This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3y4c6U6IoT84_n-UO3lBa8B6HfA.cer File: 3y4c6U6IoT84_n-UO3lBa8B6HfA.cer (raw, json) Hash identifier: pIlzHfD4xRRo61YN50x76oXxs52ut3oHi/MgrK/SqUI= Subject key identifier: DF:2E:1C:E9:4E:88:A1:3F:38:FE:7F:94:3B:79:41:6B:C0:7A:1D:F0 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7B3691B6A65BF76F21A154C487ACCEFB Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/82/78d8f4-3e0f-4bbe-9214-5374c7e0ffa1/1/3y4c6U6IoT84_n-UO3lBa8B6HfA.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/82/78d8f4-3e0f-4bbe-9214-5374c7e0ffa1/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 20:18:52 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 200129 IP: 185.36.180.0/22 IP: 2a00:e860::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:91:b6:a6:5b:f7:6f:21:a1:54:c4:87:ac:ce:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 20:18:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=df2e1ce94e88a13f38fe7f943b79416bc07a1df0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:99:2f:40:03:21:58:d8:98:a2:49:22:60:b5: a5:23:bc:05:3a:23:28:13:46:76:d4:b6:ad:2d:5c: 97:92:41:c3:52:6b:d4:e0:0e:73:dc:f8:3d:1f:32: da:df:c0:96:37:d5:c1:f9:75:74:e3:8b:94:47:b5: 14:3c:14:f9:85:11:5b:29:55:f7:b6:79:4e:17:26: c8:4c:1c:e1:5a:8e:6f:a5:74:97:02:d4:1e:60:05: a0:59:d8:cb:a2:72:15:15:14:46:5c:c1:06:e7:cb: 68:20:6d:7c:24:cc:4a:e6:9a:82:63:2e:64:64:c5: 78:8b:38:34:ac:61:bf:41:2c:62:81:b2:54:3f:23: 90:bd:9d:1d:08:8c:d7:92:a9:c1:0f:fb:ae:89:f0: 4b:38:46:2c:11:65:fc:51:63:2c:fc:2b:f8:79:f7: fd:5f:4d:f7:3b:8e:1c:92:ce:e8:51:16:79:9e:b5: dc:25:d6:8a:11:2c:b2:4b:7a:da:8d:ac:43:f1:c9: b1:9c:e8:6b:6f:fa:ba:e4:65:90:4c:31:83:d2:81: 83:34:47:d5:a8:6f:d4:da:e2:bb:41:0f:27:b4:80: e9:44:40:4c:79:e7:6d:2b:81:b1:eb:be:bc:44:74: e1:78:ed:62:71:93:04:f9:04:a0:67:37:34:bd:73: fb:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:2E:1C:E9:4E:88:A1:3F:38:FE:7F:94:3B:79:41:6B:C0:7A:1D:F0 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/78d8f4-3e0f-4bbe-9214-5374c7e0ffa1/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/78d8f4-3e0f-4bbe-9214-5374c7e0ffa1/1/3y4c6U6IoT84_n-UO3lBa8B6HfA.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.36.180.0/22 IPv6: 2a00:e860::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 200129 Signature Algorithm: sha256WithRSAEncryption 41:d1:11:97:1b:14:5b:12:7b:b2:eb:10:0b:96:ff:35:b8:99: 90:fe:1d:c6:c3:8f:6a:a4:73:bc:76:4b:10:45:1b:10:3f:41: ed:79:d5:c1:55:c6:71:4e:2f:5e:81:cc:37:2c:2c:0e:3e:7f: ab:7f:c5:c6:af:59:77:31:a2:cf:2b:3a:de:af:8a:a5:a2:1d: 24:14:21:1b:18:4f:68:7e:4d:dd:e0:82:98:41:e4:c8:38:5b: 6d:4a:8e:bf:fc:2b:d1:bd:83:16:a8:18:bf:cc:c0:00:79:68: 89:3b:64:ff:f8:4c:01:fe:16:df:6a:3a:90:47:30:63:05:77: 60:50:2e:df:d3:e8:da:e3:56:ba:03:cd:69:da:22:08:43:4b: 3b:69:87:4d:2c:e2:c2:fd:54:62:63:2b:3b:8e:02:dc:46:e1: 54:97:aa:8e:b7:4f:ff:17:e0:5c:00:dc:bd:d3:c9:07:80:39: c5:67:c8:23:b4:03:31:7e:ae:b2:0b:21:74:11:1d:7c:3d:8a: de:96:22:95:25:2a:a6:72:b6:59:d3:5b:76:81:01:cf:a4:5b: 88:63:27:42:7a:cf:b0:a4:cd:f7:b8:58:0e:44:26:56:79:5e: b1:27:53:87:33:29:e5:55:3c:2c:e9:d1:e2:4f:7a:f2:b6:4f: 61:67:70:15 -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt7NpG2plv3byGhVMSHrM77MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjAxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZjJlMWNlOTRlODhhMTNmMzhmZTdmOTQzYjc5NDE2YmMwN2ExZGYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5kvQAMhWNiYokkiYLWlI7wFOiMo E0Z21LatLVyXkkHDUmvU4A5z3Pg9HzLa38CWN9XB+XV044uUR7UUPBT5hRFbKVX3 tnlOFybITBzhWo5vpXSXAtQeYAWgWdjLonIVFRRGXMEG58toIG18JMxK5pqCYy5k ZMV4izg0rGG/QSxigbJUPyOQvZ0dCIzXkqnBD/uuifBLOEYsEWX8UWMs/Cv4eff9 X033O44cks7oURZ5nrXcJdaKESyyS3rajaxD8cmxnOhrb/q65GWQTDGD0oGDNEfV qG/U2uK7QQ8ntIDpREBMeedtK4Gx6768RHTheO1icZME+QSgZzc0vXP7aQIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFN8uHOlOiKE/OP5/lDt5QWvAeh3wMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgyLzc4ZDhm NC0zZTBmLTRiYmUtOTIxNC01Mzc0YzdlMGZmYTEvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIvNzhkOGY0 LTNlMGYtNGJiZS05MjE0LTUzNzRjN2UwZmZhMS8xLzN5NGM2VTZJb1Q4NF9uLVVP M2xCYThCNkhmQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCuSS0MA0EAgACMAcDBQAqAOhgMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwMNwTANBgkqhkiG9w0BAQsFAAOCAQEAQdERlxsUWxJ7 susQC5b/NbiZkP4dxsOPaqRzvHZLEEUbED9B7XnVwVXGcU4vXoHMNywsDj5/q3/F xq9ZdzGizys63q+KpaIdJBQhGxhPaH5N3eCCmEHkyDhbbUqOv/wr0b2DFqgYv8zA AHloiTtk//hMAf4W32o6kEcwYwV3YFAu39Po2uNWugPNadoiCENLO2mHTSziwv1U YmMrO44C3EbhVJeqjrdP/xfgXADcvdPJB4A5xWfII7QDMX6usgshdBEdfD2K3pYi lSUqpnK2WdNbdoEBz6RbiGMnQnrPsKTN97hYDkQmVnlesSdThzMp5VU8LOnR4k96 8rZPYWdwFQ== -----END CERTIFICATE-----Generated at Mon Feb 9 18:28:31 2026 by rpki-client