Certificate

$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nljobsnijders/voibVdC3Nzl9dcSfSFuFj6mK0R8.cer
File:                     voibVdC3Nzl9dcSfSFuFj6mK0R8.cer (raw, json)
Hash identifier:          aGvHK7xCSvT1T3eRlcIa4VqcMIU/7K8Kac7axNqmkjE=
Subject key identifier:   BE:88:9B:55:D0:B7:37:39:7D:75:C4:9F:48:5B:85:8F:A9:8A:D1:1F
Authority key identifier: CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
Certificate issuer:       /CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Certificate serial:       014EC8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
BGPsec ECDSA public key:  MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE4FxJr0n2bux1uX1Evl+QWwZYvIadPjLuFX2mxqKuAGUhKnr7VLLDgrE++l9p5eH2kWTNVAN22FUU3db/RKpE2w==
Router key not before:    Wed 29 Nov 2023 16:40:02 +0000
Router key not after:     Thu 28 Nov 2024 16:40:01 +0000
Subordinate resources:    AS: 15562

Validation:               OK
Signature path:           rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl
                          rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 13:36:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 85704 (0x14ec8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
        Validity
            Not Before: Nov 29 16:40:02 2023 GMT
            Not After : Nov 28 16:40:01 2024 GMT
        Subject: CN=ROUTER-00003cca/serialNumber=00000001
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub: 
                    04:e0:5c:49:af:49:f6:6e:ec:75:b9:7d:44:be:5f:
                    90:5b:06:58:bc:86:9d:3e:32:ee:15:7d:a6:c6:a2:
                    ae:00:65:21:2a:7a:fb:54:b2:c3:82:b1:3e:fa:5f:
                    69:e5:e1:f6:91:64:cd:54:03:76:d8:55:14:dd:d6:
                    ff:44:aa:44:db
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:88:9B:55:D0:B7:37:39:7D:75:C4:9F:48:5B:85:8F:A9:8A:D1:1F
            X509v3 Authority Key Identifier:
                keyid:CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer

            X509v3 Key Usage: critical
                Digital Signature
            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  15562

            X509v3 Extended Key Usage:
                BGPsec Router
    Signature Algorithm: sha256WithRSAEncryption
         5d:eb:9f:7a:17:04:8b:b8:dc:05:68:a1:bb:61:60:1b:9a:54:
         f9:5f:cd:a4:75:40:ff:2b:cd:2c:d2:3e:dc:c2:51:8a:fe:19:
         29:4e:3b:08:d1:15:f1:c1:57:5e:f4:70:26:ac:50:04:8e:13:
         ef:7b:7c:57:95:16:1b:ff:ff:e3:71:79:6b:ee:8b:80:1f:9c:
         f2:07:a5:3f:ca:4c:d7:f1:a8:a8:12:df:85:ec:0a:73:e1:7d:
         a2:84:c0:a6:8d:c9:d8:b7:e3:9b:70:a5:d1:4c:c2:4b:c9:22:
         e6:f2:7d:86:0a:bd:cf:38:48:c5:f6:90:90:c7:2a:24:37:03:
         37:bf:29:ce:06:cb:8d:c8:8b:05:f3:ff:e7:d4:e8:68:15:40:
         83:39:29:2c:43:d8:b5:37:ab:a2:dc:10:a8:ce:90:84:41:80:
         77:09:ea:11:52:4f:64:66:cb:e9:94:af:5e:71:c7:c7:04:95:
         f6:f9:7a:82:29:56:d7:7b:f2:47:71:6f:59:af:c1:00:45:38:
         19:6b:f0:75:db:30:cb:3a:85:6f:3f:c1:5b:e4:1f:ad:fb:76:
         d0:6f:4f:ff:35:4f:2a:83:00:ee:8d:45:d2:c1:3c:e4:c7:14:
         73:4b:ad:72:88:9b:8f:fb:31:38:f8:a9:bd:00:ca:7e:9b:01:
         98:f8:a5:f6
-----BEGIN CERTIFICATE-----
MIIDfjCCAmagAwIBAgIDAU7IMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNh
YTgwNWRiYWMzNjQ3NDliOWIxMTU1OTBhYjZlZjBmOTcwY2RiZDgwHhcNMjMxMTI5
MTY0MDAyWhcNMjQxMTI4MTY0MDAxWjAtMRgwFgYDVQQDEw9ST1VURVItMDAwMDNj
Y2ExETAPBgNVBAUTCDAwMDAwMDAxMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
4FxJr0n2bux1uX1Evl+QWwZYvIadPjLuFX2mxqKuAGUhKnr7VLLDgrE++l9p5eH2
kWTNVAN22FUU3db/RKpE26OCAWowggFmMB0GA1UdDgQWBBS+iJtV0Lc3OX11xJ9I
W4WPqYrRHzAfBgNVHSMEGDAWgBTKqAXbrDZHSbmxFVkKtu8Plwzb2DAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMGQGA1UdHwRdMFswWaBXoFWGU3JzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxqb2JzbmlqZGVycy95cWdGMjZ3
MlIwbTVzUlZaQ3JidkQ1Y00yOWcuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC95
cWdGMjZ3MlIwbTVzUlZaQ3JidkQ1Y00yOWcuY2VyMA4GA1UdDwEB/wQEAwIHgDAZ
BggrBgEFBQcBCAEB/wQKMAigBjAEAgI8yjATBgNVHSUEDDAKBggrBgEFBQcDHjAN
BgkqhkiG9w0BAQsFAAOCAQEAXeufehcEi7jcBWihu2FgG5pU+V/NpHVA/yvNLNI+
3MJRiv4ZKU47CNEV8cFXXvRwJqxQBI4T73t8V5UWG///43F5a+6LgB+c8gelP8pM
1/GoqBLfhewKc+F9ooTApo3J2Lfjm3Cl0UzCS8ki5vJ9hgq9zzhIxfaQkMcqJDcD
N78pzgbLjciLBfP/59ToaBVAgzkpLEPYtTerotwQqM6QhEGAdwnqEVJPZGbL6ZSv
XnHHxwSV9vl6gilW13vyR3FvWa/BAEU4GWvwddswyzqFbz/BW+Qfrft20G9P/zVP
KoMA7o1F0sE85McUc0utcoibj/sxOPipvQDKfpsBmPil9g==
-----END CERTIFICATE-----
Generated at Fri Mar 29 08:11:15 2024 by rpki-client on console-fra.rpki-client.org