Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/p6U4qsM3eEYOGXAaq1lSx6ol8Fw.cer
File:                     p6U4qsM3eEYOGXAaq1lSx6ol8Fw.cer (raw, json)
Hash identifier:          Y5iUhdq4gL30ay8FtSIhmeEjFlMmbI6ysUFqaiy7JAE=
Subject key identifier:   A7:A5:38:AA:C3:37:78:46:0E:19:70:1A:AB:59:52:C7:AA:25:F0:5C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01941F8C3CB1BFDAB692643A99238BB5F451
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/p6U4qsM3eEYOGXAaq1lSx6ol8Fw.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 01:47:51 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 207718
                          IP: 194.147.32.0/22
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:1f:8c:3c:b1:bf:da:b6:92:64:3a:99:23:8b:b5:f4:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 01:47:51 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=a7a538aac33778460e19701aab5952c7aa25f05c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:fd:88:1e:e3:37:aa:75:73:6b:ca:ae:6e:23:
                    3f:3b:37:b0:4b:46:c7:09:77:f7:59:0f:19:4e:20:
                    89:bd:02:c2:a6:92:cd:61:84:78:37:14:bc:c8:11:
                    7b:64:db:be:69:e3:d2:c4:e1:ca:fa:b9:10:0e:a5:
                    c6:f8:ff:79:aa:cd:03:15:89:f3:c4:6f:44:19:81:
                    d2:5d:3f:93:a6:e4:4c:c3:77:e6:ed:02:6a:fd:db:
                    d8:d6:0a:13:0d:6e:5c:92:7d:35:63:c7:2d:a0:b3:
                    55:5b:d0:72:53:b5:20:5b:8f:2b:da:7c:56:5c:04:
                    19:b7:76:7a:42:ef:1d:dd:cd:de:43:2b:df:db:87:
                    d2:42:0b:ca:29:e5:15:6d:e8:4b:fe:26:92:34:e5:
                    3f:38:df:f3:9f:a1:38:a5:31:02:a2:7d:73:7a:c5:
                    46:54:91:4b:55:ee:81:dc:96:c8:ba:79:f6:af:d9:
                    b8:a2:fb:9e:44:b5:fa:59:14:df:0a:53:57:de:7f:
                    e3:9c:ec:89:48:4a:3d:71:d0:e4:4b:ac:26:5d:14:
                    51:f2:7e:44:20:57:b8:a9:00:72:4a:30:92:87:a5:
                    f9:d9:af:e6:95:76:7e:16:55:48:47:1a:7f:19:ac:
                    13:1a:f4:b0:f0:11:88:66:c4:69:8b:56:4f:fc:47:
                    59:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:A5:38:AA:C3:37:78:46:0E:19:70:1A:AB:59:52:C7:AA:25:F0:5C
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/p6U4qsM3eEYOGXAaq1lSx6ol8Fw.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.147.32.0/22

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  207718

    Signature Algorithm: sha256WithRSAEncryption
         57:0e:2c:12:0d:a1:64:4c:86:9a:0b:76:f7:c5:56:4a:e6:d1:
         34:6a:e1:f8:eb:f5:66:b9:14:c8:d8:44:f2:5d:79:ca:46:66:
         c4:10:f6:a2:da:9c:b0:3e:ec:67:5a:b1:2b:eb:13:a2:ea:f0:
         b8:db:52:eb:12:1c:12:4a:ea:93:66:b0:69:40:39:12:5c:0d:
         fb:93:fe:0a:c2:ee:ff:c4:93:6e:e6:04:d9:1e:8b:35:c8:0c:
         e1:48:41:a4:23:df:68:51:e0:2a:60:69:9c:bf:a1:31:a8:2a:
         62:3a:ae:94:d9:dd:a1:61:78:b1:08:37:59:af:82:5b:1f:ee:
         87:fc:aa:ee:1f:46:ad:a4:6a:91:61:68:73:ae:47:8e:9d:f4:
         b8:46:25:54:d7:a5:77:e8:97:49:8f:a1:2c:40:f5:07:05:f6:
         8f:5a:b7:50:e0:d4:a4:80:89:5e:17:24:84:9d:e8:cb:f9:86:
         b3:99:fa:96:1c:0f:e1:cf:7f:70:b2:aa:b4:f9:4c:9a:06:ed:
         23:e6:f7:f7:f8:ad:14:1f:1c:05:c5:54:f7:8c:c0:6e:93:b8:
         e8:20:d3:6a:84:98:03:a7:c0:10:d8:24:ac:7c:38:b8:e6:5e:
         2d:03:8b:3b:b0:ea:da:60:44:b5:02:90:da:d4:af:28:9c:b8:
         60:52:50:a0
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZQfjDyxv9q2kmQ6mSOLtfRRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDE0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2E1MzhhYWMzMzc3ODQ2MGUxOTcwMWFhYjU5NTJjN2FhMjVmMDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxv2IHuM3qnVza8qubiM/OzewS0bH
CXf3WQ8ZTiCJvQLCppLNYYR4NxS8yBF7ZNu+aePSxOHK+rkQDqXG+P95qs0DFYnz
xG9EGYHSXT+TpuRMw3fm7QJq/dvY1goTDW5ckn01Y8ctoLNVW9ByU7UgW48r2nxW
XAQZt3Z6Qu8d3c3eQyvf24fSQgvKKeUVbehL/iaSNOU/ON/zn6E4pTECon1zesVG
VJFLVe6B3JbIunn2r9m4ovueRLX6WRTfClNX3n/jnOyJSEo9cdDkS6wmXRRR8n5E
IFe4qQBySjCSh6X52a/mlXZ+FlVIRxp/GawTGvSw8BGIZsRpi1ZP/EdZqwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFKelOKrDN3hGDhlwGqtZUseqJfBcMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA3L2E4MzMz
Ny02ZTE2LTRjZDktOTIxYS04N2IwMTBlYTYyMzUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcvYTgzMzM3
LTZlMTYtNGNkOS05MjFhLTg3YjAxMGVhNjIzNS8xL3A2VTRxc00zZUVZT0dYQWFx
MWxTeDZvbDhGdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCwpMgMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwMrZjANBgkqhkiG9w0BAQsFAAOCAQEAVw4sEg2hZEyGmgt298VWSubRNGrh+Ov1
ZrkUyNhE8l15ykZmxBD2otqcsD7sZ1qxK+sTourwuNtS6xIcEkrqk2awaUA5ElwN
+5P+CsLu/8STbuYE2R6LNcgM4UhBpCPfaFHgKmBpnL+hMagqYjqulNndoWF4sQg3
Wa+CWx/uh/yq7h9GraRqkWFoc65Hjp30uEYlVNeld+iXSY+hLED1BwX2j1q3UODU
pICJXhckhJ3oy/mGs5n6lhwP4c9/cLKqtPlMmgbtI+b39/itFB8cBcVU94zAbpO4
6CDTaoSYA6fAENgkrHw4uOZeLQOLO7Dq2mBEtQKQ2tSvKJy4YFJQoA==
-----END CERTIFICATE-----