This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/N0MfG-n9wkGQmEec3kV7v3lXF1k.cer File: N0MfG-n9wkGQmEec3kV7v3lXF1k.cer (raw, json) Hash identifier: tm0YyX0ekXwtjXBgVO96VJdOe2eSsM0lxKlsnvfZvY4= Subject key identifier: 37:43:1F:1B:E9:FD:C2:41:90:98:47:9C:DE:45:7B:BF:79:57:17:59 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7A5B070D9C3FFFC6A2A160478CA7874F Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ad/b53547-d340-4392-af46-615961312b52/1/N0MfG-n9wkGQmEec3kV7v3lXF1k.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ad/b53547-d340-4392-af46-615961312b52/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 16:19:04 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 41717 IP: 185.211.132.0/22 IP: 2a0b:65c0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:07:0d:9c:3f:ff:c6:a2:a1:60:47:8c:a7:87:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 16:19:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=37431f1be9fdc2419098479cde457bbf79571759 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:68:24:eb:48:f5:17:fe:c2:44:8b:6a:13:d4: 9b:7f:ef:37:43:8f:ed:2f:23:48:dc:8e:f3:fe:4c: bb:12:8a:7f:da:86:d2:ac:90:82:3f:37:13:f8:7d: 73:e6:43:c2:e7:6d:29:4d:f1:6a:e1:53:df:60:0c: d5:40:2a:67:97:93:12:fa:a9:b0:16:a2:e7:12:70: f2:d5:f9:91:62:d3:62:6f:b1:b0:0b:8e:6f:22:47: d9:39:f3:01:78:4b:0a:3e:2f:ad:fe:94:b8:ea:78: 4a:6f:0d:93:65:e6:71:fc:3c:9b:87:ed:e1:1d:fd: 0b:84:00:62:a4:2f:88:e8:f4:6f:4d:e3:e1:c7:59: ba:dd:ed:f5:e7:21:17:d0:6c:61:af:b3:d9:ea:0f: 0b:9e:ff:14:4d:10:f2:db:b8:1f:5a:15:60:01:ce: 4a:dc:1b:6a:a4:71:d0:24:02:36:d1:03:07:9b:06: 87:61:29:45:35:f3:c5:a8:94:97:07:e6:64:7c:55: 92:a7:8e:a0:fe:50:6c:8f:d9:b3:40:77:27:ac:7c: de:d4:7f:7b:7b:4a:d8:5c:aa:03:69:4a:51:c7:ed: 9a:b1:9b:16:04:af:99:5c:09:66:d4:e1:1c:1b:07: 68:c1:dd:a8:0f:39:8a:f8:2f:a5:3c:91:95:f8:82: 7d:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:43:1F:1B:E9:FD:C2:41:90:98:47:9C:DE:45:7B:BF:79:57:17:59 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b53547-d340-4392-af46-615961312b52/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b53547-d340-4392-af46-615961312b52/1/N0MfG-n9wkGQmEec3kV7v3lXF1k.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.211.132.0/22 IPv6: 2a0b:65c0::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 41717 Signature Algorithm: sha256WithRSAEncryption a4:66:02:d9:a7:cb:ed:46:62:47:68:b5:5f:43:c9:6e:ea:8f: 4f:99:20:c4:4e:be:6e:30:8f:dc:a5:00:14:2f:2a:06:e6:5a: e1:db:23:ac:91:1a:53:08:29:bc:29:8c:b3:20:b4:17:76:58: ac:85:4e:3b:be:2b:56:9d:ab:93:19:fc:fb:21:9e:f4:8e:e0: e0:e8:7b:6b:19:95:a4:df:69:e4:5d:fb:51:35:b2:a0:54:3d: 1f:2e:7c:93:8b:6a:9a:d2:b9:49:4f:38:a1:cf:c4:90:89:f7: 00:3b:ae:5a:cf:dd:f6:8e:3c:87:ba:a3:39:c4:d1:51:5b:f0: df:14:1b:ea:10:0d:1d:6a:d1:76:be:13:26:a4:51:e4:1a:1f: f6:49:fc:80:91:f8:b6:e6:09:82:2b:9f:6a:b6:91:d5:d4:4c: d1:e2:5a:ba:b2:32:0c:5d:49:8e:d9:ea:8c:38:e4:9e:6c:05: 89:66:59:d2:43:1f:cb:4d:25:55:76:f2:de:45:97:2a:df:c0: 91:f2:c3:f5:76:ae:27:88:f6:cf:40:7a:ef:3d:28:cf:d6:88: d3:fb:4c:f2:93:13:ae:58:db:4f:d1:a3:16:ea:16:10:71:11: 73:40:79:2d:ea:a8:a0:e0:03:71:eb:ea:04:17:9a:dc:2d:24: 5f:17:ca:ca -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt6WwcNnD//xqKhYEeMp4dPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTYxOTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNzQzMWYxYmU5ZmRjMjQxOTA5ODQ3OWNkZTQ1N2JiZjc5NTcxNzU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2gk60j1F/7CRItqE9Sbf+83Q4/t LyNI3I7z/ky7Eop/2obSrJCCPzcT+H1z5kPC520pTfFq4VPfYAzVQCpnl5MS+qmw FqLnEnDy1fmRYtNib7GwC45vIkfZOfMBeEsKPi+t/pS46nhKbw2TZeZx/Dybh+3h Hf0LhABipC+I6PRvTePhx1m63e315yEX0Gxhr7PZ6g8Lnv8UTRDy27gfWhVgAc5K 3BtqpHHQJAI20QMHmwaHYSlFNfPFqJSXB+ZkfFWSp46g/lBsj9mzQHcnrHze1H97 e0rYXKoDaUpRx+2asZsWBK+ZXAlm1OEcGwdowd2oDzmK+C+lPJGV+IJ93QIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFDdDHxvp/cJBkJhHnN5Fe795VxdZMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FkL2I1MzU0 Ny1kMzQwLTQzOTItYWY0Ni02MTU5NjEzMTJiNTIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWQvYjUzNTQ3 LWQzNDAtNDM5Mi1hZjQ2LTYxNTk2MTMxMmI1Mi8xL04wTWZHLW45d2tHUW1FZWMz a1Y3djNsWEYxay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCudOEMA0EAgACMAcDBQMqC2XAMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwCi9TANBgkqhkiG9w0BAQsFAAOCAQEApGYC2afL7UZi R2i1X0PJbuqPT5kgxE6+bjCP3KUAFC8qBuZa4dsjrJEaUwgpvCmMsyC0F3ZYrIVO O74rVp2rkxn8+yGe9I7g4Oh7axmVpN9p5F37UTWyoFQ9Hy58k4tqmtK5SU84oc/E kIn3ADuuWs/d9o48h7qjOcTRUVvw3xQb6hANHWrRdr4TJqRR5Bof9kn8gJH4tuYJ giufaraR1dRM0eJaurIyDF1JjtnqjDjknmwFiWZZ0kMfy00lVXby3kWXKt/AkfLD 9XauJ4j2z0B67z0oz9aI0/tM8pMTrljbT9GjFuoWEHERc0B5LeqooOADcevqBBea 3C0kXxfKyg== -----END CERTIFICATE-----Generated at Mon Jan 19 13:05:30 2026 by rpki-client