Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/pDOBaM2dWvBgQBP8QnQSb8WB88s.cer
File:                     pDOBaM2dWvBgQBP8QnQSb8WB88s.cer (raw, json)
Hash identifier:          m3etcyz+ISF4FfcYkCzBzhXn8IF8QzaTvVtU5Cbv5EY=
Subject key identifier:   A4:33:81:68:CD:9D:5A:F0:60:40:13:FC:42:74:12:6F:C5:81:F3:CB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019427481139081289F1B8F034B46F59D43A
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/08/176f7d-6f0f-45e5-97f2-c9db981a2a2f/1/pDOBaM2dWvBgQBP8QnQSb8WB88s.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/08/176f7d-6f0f-45e5-97f2-c9db981a2a2f/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 02 Jan 2025 13:50:22 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 211833
                          IP: 185.44.82.0/23
                          IP: 194.76.231.0/24
                          IP: 2a12:f340::/29
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:27:48:11:39:08:12:89:f1:b8:f0:34:b4:6f:59:d4:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 13:50:22 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=a4338168cd9d5af0604013fc4274126fc581f3cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:b1:58:50:71:8a:38:0c:25:30:e0:f0:3a:27:
                    5c:80:30:35:4e:34:5c:a9:98:57:46:67:b9:16:05:
                    68:21:d5:4a:1c:93:06:a9:8b:ac:f5:f4:b1:a2:36:
                    e2:6c:3d:84:f9:52:5e:97:b4:84:98:9e:f0:93:a9:
                    bc:ab:8b:59:62:1c:28:31:c8:c3:f9:48:14:6d:ac:
                    41:28:63:e8:ab:5e:02:d4:e7:f5:28:ca:b3:48:ba:
                    98:79:f9:7a:d4:2e:f9:14:49:81:ab:2b:72:a3:fe:
                    b0:d8:60:92:7a:ec:26:33:ae:db:a7:48:44:5c:32:
                    c1:22:5f:96:72:3f:60:05:9b:0e:16:00:33:e5:1b:
                    b2:de:13:3e:ba:5c:e3:54:4f:2e:ab:21:5e:1f:a1:
                    55:8c:95:51:d7:f1:d6:b3:d8:02:c9:56:05:56:45:
                    9d:3a:c3:95:f5:56:71:4f:fa:a1:04:ea:48:e5:b1:
                    69:97:72:1d:38:63:fa:d1:9c:3c:f6:9a:e1:1c:91:
                    f9:ee:ea:cd:4b:9f:04:76:cb:ac:c0:ca:ca:8b:e7:
                    be:2c:5b:c9:0f:4b:1f:95:0d:f9:d5:ad:04:97:98:
                    f0:41:c2:72:c3:f6:5a:d1:ad:cb:a1:2d:74:93:3b:
                    3f:4d:1a:13:7a:d8:13:c2:23:95:41:13:78:4d:5c:
                    59:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:33:81:68:CD:9D:5A:F0:60:40:13:FC:42:74:12:6F:C5:81:F3:CB
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/176f7d-6f0f-45e5-97f2-c9db981a2a2f/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/176f7d-6f0f-45e5-97f2-c9db981a2a2f/1/pDOBaM2dWvBgQBP8QnQSb8WB88s.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.44.82.0/23
                  194.76.231.0/24
                IPv6:
                  2a12:f340::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  211833

    Signature Algorithm: sha256WithRSAEncryption
         2b:ff:84:40:77:6d:0e:eb:08:b8:52:2d:b1:2f:78:69:ca:5c:
         e7:a1:79:cb:62:ed:9f:ac:de:83:0f:b2:57:02:31:49:e4:fa:
         9a:26:03:d9:0f:0d:e0:c5:a1:11:55:bc:40:90:cd:51:f2:ab:
         ab:ba:bf:34:b8:94:24:6f:b1:ec:ad:67:d1:79:58:c8:df:04:
         35:1d:15:db:6d:76:40:b8:7b:51:08:a4:97:a1:93:db:de:3b:
         74:9f:99:b4:67:ef:14:58:f8:0f:29:aa:ea:f9:c1:0e:43:b9:
         d1:2a:00:2f:5e:e8:cb:88:dd:8c:7c:30:14:d9:b3:70:37:be:
         ad:46:f6:f9:ba:b2:af:a1:62:e0:82:20:73:b2:86:98:98:35:
         36:e1:97:c7:c2:96:66:2a:b4:c8:69:95:cb:f6:a5:2a:40:ab:
         80:9d:ca:60:fb:a3:83:f7:3e:5d:1f:b8:78:6b:7e:ad:6b:71:
         00:1f:06:fb:aa:08:60:6e:2b:ac:54:bd:92:3d:e3:2a:7f:50:
         df:59:c5:5d:10:86:a4:5c:38:89:ca:d6:cf:bd:c1:2d:e7:03:
         3f:8f:f1:df:6a:a2:ac:12:d6:03:ce:66:c6:07:c5:1c:80:7f:
         cb:1e:e6:dc:23:5f:4b:82:03:1d:af:f8:bd:d1:e3:8c:79:d4:
         6f:9a:f3:4a
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZQnSBE5CBKJ8bjwNLRvWdQ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTM1MDIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDMzODE2OGNkOWQ1YWYwNjA0MDEzZmM0Mjc0MTI2ZmM1ODFmM2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA57FYUHGKOAwlMODwOidcgDA1TjRc
qZhXRme5FgVoIdVKHJMGqYus9fSxojbibD2E+VJel7SEmJ7wk6m8q4tZYhwoMcjD
+UgUbaxBKGPoq14C1Of1KMqzSLqYefl61C75FEmBqytyo/6w2GCSeuwmM67bp0hE
XDLBIl+Wcj9gBZsOFgAz5Ruy3hM+ulzjVE8uqyFeH6FVjJVR1/HWs9gCyVYFVkWd
OsOV9VZxT/qhBOpI5bFpl3IdOGP60Zw89prhHJH57urNS58EdsuswMrKi+e+LFvJ
D0sflQ351a0El5jwQcJyw/Za0a3LoS10kzs/TRoTetgTwiOVQRN4TVxZzwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFKQzgWjNnVrwYEAT/EJ0Em/FgfPLMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA4LzE3NmY3
ZC02ZjBmLTQ1ZTUtOTdmMi1jOWRiOTgxYTJhMmYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgvMTc2Zjdk
LTZmMGYtNDVlNS05N2YyLWM5ZGI5ODFhMmEyZi8xL3BET0JhTTJkV3ZCZ1FCUDhR
blFTYjhXQjg4cy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQBuSxSAwQAwkznMA0EAgACMAcDBQMqEvNAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwM7eTANBgkqhkiG9w0BAQsFAAOCAQEAK/+E
QHdtDusIuFItsS94acpc56F5y2Ltn6zegw+yVwIxSeT6miYD2Q8N4MWhEVW8QJDN
UfKrq7q/NLiUJG+x7K1n0XlYyN8ENR0V2212QLh7UQikl6GT2947dJ+ZtGfvFFj4
Dymq6vnBDkO50SoAL17oy4jdjHwwFNmzcDe+rUb2+bqyr6Fi4IIgc7KGmJg1NuGX
x8KWZiq0yGmVy/alKkCrgJ3KYPujg/c+XR+4eGt+rWtxAB8G+6oIYG4rrFS9kj3j
Kn9Q31nFXRCGpFw4icrWz73BLecDP4/x32qirBLWA85mxgfFHIB/yx7m3CNfS4ID
Ha/4vdHjjHnUb5rzSg==
-----END CERTIFICATE-----