Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/mUT4EqDgAsOOhOR2KL26A4WYCQs.cer
File:                     mUT4EqDgAsOOhOR2KL26A4WYCQs.cer (raw, json)
Hash identifier:          e+q+Al/TZsx5jepC53FPFz49WBEy9RCLwTi9WscZdeg=
Subject key identifier:   99:44:F8:12:A0:E0:02:C3:8E:84:E4:76:28:BD:BA:03:85:98:09:0B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019423D72DA8510CB8F5ED0331F6B4E35488
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/mUT4EqDgAsOOhOR2KL26A4WYCQs.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 21:48:12 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 43548
                          AS: 61071
                          IP: 88.213.208.0/21
                          IP: 178.217.88.0/22
                          IP: 185.134.228.0/22
                          IP: 2a10:a2c0::/29
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:23:d7:2d:a8:51:0c:b8:f5:ed:03:31:f6:b4:e3:54:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 21:48:12 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=9944f812a0e002c38e84e47628bdba038598090b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:47:a0:c4:71:5e:3b:c8:7c:73:4a:b1:5d:bc:
                    19:d7:33:e2:f9:fe:c7:a3:05:1f:68:e1:42:4e:4c:
                    19:8e:9a:1a:ab:63:fd:87:79:9c:8b:51:18:ea:31:
                    c8:c7:fa:0b:40:a1:79:5f:77:8f:c5:ed:67:7b:a0:
                    48:dd:8b:6f:86:86:9f:6a:06:f6:15:24:9e:d5:8e:
                    24:0e:9b:02:7a:36:8f:b7:a1:9d:c7:3e:4c:2a:2a:
                    72:ec:bb:48:26:26:e5:26:2b:2b:9d:fe:a2:c4:1d:
                    9b:a3:d9:69:64:45:f5:f4:7f:f5:ba:d8:8a:42:a0:
                    80:74:7e:eb:d4:58:3f:30:98:74:3a:30:69:be:e5:
                    f4:ae:98:d0:7c:6a:09:e8:34:96:af:f7:42:f0:a8:
                    be:fc:77:65:12:57:1b:e1:7e:1e:3b:38:f9:6a:85:
                    fb:5a:42:51:d1:83:3b:5d:f1:ee:f1:93:81:c7:fa:
                    8c:9f:a1:fd:dc:16:65:e5:3c:cc:03:ca:66:33:44:
                    bc:eb:ef:04:f4:8e:17:61:db:45:56:b0:ae:04:6a:
                    55:a1:0f:be:85:7f:a1:2f:01:3a:90:6a:a6:f9:c7:
                    ac:f2:fb:10:21:c7:15:3e:05:27:eb:4a:6b:86:82:
                    26:96:e5:ba:00:17:bf:c6:36:7d:aa:28:86:e0:ee:
                    a4:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:44:F8:12:A0:E0:02:C3:8E:84:E4:76:28:BD:BA:03:85:98:09:0B
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/mUT4EqDgAsOOhOR2KL26A4WYCQs.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.213.208.0/21
                  178.217.88.0/22
                  185.134.228.0/22
                IPv6:
                  2a10:a2c0::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  43548
                  61071

    Signature Algorithm: sha256WithRSAEncryption
         90:a4:30:c9:b6:66:35:a8:f0:08:2b:43:0d:80:9b:53:91:3b:
         02:cc:6c:02:e3:48:e8:26:40:16:34:8f:d5:d3:e1:09:4e:8c:
         6e:9f:97:51:46:d6:0c:6e:55:b6:63:04:7a:ee:ed:a1:3e:9d:
         d3:0a:71:8b:9a:f0:e2:cc:fb:a3:16:65:cc:97:bd:2b:78:72:
         9e:0c:08:e1:cc:0e:be:8c:94:9c:86:41:10:1c:1c:c3:d1:29:
         29:d5:7a:7c:02:dd:3b:c0:96:40:82:36:09:27:1c:74:1a:cd:
         7f:52:aa:8d:c3:0f:6f:78:62:35:4e:2f:e0:1c:59:d3:3f:32:
         3a:72:6e:bf:27:4d:96:44:b4:87:bc:d6:67:0d:4c:f9:74:2e:
         21:fd:be:c7:39:04:b9:ff:e8:fc:fc:84:5d:12:b5:7f:ef:a5:
         33:09:00:18:51:f4:8e:54:c0:9b:17:8b:a6:c4:e6:7a:27:62:
         87:16:96:d1:9d:ee:e7:f5:cb:38:b6:ad:d4:0c:fe:21:bf:2f:
         99:5d:52:ca:12:2b:d4:c8:77:27:c3:e6:94:eb:eb:6e:a3:49:
         77:e3:f1:cd:e6:35:e4:b0:2f:e5:af:36:2a:4c:0a:fc:9d:5c:
         3a:3e:74:74:7f:33:9f:1d:c5:7d:61:f1:f8:a5:14:29:ad:27:
         5c:b2:4c:43
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAZQj1y2oUQy49e0DMfa041SIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMjE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTQ0ZjgxMmEwZTAwMmMzOGU4NGU0NzYyOGJkYmEwMzg1OTgwOTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEegxHFeO8h8c0qxXbwZ1zPi+f7H
owUfaOFCTkwZjpoaq2P9h3mci1EY6jHIx/oLQKF5X3ePxe1ne6BI3Ytvhoafagb2
FSSe1Y4kDpsCejaPt6Gdxz5MKipy7LtIJiblJisrnf6ixB2bo9lpZEX19H/1utiK
QqCAdH7r1Fg/MJh0OjBpvuX0rpjQfGoJ6DSWr/dC8Ki+/HdlElcb4X4eOzj5aoX7
WkJR0YM7XfHu8ZOBx/qMn6H93BZl5TzMA8pmM0S86+8E9I4XYdtFVrCuBGpVoQ++
hX+hLwE6kGqm+ces8vsQIccVPgUn60prhoImluW6ABe/xjZ9qiiG4O6kKwIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFJlE+BKg4ALDjoTkdii9ugOFmAkLMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk3LzNjNmNi
NS1hNzJjLTQ3MDEtYWU2Yy0zMDZjNTY1MTM0M2UvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTcvM2M2Y2I1
LWE3MmMtNDcwMS1hZTZjLTMwNmM1NjUxMzQzZS8xL21VVDRFcURnQXNPT2hPUjJL
TDI2QTRXWUNRcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF
BwEHAQH/BCswKTAYBAIAATASAwQDWNXQAwQCstlYAwQCuYbkMA0EAgACMAcDBQMq
EKLAMB8GCCsGAQUFBwEIAQH/BBAwDqAMMAoCAwCqHAIDAO6PMA0GCSqGSIb3DQEB
CwUAA4IBAQCQpDDJtmY1qPAIK0MNgJtTkTsCzGwC40joJkAWNI/V0+EJToxun5dR
RtYMblW2YwR67u2hPp3TCnGLmvDizPujFmXMl70reHKeDAjhzA6+jJSchkEQHBzD
0Skp1Xp8At07wJZAgjYJJxx0Gs1/UqqNww9veGI1Ti/gHFnTPzI6cm6/J02WRLSH
vNZnDUz5dC4h/b7HOQS5/+j8/IRdErV/76UzCQAYUfSOVMCbF4umxOZ6J2KHFpbR
ne7n9cs4tq3UDP4hvy+ZXVLKEivUyHcnw+aU6+tuo0l34/HN5jXksC/lrzYqTAr8
nVw6PnR0fzOfHcV9YfH4pRQprSdcskxD
-----END CERTIFICATE-----