Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
File:                     VB_cei8RpXZtOte99iXOXhGaj98.cer (raw, json)
Hash identifier:          foMzzytUdjb4Q/2sp/Yd10gP/x0ilzwW0FN+S2TyC80=
Subject key identifier:   54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019427B6612206072E7A1E3B12C6B41DBEA9
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/VB_cei8RpXZtOte99iXOXhGaj98.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 15:50:51 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 48881
                          IP: 185.101.168.0/22
                          IP: 185.104.32.0/21
                          IP: 185.104.48.0/21
                          IP: 185.104.180.0/22
                          IP: 2001:67c:2a24::/48
                          IP: 2a06:1fc0::/29
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:27:b6:61:22:06:07:2e:7a:1e:3b:12:c6:b4:1d:be:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 15:50:51 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:32:c5:3c:d2:44:64:1b:75:bf:b0:c1:ba:dc:
                    56:1b:c9:62:51:0d:88:cc:aa:13:b2:94:03:52:99:
                    95:b6:bd:cc:0d:c5:28:bb:df:44:aa:03:92:24:7d:
                    28:fe:d7:38:9f:3c:82:00:21:83:49:18:ff:93:ec:
                    cd:92:e6:94:a8:97:d7:86:77:6d:f5:99:7b:f3:e6:
                    f9:61:c0:4c:1f:2b:02:f1:c5:51:22:c2:c8:45:a4:
                    eb:27:4a:a3:52:00:59:a3:ec:54:25:39:30:9f:a2:
                    ef:d1:52:4b:5e:54:af:ac:a0:4e:ad:18:d0:b1:31:
                    f5:92:55:62:b7:56:43:d4:e7:2f:68:67:31:eb:07:
                    8c:55:cd:ce:7c:e2:06:33:e9:18:ef:80:2d:b9:e9:
                    f1:34:e1:fb:69:aa:ec:d8:12:d3:84:66:ff:e1:da:
                    40:cf:56:71:52:d3:cd:c5:5b:10:5c:93:a4:ff:97:
                    61:2a:73:e8:ac:00:f4:d8:1d:34:8d:18:16:71:18:
                    63:bf:25:1f:a4:67:93:b0:3f:1d:5f:ef:2e:40:6c:
                    62:bf:1b:44:a2:68:af:1c:b0:09:b5:e0:0a:14:6f:
                    30:dc:c3:02:b1:a4:9a:7d:4a:03:c1:71:d7:49:bf:
                    e0:60:c9:89:c6:b2:2f:ab:07:42:eb:3b:93:a6:7d:
                    b2:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/VB_cei8RpXZtOte99iXOXhGaj98.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.101.168.0/22
                  185.104.32.0/21
                  185.104.48.0/21
                  185.104.180.0/22
                IPv6:
                  2001:67c:2a24::/48
                  2a06:1fc0::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  48881

    Signature Algorithm: sha256WithRSAEncryption
         73:24:14:cc:58:e9:66:80:e0:21:18:e3:d7:9e:56:9d:22:87:
         41:ca:b4:a5:ec:80:1f:a9:09:1c:3c:9a:cb:95:85:06:c8:9a:
         5d:f1:cf:c9:37:54:90:90:78:7b:dd:33:e1:54:77:16:1b:8b:
         55:52:59:80:dd:d1:88:44:c9:49:5a:31:43:ec:92:da:df:13:
         6c:88:f7:e3:78:5e:d2:77:6a:fd:8f:65:5e:ac:db:17:71:2b:
         a2:dd:0e:30:eb:bb:04:be:99:53:01:56:76:fb:8d:29:2d:14:
         7a:7e:a9:f6:28:b4:9f:de:97:19:80:6a:ad:86:a8:44:35:91:
         35:6b:e1:ea:45:8c:1f:fd:65:df:05:fd:6b:33:15:c9:b4:01:
         ee:ab:5b:7c:15:a6:f4:29:1a:e2:d8:13:a8:2d:de:3d:2e:25:
         56:5e:c0:c5:7c:18:3e:e2:36:73:3e:85:0e:1a:cf:e3:34:81:
         c6:5c:9a:e6:31:39:96:b0:93:4a:00:f3:2d:a7:bc:56:16:74:
         b6:20:4b:73:c3:fe:98:ea:bf:65:5a:22:6f:54:5b:ea:02:30:
         5b:e9:13:6c:57:af:7f:ee:44:28:5a:ec:ac:10:36:8d:e6:c2:
         a5:26:43:71:89:8a:92:08:e2:f7:f6:d5:80:42:e2:78:27:26:
         68:07:c9:93
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAZQntmEiBgcueh47Esa0Hb6pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTU1MDUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDFmZGM3YTJmMTFhNTc2NmQzYWQ3YmRmNjI1Y2U1ZTExOWE4ZmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTLFPNJEZBt1v7DButxWG8liUQ2I
zKoTspQDUpmVtr3MDcUou99EqgOSJH0o/tc4nzyCACGDSRj/k+zNkuaUqJfXhndt
9Zl78+b5YcBMHysC8cVRIsLIRaTrJ0qjUgBZo+xUJTkwn6Lv0VJLXlSvrKBOrRjQ
sTH1klVit1ZD1OcvaGcx6weMVc3OfOIGM+kY74AtuenxNOH7aars2BLThGb/4dpA
z1ZxUtPNxVsQXJOk/5dhKnPorAD02B00jRgWcRhjvyUfpGeTsD8dX+8uQGxivxtE
omivHLAJteAKFG8w3MMCsaSafUoDwXHXSb/gYMmJxrIvqwdC6zuTpn2yGwIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFFQf3HovEaV2bTrXvfYlzl4Rmo/fMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRkLzhmYWQ2
Ny1iYjZiLTQ3NzMtYjgxZS1jOTAwYTg5ZjIwZjEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQvOGZhZDY3
LWJiNmItNDc3My1iODFlLWM5MDBhODlmMjBmMS8xL1ZCX2NlaThScFhadE90ZTk5
aVhPWGhHYWo5OC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUF
BwEHAQH/BDowODAeBAIAATAYAwQCuWWoAwQDuWggAwQDuWgwAwQCuWi0MBYEAgAC
MBADBwAgAQZ8KiQDBQMqBh/AMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwC+8TAN
BgkqhkiG9w0BAQsFAAOCAQEAcyQUzFjpZoDgIRjj155WnSKHQcq0peyAH6kJHDya
y5WFBsiaXfHPyTdUkJB4e90z4VR3FhuLVVJZgN3RiETJSVoxQ+yS2t8TbIj343he
0ndq/Y9lXqzbF3Erot0OMOu7BL6ZUwFWdvuNKS0Uen6p9ii0n96XGYBqrYaoRDWR
NWvh6kWMH/1l3wX9azMVybQB7qtbfBWm9Cka4tgTqC3ePS4lVl7AxXwYPuI2cz6F
DhrP4zSBxlya5jE5lrCTSgDzLae8VhZ0tiBLc8P+mOq/ZVoib1Rb6gIwW+kTbFev
f+5EKFrsrBA2jebCpSZDcYmKkgji9/bVgELieCcmaAfJkw==
-----END CERTIFICATE-----