This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CBSas_GOw-02_yqB1ImvEGmcs5I.cer File: CBSas_GOw-02_yqB1ImvEGmcs5I.cer (raw, json) Hash identifier: i0w28Q3n1aHPZEc6uENIpZ9jnWBOO28ZP4y2kDt/yBM= Subject key identifier: 08:14:9A:B3:F1:8E:C3:ED:36:FF:2A:81:D4:89:AF:10:69:9C:B3:92 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B775927F60DA18733B29ED951478EB99F Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2c/911a25-a383-48c2-bf63-d87112ca99ae/1/CBSas_GOw-02_yqB1ImvEGmcs5I.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2c/911a25-a383-48c2-bf63-d87112ca99ae/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 02:18:10 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 192.109.53.0/24 IP: 193.141.107.0/24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:27:f6:0d:a1:87:33:b2:9e:d9:51:47:8e:b9:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 02:18:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=08149ab3f18ec3ed36ff2a81d489af10699cb392 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:d9:a5:0a:b3:2e:82:4c:bc:78:69:4d:64:eb: e9:25:a2:a0:c4:d2:70:61:3a:95:0f:d1:0b:26:e4: 91:44:19:37:17:0d:a5:15:aa:90:da:f8:fc:15:23: 43:05:6f:b4:a5:ed:a0:7f:3a:92:68:5f:90:bf:c3: 7f:e9:6e:17:f8:5e:b1:b6:fb:3e:5d:26:57:5f:66: 3c:17:4d:b4:31:1b:c5:0e:4f:2b:a4:a2:f7:6c:df: ff:93:ab:53:d9:39:dc:90:a2:25:c4:34:22:d4:4d: 6b:bd:fd:b9:b6:4d:c8:a8:3e:d5:55:80:2a:53:2b: dd:dc:28:b3:0d:36:0c:4e:f5:59:ac:d2:0d:0b:19: d8:f0:6e:dd:80:18:76:ae:52:68:0a:85:26:95:cc: fc:01:bf:21:64:70:53:97:fa:4f:95:66:70:7b:cb: 7a:7a:58:19:7f:c8:c3:0c:d8:4b:5a:66:9f:07:fb: 1b:36:fc:7b:80:58:a0:b0:05:9c:7a:bd:90:58:97: e8:80:80:19:83:76:d9:7c:73:a9:c4:86:f9:27:32: c2:8f:7e:82:b6:28:aa:7b:40:a8:9e:e7:09:5f:9f: d4:74:73:ee:9f:39:e6:1b:a2:d9:b9:b2:07:92:17: 4d:66:f2:36:bf:b6:23:73:de:69:e5:bd:6e:12:7c: 1f:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:14:9A:B3:F1:8E:C3:ED:36:FF:2A:81:D4:89:AF:10:69:9C:B3:92 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/911a25-a383-48c2-bf63-d87112ca99ae/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/911a25-a383-48c2-bf63-d87112ca99ae/1/CBSas_GOw-02_yqB1ImvEGmcs5I.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.109.53.0/24 193.141.107.0/24 Signature Algorithm: sha256WithRSAEncryption 16:ec:a0:fc:70:fe:d5:74:41:f2:7a:27:ff:39:c0:cb:dc:2c: 07:06:d3:78:39:dd:ed:87:b9:b8:e8:1d:a6:b5:f1:c6:00:a3: 54:15:16:02:e3:d3:bc:08:a5:fb:29:a3:61:72:74:d8:f9:31: e5:f5:68:5e:28:26:77:e2:e7:43:b9:57:59:ec:f3:50:da:1c: b1:3c:0f:f8:39:ff:43:5b:32:a1:75:a5:e6:c8:5d:3c:f9:c0: c8:63:ff:66:ce:80:ad:e9:dd:36:29:35:46:fc:cc:7d:a5:68: 27:9d:8d:28:df:32:1e:25:f3:34:2e:14:f6:4b:fa:25:41:1b: fd:65:77:f5:0f:a7:ed:ac:e9:3c:a7:e3:0b:1a:11:53:e3:52: cb:29:c0:42:ce:6d:b5:8b:cd:ae:65:2e:ba:f0:36:88:d7:c0: b1:b8:b2:e7:b2:72:b6:59:22:d9:71:05:29:13:a4:b1:ad:03: 0e:06:58:cb:d8:ce:02:8e:f4:f3:47:40:a7:02:ee:01:95:1a: f4:7d:45:b0:90:c4:b6:06:9f:57:6c:d4:ec:00:c1:42:3b:1e: 82:24:2b:b4:4c:6d:9a:52:77:86:37:96:e6:3c:fa:e0:ae:6a: 80:ae:80:8c:29:dd:bb:90:49:7b:a9:51:d1:d7:b8:0b:95:f7: cd:7b:ce:77 -----BEGIN CERTIFICATE----- MIIFfjCCBGagAwIBAgISAZt3WSf2DaGHM7Ke2VFHjrmfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDIxODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwODE0OWFiM2YxOGVjM2VkMzZmZjJhODFkNDg5YWYxMDY5OWNiMzkyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NmlCrMugky8eGlNZOvpJaKgxNJw YTqVD9ELJuSRRBk3Fw2lFaqQ2vj8FSNDBW+0pe2gfzqSaF+Qv8N/6W4X+F6xtvs+ XSZXX2Y8F020MRvFDk8rpKL3bN//k6tT2TnckKIlxDQi1E1rvf25tk3IqD7VVYAq Uyvd3CizDTYMTvVZrNINCxnY8G7dgBh2rlJoCoUmlcz8Ab8hZHBTl/pPlWZwe8t6 elgZf8jDDNhLWmafB/sbNvx7gFigsAWcer2QWJfogIAZg3bZfHOpxIb5JzLCj36C tiiqe0ConucJX5/UdHPunznmG6LZubIHkhdNZvI2v7Yjc95p5b1uEnwfPQIDAQAB o4ICijCCAoYwHQYDVR0OBBYEFAgUmrPxjsPtNv8qgdSJrxBpnLOSMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJjLzkxMWEy NS1hMzgzLTQ4YzItYmY2My1kODcxMTJjYTk5YWUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMvOTExYTI1 LWEzODMtNDhjMi1iZjYzLWQ4NzExMmNhOTlhZS8xL0NCU2FzX0dPdy0wMl95cUIx SW12RUdtY3M1SS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF BwEHAQH/BBYwFDASBAIAATAMAwQAwG01AwQAwY1rMA0GCSqGSIb3DQEBCwUAA4IB AQAW7KD8cP7VdEHyeif/OcDL3CwHBtN4Od3th7m46B2mtfHGAKNUFRYC49O8CKX7 KaNhcnTY+THl9WheKCZ34udDuVdZ7PNQ2hyxPA/4Of9DWzKhdaXmyF08+cDIY/9m zoCt6d02KTVG/Mx9pWgnnY0o3zIeJfM0LhT2S/olQRv9ZXf1D6ftrOk8p+MLGhFT 41LLKcBCzm21i82uZS668DaI18CxuLLnsnK2WSLZcQUpE6SxrQMOBljL2M4CjvTz R0CnAu4BlRr0fUWwkMS2Bp9XbNTsAMFCOx6CJCu0TG2aUneGN5bmPPrgrmqAroCM Kd27kEl7qVHR17gLlffNe853 -----END CERTIFICATE-----Generated at Mon Feb 9 18:25:25 2026 by rpki-client