This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1_rzo_IUDLfG_wzWp_VhSgXk5Gc.cer File: 1_rzo_IUDLfG_wzWp_VhSgXk5Gc.cer (raw, json) Hash identifier: HxBTQGwWV55VYFminqznLvHXlGDR0Gnd7baf30KMKxk= Subject key identifier: D7:FA:F3:A3:F2:14:0C:B7:C6:FF:0C:D6:A7:F5:61:4A:05:E4:E4:67 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7C80DA0E71945C6AEC9A403DF738B786 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/22/df94e2-7cc9-41a1-952f-f3797cfd65ae/1/1_rzo_IUDLfG_wzWp_VhSgXk5Gc.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/22/df94e2-7cc9-41a1-952f-f3797cfd65ae/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 02:19:37 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 210103 IP: 146.19.11.0/24 IP: 2a12:1d00::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 03:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:da:0e:71:94:5c:6a:ec:9a:40:3d:f7:38:b7:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 02:19:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d7faf3a3f2140cb7c6ff0cd6a7f5614a05e4e467 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:87:cb:37:23:0f:c0:6d:b7:bb:a2:f4:cd:f0: 0d:7f:7d:d2:a0:fa:7e:9b:d9:89:7d:e1:c0:b2:53: 26:43:39:1e:53:77:64:3c:d0:b9:fe:00:13:70:0c: 05:da:c8:2a:db:0f:1e:64:ac:4d:61:29:b5:c8:81: b3:ee:90:5a:f6:69:1c:33:72:32:c1:c3:17:9a:8c: e7:bb:2c:d9:97:33:05:a1:ed:ef:92:29:1f:2f:4b: e6:ff:62:05:3c:f6:67:75:ff:5a:ce:08:7e:83:44: 0e:56:3c:74:d0:e2:30:ab:c2:20:bb:06:db:b4:14: a0:82:6f:5f:62:71:79:6e:de:e5:ce:ab:54:87:44: 11:fc:dd:a4:aa:25:6e:64:03:b3:26:bc:2a:bc:6b: 3f:27:82:ed:e4:dc:34:49:7d:f6:56:28:53:c0:cb: cd:0a:87:aa:e5:a5:a1:0b:32:cb:98:17:29:24:3e: 93:77:d5:62:cf:71:8c:95:cd:42:d4:64:41:f2:70: 9a:b2:18:19:04:83:c6:4f:04:b1:c3:d6:cd:30:1b: 73:c3:3c:fa:8d:13:d8:f9:c4:af:4f:b7:98:14:73: e3:1a:12:3e:32:4b:b9:88:8f:1c:66:34:be:e1:61: 0f:5d:eb:c7:4e:8e:6b:ef:29:c7:27:07:2a:74:62: fa:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:FA:F3:A3:F2:14:0C:B7:C6:FF:0C:D6:A7:F5:61:4A:05:E4:E4:67 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/df94e2-7cc9-41a1-952f-f3797cfd65ae/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/df94e2-7cc9-41a1-952f-f3797cfd65ae/1/1_rzo_IUDLfG_wzWp_VhSgXk5Gc.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 146.19.11.0/24 IPv6: 2a12:1d00::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 210103 Signature Algorithm: sha256WithRSAEncryption 40:7a:a5:0b:46:36:58:8f:5b:95:c7:18:fb:a7:9a:8d:53:b2: 39:f4:8f:0c:75:48:de:08:bc:ef:c9:b5:f1:32:ef:17:e4:63: de:ca:e9:ee:fb:1f:88:03:4d:e0:b3:3c:2c:6d:92:6a:14:22: 88:75:e5:27:b6:dc:4d:81:87:68:55:e1:f7:6c:76:23:52:43: 96:42:a0:69:5e:cc:1b:06:e4:89:98:8e:12:1b:fb:8d:87:2b: 31:65:96:57:1a:2f:26:fb:30:d2:58:bf:2d:47:84:36:08:df: c2:99:ee:12:88:52:57:36:47:fe:75:cd:eb:46:0d:7f:6f:07: d7:5d:4a:2f:f1:1e:07:e0:c7:d2:96:60:cd:3e:94:21:81:17: ad:f7:0e:89:7a:eb:26:34:3d:04:f7:0d:cc:fa:7e:7a:ca:76: 13:b7:38:08:78:17:20:b3:71:28:96:a9:56:9d:dc:48:69:a8: 9d:0e:c7:aa:35:d3:59:40:3d:55:a1:52:34:03:fc:97:b9:78: a5:cf:53:57:c2:cc:94:58:b8:e8:53:05:f6:d6:01:78:6b:e4: c4:14:1a:6b:ce:a4:18:43:25:96:06:f8:7a:2b:e4:d3:6d:31: 76:03:63:b9:00:aa:ae:75:27:37:d0:7c:46:cb:a6:16:fe:59: bb:63:dc:5b -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt8gNoOcZRcauyaQD33OLeGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDIxOTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkN2ZhZjNhM2YyMTQwY2I3YzZmZjBjZDZhN2Y1NjE0YTA1ZTRlNDY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIfLNyMPwG23u6L0zfANf33SoPp+ m9mJfeHAslMmQzkeU3dkPNC5/gATcAwF2sgq2w8eZKxNYSm1yIGz7pBa9mkcM3Iy wcMXmoznuyzZlzMFoe3vkikfL0vm/2IFPPZndf9azgh+g0QOVjx00OIwq8Iguwbb tBSggm9fYnF5bt7lzqtUh0QR/N2kqiVuZAOzJrwqvGs/J4Lt5Nw0SX32VihTwMvN Coeq5aWhCzLLmBcpJD6Td9Viz3GMlc1C1GRB8nCashgZBIPGTwSxw9bNMBtzwzz6 jRPY+cSvT7eYFHPjGhI+Mku5iI8cZjS+4WEPXevHTo5r7ynHJwcqdGL6IQIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFNf686PyFAy3xv8M1qf1YUoF5ORnMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIyL2RmOTRl Mi03Y2M5LTQxYTEtOTUyZi1mMzc5N2NmZDY1YWUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIvZGY5NGUy LTdjYzktNDFhMS05NTJmLWYzNzk3Y2ZkNjVhZS8xLzFfcnpvX0lVRExmR193eldw X1ZoU2dYazVHYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQAkhMLMA0EAgACMAcDBQMqEh0AMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwM0tzANBgkqhkiG9w0BAQsFAAOCAQEAQHqlC0Y2WI9b lccY+6eajVOyOfSPDHVI3gi878m18TLvF+Rj3srp7vsfiANN4LM8LG2SahQiiHXl J7bcTYGHaFXh92x2I1JDlkKgaV7MGwbkiZiOEhv7jYcrMWWWVxovJvsw0li/LUeE NgjfwpnuEohSVzZH/nXN60YNf28H111KL/EeB+DH0pZgzT6UIYEXrfcOiXrrJjQ9 BPcNzPp+esp2E7c4CHgXILNxKJapVp3cSGmonQ7HqjXTWUA9VaFSNAP8l7l4pc9T V8LMlFi46FMF9tYBeGvkxBQaa86kGEMllgb4eivk020xdgNjuQCqrnUnN9B8Rsum Fv5Zu2PcWw== -----END CERTIFICATE-----Generated at Tue Jan 20 07:49:32 2026 by rpki-client