Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/UdoAZhIua6KU0rdHk41Gx06Z-IA.cer
File:                     UdoAZhIua6KU0rdHk41Gx06Z-IA.cer (raw, json)
Hash identifier:          ULYtR9TRhtbD4sX9gglNIjAqzrjH7Xl+WAjLR8gxMtc=
Subject key identifier:   51:DA:00:66:12:2E:6B:A2:94:D2:B7:47:93:8D:46:C7:4E:99:F8:80
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019423D6F3683EE2EC3E96EA09AB6492D464
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/bb/f64eb4-26cc-4056-853b-be48b7925478/1/UdoAZhIua6KU0rdHk41Gx06Z-IA.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/bb/f64eb4-26cc-4056-853b-be48b7925478/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 21:47:57 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 211644
                          IP: 91.147.80.0/22
                          IP: 185.252.192.0/24
                          IP: 2a10:b0c0::/32
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:23:d6:f3:68:3e:e2:ec:3e:96:ea:09:ab:64:92:d4:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 21:47:57 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=51da0066122e6ba294d2b747938d46c74e99f880
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:14:80:8a:4e:5b:c0:3e:26:01:d7:38:22:07:
                    b6:cf:6a:49:14:d2:f1:b9:a3:bb:f2:b6:a7:54:e9:
                    d7:91:75:8c:ba:fe:8a:d5:f1:2a:80:3c:a7:1c:fc:
                    72:ce:6b:67:da:c3:ef:c8:ec:49:72:2a:05:2c:86:
                    ea:a7:e5:e4:f4:df:b0:2f:84:66:e3:65:f0:40:f3:
                    83:89:01:19:20:3b:d1:c1:a7:4e:1c:94:59:3c:11:
                    dc:b0:d2:4d:ab:a7:3d:b8:e4:53:7a:33:1c:e0:c1:
                    b7:06:67:14:89:a0:30:64:88:eb:fe:d9:47:5a:d6:
                    4b:dc:df:fb:1b:dc:83:ba:7a:d4:75:8e:84:f7:ce:
                    75:3c:22:b2:78:02:3a:dc:d3:a7:2a:0a:5b:f9:27:
                    3a:29:17:f1:0e:d4:d2:d1:9a:8a:fd:7e:b2:24:35:
                    c3:a9:6a:d0:e3:c2:49:1e:42:f1:4e:66:33:6d:e6:
                    44:06:57:91:a8:36:4b:0b:06:fb:48:75:92:e7:a4:
                    40:3f:67:d3:90:23:c5:14:85:c6:b2:aa:e1:83:c0:
                    d9:0e:98:69:95:54:6a:11:0d:73:c6:9f:be:e7:99:
                    54:b6:fb:5b:66:d9:0d:70:c1:ed:60:d3:81:41:d8:
                    04:b6:34:0e:41:63:f8:4d:36:66:7a:7c:22:67:03:
                    53:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:DA:00:66:12:2E:6B:A2:94:D2:B7:47:93:8D:46:C7:4E:99:F8:80
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f64eb4-26cc-4056-853b-be48b7925478/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f64eb4-26cc-4056-853b-be48b7925478/1/UdoAZhIua6KU0rdHk41Gx06Z-IA.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.147.80.0/22
                  185.252.192.0/24
                IPv6:
                  2a10:b0c0::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  211644

    Signature Algorithm: sha256WithRSAEncryption
         a6:1b:81:9d:e8:c2:ec:b5:e7:77:9c:b5:69:a0:64:63:f4:3e:
         fc:c1:40:90:c3:ce:98:03:69:7d:b9:eb:e6:fd:15:73:3f:ca:
         94:ee:b4:28:01:52:9c:45:0e:a0:bd:43:7a:a3:7e:45:df:46:
         49:ed:c1:f0:20:f7:9c:50:b1:5f:7a:4e:c8:d7:03:89:56:7b:
         48:09:4d:af:29:ed:aa:c1:5a:0a:3c:fb:a7:72:3d:ca:4c:dc:
         66:1f:f0:69:56:90:04:df:f2:76:50:a7:66:f7:54:c1:04:20:
         a1:f8:db:ed:cb:62:55:41:38:12:d2:7b:b5:b8:f9:68:04:69:
         2f:d8:fd:21:c2:2d:63:4d:95:e0:71:61:7b:9a:5f:ed:3f:46:
         ec:4f:71:a3:58:f4:d7:bb:dd:b8:9f:fd:36:8a:ed:28:83:22:
         14:bd:b6:f6:39:6c:60:f9:aa:71:89:d9:ac:42:e1:50:4a:3b:
         02:8d:7c:57:7e:88:5f:f1:4b:dc:12:66:eb:cd:b8:31:83:05:
         93:7a:c9:91:1e:8c:69:53:07:de:44:d9:0e:21:26:5d:b1:ec:
         81:d6:ab:2a:0f:9a:c2:58:b6:a5:b5:18:1c:5f:0d:52:a4:b6:
         f7:9f:9d:a4:d7:75:af:53:7c:19:cb:45:7a:1e:c3:15:99:be:
         27:ff:f8:cb
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZQj1vNoPuLsPpbqCatkktRkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMjE0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWRhMDA2NjEyMmU2YmEyOTRkMmI3NDc5MzhkNDZjNzRlOTlmODgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhSAik5bwD4mAdc4Ige2z2pJFNLx
uaO78ranVOnXkXWMuv6K1fEqgDynHPxyzmtn2sPvyOxJcioFLIbqp+Xk9N+wL4Rm
42XwQPODiQEZIDvRwadOHJRZPBHcsNJNq6c9uORTejMc4MG3BmcUiaAwZIjr/tlH
WtZL3N/7G9yDunrUdY6E9851PCKyeAI63NOnKgpb+Sc6KRfxDtTS0ZqK/X6yJDXD
qWrQ48JJHkLxTmYzbeZEBleRqDZLCwb7SHWS56RAP2fTkCPFFIXGsqrhg8DZDphp
lVRqEQ1zxp++55lUtvtbZtkNcMHtYNOBQdgEtjQOQWP4TTZmenwiZwNTUwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFFHaAGYSLmuilNK3R5ONRsdOmfiAMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JiL2Y2NGVi
NC0yNmNjLTQwNTYtODUzYi1iZTQ4Yjc5MjU0NzgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIvZjY0ZWI0
LTI2Y2MtNDA1Ni04NTNiLWJlNDhiNzkyNTQ3OC8xL1Vkb0FaaEl1YTZLVTByZEhr
NDFHeDA2Wi1JQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCW5NQAwQAufzAMA0EAgACMAcDBQAqELDAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwM6vDANBgkqhkiG9w0BAQsFAAOCAQEAphuB
nejC7LXnd5y1aaBkY/Q+/MFAkMPOmANpfbnr5v0Vcz/KlO60KAFSnEUOoL1DeqN+
Rd9GSe3B8CD3nFCxX3pOyNcDiVZ7SAlNryntqsFaCjz7p3I9ykzcZh/waVaQBN/y
dlCnZvdUwQQgofjb7ctiVUE4EtJ7tbj5aARpL9j9IcItY02V4HFhe5pf7T9G7E9x
o1j017vduJ/9NortKIMiFL229jlsYPmqcYnZrELhUEo7Ao18V36IX/FL3BJm6824
MYMFk3rJkR6MaVMH3kTZDiEmXbHsgdarKg+awli2pbUYHF8NUqS295+dpNd1r1N8
GctFeh7DFZm+J//4yw==
-----END CERTIFICATE-----