Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/oOOBtudsuVIOjY9Wd27KD-F2zEA.cer
File:                     oOOBtudsuVIOjY9Wd27KD-F2zEA.cer (raw, json)
Hash identifier:          RMjfo1qG+AN/5GPYgCnR53sVm+0Vdi6sjBZaUlsOj0k=
Subject key identifier:   A0:E3:81:B6:E7:6C:B9:52:0E:8D:8F:56:77:6E:CA:0F:E1:76:CC:40
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01942827961485D1F05C2192DA0CAB3CD041
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/oOOBtudsuVIOjY9Wd27KD-F2zEA.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 17:54:30 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 39650
                          AS: 57240
                          AS: 204203
                          IP: 185.161.36.0/22
                          IP: 185.164.72.0/22
                          IP: 185.229.28.0/22
                          IP: 2a06:5a40::/29
                          IP: 2a0a:d400::/29
                          IP: 2a0d:6600::/29
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:28:27:96:14:85:d1:f0:5c:21:92:da:0c:ab:3c:d0:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 17:54:30 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=a0e381b6e76cb9520e8d8f56776eca0fe176cc40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:f0:5a:9f:aa:e9:be:e9:26:86:c3:1f:1b:a2:
                    03:a8:31:fb:42:36:ee:e4:fa:22:a2:0e:21:4b:0c:
                    c5:08:f1:77:e4:15:89:fd:fb:39:af:2a:89:ce:dd:
                    c0:e9:e8:4b:52:62:93:9d:2e:4e:54:54:6c:05:24:
                    18:af:00:50:d8:89:cf:48:d9:57:80:ce:14:3f:d8:
                    d0:29:7d:b2:15:b1:af:f2:e7:d3:1d:fc:22:96:42:
                    2d:de:df:5a:2c:6c:fe:d8:98:42:0f:bb:c1:29:db:
                    84:e6:3c:39:fd:51:d6:41:b5:40:a2:f5:0a:6f:76:
                    37:37:1b:83:aa:84:35:2b:e8:a4:bb:0f:96:16:8f:
                    f2:b4:7c:56:41:bb:1a:86:1b:32:ae:a6:d9:40:c5:
                    3c:b7:f5:b6:0a:cf:ed:52:74:10:10:84:84:93:7f:
                    51:b2:b0:f6:8a:5c:96:4c:fa:7e:e4:3b:1c:cc:6f:
                    a6:e0:ca:66:7f:54:25:a7:23:36:88:d2:ba:5a:fc:
                    c2:92:ad:04:0d:da:fc:5b:cf:dc:26:bf:0c:1d:7d:
                    b2:31:aa:ee:6f:a4:fc:6e:22:d5:3e:f3:0d:9e:c2:
                    5e:bb:4c:01:d0:aa:16:6e:be:28:ad:b4:45:32:53:
                    4f:11:21:78:ad:28:32:6e:ca:dc:fd:db:4e:84:83:
                    79:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:E3:81:B6:E7:6C:B9:52:0E:8D:8F:56:77:6E:CA:0F:E1:76:CC:40
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/oOOBtudsuVIOjY9Wd27KD-F2zEA.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.161.36.0/22
                  185.164.72.0/22
                  185.229.28.0/22
                IPv6:
                  2a06:5a40::/29
                  2a0a:d400::/29
                  2a0d:6600::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  39650
                  57240
                  204203

    Signature Algorithm: sha256WithRSAEncryption
         98:b8:5f:61:7f:29:cb:33:18:96:53:1d:66:96:33:86:b5:e6:
         07:d2:0e:17:c5:2e:a3:fa:aa:2c:c0:8a:fb:20:8f:0e:4d:08:
         e6:1c:18:ad:92:fb:41:9f:b4:3e:81:e6:9f:a6:55:20:c1:92:
         fc:7c:2d:49:16:e2:e5:f1:98:14:a4:4d:59:19:ae:52:a5:dd:
         02:7e:aa:16:68:db:15:96:b7:ba:ca:7e:2a:d8:7d:63:9c:7d:
         c9:c7:cf:21:f3:84:62:f7:03:43:2e:eb:6c:81:d3:f5:68:75:
         10:83:82:0c:d2:fb:8d:e0:96:f3:df:fb:c2:f5:b5:02:18:72:
         f1:4e:62:50:3d:54:2e:61:a3:68:43:8c:0f:cd:83:20:a4:42:
         32:e4:55:d0:f0:54:55:a7:ed:12:ea:39:08:8e:77:04:01:cc:
         c9:6f:b9:b2:88:fe:f3:77:3a:bd:9e:0f:c5:4c:cc:28:95:c7:
         e5:ad:60:9e:6c:31:50:71:28:86:71:0e:b3:3d:cf:a5:7e:3d:
         7d:80:64:88:7d:85:aa:0e:5e:81:5f:12:e1:08:d5:fb:dd:b2:
         e2:72:5b:25:0e:c6:e6:44:87:6b:a6:7f:15:77:46:2c:5b:2c:
         81:ee:7e:50:55:a1:b3:dd:30:2d:b1:31:be:c8:4c:dc:48:45:
         15:46:b2:e2
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAZQoJ5YUhdHwXCGS2gyrPNBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTc1NDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGUzODFiNmU3NmNiOTUyMGU4ZDhmNTY3NzZlY2EwZmUxNzZjYzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvBan6rpvukmhsMfG6IDqDH7Qjbu
5Poiog4hSwzFCPF35BWJ/fs5ryqJzt3A6ehLUmKTnS5OVFRsBSQYrwBQ2InPSNlX
gM4UP9jQKX2yFbGv8ufTHfwilkIt3t9aLGz+2JhCD7vBKduE5jw5/VHWQbVAovUK
b3Y3NxuDqoQ1K+ikuw+WFo/ytHxWQbsahhsyrqbZQMU8t/W2Cs/tUnQQEISEk39R
srD2ilyWTPp+5DsczG+m4Mpmf1QlpyM2iNK6WvzCkq0EDdr8W8/cJr8MHX2yMaru
b6T8biLVPvMNnsJeu0wB0KoWbr4orbRFMlNPESF4rSgybsrc/dtOhIN5DQIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFKDjgbbnbLlSDo2PVnduyg/hdsxAMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ5LzhlNmYw
OC0zMGYwLTQ2ZGQtYTdhMS1hOWMzODQxMjhkNDIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkvOGU2ZjA4
LTMwZjAtNDZkZC1hN2ExLWE5YzM4NDEyOGQ0Mi8xL29PT0J0dWRzdVZJT2pZOVdk
MjdLRC1GMnpFQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEgGCCsGAQUF
BwEHAQH/BDkwNzAYBAIAATASAwQCuaEkAwQCuaRIAwQCueUcMBsEAgACMBUDBQMq
BlpAAwUDKgrUAAMFAyoNZgAwJAYIKwYBBQUHAQgBAf8EFTAToBEwDwIDAJriAgMA
35gCAwMdqzANBgkqhkiG9w0BAQsFAAOCAQEAmLhfYX8pyzMYllMdZpYzhrXmB9IO
F8Uuo/qqLMCK+yCPDk0I5hwYrZL7QZ+0PoHmn6ZVIMGS/HwtSRbi5fGYFKRNWRmu
UqXdAn6qFmjbFZa3usp+Kth9Y5x9ycfPIfOEYvcDQy7rbIHT9Wh1EIOCDNL7jeCW
89/7wvW1Ahhy8U5iUD1ULmGjaEOMD82DIKRCMuRV0PBUVaftEuo5CI53BAHMyW+5
soj+83c6vZ4PxUzMKJXH5a1gnmwxUHEohnEOsz3PpX49fYBkiH2Fqg5egV8S4QjV
+92y4nJbJQ7G5kSHa6Z/FXdGLFssge5+UFWhs90wLbExvshM3EhFFUay4g==
-----END CERTIFICATE-----