This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/N0zC_9dpwY5ebw38mg6nT7P4wQg.cer File: N0zC_9dpwY5ebw38mg6nT7P4wQg.cer (raw, json) Hash identifier: BnewqU6V/5xHWxcjT90b5o0cnkyMtEoi9rZmbzYl5ks= Subject key identifier: 37:4C:C2:FF:D7:69:C1:8E:5E:6F:0D:FC:9A:0E:A7:4F:B3:F8:C1:08 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7F8230C8DEBD6D8985EF55150AF624BB Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/06/24c5a3-2a31-4b85-840e-26806ec35c20/1/N0zC_9dpwY5ebw38mg6nT7P4wQg.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/06/24c5a3-2a31-4b85-840e-26806ec35c20/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 16:19:57 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 85.236.152.0/21 IP: 185.22.108.0/22 IP: 185.221.180.0/22 IP: 209.16.158.0/24 IP: 2a00:5de0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:82:30:c8:de:bd:6d:89:85:ef:55:15:0a:f6:24:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 16:19:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=374cc2ffd769c18e5e6f0dfc9a0ea74fb3f8c108 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:80:e2:d0:1f:82:73:e0:f4:2b:68:a7:a0:cf: 02:3a:c1:16:6a:24:2b:da:47:35:85:19:41:2c:99: 31:ba:26:5f:69:34:03:a0:2e:f0:fa:34:ac:ad:26: 13:a2:83:3f:dc:85:4c:d8:4e:59:35:ea:26:ec:42: 62:7c:9f:c4:f4:35:dc:f7:48:52:31:98:e6:49:6a: 79:54:1a:68:03:4e:df:60:0b:45:cf:ad:d7:c9:a6: ed:2d:b6:38:24:00:9e:bc:ef:bd:f0:dd:75:0c:94: ff:ea:f3:94:9b:49:47:2c:9a:b8:93:40:f0:49:bb: aa:01:a0:3a:51:6a:b7:e9:38:e2:57:b0:f2:3b:b8: ae:26:52:eb:c1:96:fc:18:1a:4b:af:80:9e:fa:6a: 41:b6:28:45:97:73:45:c7:8c:f2:2f:e7:f8:20:bd: 02:86:75:2c:41:b2:cb:99:1f:96:4e:87:a6:c7:77: 44:8e:82:fb:35:de:08:76:7b:a3:6b:11:4c:48:65: 25:98:cf:c0:d0:cb:c0:d3:2e:f5:99:69:d2:6c:63: d0:12:55:c8:d9:f8:13:25:95:56:5f:40:ac:a5:ff: af:ed:6a:24:21:47:fa:b9:1a:cb:ae:e8:bf:11:7e: 0b:93:32:10:67:d1:42:ff:84:fe:d9:99:39:bc:5c: 3f:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:4C:C2:FF:D7:69:C1:8E:5E:6F:0D:FC:9A:0E:A7:4F:B3:F8:C1:08 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/24c5a3-2a31-4b85-840e-26806ec35c20/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/24c5a3-2a31-4b85-840e-26806ec35c20/1/N0zC_9dpwY5ebw38mg6nT7P4wQg.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.236.152.0/21 185.22.108.0/22 185.221.180.0/22 209.16.158.0/24 IPv6: 2a00:5de0::/29 Signature Algorithm: sha256WithRSAEncryption 4a:8c:92:c4:69:90:3f:de:8f:b4:9b:68:49:0c:bd:4c:94:b9: f2:bd:e6:3c:a6:41:88:75:6c:7d:53:1e:ba:03:d8:c4:92:b0: dd:c6:88:c3:2c:93:a3:2b:2f:f1:18:76:ed:f0:5b:71:a0:88: 45:1f:77:e7:0d:b4:4c:ed:da:09:7c:a9:dd:d8:d3:59:a0:b5: af:d1:9a:d7:68:f1:99:d9:c5:72:43:6b:d4:b9:ff:4e:d8:87: 0d:b5:80:fa:d1:40:8a:40:e4:76:45:ef:d7:a6:89:3a:8d:51: cd:1e:17:d1:59:c0:94:59:e3:11:09:0c:1d:70:e3:e0:ac:58: ca:2a:2e:84:7b:bf:b8:00:6f:7d:1a:61:56:51:43:2f:fd:53: 9f:58:2f:9f:a7:7a:42:36:75:fe:a7:8f:c5:83:7d:db:06:dd: 59:f7:0d:e2:76:61:5c:cb:ce:a7:bf:9b:90:c1:d2:ae:9d:45: ce:7b:d1:49:41:27:d0:b5:94:66:50:e8:60:e2:4a:10:d5:5b: b5:97:84:5a:e4:66:75:6a:d9:57:d3:89:16:5e:c9:d7:b3:1e: 06:85:cf:d0:17:22:09:c4:e3:97:46:cc:40:27:a5:ab:79:a7: 14:bb:4b:72:09:7e:cc:60:a3:f5:b6:72:fe:c5:72:56:79:19: d7:ed:ca:3e -----BEGIN CERTIFICATE----- MIIFmTCCBIGgAwIBAgISAZt/gjDI3r1tiYXvVRUK9iS7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTYxOTU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNzRjYzJmZmQ3NjljMThlNWU2ZjBkZmM5YTBlYTc0ZmIzZjhjMTA4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYDi0B+Cc+D0K2inoM8COsEWaiQr 2kc1hRlBLJkxuiZfaTQDoC7w+jSsrSYTooM/3IVM2E5ZNeom7EJifJ/E9DXc90hS MZjmSWp5VBpoA07fYAtFz63XyabtLbY4JACevO+98N11DJT/6vOUm0lHLJq4k0Dw SbuqAaA6UWq36TjiV7DyO7iuJlLrwZb8GBpLr4Ce+mpBtihFl3NFx4zyL+f4IL0C hnUsQbLLmR+WToemx3dEjoL7Nd4IdnujaxFMSGUlmM/A0MvA0y71mWnSbGPQElXI 2fgTJZVWX0Cspf+v7WokIUf6uRrLrui/EX4LkzIQZ9FC/4T+2Zk5vFw/KQIDAQAB o4ICpTCCAqEwHQYDVR0OBBYEFDdMwv/XacGOXm8N/JoOp0+z+MEIMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA2LzI0YzVh My0yYTMxLTRiODUtODQwZS0yNjgwNmVjMzVjMjAvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYvMjRjNWEz LTJhMzEtNGI4NS04NDBlLTI2ODA2ZWMzNWMyMC8xL04wekNfOWRwd1k1ZWJ3Mzht ZzZuVDdQNHdRZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUF BwEHAQH/BDEwLzAeBAIAATAYAwQDVeyYAwQCuRZsAwQCud20AwQA0RCeMA0EAgAC MAcDBQMqAF3gMA0GCSqGSIb3DQEBCwUAA4IBAQBKjJLEaZA/3o+0m2hJDL1MlLny veY8pkGIdWx9Ux66A9jEkrDdxojDLJOjKy/xGHbt8FtxoIhFH3fnDbRM7doJfKnd 2NNZoLWv0ZrXaPGZ2cVyQ2vUuf9O2IcNtYD60UCKQOR2Re/Xpok6jVHNHhfRWcCU WeMRCQwdcOPgrFjKKi6Ee7+4AG99GmFWUUMv/VOfWC+fp3pCNnX+p4/Fg33bBt1Z 9w3idmFcy86nv5uQwdKunUXOe9FJQSfQtZRmUOhg4koQ1Vu1l4Ra5GZ1atlX04kW XsnXsx4Ghc/QFyIJxOOXRsxAJ6WreacUu0tyCX7MYKP1tnL+xXJWeRnX7co+ -----END CERTIFICATE-----Generated at Mon Feb 9 19:51:41 2026 by rpki-client