Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/wyzHqWT083CSkpHhn_995T8ZvkQ.cer
File:                     wyzHqWT083CSkpHhn_995T8ZvkQ.cer (raw, json)
Hash identifier:          N9eSD0PMwJ4sVVfqcHzbx3xuPWcNzAlsD/7f0P6aQOM=
Subject key identifier:   C3:2C:C7:A9:64:F4:F3:70:92:92:91:E1:9F:FF:7D:E5:3F:19:BE:44
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0194228D2C88D827312583A09A8EFA5C803F
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c762-d79e-46dc-af19-d7f78ac20707/1/wyzHqWT083CSkpHhn_995T8ZvkQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c762-d79e-46dc-af19-d7f78ac20707/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 15:47:44 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 48037
                          IP: 193.176.222.0 -- 193.176.226.255
                          IP: 193.176.234.0/24
                          IP: 193.177.183.0/24
                          IP: 193.177.248.0/21
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:22:8d:2c:88:d8:27:31:25:83:a0:9a:8e:fa:5c:80:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 15:47:44 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=c32cc7a964f4f370929291e19fff7de53f19be44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:41:a2:8a:54:10:82:83:1c:57:fc:11:0f:74:
                    37:a9:30:b9:59:0c:2f:76:a6:1a:fc:49:39:f3:ac:
                    60:e6:eb:64:ed:58:ef:41:e1:82:ea:1e:75:30:7e:
                    74:a7:53:42:fe:e6:f2:cc:a6:1a:e9:26:c9:43:4d:
                    e0:2b:e3:3a:51:9e:e6:f2:6c:4b:73:64:51:56:c7:
                    0e:eb:c6:1a:ab:19:43:e3:aa:a6:6b:0d:4c:75:96:
                    0a:46:11:51:1d:53:34:ef:60:0f:43:dd:2c:ab:05:
                    9f:d4:0d:a5:47:1f:65:52:b6:3d:ba:4a:4c:d3:94:
                    8b:04:1e:5d:24:6a:7a:0b:db:18:b5:09:8c:60:25:
                    79:ed:47:2c:4f:e5:d9:5e:b1:1a:b4:d6:48:8b:8a:
                    5a:9b:f2:de:04:e1:36:4d:c3:08:65:16:50:8a:c1:
                    f6:2a:eb:88:23:e1:0c:f7:bb:39:88:7c:1d:06:32:
                    5f:9b:8a:d2:cf:04:32:5a:e0:96:ac:ca:08:0c:4a:
                    96:d1:80:08:be:a9:f9:bf:a9:49:98:aa:de:b5:fb:
                    2a:c4:01:61:67:17:67:3d:2a:17:84:90:a0:93:fd:
                    16:4d:e0:9c:48:30:19:e1:a0:78:d5:64:4c:21:2a:
                    23:2c:82:13:03:73:49:e7:ce:df:10:1a:f7:12:c3:
                    a5:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:2C:C7:A9:64:F4:F3:70:92:92:91:E1:9F:FF:7D:E5:3F:19:BE:44
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c762-d79e-46dc-af19-d7f78ac20707/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c762-d79e-46dc-af19-d7f78ac20707/1/wyzHqWT083CSkpHhn_995T8ZvkQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.176.222.0-193.176.226.255
                  193.176.234.0/24
                  193.177.183.0/24
                  193.177.248.0/21

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  48037

    Signature Algorithm: sha256WithRSAEncryption
         5a:dc:01:60:c5:b9:a2:2a:b0:24:07:46:ce:40:80:c9:93:bf:
         e1:8e:cd:92:d7:46:5a:7e:fb:ed:70:c0:44:e7:7c:af:99:c0:
         47:69:15:1a:09:ea:c1:65:7d:da:9c:aa:56:92:01:7a:f3:f2:
         c1:4e:65:2e:fe:41:ff:a4:dc:fc:0a:02:f8:30:98:51:a0:89:
         c9:b4:07:d1:1f:7c:82:ca:91:8b:ef:19:56:3e:55:df:71:b5:
         77:af:87:18:51:f6:9f:bf:03:11:33:90:7c:86:05:89:c8:2d:
         44:70:25:ce:03:dd:39:25:53:79:50:b8:c8:51:be:cc:60:f2:
         9d:a5:d5:63:00:09:79:8e:4a:8e:22:7e:73:43:b8:09:84:91:
         04:f0:d6:4b:85:6a:d8:d5:c2:eb:16:df:a0:59:ad:1c:8c:94:
         90:37:31:97:ca:39:4e:b4:49:79:7d:4e:3f:f8:95:f3:5e:b0:
         05:f6:08:71:bf:38:82:81:6e:6e:84:31:16:9a:aa:1d:c3:a6:
         a0:fb:46:6e:7b:b2:89:8e:86:7a:43:50:47:25:cd:94:f1:f3:
         0c:f7:d6:08:db:eb:40:dd:fa:05:2a:98:6a:88:bd:4d:ec:a0:
         1c:c6:e7:17:8f:b8:fe:78:db:08:4f:e3:7f:f4:9a:ba:ab:28:
         8b:c5:09:d6
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAZQijSyI2CcxJYOgmo76XIA/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTU0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzJjYzdhOTY0ZjRmMzcwOTI5MjkxZTE5ZmZmN2RlNTNmMTliZTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEGiilQQgoMcV/wRD3Q3qTC5WQwv
dqYa/Ek586xg5utk7VjvQeGC6h51MH50p1NC/ubyzKYa6SbJQ03gK+M6UZ7m8mxL
c2RRVscO68YaqxlD46qmaw1MdZYKRhFRHVM072APQ90sqwWf1A2lRx9lUrY9ukpM
05SLBB5dJGp6C9sYtQmMYCV57UcsT+XZXrEatNZIi4pam/LeBOE2TcMIZRZQisH2
KuuII+EM97s5iHwdBjJfm4rSzwQyWuCWrMoIDEqW0YAIvqn5v6lJmKretfsqxAFh
ZxdnPSoXhJCgk/0WTeCcSDAZ4aB41WRMISojLIITA3NJ587fEBr3EsOlUQIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFMMsx6lk9PNwkpKR4Z//feU/Gb5EMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IxL2U3Yzc2
Mi1kNzllLTQ2ZGMtYWYxOS1kN2Y3OGFjMjA3MDcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEvZTdjNzYy
LWQ3OWUtNDZkYy1hZjE5LWQ3Zjc4YWMyMDcwNy8xL3d5ekhxV1QwODNDU2twSGhu
Xzk5NVQ4WnZrUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDkGCCsGAQUF
BwEHAQH/BCowKDAmBAIAATAgMAwDBAHBsN4DBADBsOIDBADBsOoDBADBsbcDBAPB
sfgwGgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDALulMA0GCSqGSIb3DQEBCwUAA4IB
AQBa3AFgxbmiKrAkB0bOQIDJk7/hjs2S10ZafvvtcMBE53yvmcBHaRUaCerBZX3a
nKpWkgF68/LBTmUu/kH/pNz8CgL4MJhRoInJtAfRH3yCypGL7xlWPlXfcbV3r4cY
UfafvwMRM5B8hgWJyC1EcCXOA905JVN5ULjIUb7MYPKdpdVjAAl5jkqOIn5zQ7gJ
hJEE8NZLhWrY1cLrFt+gWa0cjJSQNzGXyjlOtEl5fU4/+JXzXrAF9ghxvziCgW5u
hDEWmqodw6ag+0Zue7KJjoZ6Q1BHJc2U8fMM99YI2+tA3foFKphqiL1N7KAcxucX
j7j+eNsIT+N/9Jq6qyiLxQnW
-----END CERTIFICATE-----