Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/RABxct-fwtSi3bupNM68nwKG08o.cer
File:                     RABxct-fwtSi3bupNM68nwKG08o.cer (raw, json)
Hash identifier:          s/bJ73ZyTqkPtI/ULp7Az9RrblLL6YM3ZXNRP38eYJA=
Subject key identifier:   44:00:71:72:DF:9F:C2:D4:A2:DD:BB:A9:34:CE:BC:9F:02:86:D3:CA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019420D60B17EB46C5971F1FBFABEBBCD0FE
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/RABxct-fwtSi3bupNM68nwKG08o.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 07:48:06 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 44222
                          IP: 185.83.212.0/23
                          IP: 185.83.215.0/24
                          IP: 2a05:9f00::/29
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:20:d6:0b:17:eb:46:c5:97:1f:1f:bf:ab:eb:bc:d0:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 07:48:06 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=44007172df9fc2d4a2ddbba934cebc9f0286d3ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:bc:b7:67:83:55:13:60:04:80:7a:a6:25:19:
                    63:d0:c5:ba:b5:2f:7a:0d:58:09:6f:90:88:e8:4d:
                    94:3b:1d:69:23:9c:ae:ca:65:e0:07:4a:3f:97:19:
                    4d:9f:e6:ab:af:39:cc:f2:d1:f3:c5:3d:a2:52:fe:
                    2a:c1:ff:8d:41:09:85:61:5a:08:15:b8:7d:6d:a3:
                    2b:4e:50:ac:3a:e1:4b:08:24:dc:cd:b6:0c:58:5c:
                    6d:b1:99:1a:1c:74:b2:31:61:0b:7d:e1:1f:4e:75:
                    f3:2e:be:f6:6f:6e:4a:11:31:c3:41:fa:ef:c7:25:
                    28:14:cf:73:6b:f3:4f:16:b8:5f:6c:4c:b9:15:64:
                    5b:bd:30:c4:e1:77:3f:c8:56:38:d0:04:5f:91:29:
                    7d:9d:e1:91:24:14:89:e3:06:8c:f1:6b:7e:ba:04:
                    74:a0:85:be:e4:da:db:e0:32:92:14:22:ff:4e:80:
                    24:fe:84:16:8b:44:2d:d6:f6:16:3f:18:11:d1:9b:
                    91:07:2b:2b:9e:a6:3b:dd:0f:17:24:4e:68:66:90:
                    19:bd:d2:70:4e:45:62:6f:e2:cf:da:83:ae:45:41:
                    01:4e:75:9f:5e:9d:18:03:f9:f0:2a:92:42:cc:36:
                    9e:24:e6:2c:15:0a:2a:43:18:8a:54:11:0e:25:1b:
                    24:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:00:71:72:DF:9F:C2:D4:A2:DD:BB:A9:34:CE:BC:9F:02:86:D3:CA
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/RABxct-fwtSi3bupNM68nwKG08o.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.83.212.0/23
                  185.83.215.0/24
                IPv6:
                  2a05:9f00::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  44222

    Signature Algorithm: sha256WithRSAEncryption
         a9:8e:db:d3:9c:2b:22:39:74:f8:18:1f:5b:03:10:e3:b6:a8:
         15:4d:4b:0c:96:fa:01:92:e8:6a:1d:5c:70:b8:55:31:97:46:
         fa:d7:a2:2d:54:e7:f1:5e:08:49:d7:c8:2b:8f:31:19:dd:71:
         34:b8:16:c8:da:c6:c5:ad:c1:52:1b:ce:02:54:5c:72:73:a2:
         97:46:23:a3:21:7b:c8:61:0d:f4:18:a0:e7:60:17:13:16:97:
         c1:8b:7b:42:ba:14:a3:4d:fd:03:6a:c1:cb:1d:64:9c:5f:d7:
         aa:43:91:3a:da:8b:01:90:56:a5:7f:93:0b:13:7d:03:b5:70:
         c2:cb:fb:41:6b:dc:c2:7f:71:67:59:16:b3:36:ba:f9:30:72:
         e2:bc:a5:9c:73:34:ae:2e:4c:9a:5c:be:39:76:4c:d4:3e:33:
         a5:14:de:a8:2c:0a:3b:74:28:6e:7d:4a:35:2f:28:89:bf:06:
         42:f5:e9:f6:04:c5:df:db:de:ed:0e:68:cd:d3:14:c6:5a:99:
         9f:cf:47:d8:9a:48:a5:c8:98:fc:d6:b1:ed:b1:ac:99:73:c7:
         75:c8:09:25:bd:08:40:0d:83:cb:f1:02:93:45:3e:0f:61:3f:
         7a:b6:a8:0d:68:05:e0:2f:fc:ff:36:48:ba:48:60:59:38:21:
         b6:0b:44:42
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZQg1gsX60bFlx8fv6vrvND+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDc0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDAwNzE3MmRmOWZjMmQ0YTJkZGJiYTkzNGNlYmM5ZjAyODZkM2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ry3Z4NVE2AEgHqmJRlj0MW6tS96
DVgJb5CI6E2UOx1pI5yuymXgB0o/lxlNn+arrznM8tHzxT2iUv4qwf+NQQmFYVoI
Fbh9baMrTlCsOuFLCCTczbYMWFxtsZkaHHSyMWELfeEfTnXzLr72b25KETHDQfrv
xyUoFM9za/NPFrhfbEy5FWRbvTDE4Xc/yFY40ARfkSl9neGRJBSJ4waM8Wt+ugR0
oIW+5Nrb4DKSFCL/ToAk/oQWi0Qt1vYWPxgR0ZuRBysrnqY73Q8XJE5oZpAZvdJw
TkVib+LP2oOuRUEBTnWfXp0YA/nwKpJCzDaeJOYsFQoqQxiKVBEOJRsk0wIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFEQAcXLfn8LUot27qTTOvJ8ChtPKMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2UxLzk0NWRi
ZC0yZmI3LTRkZDEtOTZhNi0wNTg1ZGU0ZDRlZTcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTEvOTQ1ZGJk
LTJmYjctNGRkMS05NmE2LTA1ODVkZTRkNGVlNy8xL1JBQnhjdC1md3RTaTNidXBO
TTY4bndLRzA4by5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQBuVPUAwQAuVPXMA0EAgACMAcDBQMqBZ8AMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwCsvjANBgkqhkiG9w0BAQsFAAOCAQEAqY7b
05wrIjl0+BgfWwMQ47aoFU1LDJb6AZLoah1ccLhVMZdG+teiLVTn8V4ISdfIK48x
Gd1xNLgWyNrGxa3BUhvOAlRccnOil0YjoyF7yGEN9Big52AXExaXwYt7QroUo039
A2rByx1knF/XqkOROtqLAZBWpX+TCxN9A7Vwwsv7QWvcwn9xZ1kWsza6+TBy4ryl
nHM0ri5Mmly+OXZM1D4zpRTeqCwKO3Qobn1KNS8oib8GQvXp9gTF39ve7Q5ozdMU
xlqZn89H2JpIpciY/Nax7bGsmXPHdcgJJb0IQA2Dy/ECk0U+D2E/eraoDWgF4C/8
/zZIukhgWTghtgtEQg==
-----END CERTIFICATE-----