Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd0jbYBNWqmiyrOc9RAirAXgsYM.cer
File:                     fd0jbYBNWqmiyrOc9RAirAXgsYM.cer (raw, json)
Hash identifier:          sqDVcZq/QCS+gTX3eIjqfCUE1+bfsJNrNdtwIkosu2U=
Subject key identifier:   7D:DD:23:6D:80:4D:5A:A9:A2:CA:B3:9C:F5:10:22:AC:05:E0:B1:83
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019426D9E53BECA4D77F5BCE54E1571B96C8
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/65/1e98c2-2bae-4d14-9bcc-855e6072ef36/1/fd0jbYBNWqmiyrOc9RAirAXgsYM.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/65/1e98c2-2bae-4d14-9bcc-855e6072ef36/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 11:50:01 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 47908
                          IP: 193.142.111.0/24
                          IP: 2001:67c:170::/48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:26:d9:e5:3b:ec:a4:d7:7f:5b:ce:54:e1:57:1b:96:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 11:50:01 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=7ddd236d804d5aa9a2cab39cf51022ac05e0b183
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:fb:26:76:16:35:01:76:88:b6:c0:5b:45:3f:
                    c1:cd:4c:a0:e3:58:70:75:a3:2a:85:0e:16:b1:46:
                    7b:9f:f2:04:cd:2a:4d:ea:62:ac:99:42:f0:d8:f1:
                    3d:f1:4f:72:0e:66:0e:36:97:84:e8:df:f5:31:0a:
                    00:6e:8d:8c:df:de:df:f1:07:9a:20:6d:05:f6:6d:
                    db:a5:b9:1b:4c:8d:3d:86:7e:42:db:b8:15:b7:fd:
                    09:fd:ff:3b:e5:df:e3:b7:e0:27:19:98:f4:0f:19:
                    d1:09:7d:a6:24:1d:2c:81:aa:28:59:98:a5:4f:3d:
                    a6:9e:a3:e0:83:e1:9b:58:ab:69:55:5f:3a:fa:58:
                    5b:29:da:1f:f5:78:b6:32:1e:5f:61:9b:d4:ff:42:
                    33:de:46:8b:4e:ec:bc:6c:3c:95:55:e8:a7:36:70:
                    d2:17:14:e9:b1:11:1e:7a:00:51:51:0d:57:7d:e9:
                    c8:f3:cb:f9:5c:ad:e8:85:cd:62:4c:1a:f0:2f:4d:
                    ce:e8:0d:be:c6:e9:42:6d:61:12:e5:af:4d:c5:73:
                    f3:e4:6a:0d:27:92:b3:5c:a5:bc:6e:06:1c:33:85:
                    84:2c:ed:bd:6e:05:30:17:e7:28:19:d3:e1:67:d4:
                    71:70:59:96:ff:93:b5:c1:bf:c1:07:c6:40:85:6f:
                    90:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:DD:23:6D:80:4D:5A:A9:A2:CA:B3:9C:F5:10:22:AC:05:E0:B1:83
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/1e98c2-2bae-4d14-9bcc-855e6072ef36/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/1e98c2-2bae-4d14-9bcc-855e6072ef36/1/fd0jbYBNWqmiyrOc9RAirAXgsYM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.142.111.0/24
                IPv6:
                  2001:67c:170::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  47908

    Signature Algorithm: sha256WithRSAEncryption
         2f:b9:28:54:65:a4:cb:fb:c5:a2:3c:5e:09:a0:f5:e3:b1:24:
         35:7e:c1:54:f8:9d:9a:8b:d6:cd:a3:a0:80:7e:e8:df:10:e8:
         16:d8:16:53:de:17:c2:c9:66:9e:ac:5e:9f:ed:5b:b3:63:a4:
         32:4a:60:2b:c9:d7:d7:59:04:b5:a2:e9:20:40:f1:52:de:64:
         58:cf:5c:58:6f:50:0c:1e:3d:e3:20:e4:fe:07:a5:d6:f6:ba:
         b6:87:fd:0e:2d:34:13:e3:80:0d:80:50:3f:49:cb:fb:d7:d2:
         6f:36:66:fd:78:e3:b0:e9:e4:90:46:8a:ab:fa:8a:69:9a:f3:
         b4:4c:1b:0f:8f:2d:1c:49:43:04:5d:b4:2a:52:1d:40:b2:a6:
         fe:a9:01:0d:18:d7:4a:4b:3f:5f:22:a3:6a:2c:bb:fb:0f:4f:
         45:b7:50:32:17:28:07:37:6b:94:9b:e9:92:69:9a:5e:31:3f:
         4b:e0:95:c5:8e:77:c4:80:9d:05:59:10:f8:9f:f2:a7:d2:a3:
         84:ab:8c:01:b0:69:0f:2f:80:f7:60:c6:85:38:bd:67:87:cc:
         09:63:64:80:cc:1b:c8:a1:f3:22:de:2a:21:44:3d:cf:0e:87:
         39:c5:8d:2e:19:d3:bb:45:ed:b7:77:f4:32:48:6b:c7:ad:87:
         2a:3b:c4:1a
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAZQm2eU77KTXf1vOVOFXG5bIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTE1MDAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGRkMjM2ZDgwNGQ1YWE5YTJjYWIzOWNmNTEwMjJhYzA1ZTBiMTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5vsmdhY1AXaItsBbRT/BzUyg41hw
daMqhQ4WsUZ7n/IEzSpN6mKsmULw2PE98U9yDmYONpeE6N/1MQoAbo2M397f8Qea
IG0F9m3bpbkbTI09hn5C27gVt/0J/f875d/jt+AnGZj0DxnRCX2mJB0sgaooWZil
Tz2mnqPgg+GbWKtpVV86+lhbKdof9Xi2Mh5fYZvU/0Iz3kaLTuy8bDyVVeinNnDS
FxTpsREeegBRUQ1XfenI88v5XK3ohc1iTBrwL03O6A2+xulCbWES5a9NxXPz5GoN
J5KzXKW8bgYcM4WELO29bgUwF+coGdPhZ9RxcFmW/5O1wb/BB8ZAhW+QaQIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFH3dI22ATVqposqznPUQIqwF4LGDMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY1LzFlOThj
Mi0yYmFlLTRkMTQtOWJjYy04NTVlNjA3MmVmMzYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUvMWU5OGMy
LTJiYWUtNGQxNC05YmNjLTg1NWU2MDcyZWYzNi8xL2ZkMGpiWUJOV3FtaXlyT2M5
UkFpckFYZ3NZTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUF
BwEHAQH/BCEwHzAMBAIAATAGAwQAwY5vMA8EAgACMAkDBwAgAQZ8AXAwGgYIKwYB
BQUHAQgBAf8ECzAJoAcwBQIDALskMA0GCSqGSIb3DQEBCwUAA4IBAQAvuShUZaTL
+8WiPF4JoPXjsSQ1fsFU+J2ai9bNo6CAfujfEOgW2BZT3hfCyWaerF6f7VuzY6Qy
SmArydfXWQS1oukgQPFS3mRYz1xYb1AMHj3jIOT+B6XW9rq2h/0OLTQT44ANgFA/
Scv719JvNmb9eOOw6eSQRoqr+oppmvO0TBsPjy0cSUMEXbQqUh1Asqb+qQENGNdK
Sz9fIqNqLLv7D09Ft1AyFygHN2uUm+mSaZpeMT9L4JXFjnfEgJ0FWRD4n/Kn0qOE
q4wBsGkPL4D3YMaFOL1nh8wJY2SAzBvIofMi3iohRD3PDoc5xY0uGdO7Re23d/Qy
SGvHrYcqO8Qa
-----END CERTIFICATE-----