f:
                    0b:9e:ff:14:4d:10:f2:db:b8:1f:5a:15:60:01:ce:
                    4a:dc:1b:6a:a4:71:d0:24:02:36:d1:03:07:9b:06:
                    87:61:29:45:35:f3:c5:a8:94:97:07:e6:64:7c:55:
                    92:a7:8e:a0:fe:50:6c:8f:d9:b3:40:77:27:ac:7c:
                    de:d4:7f:7b:7b:4a:d8:5c:aa:03:69:4a:51:c7:ed:
                    9a:b1:9b:16:04:af:99:5c:09:66:d4:e1:1c:1b:07:
                    68:c1:dd:a8:0f:39:8a:f8:2f:a5:3c:91:95:f8:82:
                    7d:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:43:1F:1B:E9:FD:C2:41:90:98:47:9C:DE:45:7B:BF:79:57:17:59
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b53547-d340-4392-af46-615961312b52/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b53547-d340-4392-af46-615961312b52/1/N0MfG-n9wkGQmEec3kV7v3lXF1k.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.211.132.0/22
                IPv6:
                  2a0b:65c0::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  41717

    Signature Algorithm: sha256WithRSAEncryption
         71:4d:02:f6:a0:13:43:84:cc:50:eb:51:54:ee:9a:e7:72:9d:
         2e:9d:bb:43:a3:33:4f:45:a4:f9:91:d8:17:5a:4b:61:ba:90:
         cf:24:47:e5:de:fa:fb:d3:a5:c6:b2:f0:7d:a8:4e:3f:f6:6d:
         da:56:bc:58:9d:ac:71:56:19:c6:17:d3:4f:60:e3:66:2f:f8:
         f6:e0:d3:22:32:7e:58:f7:0d:4b:0a:e0:38:89:86:e8:74:5d:
         2b:26:92:22:e9:4d:79:1e:eb:d7:be:1a:09:31:e5:0b:6d:78:
         f0:75:45:8b:26:fd:4b:09:27:29:8a:9a:9e:59:9f:c3:95:7d:
         67:6e:a7:30:37:3d:c6:97:da:40:3d:42:52:e7:2d:ee:ed:97:
         10:b0:77:86:84:4b:78:ea:1d:ee:1c:dd:a5:8e:a8:f0:9c:0f:
         7b:3b:45:88:b4:99:fd:94:80:28:79:86:b8:c6:cf:a3:30:73:
         8d:e0:c8:03:84:2c:1c:80:1e:5e:fb:c2:91:86:08:4b:3a:7d:
         70:33:a1:96:45:52:20:78:e0:32:cc:0c:2d:46:e6:09:81:4c:
         1c:60:b6:00:48:59:d1:52:5d:ce:45:7c:26:2d:20:fc:7c:09:
         b5:28:60:7f:b0:ad:a1:de:17:a0:93:3c:a5:17:0f:78:a0:26:
         6d:fe:5f:12
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQgZ/QdISjpF5QbLopccDMEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDU0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzQzMWYxYmU5ZmRjMjQxOTA5ODQ3OWNkZTQ1N2JiZjc5NTcxNzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2gk60j1F/7CRItqE9Sbf+83Q4/t
LyNI3I7z/ky7Eop/2obSrJCCPzcT+H1z5kPC520pTfFq4VPfYAzVQCpnl5MS+qmw
FqLnEnDy1fmRYtNib7GwC45vIkfZOfMBeEsKPi+t/pS46nhKbw2TZeZx/Dybh+3h
Hf0LhABipC+I6PRvTePhx1m63e315yEX0Gxhr7PZ6g8Lnv8UTRDy27gfWhVgAc5K
3BtqpHHQJAI20QMHmwaHYSlFNfPFqJSXB+ZkfFWSp46g/lBsj9mzQHcnrHze1H97
e0rYXKoDaUpRx+2asZsWBK+ZXAlm1OEcGwdowd2oDzmK+C+lPJGV+IJ93QIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFDdDHxvp/cJBkJhHnN5Fe795VxdZMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FkL2I1MzU0
Ny1kMzQwLTQzOTItYWY0Ni02MTU5NjEzMTJiNTIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWQvYjUzNTQ3
LWQzNDAtNDM5Mi1hZjQ2LTYxNTk2MTMxMmI1Mi8xL04wTWZHLW45d2tHUW1FZWMz
a1Y3djNsWEYxay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCudOEMA0EAgACMAcDBQMqC2XAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCi9TANBgkqhkiG9w0BAQsFAAOCAQEAcU0C9qATQ4TM
UOtRVO6a53KdLp27Q6MzT0Wk+ZHYF1pLYbqQzyRH5d76+9OlxrLwfahOP/Zt2la8
WJ2scVYZxhfTT2DjZi/49uDTIjJ+WPcNSwrgOImG6HRdKyaSIulNeR7r174aCTHl
C2148HVFiyb9SwknKYqanlmfw5V9Z26nMDc9xpfaQD1CUuct7u2XELB3hoRLeOod
7hzdpY6o8JwPeztFiLSZ/ZSAKHmGuMbPozBzjeDIA4QsHIAeXvvCkYYISzp9cDOh
lkVSIHjgMswMLUbmCYFMHGC2AEhZ0VJdzkV8Ji0g/HwJtShgf7Ctod4XoJM8pRcP
eKAmbf5fEg==
-----END CERTIFICATE-----