This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/MH3iES3L0Gv7x-h_O_8jcinS0XM.cer File: MH3iES3L0Gv7x-h_O_8jcinS0XM.cer (raw, json) Hash identifier: EzHfgtnkNR6G2SzGJ7IKRD/qvQI3WpJPolEZh4fu68w= Subject key identifier: 30:7D:E2:11:2D:CB:D0:6B:FB:C7:E8:7F:3B:FF:23:72:29:D2:D1:73 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7DCB573F1BF1A6883D0E1BCD638ECD51 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 08:20:36 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 210940 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:57:3f:1b:f1:a6:88:3d:0e:1b:cd:63:8e:cd:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 08:20:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=307de2112dcbd06bfbc7e87f3bff237229d2d173 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:dd:0f:56:0f:2a:92:d4:1f:b5:c7:79:ca:ff: 32:11:ff:9b:5f:02:36:37:aa:89:74:d2:d8:d3:b9: 66:bc:cf:74:ce:26:e7:18:c8:63:3a:b9:85:d4:15: 8b:75:51:55:16:23:8e:8c:e4:54:73:7f:96:0f:95: 68:34:e6:3b:5b:37:72:99:01:0f:63:a5:e1:a8:37: 68:d7:ad:87:43:d4:54:d8:77:ea:4f:fc:c5:1b:8c: 47:e1:65:56:08:7c:b3:7c:3a:8e:5f:45:d4:de:8a: 90:bc:45:cb:5c:3b:a9:eb:96:a4:9e:d5:d9:6d:1d: 89:72:5c:38:a8:1b:cd:c6:f2:98:36:a4:92:79:a3: 71:a2:ff:89:45:1d:cd:99:6f:c1:70:76:19:dc:8e: c8:52:12:2b:a6:bf:38:62:33:e1:32:21:7f:6a:0c: 58:2e:4f:ff:41:cf:1c:55:7f:f3:d2:da:29:ce:00: 83:c4:69:81:82:aa:02:63:cb:77:82:c2:16:ee:49: ac:05:e0:d5:44:f8:8b:24:00:1a:e1:a5:f8:db:77: b4:33:b4:d8:5e:ec:44:ca:84:67:dc:e6:73:03:eb: 43:ef:72:2a:0f:25:40:62:92:ab:44:49:c5:1e:6e: 21:3e:be:fe:01:51:8d:ea:a4:57:49:4f:62:7a:83: 63:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:7D:E2:11:2D:CB:D0:6B:FB:C7:E8:7F:3B:FF:23:72:29:D2:D1:73 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/aec877-59d5-42f9-967e-2732151b8e86/1/MH3iES3L0Gv7x-h_O_8jcinS0XM.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-autonomousSysNum: critical Autonomous System Numbers: 210940 Signature Algorithm: sha256WithRSAEncryption 0e:fc:0b:8a:e3:1c:d1:16:6b:a6:47:a0:d2:95:c2:00:59:9f: 06:8d:f6:45:76:68:04:50:be:88:06:e8:0c:37:f4:8b:16:b4: 58:32:e6:33:11:ea:63:c8:5f:2e:ed:a2:cd:4b:eb:61:45:d6: 32:ec:82:59:e6:98:f2:85:94:f8:b4:76:4d:55:85:4a:03:08: be:cd:11:f1:05:65:0c:f9:61:e8:be:d5:f9:c5:ec:9c:a3:4f: 8c:67:8e:43:0b:4c:c1:9c:3d:fc:4f:1f:5d:71:6b:af:23:7e: cf:41:f9:c1:9b:e0:a6:8c:7a:87:83:b7:92:49:0f:fc:98:f2: 41:1b:4b:27:e7:a9:ea:b4:9c:af:e4:b8:fe:00:51:54:a5:41: dc:e0:ca:ed:31:aa:1d:50:0e:f5:2f:d2:ba:c0:ab:21:ba:b6: 7c:56:1a:6a:31:1d:d6:f0:51:ef:c8:9f:8d:b7:ab:f2:47:7e: 53:c4:c2:0b:25:fc:a7:17:93:1b:54:65:fc:3e:1f:46:7e:cf: 5f:55:68:f9:9a:0f:e6:65:77:9b:05:71:3b:b8:90:aa:43:3a: 94:0a:53:5c:d8:98:31:c5:e8:8e:63:d5:6d:96:26:8c:0f:90: 72:0f:5f:43:6b:66:60:4a:2c:24:74:51:45:33:51:5c:0a:24: 38:38:8c:c8 -----BEGIN CERTIFICATE----- MIIFczCCBFugAwIBAgISAZt9y1c/G/GmiD0OG81jjs1RMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDgyMDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMDdkZTIxMTJkY2JkMDZiZmJjN2U4N2YzYmZmMjM3MjI5ZDJkMTczMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAst0PVg8qktQftcd5yv8yEf+bXwI2 N6qJdNLY07lmvM90zibnGMhjOrmF1BWLdVFVFiOOjORUc3+WD5VoNOY7WzdymQEP Y6XhqDdo162HQ9RU2HfqT/zFG4xH4WVWCHyzfDqOX0XU3oqQvEXLXDup65akntXZ bR2Jclw4qBvNxvKYNqSSeaNxov+JRR3NmW/BcHYZ3I7IUhIrpr84YjPhMiF/agxY Lk//Qc8cVX/z0topzgCDxGmBgqoCY8t3gsIW7kmsBeDVRPiLJAAa4aX423e0M7TY XuxEyoRn3OZzA+tD73IqDyVAYpKrREnFHm4hPr7+AVGN6qRXSU9ieoNjKwIDAQAB o4ICfzCCAnswHQYDVR0OBBYEFDB94hEty9Br+8fofzv/I3Ip0tFzMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q3L2FlYzg3 Ny01OWQ1LTQyZjktOTY3ZS0yNzMyMTUxYjhlODYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcvYWVjODc3 LTU5ZDUtNDJmOS05NjdlLTI3MzIxNTFiOGU4Ni8xL01IM2lFUzNMMEd2N3gtaF9P XzhqY2luUzBYTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwM3/DANBgkqhkiG9w0BAQsFAAOCAQEADvwLiuMc0RZr pkeg0pXCAFmfBo32RXZoBFC+iAboDDf0ixa0WDLmMxHqY8hfLu2izUvrYUXWMuyC WeaY8oWU+LR2TVWFSgMIvs0R8QVlDPlh6L7V+cXsnKNPjGeOQwtMwZw9/E8fXXFr ryN+z0H5wZvgpox6h4O3kkkP/JjyQRtLJ+ep6rScr+S4/gBRVKVB3ODK7TGqHVAO 9S/SusCrIbq2fFYaajEd1vBR78ifjber8kd+U8TCCyX8pxeTG1Rl/D4fRn7PX1Vo +ZoP5mV3mwVxO7iQqkM6lApTXNiYMcXojmPVbZYmjA+Qcg9fQ2tmYEosJHRRRTNR XAokODiMyA== -----END CERTIFICATE-----Generated at Mon Feb 9 15:04:13 2026 by rpki-client