Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/SbJERkTEM0jXxQ9OUOdDVumJbb8.cer
File:                     SbJERkTEM0jXxQ9OUOdDVumJbb8.cer (raw, json)
Hash identifier:          Qj7UC9Wn17wmfNIi0UFuD3D+6UZT0I/w1NYUD5KjFRI=
Subject key identifier:   49:B2:44:46:44:C4:33:48:D7:C5:0F:4E:50:E7:43:56:E9:89:6D:BF
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0194228D8767FC4B077A19C565C44BBD011F
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/c2/64cdbd-c851-4b35-bb79-753d969a0702/1/SbJERkTEM0jXxQ9OUOdDVumJbb8.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/c2/64cdbd-c851-4b35-bb79-753d969a0702/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 15:48:08 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 41459
                          IP: 185.85.232.0/22
                          IP: 2a05:afc0::/29
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:22:8d:87:67:fc:4b:07:7a:19:c5:65:c4:4b:bd:01:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 15:48:08 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=49b2444644c43348d7c50f4e50e74356e9896dbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:c0:0d:a2:c8:39:b4:1e:7a:c7:f2:08:63:57:
                    d0:13:f9:17:b4:19:3d:c0:93:e0:d2:22:64:66:7e:
                    1c:d4:f1:b9:b4:ca:05:69:88:85:8e:ee:f4:2a:11:
                    f2:1a:6a:17:27:42:c9:19:c4:f7:c4:65:de:00:e7:
                    39:f0:a6:aa:70:37:2e:0f:15:40:f3:be:02:67:57:
                    20:f0:b9:d7:3a:fd:e8:f2:63:eb:ff:64:9c:de:3d:
                    c2:01:48:7f:d4:a6:b1:dd:0c:ff:d1:ce:a5:6b:89:
                    80:0a:d1:9b:d5:32:25:88:78:63:e7:77:51:5a:02:
                    99:86:27:b6:bc:41:40:10:89:25:f4:fb:ba:e8:14:
                    45:fd:5e:9a:d5:6d:46:ea:6f:38:da:9b:f7:ef:f5:
                    48:9b:69:0d:47:2c:52:b3:0c:f0:ac:ac:35:8d:58:
                    b9:d4:ee:65:46:e4:76:74:ec:1d:55:5f:37:9a:06:
                    03:57:04:61:bd:4d:96:f8:63:cb:12:bf:9e:80:f5:
                    17:5c:66:99:14:a5:0d:d7:50:3d:63:9c:33:ef:51:
                    b1:fc:a4:0d:f0:6a:67:2e:72:0c:d4:7b:08:12:05:
                    0d:e6:84:70:78:b6:0f:c4:1b:22:c3:9f:10:44:64:
                    88:67:d0:85:13:67:46:43:db:cf:41:e5:ee:13:5b:
                    6c:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:B2:44:46:44:C4:33:48:D7:C5:0F:4E:50:E7:43:56:E9:89:6D:BF
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/64cdbd-c851-4b35-bb79-753d969a0702/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/64cdbd-c851-4b35-bb79-753d969a0702/1/SbJERkTEM0jXxQ9OUOdDVumJbb8.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.85.232.0/22
                IPv6:
                  2a05:afc0::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  41459

    Signature Algorithm: sha256WithRSAEncryption
         78:46:8f:e2:3f:07:62:64:fc:5b:b9:20:0e:87:e0:66:f4:05:
         46:bb:c7:8b:43:97:57:00:83:68:d0:44:77:89:f4:a6:01:25:
         37:cc:71:fe:df:35:cf:84:11:7a:3c:65:b0:1f:ac:92:48:ac:
         d5:11:84:79:4c:77:af:e5:4d:c6:4e:a7:5d:68:3d:f6:01:e4:
         98:43:b8:54:c1:13:22:d3:e7:54:65:19:f1:77:f7:f8:96:51:
         32:e5:da:bf:11:2e:9e:4d:74:d1:aa:f2:c2:79:09:03:fa:9c:
         42:ed:2f:ad:a5:0f:3f:2d:a2:83:fb:26:9c:24:00:24:25:ff:
         4f:76:7a:1f:d5:7f:a6:cc:9f:9f:61:74:83:13:55:5b:d0:a3:
         2d:66:56:b1:b0:64:b7:58:26:c1:d7:90:48:d5:8d:6a:f4:fe:
         d0:d5:87:57:f5:7f:44:87:dc:19:05:67:3a:c6:ab:3f:f0:37:
         be:ed:4f:64:86:1e:f3:37:30:d6:a3:30:61:8a:10:ca:e8:d5:
         9d:26:5a:8a:a3:49:32:b8:c9:63:d0:c7:8b:d5:3c:53:e8:f2:
         06:71:22:ca:4c:52:bb:79:95:e3:a8:73:56:0d:70:89:09:79:
         bd:c4:33:64:ab:fe:74:6b:22:a3:99:de:fa:59:3e:78:9e:f1:
         2f:85:6b:4c
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQijYdn/EsHehnFZcRLvQEfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTU0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWIyNDQ0NjQ0YzQzMzQ4ZDdjNTBmNGU1MGU3NDM1NmU5ODk2ZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sANosg5tB56x/IIY1fQE/kXtBk9
wJPg0iJkZn4c1PG5tMoFaYiFju70KhHyGmoXJ0LJGcT3xGXeAOc58KaqcDcuDxVA
874CZ1cg8LnXOv3o8mPr/2Sc3j3CAUh/1Kax3Qz/0c6la4mACtGb1TIliHhj53dR
WgKZhie2vEFAEIkl9Pu66BRF/V6a1W1G6m842pv37/VIm2kNRyxSswzwrKw1jVi5
1O5lRuR2dOwdVV83mgYDVwRhvU2W+GPLEr+egPUXXGaZFKUN11A9Y5wz71Gx/KQN
8GpnLnIM1HsIEgUN5oRweLYPxBsiw58QRGSIZ9CFE2dGQ9vPQeXuE1tsuQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFEmyREZExDNI18UPTlDnQ1bpiW2/MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MyLzY0Y2Ri
ZC1jODUxLTRiMzUtYmI3OS03NTNkOTY5YTA3MDIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzIvNjRjZGJk
LWM4NTEtNGIzNS1iYjc5LTc1M2Q5NjlhMDcwMi8xL1NiSkVSa1RFTTBqWHhROU9V
T2REVnVtSmJiOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuVXoMA0EAgACMAcDBQMqBa/AMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCh8zANBgkqhkiG9w0BAQsFAAOCAQEAeEaP4j8HYmT8
W7kgDofgZvQFRrvHi0OXVwCDaNBEd4n0pgElN8xx/t81z4QRejxlsB+skkis1RGE
eUx3r+VNxk6nXWg99gHkmEO4VMETItPnVGUZ8Xf3+JZRMuXavxEunk100arywnkJ
A/qcQu0vraUPPy2ig/smnCQAJCX/T3Z6H9V/psyfn2F0gxNVW9CjLWZWsbBkt1gm
wdeQSNWNavT+0NWHV/V/RIfcGQVnOsarP/A3vu1PZIYe8zcw1qMwYYoQyujVnSZa
iqNJMrjJY9DHi9U8U+jyBnEiykxSu3mV46hzVg1wiQl5vcQzZKv+dGsio5ne+lk+
eJ7xL4VrTA==
-----END CERTIFICATE-----