Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lFAxyyKjXNts5XnLcCcOp7Oomic.cer
File:                     lFAxyyKjXNts5XnLcCcOp7Oomic.cer (raw, json)
Hash identifier:          j2ONujBhowOlXdgwqCfPzI7fveS65aJ7igAk0LufYsM=
Subject key identifier:   94:50:31:CB:22:A3:5C:DB:6C:E5:79:CB:70:27:0E:A7:B3:A8:9A:27
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019424B3C5605A841F5A2D4C4CDF40FE8D6B
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/c5592a54-4035-4970-86dc-3d1803b7b60f/0/945031CB22A35CDB6CE579CB70270EA7B3A89A27.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/c5592a54-4035-4970-86dc-3d1803b7b60f/0/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 01:49:08 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 41732
                          AS: 211940
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:24:b3:c5:60:5a:84:1f:5a:2d:4c:4c:df:40:fe:8d:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 01:49:08 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=945031cb22a35cdb6ce579cb70270ea7b3a89a27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:00:0e:c0:31:93:a8:86:f0:8c:2f:b5:d3:a1:
                    7c:39:47:45:5f:7c:9a:c2:40:5a:b1:df:59:85:44:
                    fa:89:8c:cb:72:71:51:f4:15:0f:62:43:55:27:54:
                    0d:17:08:a4:50:38:70:09:e0:f1:76:b1:a9:84:38:
                    8b:c9:24:64:48:08:fb:6e:7c:12:d4:77:e7:b7:56:
                    41:54:78:e3:d5:ff:58:6b:e7:ec:01:11:40:89:ad:
                    98:68:de:0c:92:7e:26:56:02:b5:30:8d:95:b1:b1:
                    ae:48:e8:27:d7:a9:4d:ad:ad:70:35:b3:7c:df:1b:
                    c5:29:f8:f6:d9:3c:0a:ae:6f:03:f5:0e:cd:84:ee:
                    59:08:f5:f5:57:58:6e:cb:6c:ba:63:6c:a1:5a:6c:
                    35:b1:e7:72:72:9f:ac:e1:c7:41:a6:f1:d8:f2:dc:
                    5f:f9:1d:54:a0:df:ca:5e:26:50:6a:e2:80:70:6a:
                    73:a4:5c:1c:2b:d4:4e:d3:b7:44:2c:ea:1b:48:5b:
                    0e:0b:31:7a:e8:79:42:9c:f3:10:40:2a:d9:02:a9:
                    1d:bf:98:22:08:00:ce:aa:cc:78:15:a9:c6:eb:c0:
                    39:a9:f7:49:2a:e7:d2:67:84:6c:30:10:2d:55:63:
                    a8:71:65:41:08:2e:62:8c:b3:a8:40:e8:de:40:45:
                    3b:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:50:31:CB:22:A3:5C:DB:6C:E5:79:CB:70:27:0E:A7:B3:A8:9A:27
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5592a54-4035-4970-86dc-3d1803b7b60f/0
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5592a54-4035-4970-86dc-3d1803b7b60f/0/945031CB22A35CDB6CE579CB70270EA7B3A89A27.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  41732
                  211940

    Signature Algorithm: sha256WithRSAEncryption
         69:ba:c1:12:89:69:4c:7a:ec:c2:9f:fb:ff:54:9c:02:50:6e:
         36:7f:7c:59:da:94:b0:59:7e:1a:10:5e:68:48:af:51:6e:30:
         b0:7d:c7:a0:e8:aa:bd:ba:26:e1:0f:f1:0f:58:1a:bc:ba:fd:
         93:c9:84:a1:1f:ea:b4:69:6c:e4:3b:26:55:e9:c9:88:7b:2f:
         e4:59:ca:b9:3f:e6:4b:5e:16:07:62:17:9e:56:bd:94:75:eb:
         54:47:12:57:a1:a2:73:bb:0e:ad:c1:a1:f0:1a:9f:39:d3:66:
         4e:7b:fe:c7:1b:26:04:5d:4f:dc:92:70:a6:12:27:b1:73:1a:
         80:10:00:b6:2d:6a:c1:02:ea:09:47:57:9b:f8:ea:08:5f:5a:
         6a:43:a2:83:82:87:74:73:b2:9c:14:fd:bc:21:80:3f:14:ba:
         3c:7d:97:5e:84:ca:9e:9f:4c:3f:4f:d5:cb:7b:65:cb:33:18:
         93:c3:96:df:a0:a9:1a:6a:95:eb:fe:ae:94:a8:7d:9b:15:1b:
         66:e5:7d:e7:56:12:bb:86:e9:a7:fa:96:7b:29:fc:56:e0:f8:
         0b:0e:e0:ba:b8:72:70:80:14:66:24:b5:00:ca:31:53:c2:01:
         0a:98:36:d3:eb:17:70:93:af:76:de:72:b4:bb:3a:ee:b1:40:
         55:41:14:d3
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZQks8VgWoQfWi1MTN9A/o1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDE0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDUwMzFjYjIyYTM1Y2RiNmNlNTc5Y2I3MDI3MGVhN2IzYTg5YTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9QAOwDGTqIbwjC+106F8OUdFX3ya
wkBasd9ZhUT6iYzLcnFR9BUPYkNVJ1QNFwikUDhwCeDxdrGphDiLySRkSAj7bnwS
1Hfnt1ZBVHjj1f9Ya+fsARFAia2YaN4Mkn4mVgK1MI2VsbGuSOgn16lNra1wNbN8
3xvFKfj22TwKrm8D9Q7NhO5ZCPX1V1huy2y6Y2yhWmw1sedycp+s4cdBpvHY8txf
+R1UoN/KXiZQauKAcGpzpFwcK9RO07dELOobSFsOCzF66HlCnPMQQCrZAqkdv5gi
CADOqsx4FanG68A5qfdJKufSZ4RsMBAtVWOocWVBCC5ijLOoQOjeQEU7BQIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFJRQMcsio1zbbOV5y3AnDqezqJonMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE+BggrBgEFBQcBCwSCATAwggEsMF4GCCsGAQUFBzAFhlJy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M1NTky
YTU0LTQwMzUtNDk3MC04NmRjLTNkMTgwM2I3YjYwZi8wMIGLBggrBgEFBQcwCoZ/
cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9jNTU5
MmE1NC00MDM1LTQ5NzAtODZkYy0zZDE4MDNiN2I2MGYvMC85NDUwMzFDQjIyQTM1
Q0RCNkNFNTc5Q0I3MDI3MEVBN0IzQTg5QTI3Lm1mdDA8BggrBgEFBQcwDYYwaHR0
cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3RpZmljYXRpb24ueG1sMFkG
A1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNybDAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEIAQH/BBAwDqAMMAoCAwCjBAID
AzvkMA0GCSqGSIb3DQEBCwUAA4IBAQBpusESiWlMeuzCn/v/VJwCUG42f3xZ2pSw
WX4aEF5oSK9RbjCwfceg6Kq9uibhD/EPWBq8uv2TyYShH+q0aWzkOyZV6cmIey/k
Wcq5P+ZLXhYHYheeVr2UdetURxJXoaJzuw6twaHwGp8502ZOe/7HGyYEXU/cknCm
EiexcxqAEAC2LWrBAuoJR1eb+OoIX1pqQ6KDgod0c7KcFP28IYA/FLo8fZdehMqe
n0w/T9XLe2XLMxiTw5bfoKkaapXr/q6UqH2bFRtm5X3nVhK7humn+pZ7KfxW4PgL
DuC6uHJwgBRmJLUAyjFTwgEKmDbT6xdwk6923nK0uzrusUBVQRTT
-----END CERTIFICATE-----