Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YfvYiH2oRHExjYOISsAF8BtE_Uk.cer
File:                     YfvYiH2oRHExjYOISsAF8BtE_Uk.cer (raw, json)
Hash identifier:          WemVc63fvw1NaHXHCMOaSOcqnN+i+wIMXt2QgtvaQB8=
Subject key identifier:   61:FB:D8:88:7D:A8:44:71:31:8D:83:88:4A:C0:05:F0:1B:44:FD:49
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0194252215EA6F8BE6D5A029C0EC41BB19A7
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/b9/0ce569-ab8e-4712-949a-cec9e17f504b/1/YfvYiH2oRHExjYOISsAF8BtE_Uk.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/b9/0ce569-ab8e-4712-949a-cec9e17f504b/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 03:49:38 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 203412
                          IP: 79.142.36.0/24
                          IP: 79.142.44.0/22
                          IP: 185.125.172.0/22
                          IP: 2a07:f00::/29
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:25:22:15:ea:6f:8b:e6:d5:a0:29:c0:ec:41:bb:19:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 03:49:38 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=61fbd8887da84471318d83884ac005f01b44fd49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:2e:20:26:43:b2:62:32:29:6e:9a:bb:9d:7e:
                    89:21:0b:27:0e:af:17:e0:fd:34:7b:01:13:e5:19:
                    89:20:9d:ab:1f:62:fb:69:01:5b:b8:42:32:58:ea:
                    a3:cf:08:db:b3:5b:90:6e:c4:5c:09:1b:8e:3c:03:
                    f9:13:13:91:a2:cc:98:ed:1b:14:39:4f:b2:93:75:
                    12:52:5c:02:65:7b:bf:be:f9:46:f0:45:ff:d6:d2:
                    1f:1e:44:e1:af:22:f0:19:0c:d0:89:b7:e6:b5:b3:
                    11:c1:73:5e:b7:9e:51:c7:49:47:7b:80:e4:a2:1d:
                    39:a6:ce:c2:1b:fa:ca:78:cb:52:ae:35:64:7f:5a:
                    d0:93:04:39:42:d6:8e:ef:a5:2b:de:4d:44:4d:92:
                    b1:db:e6:42:9a:05:1e:38:aa:2e:e0:85:c4:14:4f:
                    de:f8:cb:fa:d2:4a:f9:02:d4:7c:d8:9c:49:00:f6:
                    21:65:11:77:c4:28:01:ea:f1:48:91:33:78:3d:6d:
                    a6:f6:88:f9:4d:4e:67:79:a9:d0:82:b9:95:4d:5f:
                    53:25:14:27:ed:f0:8f:27:54:e4:97:b1:e4:83:51:
                    88:07:59:4c:3e:61:f2:c6:da:f7:44:5f:0f:4b:73:
                    b7:92:a9:c1:c2:c6:a6:5c:ae:fb:b6:93:9d:53:45:
                    23:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:FB:D8:88:7D:A8:44:71:31:8D:83:88:4A:C0:05:F0:1B:44:FD:49
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/0ce569-ab8e-4712-949a-cec9e17f504b/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/0ce569-ab8e-4712-949a-cec9e17f504b/1/YfvYiH2oRHExjYOISsAF8BtE_Uk.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.142.36.0/24
                  79.142.44.0/22
                  185.125.172.0/22
                IPv6:
                  2a07:f00::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  203412

    Signature Algorithm: sha256WithRSAEncryption
         4e:82:c1:6b:94:08:c6:38:dd:d6:be:66:dd:f7:ce:50:de:4f:
         1b:13:f4:04:d0:25:b0:f8:b8:95:8f:dc:bc:be:4f:37:01:07:
         74:30:5f:24:58:1c:65:33:33:bd:a7:67:6c:99:22:49:2a:19:
         91:34:d0:83:f2:d7:30:be:9f:53:dc:29:7a:89:2f:82:9f:1f:
         07:71:a0:d5:8a:81:25:8c:8d:79:53:f1:e3:fb:5e:e9:e1:b8:
         7d:0b:77:d7:b0:39:ec:ff:4c:9f:7b:27:84:60:65:59:9d:8d:
         e2:74:2e:f8:df:47:47:56:04:42:7b:90:11:40:2a:e2:f2:59:
         6f:b0:57:c7:5e:25:14:1b:22:27:a2:c5:63:07:52:82:13:dc:
         2f:1d:c9:c4:5d:02:69:b5:5c:1e:35:ab:14:0c:b8:8d:dc:c0:
         a3:32:27:ad:0a:a4:9c:cd:d8:4e:00:40:fb:dc:f4:ac:44:d8:
         3c:9b:fe:fe:bc:e1:e4:60:43:72:5d:a9:86:ce:f0:bb:ce:b1:
         a6:34:15:d1:5b:ee:87:84:de:5f:70:1a:9d:1e:59:7a:e4:5f:
         2c:f6:c9:92:b7:b0:9e:df:2c:1e:ba:32:ec:0a:e5:f0:8d:a0:
         9e:f9:fb:d5:35:8b:96:74:88:bf:f3:7b:e8:97:6a:e8:9c:1f:
         cf:a0:8e:b6
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAZQlIhXqb4vm1aApwOxBuxmnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDM0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWZiZDg4ODdkYTg0NDcxMzE4ZDgzODg0YWMwMDVmMDFiNDRmZDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxS4gJkOyYjIpbpq7nX6JIQsnDq8X
4P00ewET5RmJIJ2rH2L7aQFbuEIyWOqjzwjbs1uQbsRcCRuOPAP5ExORosyY7RsU
OU+yk3USUlwCZXu/vvlG8EX/1tIfHkThryLwGQzQibfmtbMRwXNet55Rx0lHe4Dk
oh05ps7CG/rKeMtSrjVkf1rQkwQ5QtaO76Ur3k1ETZKx2+ZCmgUeOKou4IXEFE/e
+Mv60kr5AtR82JxJAPYhZRF3xCgB6vFIkTN4PW2m9oj5TU5neanQgrmVTV9TJRQn
7fCPJ1Tkl7Hkg1GIB1lMPmHyxtr3RF8PS3O3kqnBwsamXK77tpOdU0UjVwIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFGH72Ih9qERxMY2DiErABfAbRP1JMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I5LzBjZTU2
OS1hYjhlLTQ3MTItOTQ5YS1jZWM5ZTE3ZjUwNGIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkvMGNlNTY5
LWFiOGUtNDcxMi05NDlhLWNlYzllMTdmNTA0Yi8xL1lmdllpSDJvUkhFeGpZT0lT
c0FGOEJ0RV9Vay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF
BwEHAQH/BCswKTAYBAIAATASAwQAT44kAwQCT44sAwQCuX2sMA0EAgACMAcDBQMq
Bw8AMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMalDANBgkqhkiG9w0BAQsFAAOC
AQEAToLBa5QIxjjd1r5m3ffOUN5PGxP0BNAlsPi4lY/cvL5PNwEHdDBfJFgcZTMz
vadnbJkiSSoZkTTQg/LXML6fU9wpeokvgp8fB3Gg1YqBJYyNeVPx4/te6eG4fQt3
17A57P9Mn3snhGBlWZ2N4nQu+N9HR1YEQnuQEUAq4vJZb7BXx14lFBsiJ6LFYwdS
ghPcLx3JxF0CabVcHjWrFAy4jdzAozInrQqknM3YTgBA+9z0rETYPJv+/rzh5GBD
cl2phs7wu86xpjQV0Vvuh4TeX3AanR5ZeuRfLPbJkrewnt8sHroy7Arl8I2gnvn7
1TWLlnSIv/N76Jdq6Jwfz6COtg==
-----END CERTIFICATE-----