Certificate

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nljobsnijders/XUJQ4tgdREjYop786R0p_wdeyeI.cer
File:                     XUJQ4tgdREjYop786R0p_wdeyeI.cer (raw, json)
Hash identifier:          lmo9woLNQAyh4noQ8doIgwbWZ9oOmlRqTzgPbXxxlh0=
Subject key identifier:   5D:42:50:E2:D8:1D:44:48:D8:A2:9E:FC:E9:1D:29:FF:07:5E:C9:E2
Authority key identifier: CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
Certificate issuer:       /CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Certificate serial:       C8AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
BGPsec ECDSA public key:  MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEgFcjQ/g//LAQerAH2Mpp+GucoDAGBbhIqD33wNPsXxnAGb+mtZ7XQrVO9DQ6UlAShtig5+QfEKpTtFgiqfiAFQ==
Router key not before:    Wed 07 Dec 2022 17:27:51 +0000
Router key not after:     Sat 04 Nov 2023 13:47:56 +0000
Subordinate resources:    AS: 15562

Validation:               OK
Signature path:           rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl
                          rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
                          rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
                          rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 15 Mar 2023 17:11:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 51371 (0xc8ab)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
        Validity
            Not Before: Dec  7 17:27:51 2022 GMT
            Not After : Nov  4 13:47:56 2023 GMT
        Subject: CN=ROUTER-00003cca/serialNumber=00000001
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub: 
                    04:80:57:23:43:f8:3f:fc:b0:10:7a:b0:07:d8:ca:
                    69:f8:6b:9c:a0:30:06:05:b8:48:a8:3d:f7:c0:d3:
                    ec:5f:19:c0:19:bf:a6:b5:9e:d7:42:b5:4e:f4:34:
                    3a:52:50:12:86:d8:a0:e7:e4:1f:10:aa:53:b4:58:
                    22:a9:f8:80:15
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                5D:42:50:E2:D8:1D:44:48:D8:A2:9E:FC:E9:1D:29:FF:07:5E:C9:E2
            X509v3 Authority Key Identifier: 
                keyid:CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer

            X509v3 Key Usage: critical
                Digital Signature
            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  15562

            X509v3 Extended Key Usage: 
                BGPsec Router
    Signature Algorithm: sha256WithRSAEncryption
         57:6b:9f:83:c6:92:b2:b6:2d:a6:94:e2:70:0c:69:c8:3b:65:
         6b:a0:07:2c:2b:05:ec:8c:bd:dc:ff:39:90:1d:9c:1c:b1:a3:
         09:f8:30:a0:bc:04:b8:27:01:c6:59:8a:88:85:a2:a7:1b:05:
         39:a2:d5:73:ac:8e:6d:38:be:21:28:87:2e:fe:4e:bf:48:e4:
         01:fc:ec:02:70:0b:0a:50:4c:c2:46:70:f8:fd:6a:e3:33:92:
         d7:ca:0b:23:b3:29:21:24:03:2d:67:6f:ca:a3:dc:af:ef:93:
         db:2a:62:06:53:6e:59:82:13:de:3e:1a:d0:21:ab:df:d8:68:
         6a:e0:d7:d8:d0:98:1b:72:4b:ba:0d:93:38:5d:f2:6f:1b:dd:
         28:16:4b:38:f5:14:5b:b1:28:41:65:08:0a:1d:a9:e5:81:36:
         80:48:79:d1:17:a8:67:db:88:e7:b3:e3:98:87:9b:89:33:43:
         1c:ae:f2:97:e0:48:9a:99:3e:43:a7:af:48:f4:7e:35:1b:64:
         1c:b9:99:dd:72:2a:56:35:a3:36:35:d2:10:7c:40:29:06:1e:
         5b:1f:c3:85:33:6f:a5:28:7d:80:9e:8e:1e:ec:43:6f:fa:0f:
         3f:00:d5:b0:67:68:fa:eb:f3:13:2c:c0:3e:02:cd:4b:c8:c7:
         47:cb:af:2e
-----BEGIN CERTIFICATE-----
MIIDfjCCAmagAwIBAgIDAMirMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNh
YTgwNWRiYWMzNjQ3NDliOWIxMTU1OTBhYjZlZjBmOTcwY2RiZDgwHhcNMjIxMjA3
MTcyNzUxWhcNMjMxMTA0MTM0NzU2WjAtMRgwFgYDVQQDEw9ST1VURVItMDAwMDNj
Y2ExETAPBgNVBAUTCDAwMDAwMDAxMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
gFcjQ/g//LAQerAH2Mpp+GucoDAGBbhIqD33wNPsXxnAGb+mtZ7XQrVO9DQ6UlAS
htig5+QfEKpTtFgiqfiAFaOCAWowggFmMB0GA1UdDgQWBBRdQlDi2B1ESNiinvzp
HSn/B17J4jAfBgNVHSMEGDAWgBTKqAXbrDZHSbmxFVkKtu8Plwzb2DAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMGQGA1UdHwRdMFswWaBXoFWGU3JzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxqb2JzbmlqZGVycy95cWdGMjZ3
MlIwbTVzUlZaQ3JidkQ1Y00yOWcuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC95
cWdGMjZ3MlIwbTVzUlZaQ3JidkQ1Y00yOWcuY2VyMA4GA1UdDwEB/wQEAwIHgDAZ
BggrBgEFBQcBCAEB/wQKMAigBjAEAgI8yjATBgNVHSUEDDAKBggrBgEFBQcDHjAN
BgkqhkiG9w0BAQsFAAOCAQEAV2ufg8aSsrYtppTicAxpyDtla6AHLCsF7Iy93P85
kB2cHLGjCfgwoLwEuCcBxlmKiIWipxsFOaLVc6yObTi+ISiHLv5Ov0jkAfzsAnAL
ClBMwkZw+P1q4zOS18oLI7MpISQDLWdvyqPcr++T2ypiBlNuWYIT3j4a0CGr39ho
auDX2NCYG3JLug2TOF3ybxvdKBZLOPUUW7EoQWUICh2p5YE2gEh50ReoZ9uI57Pj
mIebiTNDHK7yl+BImpk+Q6evSPR+NRtkHLmZ3XIqVjWjNjXSEHxAKQYeWx/DhTNv
pSh9gJ6OHuxDb/oPPwDVsGdo+uvzEyzAPgLNS8jHR8uvLg==
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:44:55 2023 by rpki-client on console-fra.rpki-client.org