Certificate
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nljobsnijders/XUJQ4tgdREjYop786R0p_wdeyeI.cer
File: XUJQ4tgdREjYop786R0p_wdeyeI.cer (raw, json)
Hash identifier: DrDVi/JiphSff/KUlYHrSjbrW1zgVdfqUcsc6Tdez74=
Subject key identifier: 5D:42:50:E2:D8:1D:44:48:D8:A2:9E:FC:E9:1D:29:FF:07:5E:C9:E2
Authority key identifier: CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
Certificate issuer: /CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Certificate serial: 0216DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
BGPsec ECDSA public key: MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEgFcjQ/g//LAQerAH2Mpp+GucoDAGBbhIqD33wNPsXxnAGb+mtZ7XQrVO9DQ6UlAShtig5+QfEKpTtFgiqfiAFQ==
Router key not before: Wed 11 Jun 2025 21:16:28 +0000
Router key not after: Thu 11 Jun 2026 21:16:27 +0000
Subordinate resources: AS: 15562
Validation: OK
Signature path: rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl
rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.mft
rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 23 Jun 2025 06:12:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 136926 (0x216de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caa805dbac364749b9b115590ab6ef0f970cdbd8
Validity
Not Before: Jun 11 21:16:28 2025 GMT
Not After : Jun 11 21:16:27 2026 GMT
Subject: CN=ROUTER-00003cca, serialNumber=00000001
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:80:57:23:43:f8:3f:fc:b0:10:7a:b0:07:d8:ca:
69:f8:6b:9c:a0:30:06:05:b8:48:a8:3d:f7:c0:d3:
ec:5f:19:c0:19:bf:a6:b5:9e:d7:42:b5:4e:f4:34:
3a:52:50:12:86:d8:a0:e7:e4:1f:10:aa:53:b4:58:
22:a9:f8:80:15
ASN1 OID: prime256v1
NIST CURVE: P-256
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:42:50:E2:D8:1D:44:48:D8:A2:9E:FC:E9:1D:29:FF:07:5E:C9:E2
X509v3 Authority Key Identifier:
keyid:CA:A8:05:DB:AC:36:47:49:B9:B1:15:59:0A:B6:EF:0F:97:0C:DB:D8
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nljobsnijders/yqgF26w2R0m5sRVZCrbvD5cM29g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yqgF26w2R0m5sRVZCrbvD5cM29g.cer
X509v3 Key Usage: critical
Digital Signature
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
15562
X509v3 Extended Key Usage:
BGPsec Router
Signature Algorithm: sha256WithRSAEncryption
51:2a:76:8e:ea:ec:dc:54:e3:65:ff:a6:e3:a7:d1:3c:5c:4d:
7e:52:55:2a:3e:27:89:05:27:2a:63:01:a0:5e:46:c2:13:37:
ad:ed:42:2f:17:4a:d4:9e:27:ca:1e:a4:f8:54:e6:ff:6f:77:
56:f6:ec:36:ac:54:b4:5f:c5:4d:c8:9c:25:40:e4:8a:b5:45:
e0:38:3d:f1:e4:40:c1:48:2e:2c:3b:75:a1:c1:f8:a2:95:a0:
ca:d0:7f:a0:13:c7:39:25:e3:f6:6d:16:eb:bb:5b:ef:86:63:
58:b0:b1:8f:fa:77:a9:3a:e7:02:22:db:d9:2a:3a:45:a7:2a:
23:37:c5:f4:03:df:9f:08:70:aa:c7:06:6c:8f:dd:34:44:38:
12:3b:ae:6e:22:ae:57:3c:a5:95:0f:6e:bf:c2:1b:56:91:0f:
df:ae:06:11:cc:c5:9f:d6:92:9f:ff:74:b7:70:bb:de:48:dc:
3f:a7:c3:3a:48:9c:2b:f9:15:60:bb:4a:47:5f:c6:e0:37:25:
7e:5b:e2:7f:26:7d:8c:9c:b2:f6:33:33:40:dd:da:0e:9b:a6:
a5:f9:ba:37:fb:2f:d6:63:b2:42:05:be:dc:22:86:dc:54:38:
35:e9:26:e5:20:7e:ac:95:76:51:18:fa:6d:0f:d0:51:bc:7f:
44:95:53:f7
-----BEGIN CERTIFICATE-----
MIIDfjCCAmagAwIBAgIDAhbeMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNh
YTgwNWRiYWMzNjQ3NDliOWIxMTU1OTBhYjZlZjBmOTcwY2RiZDgwHhcNMjUwNjEx
MjExNjI4WhcNMjYwNjExMjExNjI3WjAtMRgwFgYDVQQDEw9ST1VURVItMDAwMDNj
Y2ExETAPBgNVBAUTCDAwMDAwMDAxMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
gFcjQ/g//LAQerAH2Mpp+GucoDAGBbhIqD33wNPsXxnAGb+mtZ7XQrVO9DQ6UlAS
htig5+QfEKpTtFgiqfiAFaOCAWowggFmMB0GA1UdDgQWBBRdQlDi2B1ESNiinvzp
HSn/B17J4jAfBgNVHSMEGDAWgBTKqAXbrDZHSbmxFVkKtu8Plwzb2DAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMGQGA1UdHwRdMFswWaBXoFWGU3JzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxqb2JzbmlqZGVycy95cWdGMjZ3
MlIwbTVzUlZaQ3JidkQ1Y00yOWcuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC95
cWdGMjZ3MlIwbTVzUlZaQ3JidkQ1Y00yOWcuY2VyMA4GA1UdDwEB/wQEAwIHgDAZ
BggrBgEFBQcBCAEB/wQKMAigBjAEAgI8yjATBgNVHSUEDDAKBggrBgEFBQcDHjAN
BgkqhkiG9w0BAQsFAAOCAQEAUSp2jurs3FTjZf+m46fRPFxNflJVKj4niQUnKmMB
oF5GwhM3re1CLxdK1J4nyh6k+FTm/293VvbsNqxUtF/FTcicJUDkirVF4Dg98eRA
wUguLDt1ocH4opWgytB/oBPHOSXj9m0W67tb74ZjWLCxj/p3qTrnAiLb2So6Racq
IzfF9APfnwhwqscGbI/dNEQ4EjuubiKuVzyllQ9uv8IbVpEP364GEczFn9aSn/90
t3C73kjcP6fDOkicK/kVYLtKR1/G4DclflvifyZ9jJyy9jMzQN3aDpumpfm6N/sv
1mOyQgW+3CKG3FQ4Nekm5SB+rJV2URj6bQ/QUbx/RJVT9w==
-----END CERTIFICATE-----
Generated at Mon Jun 23 02:29:34 2025 by rpki-client