This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/O5olHl0dO6vkxXnJHrPgrDf3vyo.cer File: O5olHl0dO6vkxXnJHrPgrDf3vyo.cer (raw, json) Hash identifier: s+1QjJ8XzVgdgIu01qxQzUwqUIVEzWziLGM7hyAVUuk= Subject key identifier: 3B:9A:25:1E:5D:1D:3B:AB:E4:C5:79:C9:1E:B3:E0:AC:37:F7:BF:2A Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7AC946819FEFA46A1B305D08D588CFD4 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/45/0ddff3-9e70-4d63-b5a0-c6632cc014b0/1/O5olHl0dO6vkxXnJHrPgrDf3vyo.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/45/0ddff3-9e70-4d63-b5a0-c6632cc014b0/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 18:19:29 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 205020 IP: 94.142.252.0/24 IP: 2a12:76c0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c9:46:81:9f:ef:a4:6a:1b:30:5d:08:d5:88:cf:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 18:19:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3b9a251e5d1d3babe4c579c91eb3e0ac37f7bf2a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:f4:73:5a:65:69:42:91:3a:f7:e4:94:56:ab: 6d:a1:13:15:23:ed:ec:5f:88:93:1a:9a:ee:c9:09: 8e:df:99:3d:c9:8b:f3:dc:17:df:49:4d:87:76:09: d1:83:ed:74:d8:a0:07:92:ed:81:f5:3c:14:72:c1: 49:b1:4a:5e:77:32:02:0c:a2:ae:92:7d:a5:90:b5: 23:b0:e5:fd:9c:f5:19:8c:f0:39:5c:eb:4f:77:0c: 19:3e:dd:09:e7:de:d6:9f:48:d2:ac:88:42:e9:fd: 6f:cc:1e:f6:3a:50:dc:f0:f0:a0:5a:78:e4:b2:1b: d7:89:8b:ee:88:48:88:3d:ee:49:ad:c9:2b:d9:23: cb:4c:b4:bd:e2:bf:6d:02:a7:6a:3b:d6:a2:90:82: de:35:e3:3c:6f:ca:43:0a:ad:fa:14:b8:67:fc:e4: b4:27:00:c7:2f:ef:97:0e:c3:f4:14:07:f3:2c:13: fd:8a:e2:53:fa:fa:32:58:53:9a:39:f7:0f:4c:bb: 93:50:56:05:7a:6b:14:1c:e1:ef:90:81:32:dc:28: 88:de:77:f8:b7:2f:be:4d:1c:c0:ef:38:a3:1b:e4: 35:16:8a:12:5e:d3:6b:68:2d:e2:0e:4e:a9:e5:6d: 9d:36:45:98:4b:6a:da:70:0f:b3:52:95:c6:50:76: 0f:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:9A:25:1E:5D:1D:3B:AB:E4:C5:79:C9:1E:B3:E0:AC:37:F7:BF:2A X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/0ddff3-9e70-4d63-b5a0-c6632cc014b0/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/0ddff3-9e70-4d63-b5a0-c6632cc014b0/1/O5olHl0dO6vkxXnJHrPgrDf3vyo.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 94.142.252.0/24 IPv6: 2a12:76c0::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 205020 Signature Algorithm: sha256WithRSAEncryption 3f:bb:9f:99:45:cb:f6:07:34:03:49:d9:1e:8b:51:16:98:db: 2c:32:a6:fe:d6:21:df:62:b9:4e:d8:e2:9e:31:58:05:85:2d: b5:df:97:61:24:53:c4:06:24:5a:d6:74:6f:a7:01:02:5d:62: b8:02:d7:1a:6f:1d:4c:55:0b:8a:67:58:c6:92:47:0e:53:02: 02:42:31:c4:6f:31:11:2b:5b:93:3b:7e:26:21:cb:0d:89:1b: f1:a5:fe:2e:38:dd:54:24:4a:f6:94:1e:0f:02:78:2b:dc:f3: 78:90:9b:b4:47:25:a7:f7:82:8a:fa:f5:5e:5d:99:f1:5a:09: 60:03:d8:9d:8c:79:87:56:91:86:74:19:03:e4:15:ad:61:0e: 4e:a5:dc:71:05:2c:16:b2:26:73:c8:29:be:b3:79:29:14:52: 63:40:6b:1e:94:31:30:99:f1:59:f1:70:bd:b3:88:9c:ef:83: 12:1e:6e:86:0f:e1:02:9c:0d:16:da:08:16:3d:b6:05:0d:5e: 50:25:b4:81:c7:2d:f0:8b:03:5d:0d:65:7a:c2:34:3c:4e:85: d6:52:7d:64:3b:02:ca:ce:ec:2f:f9:8a:c7:e2:75:dc:38:61: 53:b7:69:26:98:44:17:7c:71:91:3c:8f:dc:da:cb:58:26:4a: 90:d9:bf:25 -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt6yUaBn++kahswXQjViM/UMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTgxOTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYjlhMjUxZTVkMWQzYmFiZTRjNTc5YzkxZWIzZTBhYzM3ZjdiZjJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfRzWmVpQpE69+SUVqttoRMVI+3s X4iTGpruyQmO35k9yYvz3BffSU2HdgnRg+102KAHku2B9TwUcsFJsUpedzICDKKu kn2lkLUjsOX9nPUZjPA5XOtPdwwZPt0J597Wn0jSrIhC6f1vzB72OlDc8PCgWnjk shvXiYvuiEiIPe5Jrckr2SPLTLS94r9tAqdqO9aikILeNeM8b8pDCq36FLhn/OS0 JwDHL++XDsP0FAfzLBP9iuJT+voyWFOaOfcPTLuTUFYFemsUHOHvkIEy3CiI3nf4 ty++TRzA7zijG+Q1FooSXtNraC3iDk6p5W2dNkWYS2racA+zUpXGUHYP+wIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFDuaJR5dHTur5MV5yR6z4Kw3978qMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ1LzBkZGZm My05ZTcwLTRkNjMtYjVhMC1jNjYzMmNjMDE0YjAvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUvMGRkZmYz LTllNzAtNGQ2My1iNWEwLWM2NjMyY2MwMTRiMC8xL081b2xIbDBkTzZ2a3hYbkpI clBnckRmM3Z5by5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQAXo78MA0EAgACMAcDBQMqEnbAMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwMg3DANBgkqhkiG9w0BAQsFAAOCAQEAP7ufmUXL9gc0 A0nZHotRFpjbLDKm/tYh32K5TtjinjFYBYUttd+XYSRTxAYkWtZ0b6cBAl1iuALX Gm8dTFULimdYxpJHDlMCAkIxxG8xEStbkzt+JiHLDYkb8aX+LjjdVCRK9pQeDwJ4 K9zzeJCbtEclp/eCivr1Xl2Z8VoJYAPYnYx5h1aRhnQZA+QVrWEOTqXccQUsFrIm c8gpvrN5KRRSY0BrHpQxMJnxWfFwvbOInO+DEh5uhg/hApwNFtoIFj22BQ1eUCW0 gcct8IsDXQ1lesI0PE6F1lJ9ZDsCys7sL/mKx+J13DhhU7dpJphEF3xxkTyP3NrL WCZKkNm/JQ== -----END CERTIFICATE-----Generated at Fri Jan 2 11:17:11 2026 by rpki-client