Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/vs7XisRU98RZvBO9tHladnA8i5g.cer
File:                     vs7XisRU98RZvBO9tHladnA8i5g.cer (raw, json)
Hash identifier:          3drB+afbM4ymAdBuf/YbORqsG6KR9zObL2otsSuK1yo=
Subject key identifier:   BE:CE:D7:8A:C4:54:F7:C4:59:BC:13:BD:B4:79:5A:76:70:3C:8B:98
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC26D14A9C8C04379C8040590DEEC2F26
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/2c/56131f-ff9b-49e1-a72b-16faa92ca53d/1/vs7XisRU98RZvBO9tHladnA8i5g.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/2c/56131f-ff9b-49e1-a72b-16faa92ca53d/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 00:29:37 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 206381
                          IP: 91.237.151.0/24
                          IP: 185.186.40.0/22
                          IP: 2a0b:7880::/32
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:14:a9:c8:c0:43:79:c8:04:05:90:de:ec:2f:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 00:29:37 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=beced78ac454f7c459bc13bdb4795a76703c8b98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:e2:99:57:71:4c:d4:10:33:d8:86:bc:c9:3a:
                    33:dd:4e:5a:96:47:e8:14:0d:0b:63:f8:9f:70:70:
                    09:ad:88:d9:7c:f3:90:6e:94:cf:c5:f9:30:e0:17:
                    e9:98:01:f6:4e:cb:06:60:c9:6f:d2:53:6c:4e:cb:
                    22:01:01:a5:b9:05:f3:6f:03:97:d1:79:c6:a4:b8:
                    c5:93:36:08:41:43:2c:c9:18:ea:fa:db:16:ab:30:
                    eb:bb:f9:50:06:5a:1a:5c:41:03:0f:26:7d:a8:2e:
                    38:33:fd:b3:71:65:c3:9d:e8:60:6a:21:35:ef:df:
                    e7:b0:90:88:63:01:6b:b7:fc:f5:1e:f8:de:c8:38:
                    78:d5:06:4c:65:63:eb:6b:36:a2:c1:66:bb:21:01:
                    97:ae:a0:4a:2f:85:e7:7c:f5:3d:ae:3d:b2:e8:44:
                    15:17:77:eb:8b:9c:e2:7f:45:8d:3a:2c:0c:3e:8f:
                    85:43:28:54:d3:c6:fe:e1:51:18:07:df:fb:80:e7:
                    5c:4e:86:d5:17:af:4e:a5:32:5e:64:fb:7c:23:11:
                    16:32:e5:11:d4:56:39:1d:5b:9e:c2:9b:7f:9f:60:
                    05:e1:16:cb:85:1b:3f:cf:8f:39:83:e0:6d:33:d9:
                    21:30:fd:2e:b0:f8:07:9b:cb:be:c4:51:18:fb:75:
                    65:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:CE:D7:8A:C4:54:F7:C4:59:BC:13:BD:B4:79:5A:76:70:3C:8B:98
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/56131f-ff9b-49e1-a72b-16faa92ca53d/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/56131f-ff9b-49e1-a72b-16faa92ca53d/1/vs7XisRU98RZvBO9tHladnA8i5g.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.237.151.0/24
                  185.186.40.0/22
                IPv6:
                  2a0b:7880::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  206381

    Signature Algorithm: sha256WithRSAEncryption
         87:bb:45:60:81:32:1a:3f:d7:7b:e6:12:a6:fb:79:d3:fa:c1:
         90:6e:a3:55:e9:e4:f4:35:99:f5:b3:fe:0b:a1:80:fb:1e:e8:
         b3:93:91:c5:f4:6e:35:2b:8c:b2:31:7d:3a:ce:90:f6:13:18:
         40:89:8b:ed:ec:54:16:ef:e0:8e:46:f8:74:4b:d0:d0:01:9e:
         f0:d5:ea:58:c4:7f:80:e5:0a:85:fb:1c:5e:b5:1a:1b:07:7a:
         cb:ea:cf:b5:8a:40:a6:34:39:fe:33:38:c9:c2:b7:37:fd:e0:
         34:44:17:ab:af:66:5d:11:f4:59:c2:eb:e1:28:e7:e3:8b:d4:
         b2:9f:2f:46:86:29:38:7f:00:cd:5d:c6:b7:7c:50:06:61:95:
         d4:9f:d8:6b:51:91:24:05:94:9e:d6:30:57:6d:2f:58:c2:01:
         57:89:62:4e:7e:96:d3:98:9a:5e:2f:f3:c2:8b:29:fe:45:9f:
         b7:c9:bf:b0:7f:6a:b7:a5:71:8e:e7:1c:ef:c2:97:26:2b:13:
         31:e5:a3:4b:c5:1e:7f:5c:e9:f4:45:6f:33:ea:fb:0a:62:6f:
         7a:c4:4e:d8:f5:0f:20:14:1e:a2:a8:60:41:76:d9:e5:80:80:
         1d:45:07:17:ba:89:cf:2c:d1:c4:9e:df:30:0e:9a:09:5c:58:
         e5:08:fc:fb
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYzCbRSpyMBDecgEBZDe7C8mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDAyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWNlZDc4YWM0NTRmN2M0NTliYzEzYmRiNDc5NWE3NjcwM2M4Yjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweKZV3FM1BAz2Ia8yToz3U5alkfo
FA0LY/ifcHAJrYjZfPOQbpTPxfkw4BfpmAH2TssGYMlv0lNsTssiAQGluQXzbwOX
0XnGpLjFkzYIQUMsyRjq+tsWqzDru/lQBloaXEEDDyZ9qC44M/2zcWXDnehgaiE1
79/nsJCIYwFrt/z1HvjeyDh41QZMZWPrazaiwWa7IQGXrqBKL4XnfPU9rj2y6EQV
F3fri5zif0WNOiwMPo+FQyhU08b+4VEYB9/7gOdcTobVF69OpTJeZPt8IxEWMuUR
1FY5HVuewpt/n2AF4RbLhRs/z485g+BtM9khMP0usPgHm8u+xFEY+3VlkwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFL7O14rEVPfEWbwTvbR5WnZwPIuYMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJjLzU2MTMx
Zi1mZjliLTQ5ZTEtYTcyYi0xNmZhYTkyY2E1M2QvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMvNTYxMzFm
LWZmOWItNDllMS1hNzJiLTE2ZmFhOTJjYTUzZC8xL3ZzN1hpc1JVOThSWnZCTzl0
SGxhZG5BOGk1Zy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQAW+2XAwQCubooMA0EAgACMAcDBQAqC3iAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMmLTANBgkqhkiG9w0BAQsFAAOCAQEAh7tF
YIEyGj/Xe+YSpvt50/rBkG6jVenk9DWZ9bP+C6GA+x7os5ORxfRuNSuMsjF9Os6Q
9hMYQImL7exUFu/gjkb4dEvQ0AGe8NXqWMR/gOUKhfscXrUaGwd6y+rPtYpApjQ5
/jM4ycK3N/3gNEQXq69mXRH0WcLr4Sjn44vUsp8vRoYpOH8AzV3Gt3xQBmGV1J/Y
a1GRJAWUntYwV20vWMIBV4liTn6W05iaXi/zwosp/kWft8m/sH9qt6Vxjucc78KX
JisTMeWjS8Uef1zp9EVvM+r7CmJvesRO2PUPIBQeoqhgQXbZ5YCAHUUHF7qJzyzR
xJ7fMA6aCVxY5Qj8+w==
-----END CERTIFICATE-----