Certificate
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nljobsnijders/XUJQ4tgdREjYop786R0p_wdeyeI.cer
File: XUJQ4tgdREjYop786R0p_wdeyeI.cer (raw, json)
Hash identifier: e8ezHsO9xE5SFyig5ZF1vN2qy3N/VkAzvq69Pz1dz0A=
Subject key identifier: 5D:42:50:E2:D8:1D:44:48:D8:A2:9E:FC:E9:1D:29:FF:07:5E:C9:E2
Authority key identifier: CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
Certificate issuer: /CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Certificate serial: 01F48D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
BGPsec ECDSA public key: MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEgFcjQ/g//LAQerAH2Mpp+GucoDAGBbhIqD33wNPsXxnAGb+mtZ7XQrVO9DQ6UlAShtig5+QfEKpTtFgiqfiAFQ==
Router key not before: Wed 12 Mar 2025 10:25:51 +0000
Router key not after: Thu 12 Mar 2026 10:25:50 +0000
Subordinate resources: AS: 15562
Validation: OK
Signature path: rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl
rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.mft
rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 11:38:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 128141 (0x1f48d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Validity
Not Before: Mar 12 10:25:51 2025 GMT
Not After : Mar 12 10:25:50 2026 GMT
Subject: CN=ROUTER-00003cca
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:80:57:23:43:f8:3f:fc:b0:10:7a:b0:07:d8:ca:
69:f8:6b:9c:a0:30:06:05:b8:48:a8:3d:f7:c0:d3:
ec:5f:19:c0:19:bf:a6:b5:9e:d7:42:b5:4e:f4:34:
3a:52:50:12:86:d8:a0:e7:e4:1f:10:aa:53:b4:58:
22:a9:f8:80:15
ASN1 OID: prime256v1
NIST CURVE: P-256
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:42:50:E2:D8:1D:44:48:D8:A2:9E:FC:E9:1D:29:FF:07:5E:C9:E2
X509v3 Authority Key Identifier:
keyid:CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
X509v3 Key Usage: critical
Digital Signature
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
15562
X509v3 Extended Key Usage:
BGPsec Router
Signature Algorithm: sha256WithRSAEncryption
0b:7e:5c:5a:f1:42:b8:ef:f0:30:be:3d:27:7b:e1:7b:07:ac:
fd:41:cd:08:11:8e:0b:4f:ad:b7:98:bc:12:52:9c:16:8a:a8:
25:e8:59:e0:ac:83:46:46:e0:a7:48:b2:35:38:15:e8:8a:97:
ef:52:e0:ce:d0:e9:a2:32:1b:1b:25:01:3c:42:6d:d0:77:db:
a7:65:71:88:f1:fc:f8:fa:9c:52:c9:6c:ac:e1:40:c6:4b:1a:
63:1f:89:eb:49:ed:5e:8b:d7:66:94:ab:a8:25:f1:98:9e:7a:
11:b2:c6:8b:44:c0:bb:91:62:f4:9b:35:f4:66:0f:00:16:c8:
d0:fd:b8:56:a1:4a:70:09:6d:0f:6f:53:e0:42:bb:f4:52:b0:
92:ee:3c:22:da:a0:26:56:39:2a:cf:eb:42:b9:55:a0:a8:fa:
12:94:c7:30:86:f3:93:dd:57:51:c3:57:6d:9d:7d:b6:47:30:
73:01:c9:13:f1:15:2e:10:d2:16:71:2f:35:35:9d:f7:6a:8c:
23:b9:e5:4e:6c:bb:92:4f:bc:52:00:05:09:56:41:be:75:14:
1c:66:2c:93:68:d5:13:b0:73:0c:6b:eb:0e:2b:aa:67:fd:73:
49:3a:ee:5c:e4:80:6f:c1:fb:f8:83:aa:53:35:7e:e8:d4:52:
b2:54:dc:78
-----BEGIN CERTIFICATE-----
MIIDfjCCAmagAwIBAgIDAfSNMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNh
YTgwNWRiYWMzNjQ3NDliOWIxMTU1OTBhYjZlZjBmOTcwY2RiZDgwHhcNMjUwMzEy
MTAyNTUxWhcNMjYwMzEyMTAyNTUwWjAtMRgwFgYDVQQDEw9ST1VURVItMDAwMDNj
Y2ExETAPBgNVBAUTCDAwMDAwMDAxMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
gFcjQ/g//LAQerAH2Mpp+GucoDAGBbhIqD33wNPsXxnAGb+mtZ7XQrVO9DQ6UlAS
htig5+QfEKpTtFgiqfiAFaOCAWowggFmMB0GA1UdDgQWBBRdQlDi2B1ESNiinvzp
HSn/B17J4jAfBgNVHSMEGDAWgBTKqAXbrDZHSbmxFVkKtu8Plwzb2DAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMGQGA1UdHwRdMFswWaBXoFWGU3JzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxqb2JzbmlqZGVycy95cWdGMjZ3
MlIwbTVzUlZaQ3JidkQ1Y00yOWcuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC95
cWdGMjZ3MlIwbTVzUlZaQ3JidkQ1Y00yOWcuY2VyMA4GA1UdDwEB/wQEAwIHgDAZ
BggrBgEFBQcBCAEB/wQKMAigBjAEAgI8yjATBgNVHSUEDDAKBggrBgEFBQcDHjAN
BgkqhkiG9w0BAQsFAAOCAQEAC35cWvFCuO/wML49J3vhewes/UHNCBGOC0+tt5i8
ElKcFoqoJehZ4KyDRkbgp0iyNTgV6IqX71LgztDpojIbGyUBPEJt0Hfbp2VxiPH8
+PqcUslsrOFAxksaYx+J60ntXovXZpSrqCXxmJ56EbLGi0TAu5Fi9Js19GYPABbI
0P24VqFKcAltD29T4EK79FKwku48ItqgJlY5Ks/rQrlVoKj6EpTHMIbzk91XUcNX
bZ19tkcwcwHJE/EVLhDSFnEvNTWd92qMI7nlTmy7kk+8UgAFCVZBvnUUHGYsk2jV
E7BzDGvrDiuqZ/1zSTruXOSAb8H7+IOqUzV+6NRSslTceA==
-----END CERTIFICATE-----
Generated at Thu Apr 3 07:30:33 2025 by rpki-client