Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/RkXJxY1aSZm13OngcNMvSI4zH1I.cer
File:                     RkXJxY1aSZm13OngcNMvSI4zH1I.cer (raw, json)
Hash identifier:          X+v1JpCzPcVoUpMpGGbxFxVz24vY3RauturxV+SZ0W8=
Subject key identifier:   46:45:C9:C5:8D:5A:49:99:B5:DC:E9:E0:70:D3:2F:48:8E:33:1F:52
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0194228E130232A3DEF7E87594EC5DE96FE8
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/cd/6c5331-dc1b-4f8c-9d3d-28bf1d33aa90/1/RkXJxY1aSZm13OngcNMvSI4zH1I.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/cd/6c5331-dc1b-4f8c-9d3d-28bf1d33aa90/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 15:48:43 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 215160
                          IP: 185.18.224.0/23
                          IP: 2a14:3540::/32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:22:8e:13:02:32:a3:de:f7:e8:75:94:ec:5d:e9:6f:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 15:48:43 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=4645c9c58d5a4999b5dce9e070d32f488e331f52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:71:7a:b6:d7:36:b8:01:7c:eb:70:d8:d0:23:
                    68:2f:6f:eb:c0:72:df:fa:40:18:d5:c5:1f:f2:95:
                    05:03:69:0f:09:27:b3:4a:fb:f7:96:ed:73:0e:04:
                    84:62:86:61:03:26:7a:fc:25:82:a8:05:f8:58:2e:
                    d9:c2:d3:2f:2c:6d:95:fe:6b:b0:b8:64:92:49:08:
                    35:a5:c5:79:ad:8e:dd:bb:92:db:96:07:d1:af:4d:
                    21:10:ac:fb:2f:f9:a2:b4:17:b4:db:64:60:6d:cf:
                    79:00:35:dd:07:db:6e:36:77:6a:e9:f0:10:fa:8d:
                    10:c4:81:90:9d:bf:23:ac:c6:7b:02:10:3f:4a:21:
                    f8:03:e7:49:4b:6d:55:85:45:37:8a:53:1a:e2:72:
                    c2:3b:c1:d1:d4:7f:a3:57:0d:71:e6:69:4b:6a:4d:
                    47:16:0c:c6:b7:f7:72:4a:5b:66:96:41:cd:ff:58:
                    00:c9:c8:21:65:22:e2:c6:b8:04:13:0a:f2:1d:0f:
                    ce:95:fe:8f:61:52:31:07:72:a5:cb:97:7b:1c:9a:
                    8c:47:c1:2a:44:f6:75:b9:2e:06:c0:1d:b7:3e:88:
                    b2:64:8e:22:8e:d6:82:af:ca:26:df:2e:47:91:fe:
                    04:c9:a4:2a:0e:f4:97:51:b2:2b:e2:0b:30:3d:0d:
                    e0:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:45:C9:C5:8D:5A:49:99:B5:DC:E9:E0:70:D3:2F:48:8E:33:1F:52
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6c5331-dc1b-4f8c-9d3d-28bf1d33aa90/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6c5331-dc1b-4f8c-9d3d-28bf1d33aa90/1/RkXJxY1aSZm13OngcNMvSI4zH1I.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.18.224.0/23
                IPv6:
                  2a14:3540::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  215160

    Signature Algorithm: sha256WithRSAEncryption
         5c:94:84:3f:76:95:4c:fd:60:58:01:0f:4f:24:12:e8:a7:07:
         84:d9:51:92:e1:19:b3:f5:8c:da:3b:b0:d4:91:99:54:2a:34:
         33:f8:c5:37:ab:8c:65:b0:54:c0:fb:92:01:d5:00:6d:5c:1d:
         c3:50:66:bc:c0:44:d2:ed:35:b1:0f:8e:d0:db:42:61:b4:4b:
         e2:75:31:40:78:10:10:1f:83:a9:f1:aa:04:eb:46:19:5c:39:
         eb:dc:5d:b3:22:6c:06:63:77:3f:8b:18:b0:e6:43:bc:f1:08:
         10:f7:fc:5b:22:6e:84:ea:46:dd:9f:c0:93:4c:a3:47:d7:81:
         52:0c:4f:01:5b:12:58:25:a5:24:25:2e:f6:5c:90:19:b0:4d:
         93:db:b9:81:75:1b:6d:86:25:0f:fa:7b:1b:ae:dc:9a:3f:2b:
         b0:77:be:6b:4b:9a:60:ff:69:42:45:5a:17:3b:eb:47:dc:61:
         78:2c:d7:d0:67:d6:8c:e6:49:57:21:3e:fb:33:1b:6a:16:f6:
         d6:18:d1:63:c7:7e:2e:d3:de:41:fb:d4:56:06:e9:63:78:5c:
         89:18:5d:98:2e:80:a4:0c:fc:4d:4d:87:7f:5d:e2:cc:20:f7:
         4c:28:dd:29:eb:11:4c:f0:81:d3:51:ef:5b:9e:6d:94:5b:09:
         de:ba:00:ce
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQijhMCMqPe9+h1lOxd6W/oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTU0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjQ1YzljNThkNWE0OTk5YjVkY2U5ZTA3MGQzMmY0ODhlMzMxZjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHF6ttc2uAF863DY0CNoL2/rwHLf
+kAY1cUf8pUFA2kPCSezSvv3lu1zDgSEYoZhAyZ6/CWCqAX4WC7ZwtMvLG2V/muw
uGSSSQg1pcV5rY7du5LblgfRr00hEKz7L/mitBe022Rgbc95ADXdB9tuNndq6fAQ
+o0QxIGQnb8jrMZ7AhA/SiH4A+dJS21VhUU3ilMa4nLCO8HR1H+jVw1x5mlLak1H
FgzGt/dySltmlkHN/1gAycghZSLixrgEEwryHQ/Olf6PYVIxB3Kly5d7HJqMR8Eq
RPZ1uS4GwB23PoiyZI4ijtaCr8om3y5Hkf4EyaQqDvSXUbIr4gswPQ3gfwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFEZFycWNWkmZtdzp4HDTL0iOMx9SMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NkLzZjNTMz
MS1kYzFiLTRmOGMtOWQzZC0yOGJmMWQzM2FhOTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2QvNmM1MzMx
LWRjMWItNGY4Yy05ZDNkLTI4YmYxZDMzYWE5MC8xL1JrWEp4WTFhU1ptMTNPbmdj
Tk12U0k0ekgxSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQBuRLgMA0EAgACMAcDBQAqFDVAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNIeDANBgkqhkiG9w0BAQsFAAOCAQEAXJSEP3aVTP1g
WAEPTyQS6KcHhNlRkuEZs/WM2juw1JGZVCo0M/jFN6uMZbBUwPuSAdUAbVwdw1Bm
vMBE0u01sQ+O0NtCYbRL4nUxQHgQEB+DqfGqBOtGGVw569xdsyJsBmN3P4sYsOZD
vPEIEPf8WyJuhOpG3Z/Ak0yjR9eBUgxPAVsSWCWlJCUu9lyQGbBNk9u5gXUbbYYl
D/p7G67cmj8rsHe+a0uaYP9pQkVaFzvrR9xheCzX0GfWjOZJVyE++zMbahb21hjR
Y8d+LtPeQfvUVgbpY3hciRhdmC6ApAz8TU2Hf13izCD3TCjdKesRTPCB01HvW55t
lFsJ3roAzg==
-----END CERTIFICATE-----