Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/wHR_vibJzddiit_ttXt4vo3nXik.cer
File:                     wHR_vibJzddiit_ttXt4vo3nXik.cer (raw, json)
Hash identifier:          Dp8LfY5nU6ETTvORi1+YO/MH5/Q5HiAHJ54VOnVifbc=
Subject key identifier:   C0:74:7F:BE:26:C9:CD:D7:62:8A:DF:ED:B5:7B:78:BE:8D:E7:5E:29
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019423D729ADC970CC12203EC21FA4566F54
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/wHR_vibJzddiit_ttXt4vo3nXik.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 21:48:11 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 41264
                          IP: 89.207.224.0/21
                          IP: 185.25.28.0/22
                          IP: 2a00:79e0::/31
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:23:d7:29:ad:c9:70:cc:12:20:3e:c2:1f:a4:56:6f:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 21:48:11 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=c0747fbe26c9cdd7628adfedb57b78be8de75e29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:bf:d9:b6:11:76:c7:c5:a8:67:07:ff:ff:6e:
                    0b:c2:08:99:a0:b8:ac:04:34:f6:e0:b4:17:ec:9f:
                    eb:16:4f:99:09:e9:b7:78:31:33:72:f9:9a:65:f3:
                    3e:69:45:6d:43:cc:ec:4f:3b:47:7a:8c:28:51:f4:
                    7d:2b:e1:d8:96:d0:2a:e8:6e:4d:41:03:f4:d8:d4:
                    26:91:0d:bb:c4:68:64:4e:54:f2:5c:02:c2:46:6b:
                    e6:b3:97:1e:5c:37:f3:9f:f2:b5:ee:60:e8:8f:8d:
                    ca:b1:f7:11:2f:82:63:f2:ad:46:d1:74:c6:11:3f:
                    76:d3:c1:a3:2a:87:6e:f4:78:07:d8:5d:75:f2:c4:
                    db:c5:cc:05:b3:bc:b6:d4:88:03:f9:b8:38:82:6a:
                    8b:83:9f:39:54:4d:2f:02:88:c1:31:8f:ba:e3:4f:
                    03:d7:f2:49:f9:23:c7:4e:36:f0:87:53:43:42:9e:
                    da:e7:5e:6e:c3:f1:ba:1c:cd:ea:8e:50:96:e1:e1:
                    55:49:c4:6f:8c:42:0a:4f:9c:09:6c:39:fb:64:0b:
                    86:cc:be:cf:e1:95:93:18:8a:27:99:78:a3:97:b1:
                    9f:ef:b9:4f:d1:7e:17:07:05:67:d7:89:83:69:68:
                    0b:4c:39:3e:91:04:02:f3:82:44:ef:a3:21:9f:70:
                    14:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:74:7F:BE:26:C9:CD:D7:62:8A:DF:ED:B5:7B:78:BE:8D:E7:5E:29
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/wHR_vibJzddiit_ttXt4vo3nXik.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.207.224.0/21
                  185.25.28.0/22
                IPv6:
                  2a00:79e0::/31

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  41264

    Signature Algorithm: sha256WithRSAEncryption
         07:8d:6c:fa:13:7f:06:8b:2f:20:b1:96:fb:52:02:73:31:41:
         b5:51:3a:c0:c0:86:a6:4b:bc:bd:42:71:77:40:30:44:3c:a4:
         fc:59:10:77:40:d6:58:71:7d:69:e8:13:20:f8:4d:b6:2d:13:
         70:42:d2:3f:90:10:9b:9b:f4:9f:30:4c:80:32:14:b9:0e:5d:
         2d:70:b3:5b:ff:78:fd:8b:37:f2:2b:eb:ac:7d:bf:04:64:22:
         c7:69:8e:dc:6c:bd:6b:6d:8c:d0:c5:e1:7d:54:0d:32:0f:f2:
         0d:24:d9:9b:aa:24:1b:61:23:b7:cf:bb:23:91:1d:95:c4:21:
         34:21:3f:d0:f0:03:af:3b:7c:77:7c:b4:3c:c0:77:53:7a:9b:
         83:02:24:40:61:d8:2d:96:2b:0b:62:d3:d5:c5:60:5f:7f:7a:
         f3:63:d3:5b:32:fa:58:2a:46:9e:9e:61:dc:af:d8:02:fe:fc:
         b3:b5:88:cf:17:ce:e3:17:ad:c4:a1:e6:36:62:d2:a2:bb:7d:
         3a:a8:f5:27:e1:44:14:87:4f:f3:af:f5:2d:da:c1:56:91:ea:
         3f:76:c3:bb:fc:6b:e2:7d:5f:90:f1:7c:b0:d7:9a:64:29:f3:
         f0:3b:42:da:c0:6d:36:f9:c3:41:73:71:28:dd:96:37:3b:7b:
         ac:cf:72:42
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZQj1ymtyXDMEiA+wh+kVm9UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMjE0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDc0N2ZiZTI2YzljZGQ3NjI4YWRmZWRiNTdiNzhiZThkZTc1ZTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr/ZthF2x8WoZwf//24LwgiZoLis
BDT24LQX7J/rFk+ZCem3eDEzcvmaZfM+aUVtQ8zsTztHeowoUfR9K+HYltAq6G5N
QQP02NQmkQ27xGhkTlTyXALCRmvms5ceXDfzn/K17mDoj43KsfcRL4Jj8q1G0XTG
ET9208GjKodu9HgH2F118sTbxcwFs7y21IgD+bg4gmqLg585VE0vAojBMY+6408D
1/JJ+SPHTjbwh1NDQp7a515uw/G6HM3qjlCW4eFVScRvjEIKT5wJbDn7ZAuGzL7P
4ZWTGIonmXijl7Gf77lP0X4XBwVn14mDaWgLTDk+kQQC84JE76Mhn3AUCwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFMB0f74myc3XYorf7bV7eL6N514pMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzlkLzI0MDZh
Yi0zYmNiLTQxYmMtYTk0Mi0zNjg2MDgzODU4ODMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQvMjQwNmFi
LTNiY2ItNDFiYy1hOTQyLTM2ODYwODM4NTg4My8xL3dIUl92aWJKemRkaWl0X3R0
WHQ0dm8zblhpay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQDWc/gAwQCuRkcMA0EAgACMAcDBQEqAHngMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwChMDANBgkqhkiG9w0BAQsFAAOCAQEAB41s
+hN/BosvILGW+1ICczFBtVE6wMCGpku8vUJxd0AwRDyk/FkQd0DWWHF9aegTIPhN
ti0TcELSP5AQm5v0nzBMgDIUuQ5dLXCzW/94/Ys38ivrrH2/BGQix2mO3Gy9a22M
0MXhfVQNMg/yDSTZm6okG2Ejt8+7I5EdlcQhNCE/0PADrzt8d3y0PMB3U3qbgwIk
QGHYLZYrC2LT1cVgX39682PTWzL6WCpGnp5h3K/YAv78s7WIzxfO4xetxKHmNmLS
ort9Oqj1J+FEFIdP86/1LdrBVpHqP3bDu/xr4n1fkPF8sNeaZCnz8DtC2sBtNvnD
QXNxKN2WNzt7rM9yQg==
-----END CERTIFICATE-----