Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/TjS6bj4mlMezjkZRr-4GGwsh3q4.cer
File:                     TjS6bj4mlMezjkZRr-4GGwsh3q4.cer (raw, json)
Hash identifier:          X8GYQ+FJut1zniMoJj2Pf4J0AM78/vI/BMGu4ZMyzro=
Subject key identifier:   4E:34:BA:6E:3E:26:94:C7:B3:8E:46:51:AF:EE:06:1B:0B:21:DE:AE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01961B517920BB4E9BF002DBC56140185EC9
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/39/02b7d6-269b-4bb2-b455-391768573496/1/TjS6bj4mlMezjkZRr-4GGwsh3q4.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/39/02b7d6-269b-4bb2-b455-391768573496/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 09 Apr 2025 16:10:46 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 213513
                          IP: 91.198.40.0/24
                          IP: 2a13:5700::/29

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:1b:51:79:20:bb:4e:9b:f0:02:db:c5:61:40:18:5e:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Apr  9 16:10:46 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=4e34ba6e3e2694c7b38e4651afee061b0b21deae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:4d:1a:0b:76:e2:9c:74:24:c6:4a:cb:0e:1a:
                    8a:82:f6:b4:12:af:c5:01:1c:96:c9:9f:2c:1a:d9:
                    5f:3c:4f:35:eb:ea:2a:24:fe:b7:ca:d3:ff:8a:ac:
                    24:ec:04:f0:2f:4f:3a:14:fe:96:27:18:7c:11:d3:
                    83:d4:81:cb:1e:74:c6:63:93:0b:82:0a:70:0b:56:
                    93:75:2c:7d:25:96:9e:c5:e9:d6:8e:8e:9e:93:c7:
                    d3:24:64:14:08:04:ea:b3:c4:0c:2f:7d:d4:6c:bb:
                    84:66:f2:ba:95:ae:20:96:5b:00:4f:ed:4c:51:06:
                    93:ec:e9:32:d4:62:ef:37:0e:73:c9:01:c7:70:d3:
                    b3:5f:42:0e:2a:c5:be:2c:65:7d:07:cc:7f:87:a0:
                    f4:e7:33:61:5f:8f:43:d0:44:21:bb:b5:a0:b0:61:
                    ed:25:62:a7:17:e1:93:ea:24:2f:db:0d:08:ca:a7:
                    44:62:b1:7b:c1:34:d1:22:04:63:bb:2d:59:2e:04:
                    26:a7:4c:37:f0:58:cf:a3:27:dd:7f:34:b2:db:d7:
                    2c:a5:c3:ca:2f:2e:6d:5f:85:64:25:5b:88:da:5e:
                    09:bb:fc:d8:a7:94:44:15:a7:0e:fb:a5:50:eb:86:
                    17:1a:c7:0a:01:ab:77:25:55:02:c1:ef:f2:94:4c:
                    d0:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:34:BA:6E:3E:26:94:C7:B3:8E:46:51:AF:EE:06:1B:0B:21:DE:AE
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/02b7d6-269b-4bb2-b455-391768573496/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/02b7d6-269b-4bb2-b455-391768573496/1/TjS6bj4mlMezjkZRr-4GGwsh3q4.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.198.40.0/24
                IPv6:
                  2a13:5700::/29

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  213513

    Signature Algorithm: sha256WithRSAEncryption
         66:11:f8:a7:d8:e2:96:b8:05:dc:cc:ef:c1:f6:38:84:96:7c:
         2c:27:1e:91:ff:70:7d:e2:be:42:f9:9f:c7:2f:36:d0:d5:1c:
         4f:74:1e:a0:5b:c6:5e:c8:8c:a2:3c:e1:bf:ac:e1:cb:75:fb:
         a6:52:ac:ad:17:d2:88:53:fe:5c:ff:92:b3:5b:01:9f:ab:dd:
         1e:6a:0b:08:9c:93:ec:75:2c:21:4f:e2:47:22:53:c8:ea:e4:
         73:be:d3:01:50:31:a1:e1:8d:a3:e5:da:b0:a8:ee:23:cd:54:
         41:22:9d:b1:fc:bf:25:4d:a5:fa:48:4e:b4:84:1e:3c:0d:15:
         bd:88:8c:69:5d:07:a5:15:83:76:f9:b6:d3:a6:6b:bb:5e:4d:
         fb:f9:e9:77:b4:8f:b1:d3:2e:5a:b3:17:b2:a3:9e:4c:ec:52:
         f7:3b:19:bb:1b:bb:a9:bb:5f:58:e9:a2:ec:ed:7d:30:70:b7:
         29:49:de:37:83:30:82:9a:d8:3c:fc:8e:d2:12:f4:4b:e7:b9:
         76:0d:d4:5d:c4:4d:be:05:1c:11:0d:e8:8b:9c:2d:8d:d9:71:
         26:cc:25:ec:94:f3:ac:a6:ca:76:d4:ed:3f:e4:b8:c3:d5:88:
         f8:a5:6c:2d:4b:b2:4c:01:c1:a7:cf:fa:3e:39:f9:17:3e:b5:
         3c:9a:78:af
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZYbUXkgu06b8ALbxWFAGF7JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNDA5MTYxMDQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTM0YmE2ZTNlMjY5NGM3YjM4ZTQ2NTFhZmVlMDYxYjBiMjFkZWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3U0aC3binHQkxkrLDhqKgva0Eq/F
ARyWyZ8sGtlfPE816+oqJP63ytP/iqwk7ATwL086FP6WJxh8EdOD1IHLHnTGY5ML
ggpwC1aTdSx9JZaexenWjo6ek8fTJGQUCATqs8QML33UbLuEZvK6la4gllsAT+1M
UQaT7Oky1GLvNw5zyQHHcNOzX0IOKsW+LGV9B8x/h6D05zNhX49D0EQhu7WgsGHt
JWKnF+GT6iQv2w0IyqdEYrF7wTTRIgRjuy1ZLgQmp0w38FjPoyfdfzSy29cspcPK
Ly5tX4VkJVuI2l4Ju/zYp5REFacO+6VQ64YXGscKAat3JVUCwe/ylEzQAwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFE40um4+JpTHs45GUa/uBhsLId6uMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzM5LzAyYjdk
Ni0yNjliLTRiYjItYjQ1NS0zOTE3Njg1NzM0OTYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkvMDJiN2Q2
LTI2OWItNGJiMi1iNDU1LTM5MTc2ODU3MzQ5Ni8xL1RqUzZiajRtbE1lemprWlJy
LTRHR3dzaDNxNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAW8YoMA0EAgACMAcDBQMqE1cAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNCCTANBgkqhkiG9w0BAQsFAAOCAQEAZhH4p9jilrgF
3MzvwfY4hJZ8LCcekf9wfeK+Qvmfxy820NUcT3QeoFvGXsiMojzhv6zhy3X7plKs
rRfSiFP+XP+Ss1sBn6vdHmoLCJyT7HUsIU/iRyJTyOrkc77TAVAxoeGNo+XasKju
I81UQSKdsfy/JU2l+khOtIQePA0VvYiMaV0HpRWDdvm206Zru15N+/npd7SPsdMu
WrMXsqOeTOxS9zsZuxu7qbtfWOmi7O19MHC3KUneN4MwgprYPPyO0hL0S+e5dg3U
XcRNvgUcEQ3oi5wtjdlxJswl7JTzrKbKdtTtP+S4w9WI+KVsLUuyTAHBp8/6Pjn5
Fz61PJp4rw==
-----END CERTIFICATE-----