Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
File:                     aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer (raw, json)
Hash identifier:          GigoyCmTYPUo0ArxMg6wk8L41KvsiAqxnUREKFB9YhQ=
Subject key identifier:   6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01946F296B75CD5AC5C549C4F37D94060843
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 16 Jan 2025 12:49:33 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 202525
                          AS: 215913
                          IP: 46.29.36.0/24
                          IP: 2a13:d040::/29
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:6f:29:6b:75:cd:5a:c5:c5:49:c4:f3:7d:94:06:08:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan 16 12:49:33 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=6aa8fa75c5020cd6218cf7f109de420265204bac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:b0:ba:9e:40:86:ff:ce:e5:b1:3c:ac:87:2e:
                    e2:e6:cf:04:7e:d2:0c:10:26:c6:c4:a8:49:49:c0:
                    16:19:1d:c2:ad:fb:c1:28:9b:c9:83:78:a9:cb:87:
                    91:85:c8:d7:a3:d9:b7:a8:13:ce:7e:48:1a:f6:99:
                    e0:d9:8c:6d:1c:95:40:0a:e4:e8:fb:ae:62:76:57:
                    6f:05:e9:bf:93:75:32:e9:8c:2b:43:1f:f8:fa:64:
                    22:e1:d7:0c:6a:c5:5f:2d:49:53:6b:c0:f2:0c:a9:
                    30:fe:a0:b3:a9:46:67:92:f6:1f:1e:61:83:e9:48:
                    37:93:d7:b5:bb:2a:c2:1a:98:de:54:28:a2:0c:f0:
                    c4:68:c2:b6:73:d1:5e:c1:0b:c1:0d:41:09:a9:f7:
                    1e:73:8d:71:9a:ab:ba:70:cb:a7:65:e8:a9:a4:c1:
                    f9:e3:70:b7:b0:77:e9:e9:4a:81:09:51:c1:af:5d:
                    f3:65:09:1c:34:d1:02:07:b2:03:6b:8d:c9:c9:79:
                    b5:9f:c0:9b:d8:ad:ff:8d:19:0e:62:cd:64:50:19:
                    9b:3b:93:ad:f4:09:f6:57:3f:39:eb:58:a1:5b:43:
                    f4:7c:b2:a4:25:cc:8d:d2:d9:6b:7b:48:c8:d6:01:
                    0d:4b:e3:8c:87:ee:b7:41:b9:e9:ad:6a:d1:85:fd:
                    e7:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.29.36.0/24
                IPv6:
                  2a13:d040::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  202525
                  215913

    Signature Algorithm: sha256WithRSAEncryption
         0a:76:8d:a3:de:fe:53:f3:17:0b:17:5d:b3:a5:8f:6f:69:88:
         3c:5e:dc:0f:9f:df:9f:cd:d8:a3:98:1f:14:2c:f3:3f:f2:b2:
         f4:bf:21:ad:b3:c3:7a:1c:eb:41:8b:77:4b:7a:5b:14:13:a5:
         35:e7:be:76:59:5e:2c:20:a4:6d:65:d7:a6:50:08:2e:05:f3:
         9a:19:38:ac:f9:df:8b:cd:1d:45:07:2a:c3:c0:44:8a:ec:58:
         9c:87:14:82:b9:ec:52:30:b1:36:3d:3f:cc:c1:b9:86:65:e2:
         51:06:ad:af:04:61:59:d9:92:3f:2a:41:b8:04:92:2e:41:07:
         4e:83:81:da:07:23:f5:e9:6a:2b:bc:d8:08:32:ac:33:d0:78:
         f3:b1:7c:05:23:1b:36:fe:0d:ec:97:f5:f7:30:81:3e:8b:e9:
         5f:e5:2d:17:8e:71:20:c3:ca:6d:0b:36:1e:4e:39:bd:da:50:
         84:3f:03:28:f5:1d:1d:a0:fa:8c:96:cc:da:e6:ef:be:ce:62:
         b6:07:00:0b:84:25:6c:a7:2e:2b:65:f0:21:90:ae:cd:70:e2:
         c3:ba:96:bf:a8:22:f7:1e:fc:8e:17:21:4b:ed:1d:5a:76:e7:
         58:d7:d8:9e:16:81:09:38:be:2e:bd:65:a4:5a:3f:bf:64:df:
         3a:c8:b0:ae
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZRvKWt1zVrFxUnE832UBghDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTE2MTI0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWE4ZmE3NWM1MDIwY2Q2MjE4Y2Y3ZjEwOWRlNDIwMjY1MjA0YmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7C6nkCG/87lsTyshy7i5s8EftIM
ECbGxKhJScAWGR3CrfvBKJvJg3ipy4eRhcjXo9m3qBPOfkga9png2YxtHJVACuTo
+65idldvBem/k3Uy6YwrQx/4+mQi4dcMasVfLUlTa8DyDKkw/qCzqUZnkvYfHmGD
6Ug3k9e1uyrCGpjeVCiiDPDEaMK2c9FewQvBDUEJqfcec41xmqu6cMunZeippMH5
43C3sHfp6UqBCVHBr13zZQkcNNECB7IDa43JyXm1n8Cb2K3/jRkOYs1kUBmbO5Ot
9An2Vz8561ihW0P0fLKkJcyN0tlre0jI1gENS+OMh+63QbnprWrRhf3nkQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFGqo+nXFAgzWIYz38QneQgJlIEusMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBjLzcwMTJk
OC1hZmExLTQxOWItOGI2MC0zNWM2M2ZhNzY1YTIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMvNzAxMmQ4
LWFmYTEtNDE5Yi04YjYwLTM1YzYzZmE3NjVhMi8xL2FxajZkY1VDRE5ZaGpQZnhD
ZDVDQW1VZ1M2dy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQALh0kMA0EAgACMAcDBQMqE9BAMB8GCCsGAQUF
BwEIAQH/BBAwDqAMMAoCAwMXHQIDA0tpMA0GCSqGSIb3DQEBCwUAA4IBAQAKdo2j
3v5T8xcLF12zpY9vaYg8XtwPn9+fzdijmB8ULPM/8rL0vyGts8N6HOtBi3dLelsU
E6U15752WV4sIKRtZdemUAguBfOaGTis+d+LzR1FByrDwESK7FichxSCuexSMLE2
PT/MwbmGZeJRBq2vBGFZ2ZI/KkG4BJIuQQdOg4HaByP16WorvNgIMqwz0HjzsXwF
Ixs2/g3sl/X3MIE+i+lf5S0XjnEgw8ptCzYeTjm92lCEPwMo9R0doPqMlsza5u++
zmK2BwALhCVspy4rZfAhkK7NcOLDupa/qCL3HvyOFyFL7R1adudY19ieFoEJOL4u
vWWkWj+/ZN86yLCu
-----END CERTIFICATE-----