Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/vSpaBrm0P86hiFQdMMbcNDCq85I.cer
File:                     vSpaBrm0P86hiFQdMMbcNDCq85I.cer (raw, json)
Hash identifier:          sXDgxwCvhICFca78vWlBHs9N7zYWZbPATSxlF6p4Jig=
Subject key identifier:   BD:2A:5A:06:B9:B4:3F:CE:A1:88:54:1D:30:C6:DC:34:30:AA:F3:92
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0194206832313E58FD26CB484948185D5BB3
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/85/caf034-cbe2-4d2d-a02b-5d34704b7c88/1/vSpaBrm0P86hiFQdMMbcNDCq85I.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/85/caf034-cbe2-4d2d-a02b-5d34704b7c88/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 05:48:07 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 205969 -- 205970
                          IP: 2001:67c:12f4::/48
                          IP: 2001:67c:2f3c::/48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:20:68:32:31:3e:58:fd:26:cb:48:49:48:18:5d:5b:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 05:48:07 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=bd2a5a06b9b43fcea188541d30c6dc3430aaf392
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:37:18:50:4d:14:08:de:d1:2b:e3:57:0c:89:
                    a5:39:c2:b3:b0:c0:88:f1:37:a5:0e:e9:7a:9e:74:
                    de:9d:59:54:22:54:a4:47:36:c8:d1:10:2f:a7:0d:
                    47:b4:1b:8a:13:0c:9a:85:53:b4:a3:68:1d:1a:f4:
                    9c:91:66:5f:4f:7f:64:8c:5d:52:8c:48:6e:2d:3e:
                    9b:b2:49:35:7b:f3:49:fa:d6:7e:44:c8:19:10:ed:
                    40:f7:16:ba:e0:a7:3c:29:8e:50:65:32:3a:61:aa:
                    c4:80:37:6e:fd:f3:b5:f2:e9:ec:c8:a2:b1:0e:8e:
                    84:40:45:67:6e:04:69:80:d8:03:f0:ff:98:08:c9:
                    22:29:ec:49:84:b8:09:a5:79:6c:f5:d0:5e:f6:a9:
                    03:60:05:5a:e1:b3:ad:4a:d0:f8:1d:f7:e1:7e:e8:
                    3d:73:b6:70:a4:48:ef:a1:e2:27:97:81:8f:a1:e0:
                    3a:ef:cd:db:3b:a6:bb:82:24:36:1c:b3:05:5d:b2:
                    8f:13:bb:ae:1f:71:fc:af:bb:59:ea:91:fa:75:84:
                    29:37:c2:0f:9d:ad:b4:81:7b:6f:22:a4:9e:29:29:
                    7a:01:a6:df:5c:b5:c5:c8:45:ed:2b:5e:ab:b5:e6:
                    68:0f:93:8b:08:67:65:28:0b:83:1d:a5:b8:03:cb:
                    59:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:2A:5A:06:B9:B4:3F:CE:A1:88:54:1D:30:C6:DC:34:30:AA:F3:92
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/caf034-cbe2-4d2d-a02b-5d34704b7c88/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/caf034-cbe2-4d2d-a02b-5d34704b7c88/1/vSpaBrm0P86hiFQdMMbcNDCq85I.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:12f4::/48
                  2001:67c:2f3c::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  205969-205970

    Signature Algorithm: sha256WithRSAEncryption
         2c:b7:8e:0e:92:a4:08:6a:09:3a:13:45:6d:d9:7a:10:0e:68:
         9a:6e:1a:83:76:4a:c3:72:ce:f8:a5:48:06:5c:74:9b:6a:30:
         b8:01:53:26:36:e1:e8:15:12:49:c2:8e:10:84:87:f4:8a:bf:
         95:8d:e1:8c:91:64:21:1a:31:31:b1:35:61:2f:19:56:03:58:
         49:d7:6f:55:a2:83:da:e9:1f:39:e4:51:9f:37:8e:2e:1f:d5:
         45:a8:97:c4:42:1b:53:fd:a9:0e:6f:0c:a4:6b:55:d4:09:9e:
         4a:bf:e3:aa:20:84:a2:17:8e:24:3c:5a:59:5a:8d:83:05:7d:
         83:e6:d1:27:6f:2b:3c:82:d5:24:82:d2:ac:29:46:67:87:56:
         bd:f2:db:7c:dd:f4:55:d8:5b:40:79:a4:f8:3f:ed:01:71:cb:
         d2:ad:5d:b8:ec:32:2e:3a:1e:7b:86:aa:50:ec:5c:ae:78:94:
         56:5b:70:a7:83:39:2d:c5:8b:bd:17:b2:9e:24:fb:b2:b5:a4:
         7d:e1:db:33:62:61:1b:a5:65:63:c2:80:99:19:3a:33:e2:af:
         2b:47:12:2c:23:f7:ef:1e:9d:df:31:73:39:79:6e:48:69:13:
         ca:b0:9a:54:f8:40:8e:a2:41:75:59:ea:2d:eb:3b:e8:01:0b:
         a8:37:b3:a9
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgISAZQgaDIxPlj9JstISUgYXVuzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDU0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDJhNWEwNmI5YjQzZmNlYTE4ODU0MWQzMGM2ZGMzNDMwYWFmMzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjcYUE0UCN7RK+NXDImlOcKzsMCI
8TelDul6nnTenVlUIlSkRzbI0RAvpw1HtBuKEwyahVO0o2gdGvSckWZfT39kjF1S
jEhuLT6bskk1e/NJ+tZ+RMgZEO1A9xa64Kc8KY5QZTI6YarEgDdu/fO18unsyKKx
Do6EQEVnbgRpgNgD8P+YCMkiKexJhLgJpXls9dBe9qkDYAVa4bOtStD4Hffhfug9
c7ZwpEjvoeInl4GPoeA6783bO6a7giQ2HLMFXbKPE7uuH3H8r7tZ6pH6dYQpN8IP
na20gXtvIqSeKSl6AabfXLXFyEXtK16rteZoD5OLCGdlKAuDHaW4A8tZTwIDAQAB
o4ICszCCAq8wHQYDVR0OBBYEFL0qWga5tD/OoYhUHTDG3DQwqvOSMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg1L2NhZjAz
NC1jYmUyLTRkMmQtYTAyYi01ZDM0NzA0YjdjODgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODUvY2FmMDM0
LWNiZTItNGQyZC1hMDJiLTVkMzQ3MDRiN2M4OC8xL3ZTcGFCcm0wUDg2aGlGUWRN
TWJjTkRDcTg1SS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUF
BwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGfBL0AwcAIAEGfC88MCEGCCsGAQUFBwEI
AQH/BBIwEKAOMAwwCgIDAySRAgMDJJIwDQYJKoZIhvcNAQELBQADggEBACy3jg6S
pAhqCToTRW3ZehAOaJpuGoN2SsNyzvilSAZcdJtqMLgBUyY24egVEknCjhCEh/SK
v5WN4YyRZCEaMTGxNWEvGVYDWEnXb1Wig9rpHznkUZ83ji4f1UWol8RCG1P9qQ5v
DKRrVdQJnkq/46oghKIXjiQ8WllajYMFfYPm0SdvKzyC1SSC0qwpRmeHVr3y23zd
9FXYW0B5pPg/7QFxy9KtXbjsMi46HnuGqlDsXK54lFZbcKeDOS3Fi70Xsp4k+7K1
pH3h2zNiYRulZWPCgJkZOjPirytHEiwj9+8end8xczl5bkhpE8qwmlT4QI6iQXVZ
6i3rO+gBC6g3s6k=
-----END CERTIFICATE-----