This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5OF-B7BNx2ydbJH6_C1ahALGS44.cer File: 5OF-B7BNx2ydbJH6_C1ahALGS44.cer (raw, json) Hash identifier: yRk7W2IAEhPbnNduuyne4uDMzVBeHGG0WaWmUrX54pE= Subject key identifier: E4:E1:7E:07:B0:4D:C7:6C:9D:6C:91:FA:FC:2D:5A:84:02:C6:4B:8E Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7AC78C9DD914EF1277D8827A9C13BFA1 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9d/42be5f-2432-4899-a4ff-198adda5a281/1/5OF-B7BNx2ydbJH6_C1ahALGS44.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9d/42be5f-2432-4899-a4ff-198adda5a281/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 18:17:36 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 206141 IP: 147.28.48.0/20 IP: 185.155.188.0/22 IP: 2a07:9540::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:8c:9d:d9:14:ef:12:77:d8:82:7a:9c:13:bf:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 18:17:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e4e17e07b04dc76c9d6c91fafc2d5a8402c64b8e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:b5:e4:16:54:43:32:1a:c9:4a:4b:69:be:91: eb:29:f2:ec:7e:4a:7f:64:d0:1e:98:fb:f9:d3:36: bf:71:69:e4:22:ea:39:c8:1c:9d:53:97:4e:a0:83: 09:00:b2:f2:04:29:4f:f2:84:ad:f9:4d:94:ab:7f: 23:cd:2f:b4:c3:b7:de:46:b0:fc:e7:f1:41:b4:67: dd:cc:4a:a8:3f:e5:ae:57:77:0c:13:88:3f:c5:54: 02:d1:a5:3f:29:4d:c8:8a:a8:50:52:03:6a:e7:3e: 17:0a:06:c7:3b:37:71:4c:82:f6:74:0b:1c:d7:70: 25:f7:31:26:5b:1d:7d:52:f1:4c:dc:31:a4:7f:13: 1e:25:bf:15:50:f0:d2:76:01:01:7c:f3:70:e5:d4: 43:2e:69:7f:2c:61:c7:df:65:43:72:55:9f:9f:4b: d4:8e:45:6e:96:a5:c9:7e:74:c8:9b:a8:d9:c1:7b: 64:34:fb:3f:4a:f6:0d:28:53:77:a3:54:c6:f1:d3: d3:5a:46:84:a7:c7:c2:ed:02:19:33:9e:93:a2:6d: 8b:64:52:2d:ff:2f:f7:47:aa:4a:8f:55:3d:58:c2: d9:8b:6e:af:04:53:70:39:bb:fe:b8:f0:98:7c:bd: 6c:24:00:ec:f2:8b:6c:e4:60:aa:5d:2e:92:d1:d9: 3b:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:E1:7E:07:B0:4D:C7:6C:9D:6C:91:FA:FC:2D:5A:84:02:C6:4B:8E X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/42be5f-2432-4899-a4ff-198adda5a281/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/42be5f-2432-4899-a4ff-198adda5a281/1/5OF-B7BNx2ydbJH6_C1ahALGS44.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 147.28.48.0/20 185.155.188.0/22 IPv6: 2a07:9540::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 206141 Signature Algorithm: sha256WithRSAEncryption 74:bf:30:3c:41:10:95:4c:fc:35:fc:fd:75:c0:54:af:cb:5c: dc:5c:ed:9a:fe:77:70:2b:f4:b5:80:e2:29:2e:f0:48:09:47: d2:ba:0e:f3:32:cf:ec:c3:51:e5:e2:85:b0:c8:c4:10:77:e7: c1:b7:ff:29:76:0f:3e:4b:07:e6:57:35:99:b8:42:32:f0:71: eb:c4:10:32:2e:31:f4:66:55:c9:1b:5c:83:2b:59:ac:10:d6: 36:ab:7c:ae:8f:d6:8b:68:16:e2:87:df:86:a0:90:bc:77:3c: e9:73:af:81:a8:39:10:b5:f8:8c:e6:ad:de:de:c8:99:45:b9: 87:b7:5c:ba:a1:c1:42:39:f4:c5:a7:9f:a7:ea:22:a3:10:c2: 3b:8a:98:75:6e:c1:c8:72:e2:a7:d0:24:24:d0:bd:cb:16:0b: 9f:ab:d4:99:79:90:1f:96:60:85:75:da:6d:e8:8d:09:dd:a1: 2d:fc:47:ec:5f:6d:12:3b:61:33:91:aa:c1:85:e8:4c:b3:97: 36:08:35:30:c4:c3:ce:96:2b:bb:ad:6d:eb:06:c6:02:0f:78: 63:a8:76:2c:6a:e7:32:31:89:11:10:f0:49:7b:42:b6:81:e4: 96:c9:bf:70:a2:dc:a6:d9:e0:20:dc:fe:b7:f4:51:e3:0f:18: 31:9a:e1:a0 -----BEGIN CERTIFICATE----- MIIFqTCCBJGgAwIBAgISAZt6x4yd2RTvEnfYgnqcE7+hMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTgxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlNGUxN2UwN2IwNGRjNzZjOWQ2YzkxZmFmYzJkNWE4NDAyYzY0YjhlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bXkFlRDMhrJSktpvpHrKfLsfkp/ ZNAemPv50za/cWnkIuo5yBydU5dOoIMJALLyBClP8oSt+U2Uq38jzS+0w7feRrD8 5/FBtGfdzEqoP+WuV3cME4g/xVQC0aU/KU3IiqhQUgNq5z4XCgbHOzdxTIL2dAsc 13Al9zEmWx19UvFM3DGkfxMeJb8VUPDSdgEBfPNw5dRDLml/LGHH32VDclWfn0vU jkVulqXJfnTIm6jZwXtkNPs/SvYNKFN3o1TG8dPTWkaEp8fC7QIZM56Tom2LZFIt /y/3R6pKj1U9WMLZi26vBFNwObv+uPCYfL1sJADs8ots5GCqXS6S0dk7TQIDAQAB o4ICtTCCArEwHQYDVR0OBBYEFOThfgewTcdsnWyR+vwtWoQCxkuOMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzlkLzQyYmU1 Zi0yNDMyLTQ4OTktYTRmZi0xOThhZGRhNWEyODEvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQvNDJiZTVm LTI0MzItNDg5OS1hNGZmLTE5OGFkZGE1YTI4MS8xLzVPRi1CN0JOeDJ5ZGJKSDZf QzFhaEFMR1M0NC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF BwEHAQH/BCUwIzASBAIAATAMAwQEkxwwAwQCuZu8MA0EAgACMAcDBQMqB5VAMBoG CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMlPTANBgkqhkiG9w0BAQsFAAOCAQEAdL8w PEEQlUz8Nfz9dcBUr8tc3Fztmv53cCv0tYDiKS7wSAlH0roO8zLP7MNR5eKFsMjE EHfnwbf/KXYPPksH5lc1mbhCMvBx68QQMi4x9GZVyRtcgytZrBDWNqt8ro/Wi2gW 4offhqCQvHc86XOvgag5ELX4jOat3t7ImUW5h7dcuqHBQjn0xaefp+oioxDCO4qY dW7ByHLip9AkJNC9yxYLn6vUmXmQH5ZghXXabeiNCd2hLfxH7F9tEjthM5GqwYXo TLOXNgg1MMTDzpYru61t6wbGAg94Y6h2LGrnMjGJERDwSXtCtoHklsm/cKLcptng INz+t/RR4w8YMZrhoA== -----END CERTIFICATE-----Generated at Tue Jan 27 11:33:13 2026 by rpki-client