Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/tVNDqiHHSjn81Rg_T99V3EZ56D0.cer
File:                     tVNDqiHHSjn81Rg_T99V3EZ56D0.cer (raw, json)
Hash identifier:          QwpaO5A2mtJX/GiC+R2uGl0Vpa+NHGOFiPgAqJjxUPs=
Subject key identifier:   B5:53:43:AA:21:C7:4A:39:FC:D5:18:3F:4F:DF:55:DC:46:79:E8:3D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       0195F15AD3CBF079C18AD0C780C69B352BBD
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/f8/c49c08-92ab-4cb1-809b-4ec7b5efae37/1/tVNDqiHHSjn81Rg_T99V3EZ56D0.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/f8/c49c08-92ab-4cb1-809b-4ec7b5efae37/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 01 Apr 2025 12:36:56 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 214335
                          IP: 213.163.236.0/24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:f1:5a:d3:cb:f0:79:c1:8a:d0:c7:80:c6:9b:35:2b:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Apr  1 12:36:56 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=b55343aa21c74a39fcd5183f4fdf55dc4679e83d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:80:a3:8c:57:59:64:35:13:1f:30:71:a8:d7:
                    e5:4f:1c:70:2a:84:62:ae:c2:a4:25:cd:f3:62:d5:
                    1f:77:c1:5b:1f:c2:dd:1e:ce:fe:f2:fd:bd:6c:35:
                    38:cd:85:73:71:66:ce:50:fd:86:da:71:e7:a6:ee:
                    c8:bf:e6:b0:a7:a3:79:a0:e1:7b:1e:e3:b6:fe:19:
                    4d:ea:18:9b:36:7d:06:dc:70:ff:6c:1e:3a:cc:67:
                    cb:ce:07:4c:9d:8e:78:ff:50:98:95:a7:35:7a:5b:
                    02:5f:69:c2:08:c3:59:24:0f:4f:2a:8d:9b:ff:e4:
                    21:be:8f:65:1f:4d:ca:67:20:aa:9a:d0:48:8f:b6:
                    85:a7:52:12:91:d1:d0:db:6f:24:b0:09:76:db:56:
                    75:b8:13:69:ba:1c:ed:09:59:a9:fa:bd:fe:1f:c0:
                    dc:71:47:6d:7a:13:5c:7f:d4:52:db:cd:72:ee:a4:
                    25:a0:ab:7e:f1:2d:61:9a:8d:5a:6f:52:66:00:e7:
                    70:df:2e:a9:36:36:6a:98:e8:2e:04:c1:c0:9a:80:
                    5a:14:e5:07:e6:db:99:b5:75:c7:cf:30:35:45:be:
                    29:ea:25:84:c9:31:8c:5d:4a:42:14:22:aa:10:c8:
                    b5:c6:9c:0b:db:52:3a:52:76:5e:b1:4b:09:f3:25:
                    d4:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:53:43:AA:21:C7:4A:39:FC:D5:18:3F:4F:DF:55:DC:46:79:E8:3D
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/c49c08-92ab-4cb1-809b-4ec7b5efae37/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/c49c08-92ab-4cb1-809b-4ec7b5efae37/1/tVNDqiHHSjn81Rg_T99V3EZ56D0.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.163.236.0/24

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  214335

    Signature Algorithm: sha256WithRSAEncryption
         4d:be:6c:20:7e:8b:b3:f7:1f:08:32:95:fc:17:b4:50:2f:36:
         dc:24:4e:68:f9:13:72:5a:7b:0c:f3:74:d6:6c:cb:2a:5d:4b:
         a3:c7:9d:dc:3d:aa:67:70:13:48:2a:03:ab:9e:49:0c:59:6e:
         de:0b:4d:f8:c3:6c:df:81:c0:64:46:62:ed:31:5e:d3:f8:63:
         47:a1:22:76:67:e5:3a:95:0b:5a:cd:96:94:72:8a:a8:b9:d7:
         e0:6e:4e:ce:6d:71:86:cd:22:8b:93:49:ff:45:92:fd:87:b7:
         56:f2:67:28:19:75:c9:47:ad:49:3e:8f:1b:39:c9:cd:ef:54:
         82:63:a7:72:b7:ab:17:1e:42:42:96:4d:8e:95:c7:a1:bc:a2:
         da:7b:4a:51:43:5d:35:af:d8:ed:6f:2f:3a:42:72:46:c1:6f:
         75:86:d5:cb:0f:5a:13:e2:a3:1e:58:d6:f8:25:03:8a:62:ab:
         57:04:0d:5b:d6:73:f3:bd:a1:e7:46:63:ac:2a:9c:16:bf:c7:
         c0:30:c7:5f:08:cd:90:70:28:9c:3a:1b:2e:36:c0:b9:bc:22:
         8b:54:a0:82:91:0d:94:57:a5:cb:3e:14:24:6b:ca:9d:f1:2d:
         07:11:a6:a1:57:90:0f:b0:76:a3:51:aa:1b:de:4e:ba:e4:aa:
         48:cb:46:c4
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZXxWtPL8HnBitDHgMabNSu9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNDAxMTIzNjU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTUzNDNhYTIxYzc0YTM5ZmNkNTE4M2Y0ZmRmNTVkYzQ2NzllODNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYCjjFdZZDUTHzBxqNflTxxwKoRi
rsKkJc3zYtUfd8FbH8LdHs7+8v29bDU4zYVzcWbOUP2G2nHnpu7Iv+awp6N5oOF7
HuO2/hlN6hibNn0G3HD/bB46zGfLzgdMnY54/1CYlac1elsCX2nCCMNZJA9PKo2b
/+Qhvo9lH03KZyCqmtBIj7aFp1ISkdHQ228ksAl221Z1uBNpuhztCVmp+r3+H8Dc
cUdtehNcf9RS281y7qQloKt+8S1hmo1ab1JmAOdw3y6pNjZqmOguBMHAmoBaFOUH
5tuZtXXHzzA1Rb4p6iWEyTGMXUpCFCKqEMi1xpwL21I6UnZesUsJ8yXUjwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFLVTQ6ohx0o5/NUYP0/fVdxGeeg9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y4L2M0OWMw
OC05MmFiLTRjYjEtODA5Yi00ZWM3YjVlZmFlMzcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgvYzQ5YzA4
LTkyYWItNGNiMS04MDliLTRlYzdiNWVmYWUzNy8xL3RWTkRxaUhIU2puODFSZ19U
OTlWM0VaNTZEMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQA1aPsMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwNFPzANBgkqhkiG9w0BAQsFAAOCAQEATb5sIH6Ls/cfCDKV/Be0UC823CROaPkT
clp7DPN01mzLKl1Lo8ed3D2qZ3ATSCoDq55JDFlu3gtN+MNs34HAZEZi7TFe0/hj
R6EidmflOpULWs2WlHKKqLnX4G5Ozm1xhs0ii5NJ/0WS/Ye3VvJnKBl1yUetST6P
GznJze9UgmOncrerFx5CQpZNjpXHobyi2ntKUUNdNa/Y7W8vOkJyRsFvdYbVyw9a
E+KjHljW+CUDimKrVwQNW9Zz872h50ZjrCqcFr/HwDDHXwjNkHAonDobLjbAubwi
i1SggpENlFelyz4UJGvKnfEtBxGmoVeQD7B2o1GqG95OuuSqSMtGxA==
-----END CERTIFICATE-----