Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/pYvsql7_dYY8uHljAa8UR2p7sDo.cer
File:                     pYvsql7_dYY8uHljAa8UR2p7sDo.cer (raw, json)
Hash identifier:          icUUtnJwpgE2qJzSWLd8bmFBdjeX2rpo7yWexuwk96U=
Subject key identifier:   A5:8B:EC:AA:5E:FF:75:86:3C:B8:79:63:01:AF:14:47:6A:7B:B0:3A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       01942067FF5087E0027D0A146CD0275E1C95
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/0/A58BECAA5EFF75863CB8796301AF14476A7BB03A.mft
caRepository:             rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/0/
Notify URL:               https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before:   Wed 01 Jan 2025 05:47:54 +0000
Certificate not after:    Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources:    AS: 212516
                          IP: 2001:67c:2f14::/48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:20:67:ff:50:87:e0:02:7d:0a:14:6c:d0:27:5e:1c:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 05:47:54 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=a58becaa5eff75863cb8796301af14476a7bb03a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:63:3a:23:e9:11:71:50:64:99:ed:b6:09:ad:
                    cb:d6:b3:01:84:66:a6:6d:4f:b6:29:be:fd:1a:b3:
                    89:7d:94:2f:ce:f3:4a:00:ed:cf:bf:97:5b:f7:5c:
                    24:95:a6:87:e4:f0:7c:e1:4f:e8:20:45:51:d3:76:
                    56:5b:11:c0:de:eb:22:6b:42:4d:bc:8b:a4:cc:b8:
                    de:ee:4f:0f:46:75:cd:f3:f4:3f:d5:2e:fb:14:df:
                    e7:46:c1:ca:27:78:9e:69:cc:ac:2b:e2:3c:27:73:
                    af:04:7d:cf:b8:c8:e2:30:cf:02:05:b6:92:63:95:
                    87:bc:0d:25:06:9d:3f:5f:9c:90:b5:b6:cb:a8:0e:
                    4d:c7:fe:0a:4e:ee:06:2b:1d:19:16:25:39:a1:40:
                    db:6b:d7:a4:43:51:57:ad:a2:e2:f2:05:26:32:42:
                    18:37:83:ac:c3:d1:1c:a5:03:1c:1e:58:f5:f4:e6:
                    57:5d:0b:1d:8e:ef:ec:3c:e1:ec:b9:de:bf:0a:04:
                    15:9a:47:e0:72:f1:26:9f:9c:0c:f9:06:aa:28:56:
                    14:88:0b:44:66:e1:43:3e:8a:ff:fd:f5:0b:a4:d6:
                    fc:49:ca:c9:09:08:b1:6e:fe:bc:29:50:16:b2:2a:
                    3e:2a:fb:09:36:73:fe:24:c8:81:e9:dd:d6:e0:8c:
                    2b:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:8B:EC:AA:5E:FF:75:86:3C:B8:79:63:01:AF:14:47:6A:7B:B0:3A
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/0/
                RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/59c83e5c-4b55-4a1a-8003-1b7ecc51d47a/0/A58BECAA5EFF75863CB8796301AF14476A7BB03A.mft
                RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:2f14::/48

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  212516

    Signature Algorithm: sha256WithRSAEncryption
         52:21:04:1c:c5:95:dd:22:c1:72:05:d5:8b:e1:d5:a9:d8:d9:
         4e:b4:82:a6:a8:5c:2f:c0:e3:9f:8a:43:50:a7:37:c3:15:d5:
         52:68:f4:41:14:ab:ae:cb:fc:7f:47:27:d3:7d:b8:d8:1b:e9:
         7b:16:9c:a6:c2:17:6e:8e:e1:e7:b6:72:47:c3:3c:e7:98:5e:
         10:28:e4:73:0e:75:f5:07:f4:50:6b:be:de:27:b2:0b:8a:71:
         7b:78:6b:0a:85:41:27:64:f8:88:73:c5:80:85:e0:b7:80:e1:
         b1:42:26:b2:62:53:2d:53:bd:bc:60:82:34:05:ad:78:2e:b5:
         df:a5:94:44:4f:4f:df:b0:f4:df:a6:b4:e6:a7:bb:8e:bd:1a:
         56:7c:31:59:72:6d:ec:76:44:93:9b:a1:f3:6f:7f:30:52:e3:
         a3:0d:bb:8d:a3:15:e0:1a:25:41:95:d8:93:f9:7a:6e:13:80:
         59:0f:5d:e0:ba:7a:ca:2c:bc:24:5b:75:31:82:ad:09:1d:cc:
         ce:6e:e3:cb:7f:8f:aa:39:3e:f4:6c:bb:70:fd:13:bb:af:3f:
         52:34:6b:a2:e5:10:56:d1:3d:e5:83:be:ee:8c:c0:02:8f:29:
         c6:41:10:9a:5b:e8:6e:5e:c3:d8:3c:42:b5:f9:41:4a:14:fd:
         a8:b4:58:33
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAZQgZ/9Qh+ACfQoUbNAnXhyVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDU0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNThiZWNhYTVlZmY3NTg2M2NiODc5NjMwMWFmMTQ0NzZhN2JiMDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmM6I+kRcVBkme22Ca3L1rMBhGam
bU+2Kb79GrOJfZQvzvNKAO3Pv5db91wklaaH5PB84U/oIEVR03ZWWxHA3usia0JN
vIukzLje7k8PRnXN8/Q/1S77FN/nRsHKJ3ieacysK+I8J3OvBH3PuMjiMM8CBbaS
Y5WHvA0lBp0/X5yQtbbLqA5Nx/4KTu4GKx0ZFiU5oUDba9ekQ1FXraLi8gUmMkIY
N4Osw9EcpQMcHlj19OZXXQsdju/sPOHsud6/CgQVmkfgcvEmn5wM+QaqKFYUiAtE
ZuFDPor//fULpNb8ScrJCQixbv68KVAWsio+KvsJNnP+JMiB6d3W4IwryQIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFKWL7Kpe/3WGPLh5YwGvFEdqe7A6MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU5Yzgz
ZTVjLTRiNTUtNGExYS04MDAzLTFiN2VjYzUxZDQ3YS8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNTlj
ODNlNWMtNGI1NS00YTFhLTgwMDMtMWI3ZWNjNTFkNDdhLzAvQTU4QkVDQUE1RUZG
NzU4NjNDQjg3OTYzMDFBRjE0NDc2QTdCQjAzQS5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMH
ACABBnwvFDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDPiQwDQYJKoZIhvcNAQEL
BQADggEBAFIhBBzFld0iwXIF1Yvh1anY2U60gqaoXC/A45+KQ1CnN8MV1VJo9EEU
q67L/H9HJ9N9uNgb6XsWnKbCF26O4ee2ckfDPOeYXhAo5HMOdfUH9FBrvt4nsguK
cXt4awqFQSdk+IhzxYCF4LeA4bFCJrJiUy1TvbxggjQFrXgutd+llERPT9+w9N+m
tOanu469GlZ8MVlybex2RJObofNvfzBS46MNu42jFeAaJUGV2JP5em4TgFkPXeC6
esosvCRbdTGCrQkdzM5u48t/j6o5PvRsu3D9E7uvP1I0a6LlEFbRPeWDvu6MwAKP
KcZBEJpb6G5ew9g8QrX5QUoU/ai0WDM=
-----END CERTIFICATE-----