Certificate

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nljobsnijders/XUJQ4tgdREjYop786R0p_wdeyeI.cer
File:                     XUJQ4tgdREjYop786R0p_wdeyeI.cer (raw, json)
Hash identifier:          S6SeohUWwDpsX3IwQFdwtGXgtgN77t4V2Ovm/NE4Y/k=
Subject key identifier:   5D:42:50:E2:D8:1D:44:48:D8:A2:9E:FC:E9:1D:29:FF:07:5E:C9:E2
Authority key identifier: CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
Certificate issuer:       /CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Certificate serial:       014626
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
BGPsec ECDSA public key:  MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEgFcjQ/g//LAQerAH2Mpp+GucoDAGBbhIqD33wNPsXxnAGb+mtZ7XQrVO9DQ6UlAShtig5+QfEKpTtFgiqfiAFQ==
Router key not before:    Mon 06 Nov 2023 18:17:25 +0000
Router key not after:     Tue 05 Nov 2024 18:17:24 +0000
Subordinate resources:    AS: 15562

Validation:               OK
Signature path:           rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl
                          rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 25 Feb 2024 05:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 83494 (0x14626)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
        Validity
            Not Before: Nov  6 18:17:25 2023 GMT
            Not After : Nov  5 18:17:24 2024 GMT
        Subject: CN=ROUTER-00003cca/serialNumber=00000001
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub: 
                    04:80:57:23:43:f8:3f:fc:b0:10:7a:b0:07:d8:ca:
                    69:f8:6b:9c:a0:30:06:05:b8:48:a8:3d:f7:c0:d3:
                    ec:5f:19:c0:19:bf:a6:b5:9e:d7:42:b5:4e:f4:34:
                    3a:52:50:12:86:d8:a0:e7:e4:1f:10:aa:53:b4:58:
                    22:a9:f8:80:15
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:42:50:E2:D8:1D:44:48:D8:A2:9E:FC:E9:1D:29:FF:07:5E:C9:E2
            X509v3 Authority Key Identifier:
                keyid:CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer

            X509v3 Key Usage: critical
                Digital Signature
            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  15562

            X509v3 Extended Key Usage:
                BGPsec Router
    Signature Algorithm: sha256WithRSAEncryption
         18:5c:bb:97:58:21:df:75:4b:13:37:2f:33:ea:19:08:4a:78:
         e9:60:39:a8:e1:93:f6:3b:0b:39:39:3a:5d:88:1e:aa:da:ff:
         e5:29:29:34:59:d0:58:f0:27:61:6a:64:bf:3c:31:90:56:55:
         ac:e9:8d:bc:fe:34:a2:a7:93:31:76:7c:04:39:0f:41:41:c8:
         db:13:bd:76:b5:d9:20:b6:61:f7:e5:49:07:79:6d:22:8b:b9:
         a8:65:a7:ba:bf:ce:49:a5:1e:ce:9a:6f:96:a3:fb:27:d4:eb:
         de:fd:be:bf:71:27:bc:0b:cc:fe:6b:66:b7:8a:35:be:07:fd:
         24:70:25:12:e3:6c:81:42:07:52:c1:4f:c5:53:78:84:d9:bc:
         5c:85:a5:b9:ee:ba:60:e9:09:9f:51:3a:b2:2b:0c:f9:6e:20:
         dc:f2:62:b7:89:33:b1:4e:3d:9a:a2:5c:ea:4a:82:74:12:ff:
         60:7b:c2:3d:f1:e2:ff:6f:01:d6:e8:00:93:cb:b0:5a:5e:ff:
         db:40:ad:8b:ca:a9:d9:78:5c:7d:7a:aa:70:14:cf:0a:26:df:
         08:dd:5d:cf:15:9f:03:3f:f4:80:62:1b:de:e5:a4:81:cc:c0:
         eb:f4:09:16:1a:97:71:b1:de:b3:bd:d0:e9:cc:a4:86:df:6a:
         2a:5d:12:18
-----BEGIN CERTIFICATE-----
MIIDfjCCAmagAwIBAgIDAUYmMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNh
YTgwNWRiYWMzNjQ3NDliOWIxMTU1OTBhYjZlZjBmOTcwY2RiZDgwHhcNMjMxMTA2
MTgxNzI1WhcNMjQxMTA1MTgxNzI0WjAtMRgwFgYDVQQDEw9ST1VURVItMDAwMDNj
Y2ExETAPBgNVBAUTCDAwMDAwMDAxMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
gFcjQ/g//LAQerAH2Mpp+GucoDAGBbhIqD33wNPsXxnAGb+mtZ7XQrVO9DQ6UlAS
htig5+QfEKpTtFgiqfiAFaOCAWowggFmMB0GA1UdDgQWBBRdQlDi2B1ESNiinvzp
HSn/B17J4jAfBgNVHSMEGDAWgBTKqAXbrDZHSbmxFVkKtu8Plwzb2DAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMGQGA1UdHwRdMFswWaBXoFWGU3JzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxqb2JzbmlqZGVycy95cWdGMjZ3
MlIwbTVzUlZaQ3JidkQ1Y00yOWcuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC95
cWdGMjZ3MlIwbTVzUlZaQ3JidkQ1Y00yOWcuY2VyMA4GA1UdDwEB/wQEAwIHgDAZ
BggrBgEFBQcBCAEB/wQKMAigBjAEAgI8yjATBgNVHSUEDDAKBggrBgEFBQcDHjAN
BgkqhkiG9w0BAQsFAAOCAQEAGFy7l1gh33VLEzcvM+oZCEp46WA5qOGT9jsLOTk6
XYgeqtr/5SkpNFnQWPAnYWpkvzwxkFZVrOmNvP40oqeTMXZ8BDkPQUHI2xO9drXZ
ILZh9+VJB3ltIou5qGWnur/OSaUezppvlqP7J9Tr3v2+v3EnvAvM/mtmt4o1vgf9
JHAlEuNsgUIHUsFPxVN4hNm8XIWlue66YOkJn1E6sisM+W4g3PJit4kzsU49mqJc
6kqCdBL/YHvCPfHi/28B1ugAk8uwWl7/20Cti8qp2XhcfXqqcBTPCibfCN1dzxWf
Az/0gGIb3uWkgczA6/QJFhqXcbHes73Q6cykht9qKl0SGA==
-----END CERTIFICATE-----
Generated at Sat Feb 24 23:53:06 2024 by rpki-client on console-fra.rpki-client.org