Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_SxsGlV_WItkfheRGmMA40LGYes.cer
File:                     _SxsGlV_WItkfheRGmMA40LGYes.cer (raw, json)
Hash identifier:          0+JVFeraq5NKFA2dGBivVIe8AF/WTtnS9u54ceSUyCw=
Subject key identifier:   FD:2C:6C:1A:55:7F:58:8B:64:7E:17:91:1A:63:00:E3:42:C6:61:EB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019427B563E32C9AB985F530CF63EEAF6D6D
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/3e/6a3f6e-2d43-4ec6-a7ec-e13deb4ac7b7/1/_SxsGlV_WItkfheRGmMA40LGYes.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/3e/6a3f6e-2d43-4ec6-a7ec-e13deb4ac7b7/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 15:49:46 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 49791
                          IP: 45.144.48.0/22
                          IP: 2a05:fc0::/31
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:27:b5:63:e3:2c:9a:b9:85:f5:30:cf:63:ee:af:6d:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 15:49:46 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=fd2c6c1a557f588b647e17911a6300e342c661eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:4d:df:7a:cf:42:1f:0e:e8:de:0e:9f:50:be:
                    d5:54:49:82:d2:dd:03:40:7a:05:73:57:3e:7e:c4:
                    ab:94:ab:58:10:6e:12:d0:c8:1c:8e:df:dd:5b:6b:
                    22:ad:73:77:03:5c:77:ce:4c:11:d8:90:84:e7:7e:
                    45:9d:53:40:ed:20:fa:6f:97:7d:3b:3d:ef:60:08:
                    20:4f:68:05:d0:62:b6:35:99:5e:d3:58:13:44:ea:
                    77:08:e6:46:ab:c7:b7:d7:5c:e1:4f:85:df:86:b0:
                    f7:4b:08:73:0c:ce:48:74:57:9e:c2:8e:60:82:39:
                    e4:3d:10:25:c8:c4:e6:7e:91:44:cd:eb:4d:35:d4:
                    56:bf:48:74:2b:2e:ce:40:cc:fe:8d:3d:03:26:ac:
                    b9:c6:98:af:e5:c5:72:d9:1b:25:9e:c7:3e:5f:b1:
                    30:7f:b3:a9:7e:57:d0:19:d3:42:94:7e:07:9c:08:
                    b6:b4:24:3a:f6:d6:eb:cf:21:b8:d4:aa:ac:81:a0:
                    56:fd:93:ed:f9:d5:ac:a8:00:fb:5d:92:07:ee:fe:
                    7a:2e:9a:ad:d8:15:7a:42:af:8b:75:b7:56:3a:6b:
                    9c:77:e0:8b:da:eb:1f:80:dc:20:62:3e:bd:94:a0:
                    ac:52:69:07:c1:77:5e:1f:fa:63:56:d1:7d:db:52:
                    95:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:2C:6C:1A:55:7F:58:8B:64:7E:17:91:1A:63:00:E3:42:C6:61:EB
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/6a3f6e-2d43-4ec6-a7ec-e13deb4ac7b7/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/6a3f6e-2d43-4ec6-a7ec-e13deb4ac7b7/1/_SxsGlV_WItkfheRGmMA40LGYes.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.144.48.0/22
                IPv6:
                  2a05:fc0::/31

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  49791

    Signature Algorithm: sha256WithRSAEncryption
         42:8f:fd:ec:56:ae:8a:16:a2:f8:2b:d0:31:03:66:58:35:df:
         bc:52:de:ee:92:d4:43:00:61:3d:7b:45:c8:3c:9e:ab:1f:c5:
         dc:59:a2:76:8a:0b:09:40:68:a4:c9:6e:a2:ab:f2:0d:11:8a:
         d5:16:e1:e3:83:f5:52:23:ac:8f:02:a9:5f:7b:96:91:42:cc:
         87:d4:0d:3d:67:ac:e1:c6:33:eb:71:6e:79:59:63:28:5f:d6:
         19:dc:cd:f0:b1:93:a1:65:8d:66:49:43:9e:64:0c:4c:75:bf:
         68:4e:45:d2:c6:1f:8c:40:ac:5a:b1:86:a4:f0:7d:96:c1:53:
         67:8c:d5:1e:02:d3:d2:1f:85:c3:fa:e5:e1:2d:08:c3:de:30:
         53:2e:c2:a6:a3:55:3e:2e:05:94:a1:ab:d4:50:72:01:bc:e7:
         ad:33:1f:0c:d3:50:5c:30:69:b7:30:e7:99:ac:db:0a:75:40:
         fa:33:5d:29:50:64:c5:48:33:c8:f3:b4:ce:28:3e:ec:18:0c:
         b2:ea:fc:fa:ca:02:57:a8:e6:3a:8a:fe:7f:ae:4a:b0:c8:7a:
         82:da:76:4b:4f:6b:56:79:49:66:33:f6:ae:06:1d:8d:a0:fe:
         12:d8:7f:ac:c9:a4:df:d6:83:04:e7:22:a9:7b:c9:f1:22:17:
         0a:c5:7b:7f
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQntWPjLJq5hfUwz2Pur21tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTU0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDJjNmMxYTU1N2Y1ODhiNjQ3ZTE3OTExYTYzMDBlMzQyYzY2MWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvU3fes9CHw7o3g6fUL7VVEmC0t0D
QHoFc1c+fsSrlKtYEG4S0Mgcjt/dW2sirXN3A1x3zkwR2JCE535FnVNA7SD6b5d9
Oz3vYAggT2gF0GK2NZle01gTROp3COZGq8e311zhT4XfhrD3SwhzDM5IdFeewo5g
gjnkPRAlyMTmfpFEzetNNdRWv0h0Ky7OQMz+jT0DJqy5xpiv5cVy2Rslnsc+X7Ew
f7OpflfQGdNClH4HnAi2tCQ69tbrzyG41KqsgaBW/ZPt+dWsqAD7XZIH7v56Lpqt
2BV6Qq+LdbdWOmucd+CL2usfgNwgYj69lKCsUmkHwXdeH/pjVtF921KVNQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFP0sbBpVf1iLZH4XkRpjAONCxmHrMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNlLzZhM2Y2
ZS0yZDQzLTRlYzYtYTdlYy1lMTNkZWI0YWM3YjcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2UvNmEzZjZl
LTJkNDMtNGVjNi1hN2VjLWUxM2RlYjRhYzdiNy8xL19TeHNHbFZfV0l0a2ZoZVJH
bU1BNDBMR1llcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCLZAwMA0EAgACMAcDBQEqBQ/AMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDCfzANBgkqhkiG9w0BAQsFAAOCAQEAQo/97Fauihai
+CvQMQNmWDXfvFLe7pLUQwBhPXtFyDyeqx/F3FmidooLCUBopMluoqvyDRGK1Rbh
44P1UiOsjwKpX3uWkULMh9QNPWes4cYz63FueVljKF/WGdzN8LGToWWNZklDnmQM
THW/aE5F0sYfjECsWrGGpPB9lsFTZ4zVHgLT0h+Fw/rl4S0Iw94wUy7CpqNVPi4F
lKGr1FByAbznrTMfDNNQXDBptzDnmazbCnVA+jNdKVBkxUgzyPO0zig+7BgMsur8
+soCV6jmOor+f65KsMh6gtp2S09rVnlJZjP2rgYdjaD+Eth/rMmk39aDBOciqXvJ
8SIXCsV7fw==
-----END CERTIFICATE-----