Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/IAxw024BOwfk5tjsPqTuQTtKqpg.cer
File:                     IAxw024BOwfk5tjsPqTuQTtKqpg.cer (raw, json)
Hash identifier:          Wf1PF93viEFfmBcFfaSVFYfOAL5k6p7koMvUdHFWfV4=
Subject key identifier:   20:0C:70:D3:6E:01:3B:07:E4:E6:D8:EC:3E:A4:EE:41:3B:4A:AA:98
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01942067F2CA04DE6102D0D7133D9AE35BE9
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/IAxw024BOwfk5tjsPqTuQTtKqpg.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 05:47:50 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 212763
                          IP: 185.165.0.0/22
                          IP: 2a0a:5fc0::/29

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:20:67:f2:ca:04:de:61:02:d0:d7:13:3d:9a:e3:5b:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 05:47:50 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=200c70d36e013b07e4e6d8ec3ea4ee413b4aaa98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:36:78:65:15:60:fc:d4:7b:b9:92:f0:b6:1a:
                    51:82:3e:ac:07:c1:b5:a5:11:16:45:5d:d6:27:dd:
                    2d:f9:36:bb:b8:0f:ab:91:ce:7a:66:31:58:26:b3:
                    fd:4e:c8:8c:26:e1:57:0c:79:57:6b:84:62:5c:68:
                    2d:9e:7d:e6:66:95:fe:af:3d:f5:15:b4:82:32:84:
                    a6:d3:67:ae:85:07:0e:0a:dd:5e:f2:1f:13:f0:8a:
                    00:c7:53:4f:97:0e:15:37:d9:af:37:99:66:14:f5:
                    a9:74:fd:da:24:a0:f2:6e:5f:ce:43:40:c0:3f:e3:
                    2c:1c:1b:df:42:82:31:37:75:ff:c2:fe:df:1b:10:
                    64:32:3e:f4:4c:d4:89:4b:da:37:df:10:03:ba:2f:
                    99:12:bb:12:5a:72:b0:0c:26:b8:fd:18:9a:f2:64:
                    0a:f1:1a:81:e7:e3:73:9b:01:4a:95:23:33:22:22:
                    51:5f:59:1e:29:e6:6a:65:f3:7e:fb:61:09:a2:e4:
                    90:54:cf:0c:b7:a8:40:34:d5:ef:7e:3d:51:f3:f5:
                    5f:2d:ef:4f:d8:34:88:20:af:5a:fe:0d:b6:f4:3f:
                    ce:e7:68:b8:d7:b7:93:8f:80:2f:5f:b9:0c:fc:b8:
                    ec:80:f8:d4:69:0a:6a:1d:56:ba:39:d6:c3:ba:32:
                    f8:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:0C:70:D3:6E:01:3B:07:E4:E6:D8:EC:3E:A4:EE:41:3B:4A:AA:98
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/IAxw024BOwfk5tjsPqTuQTtKqpg.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.165.0.0/22
                IPv6:
                  2a0a:5fc0::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  212763

    Signature Algorithm: sha256WithRSAEncryption
         32:d8:ad:ca:49:b3:b2:a0:09:45:e7:20:10:29:d6:1b:17:f8:
         e1:1a:e3:29:60:14:50:97:cf:83:31:6b:8f:f9:8d:20:5e:96:
         86:93:43:b3:70:de:5a:bc:4f:a3:a6:3d:2b:8d:78:4b:9b:b3:
         7f:b9:05:fc:50:b9:60:1b:ff:86:b1:70:7e:be:c2:b5:40:b1:
         6c:4d:88:79:b9:66:fe:63:e3:15:90:9e:19:cc:50:de:d2:51:
         9e:23:af:a3:ec:d5:20:27:4f:f8:dd:7f:53:b2:d6:df:d3:fc:
         13:e5:0c:ab:ff:a0:99:33:3d:27:7e:47:69:a9:77:e0:23:14:
         a9:33:ae:f0:df:7e:a9:58:a3:ff:33:17:00:b3:70:a9:72:f9:
         2c:0a:58:8d:ad:33:51:31:7d:db:88:56:d6:23:bc:ce:fb:2d:
         27:28:f3:d5:ce:f9:ba:1c:6f:7e:e1:4b:ed:50:b8:3b:45:04:
         28:61:78:78:71:f9:cc:e9:1a:73:65:0c:8c:f4:c7:4f:a9:78:
         f9:5e:2e:84:f9:0c:13:1d:8a:82:df:28:99:4b:84:4c:f0:0c:
         3c:fa:de:d1:b3:29:51:f4:ea:c6:3e:00:0f:2a:cc:b5:75:a1:
         3f:10:ee:28:5f:ab:4b:61:06:16:d8:42:09:f4:03:1e:a3:8a:
         94:57:80:d9
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQgZ/LKBN5hAtDXEz2a41vpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDU0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDBjNzBkMzZlMDEzYjA3ZTRlNmQ4ZWMzZWE0ZWU0MTNiNGFhYTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTZ4ZRVg/NR7uZLwthpRgj6sB8G1
pREWRV3WJ90t+Ta7uA+rkc56ZjFYJrP9TsiMJuFXDHlXa4RiXGgtnn3mZpX+rz31
FbSCMoSm02euhQcOCt1e8h8T8IoAx1NPlw4VN9mvN5lmFPWpdP3aJKDybl/OQ0DA
P+MsHBvfQoIxN3X/wv7fGxBkMj70TNSJS9o33xADui+ZErsSWnKwDCa4/Ria8mQK
8RqB5+NzmwFKlSMzIiJRX1keKeZqZfN++2EJouSQVM8Mt6hANNXvfj1R8/VfLe9P
2DSIIK9a/g229D/O52i417eTj4AvX7kM/LjsgPjUaQpqHVa6OdbDujL4swIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFCAMcNNuATsH5ObY7D6k7kE7SqqYMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRiL2Q1ZWUw
ZC00NzVmLTQxZDctOWMyNS0xNTgwM2ZmYjE3NDYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGIvZDVlZTBk
LTQ3NWYtNDFkNy05YzI1LTE1ODAzZmZiMTc0Ni8xL0lBeHcwMjRCT3dmazV0anNQ
cVR1UVR0S3FwZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuaUAMA0EAgACMAcDBQMqCl/AMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwM/GzANBgkqhkiG9w0BAQsFAAOCAQEAMtitykmzsqAJ
RecgECnWGxf44RrjKWAUUJfPgzFrj/mNIF6WhpNDs3DeWrxPo6Y9K414S5uzf7kF
/FC5YBv/hrFwfr7CtUCxbE2Ieblm/mPjFZCeGcxQ3tJRniOvo+zVICdP+N1/U7LW
39P8E+UMq/+gmTM9J35Haal34CMUqTOu8N9+qVij/zMXALNwqXL5LApYja0zUTF9
24hW1iO8zvstJyjz1c75uhxvfuFL7VC4O0UEKGF4eHH5zOkac2UMjPTHT6l4+V4u
hPkMEx2Kgt8omUuETPAMPPre0bMpUfTqxj4ADyrMtXWhPxDuKF+rS2EGFthCCfQD
HqOKlFeA2Q==
-----END CERTIFICATE-----