This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/BZ9RaALCYTCaYQSHcubq_VhnqZA.cer File: BZ9RaALCYTCaYQSHcubq_VhnqZA.cer (raw, json) Hash identifier: geKadIj2BX7LAWtfD1Nk15JC3uD/i7wOAjee6uKY6/Y= Subject key identifier: 05:9F:51:68:02:C2:61:30:9A:61:04:87:72:E6:EA:FD:58:67:A9:90 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B79EC008F9DCB51481702CC6FC4087E1A Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 14:17:48 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 209865 IP: 213.184.76.0/22 IP: 2a0c:f80::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:00:8f:9d:cb:51:48:17:02:cc:6f:c4:08:7e:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 14:17:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=059f516802c261309a61048772e6eafd5867a990 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:e2:d7:2d:02:c1:8b:eb:99:a3:e1:ea:5a:56: 9d:16:c2:e6:96:1f:22:32:79:0e:5c:81:e2:74:1f: 1f:f9:3f:07:23:28:fc:04:ae:f7:4e:bb:b7:d2:1d: 14:6c:2f:bd:6a:6e:28:be:36:ec:f4:9f:f4:e8:3d: 78:e3:f4:85:a7:1e:b2:c6:0b:ee:c4:f0:31:36:28: 03:b8:f2:c8:7c:58:a2:85:c7:20:c1:7d:21:9f:96: b2:39:88:70:87:b9:2f:a5:1a:f5:ac:1a:eb:fc:e2: 28:31:1a:d2:85:0d:2a:7f:c4:24:45:1f:82:ed:0e: 35:1a:0d:f9:3e:e1:88:3e:53:b1:e3:ec:4d:13:af: 92:12:88:6a:ce:f0:dc:cf:61:64:c6:35:15:f9:6d: 97:ca:0d:15:b5:1a:73:fa:8b:c3:28:0d:35:28:a1: 68:dc:2e:6a:e3:b8:79:16:7d:3a:ac:6c:53:a8:f3: e2:c8:63:73:b8:88:9a:c6:71:4b:6b:bf:c5:b2:fc: 43:bb:d2:01:e1:0c:cb:3c:31:10:8f:0b:cf:28:95: 17:d6:1d:a2:c4:7b:a7:24:8d:5d:c9:60:81:04:60: 6a:8d:a7:5d:1a:0f:6e:cb:f0:3f:a3:36:e2:b7:c0: 08:91:0e:0a:73:32:3a:c6:26:9d:15:ed:96:7b:b1: ee:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:9F:51:68:02:C2:61:30:9A:61:04:87:72:E6:EA:FD:58:67:A9:90 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.184.76.0/22 IPv6: 2a0c:f80::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 209865 Signature Algorithm: sha256WithRSAEncryption 5d:3e:36:af:b8:82:e2:4d:37:7a:7e:f0:d7:a3:df:59:d6:12: 6e:c1:fe:ab:2b:78:32:69:af:72:99:15:79:de:22:bb:ad:9f: 34:88:d2:9e:97:ba:e2:37:a9:41:db:63:f8:16:2c:c0:01:e3: d1:cb:8a:2f:d8:91:ec:07:76:e1:e8:77:76:20:9a:e8:bf:31: 2d:56:ef:e7:80:63:c9:f2:d1:31:09:ea:4f:82:cd:ea:64:13: 33:8d:31:ba:de:3b:7e:cf:51:73:3c:04:dc:a8:c2:cb:ba:35: be:82:2a:28:c6:30:94:1d:35:fb:ea:8f:e0:ea:d8:10:24:d9: 2a:52:1b:ca:92:28:0e:c9:1b:f3:53:8e:54:eb:d0:a6:bf:98: d7:91:97:17:3e:a3:2d:46:a9:fd:86:44:fd:c8:6d:54:95:f7: ba:cc:55:3d:14:dd:6e:e4:9a:76:45:fb:45:a1:70:0a:a6:08: cf:67:5a:b7:9e:a2:fe:57:df:7f:a9:89:45:bb:c3:45:b4:4a: 27:e1:f7:2d:70:5d:06:e6:41:27:0a:46:b6:48:12:23:d9:6a: 18:c6:89:69:46:2f:41:a4:e9:cc:8c:1c:21:00:22:52:c2:66: 9f:56:e5:ff:fa:4e:10:0d:f2:1d:08:69:2b:0a:00:bf:5c:c2: a3:e7:f7:01 -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt57ACPnctRSBcCzG/ECH4aMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTQxNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNTlmNTE2ODAyYzI2MTMwOWE2MTA0ODc3MmU2ZWFmZDU4NjdhOTkwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueLXLQLBi+uZo+HqWladFsLmlh8i MnkOXIHidB8f+T8HIyj8BK73Tru30h0UbC+9am4ovjbs9J/06D144/SFpx6yxgvu xPAxNigDuPLIfFiihccgwX0hn5ayOYhwh7kvpRr1rBrr/OIoMRrShQ0qf8QkRR+C 7Q41Gg35PuGIPlOx4+xNE6+SEohqzvDcz2FkxjUV+W2Xyg0VtRpz+ovDKA01KKFo 3C5q47h5Fn06rGxTqPPiyGNzuIiaxnFLa7/FsvxDu9IB4QzLPDEQjwvPKJUX1h2i xHunJI1dyWCBBGBqjaddGg9uy/A/ozbit8AIkQ4KczI6xiadFe2We7HuZQIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFAWfUWgCwmEwmmEEh3Lm6v1YZ6mQMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhjLzQwODdj Zi03MWU5LTQyY2EtOGMzNS05NTFiMTk4NTY3MWMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMvNDA4N2Nm LTcxZTktNDJjYS04YzM1LTk1MWIxOTg1NjcxYy8xL0JaOVJhQUxDWVRDYVlRU0hj dWJxX1ZobnFaQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQC1bhMMA0EAgACMAcDBQMqDA+AMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwMzyTANBgkqhkiG9w0BAQsFAAOCAQEAXT42r7iC4k03 en7w16PfWdYSbsH+qyt4MmmvcpkVed4iu62fNIjSnpe64jepQdtj+BYswAHj0cuK L9iR7Ad24eh3diCa6L8xLVbv54BjyfLRMQnqT4LN6mQTM40xut47fs9RczwE3KjC y7o1voIqKMYwlB01++qP4OrYECTZKlIbypIoDskb81OOVOvQpr+Y15GXFz6jLUap /YZE/chtVJX3usxVPRTdbuSadkX7RaFwCqYIz2dat56i/lfff6mJRbvDRbRKJ+H3 LXBdBuZBJwpGtkgSI9lqGMaJaUYvQaTpzIwcIQAiUsJmn1bl//pOEA3yHQhpKwoA v1zCo+f3AQ== -----END CERTIFICATE-----Generated at Mon Feb 9 15:07:28 2026 by rpki-client