This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CNOlFWg-nduF0456s5wzrtrK9-8.cer File: CNOlFWg-nduF0456s5wzrtrK9-8.cer (raw, json) Hash identifier: MO/WTJVpg6oOsQhtl78C1tOagnsfFDSf3+M2sb5nFeI= Subject key identifier: 08:D3:A5:15:68:3E:9D:DB:85:D3:8E:7A:B3:9C:33:AE:DA:CA:F7:EF Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B76EADCCA2ED4049A1A55778DFFFE9B10 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a9/67cfa0-a32b-4063-9370-0b5c5d94426a/1/CNOlFWg-nduF0456s5wzrtrK9-8.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a9/67cfa0-a32b-4063-9370-0b5c5d94426a/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 00:17:42 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 42229 AS: 47806 AS: 60134 AS: 208103 AS: 210847 AS: 211653 IP: 2.57.2.0/24 IP: 93.88.28.0/22 IP: 152.89.144.0/22 IP: 176.119.206.0/24 IP: 185.1.90.0/24 IP: 185.182.180.0/22 IP: 185.251.208.0/22 IP: 193.30.124.0/23 IP: 193.30.128.0/23 IP: 193.37.84.0/22 IP: 193.163.179.0/24 IP: 213.232.248.0/24 IP: 2001:7f8:b2::/48 IP: 2a0c:e40::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:dc:ca:2e:d4:04:9a:1a:55:77:8d:ff:fe:9b:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 00:17:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=08d3a515683e9ddb85d38e7ab39c33aedacaf7ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:5a:77:0f:22:f5:c4:1e:24:85:b6:4c:7e:cb: c4:25:75:b3:f0:66:6a:71:28:84:15:81:bf:40:14: ec:50:40:6f:97:45:fd:73:52:05:93:15:8c:bf:4a: 06:7a:5b:c8:9a:4d:25:ea:0b:38:bc:4f:3e:73:4c: 42:18:b3:29:f8:67:1a:bc:35:be:4c:b1:99:00:5b: 37:d4:96:a7:d7:16:d8:a7:70:df:3c:e4:bd:d0:87: 21:2f:5a:13:72:d6:68:e5:04:15:d7:d6:31:01:a1: b4:fb:fb:cf:70:9a:cd:16:29:93:cd:3d:4b:d8:d3: 43:07:ec:73:00:54:b7:e6:87:1f:0c:38:44:5a:3e: 5e:2a:3c:ba:69:4b:43:2e:6b:fa:8f:09:af:02:c8: d4:40:1b:f3:be:a5:ba:87:90:15:5a:4b:08:2a:7f: 9c:23:56:8f:e6:e2:b4:61:b9:9e:4e:fc:11:6f:0c: 15:48:fe:75:39:d0:bf:d3:51:e6:c3:e0:dd:dc:64: 77:62:21:d6:4d:b4:59:be:ef:24:7b:a6:8f:ad:91: b4:ed:6e:8c:00:1d:0b:1c:20:35:ef:47:5d:c2:21: e2:31:5d:2f:3e:5e:81:71:81:d2:8d:a0:d1:b2:33: 2a:dd:fd:8c:1e:90:92:63:c4:c7:27:96:b7:e1:86: f0:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:D3:A5:15:68:3E:9D:DB:85:D3:8E:7A:B3:9C:33:AE:DA:CA:F7:EF X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/67cfa0-a32b-4063-9370-0b5c5d94426a/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/67cfa0-a32b-4063-9370-0b5c5d94426a/1/CNOlFWg-nduF0456s5wzrtrK9-8.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.57.2.0/24 93.88.28.0/22 152.89.144.0/22 176.119.206.0/24 185.1.90.0/24 185.182.180.0/22 185.251.208.0/22 193.30.124.0/23 193.30.128.0/23 193.37.84.0/22 193.163.179.0/24 213.232.248.0/24 IPv6: 2001:7f8:b2::/48 2a0c:e40::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 42229 47806 60134 208103 210847 211653 Signature Algorithm: sha256WithRSAEncryption 69:8e:c9:9c:69:ab:a9:14:41:05:a3:71:87:e7:59:1b:3b:ac: 37:f8:47:58:2d:4a:c2:52:72:41:fd:b8:26:1e:da:b0:85:ec: d7:54:c6:13:1f:34:ef:a0:6c:80:5e:8d:79:1d:86:29:59:9e: 14:ec:a2:64:9f:f8:5c:65:f7:4a:de:76:4e:33:ef:cc:f5:5f: 55:4d:c6:8a:39:bf:7a:1e:0c:f9:88:fd:8b:37:6b:1a:e4:c7: e5:64:2a:e4:7e:c0:27:c8:4c:32:36:da:d8:41:74:f8:a3:4d: b1:8b:9c:bd:a0:f1:71:43:a6:80:f7:56:76:42:d1:97:78:12: fe:1a:e6:df:eb:83:5b:27:ed:fd:4f:ac:59:18:4f:f8:28:92: f5:52:b2:2c:57:d1:f9:7e:02:d8:16:fe:a3:32:89:b0:08:f5: 20:eb:5f:f4:34:af:0f:6d:37:0f:f7:e7:34:22:8e:7c:04:ad: 07:11:56:16:f5:0c:bd:af:1f:1d:93:22:e0:46:67:17:b0:a4: 63:0e:28:20:c8:4a:ca:d3:3f:ff:2f:cc:e7:79:5a:a1:7d:11: c1:2e:fb:93:62:d6:cf:d1:a2:85:9e:4f:ec:8c:a9:cd:02:a9: 78:e8:a8:38:4b:ee:a6:ab:8d:91:b0:d1:45:7a:ae:d2:80:ac: bd:99:7d:d0 -----BEGIN CERTIFICATE----- MIIGBzCCBO+gAwIBAgISAZt26tzKLtQEmhpVd43//psQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDAxNzQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOGQzYTUxNTY4M2U5ZGRiODVkMzhlN2FiMzljMzNhZWRhY2FmN2VmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilp3DyL1xB4khbZMfsvEJXWz8GZq cSiEFYG/QBTsUEBvl0X9c1IFkxWMv0oGelvImk0l6gs4vE8+c0xCGLMp+GcavDW+ TLGZAFs31Jan1xbYp3DfPOS90IchL1oTctZo5QQV19YxAaG0+/vPcJrNFimTzT1L 2NNDB+xzAFS35ocfDDhEWj5eKjy6aUtDLmv6jwmvAsjUQBvzvqW6h5AVWksIKn+c I1aP5uK0YbmeTvwRbwwVSP51OdC/01Hmw+Dd3GR3YiHWTbRZvu8ke6aPrZG07W6M AB0LHCA170ddwiHiMV0vPl6BcYHSjaDRsjMq3f2MHpCSY8THJ5a34YbwCQIDAQAB o4IDEzCCAw8wHQYDVR0OBBYEFAjTpRVoPp3bhdOOerOcM67ayvfvMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E5LzY3Y2Zh MC1hMzJiLTQwNjMtOTM3MC0wYjVjNWQ5NDQyNmEvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkvNjdjZmEw LWEzMmItNDA2My05MzcwLTBiNWM1ZDk0NDI2YS8xL0NOT2xGV2ctbmR1RjA0NTZz NXd6cnRySzktOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHkGCCsGAQUF BwEHAQH/BGowaDBOBAIAATBIAwQAAjkCAwQCXVgcAwQCmFmQAwQAsHfOAwQAuQFa AwQCuba0AwQCufvQAwQBwR58AwQBwR6AAwQCwSVUAwQAwaOzAwQA1ej4MBYEAgAC MBADBwAgAQf4ALIDBQMqDA5AMDMGCCsGAQUFBwEIAQH/BCQwIqAgMB4CAwCk9QID ALq+AgMA6uYCAwMs5wIDAzefAgMDOsUwDQYJKoZIhvcNAQELBQADggEBAGmOyZxp q6kUQQWjcYfnWRs7rDf4R1gtSsJSckH9uCYe2rCF7NdUxhMfNO+gbIBejXkdhilZ nhTsomSf+Fxl90redk4z78z1X1VNxoo5v3oeDPmI/Ys3axrkx+VkKuR+wCfITDI2 2thBdPijTbGLnL2g8XFDpoD3VnZC0Zd4Ev4a5t/rg1sn7f1PrFkYT/gokvVSsixX 0fl+AtgW/qMyibAI9SDrX/Q0rw9tNw/35zQijnwErQcRVhb1DL2vHx2TIuBGZxew pGMOKCDISsrTP/8vzOd5WqF9EcEu+5Ni1s/RooWeT+yMqc0CqXjoqDhL7qarjZGw 0UV6rtKArL2ZfdA= -----END CERTIFICATE-----Generated at Mon Feb 9 15:10:17 2026 by rpki-client