This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3XGhKciwiZWUIZnqbRsigmU1DQs.cer File: 3XGhKciwiZWUIZnqbRsigmU1DQs.cer (raw, json) Hash identifier: W78tcV1KB9iK+0mFoLtyzwCmLrJzcDgc+hOBrWbwjs0= Subject key identifier: DD:71:A1:29:C8:B0:89:95:94:21:99:EA:6D:1B:22:82:65:35:0D:0B Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7DC9D64C3D6E613B835975154B8C33BE Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 08:18:58 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 200127 IP: 185.36.236.0/22 IP: 185.76.244.0/22 IP: 2a04:6700::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c9:d6:4c:3d:6e:61:3b:83:59:75:15:4b:8c:33:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 08:18:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dd71a129c8b08995942199ea6d1b228265350d0b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:07:3a:ba:be:57:88:02:e2:0a:54:61:d5:24: 03:be:e3:80:c3:30:e4:f3:40:9e:42:4e:d3:64:dd: 4d:98:6c:78:fd:b1:20:ce:fc:20:b1:c1:77:cb:0b: 21:2b:59:dd:c8:12:18:1b:98:e5:57:1c:74:2a:99: 3d:fa:44:80:9b:b2:03:fc:4b:78:34:e3:e0:29:9a: d9:56:6e:ac:59:a2:01:5e:60:ed:56:d0:85:ea:6a: c2:83:87:a8:33:d1:f8:d8:da:3d:a7:2c:e6:5e:26: b1:38:4f:0a:db:ca:6b:a9:fb:f1:49:6d:89:93:ba: 4c:a1:92:20:67:29:a6:5a:58:fc:c7:c5:9f:c4:90: d3:96:9e:e8:99:21:62:4e:1c:4b:b9:f5:f9:e8:39: bd:d5:9e:b2:9b:a4:d3:75:a3:ca:00:43:2f:35:d4: 93:b5:93:a3:11:39:8e:bc:e9:37:78:d4:54:ee:86: ff:fa:55:4a:87:08:8c:05:7e:a7:5f:4b:e0:dc:e4: f0:db:a4:8e:63:df:ba:3b:fc:97:f8:2b:b9:06:e8: 4e:c6:ed:38:ec:22:16:18:f4:f8:95:29:43:3b:bf: 4e:ef:1a:e4:2a:dd:d9:54:ba:db:49:e5:a6:e3:e0: 31:17:e5:f2:5e:fa:ee:84:ab:bf:67:7a:45:27:ad: eb:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:71:A1:29:C8:B0:89:95:94:21:99:EA:6D:1B:22:82:65:35:0D:0B X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.36.236.0/22 185.76.244.0/22 IPv6: 2a04:6700::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 200127 Signature Algorithm: sha256WithRSAEncryption 3d:26:f3:6c:49:93:70:e3:6e:5f:6c:04:f0:06:9b:c8:bb:36: 72:a0:3b:06:9f:29:36:b0:20:68:0a:02:60:67:7f:f9:5c:54: d0:59:cc:3e:ed:8e:c6:7f:94:10:e4:31:93:31:09:3b:89:39: 0f:07:0b:5f:7f:cf:f6:c0:f7:74:c6:31:61:61:e9:0d:1d:5d: 9d:f7:ea:ec:d8:b8:44:89:7f:56:34:9d:cf:10:57:b7:dc:01: 42:3a:cb:3d:dd:94:87:06:6f:79:c5:fa:12:cc:b7:ce:c5:62: 4c:89:23:e8:cb:2b:3d:ed:b9:27:b6:4e:fc:9e:fb:d8:1f:f9: 55:7d:49:12:fc:4c:25:96:6b:cc:16:da:f8:86:10:72:d7:f6: 8d:0c:a1:6f:c4:4e:48:18:4a:d0:b9:19:d8:8a:bc:fc:36:62: ed:9d:34:ff:2c:25:1b:a4:23:df:93:bd:44:26:f0:ac:b5:9d: dc:d1:7b:e8:16:a4:03:50:b5:4b:75:7b:00:c6:29:a0:cd:10: 2a:88:27:7b:09:db:ff:73:57:25:cd:d7:88:3f:22:19:76:8b: 7d:71:a5:2f:af:81:44:2d:f5:25:40:eb:7b:e5:06:b3:f4:b6: fd:f2:f7:43:4b:67:96:74:95:b0:3a:39:63:cc:2f:a7:f9:d6: 77:2f:2f:5e -----BEGIN CERTIFICATE----- MIIFqTCCBJGgAwIBAgISAZt9ydZMPW5hO4NZdRVLjDO+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDgxODU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZDcxYTEyOWM4YjA4OTk1OTQyMTk5ZWE2ZDFiMjI4MjY1MzUwZDBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwc6ur5XiALiClRh1SQDvuOAwzDk 80CeQk7TZN1NmGx4/bEgzvwgscF3ywshK1ndyBIYG5jlVxx0Kpk9+kSAm7ID/Et4 NOPgKZrZVm6sWaIBXmDtVtCF6mrCg4eoM9H42No9pyzmXiaxOE8K28prqfvxSW2J k7pMoZIgZymmWlj8x8WfxJDTlp7omSFiThxLufX56Dm91Z6ym6TTdaPKAEMvNdST tZOjETmOvOk3eNRU7ob/+lVKhwiMBX6nX0vg3OTw26SOY9+6O/yX+Cu5BuhOxu04 7CIWGPT4lSlDO79O7xrkKt3ZVLrbSeWm4+AxF+XyXvruhKu/Z3pFJ63rjwIDAQAB o4ICtTCCArEwHQYDVR0OBBYEFN1xoSnIsImVlCGZ6m0bIoJlNQ0LMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkwL2I0OTli Ni0wMWY0LTQ0MmMtYmU3Ni1jMGQ4Yzg2Njg5M2YvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAvYjQ5OWI2 LTAxZjQtNDQyYy1iZTc2LWMwZDhjODY2ODkzZi8xLzNYR2hLY2l3aVpXVUlabnFi UnNpZ21VMURRcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF BwEHAQH/BCUwIzASBAIAATAMAwQCuSTsAwQCuUz0MA0EAgACMAcDBQMqBGcAMBoG CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMNvzANBgkqhkiG9w0BAQsFAAOCAQEAPSbz bEmTcONuX2wE8AabyLs2cqA7Bp8pNrAgaAoCYGd/+VxU0FnMPu2Oxn+UEOQxkzEJ O4k5DwcLX3/P9sD3dMYxYWHpDR1dnffq7Ni4RIl/VjSdzxBXt9wBQjrLPd2UhwZv ecX6Esy3zsViTIkj6MsrPe25J7ZO/J772B/5VX1JEvxMJZZrzBba+IYQctf2jQyh b8ROSBhK0LkZ2Iq8/DZi7Z00/ywlG6Qj35O9RCbwrLWd3NF76BakA1C1S3V7AMYp oM0QKognewnb/3NXJc3XiD8iGXaLfXGlL6+BRC31JUDre+UGs/S2/fL3Q0tnlnSV sDo5Y8wvp/nWdy8vXg== -----END CERTIFICATE-----Generated at Tue Jan 27 05:45:08 2026 by rpki-client