This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer File: OGKIZa_YpN-v3e-BHvz8ecA4czI.cer (raw, json) Hash identifier: Eh0cgWiW9nRH8xFzGEm3W4u8EQyFan7Q/3D3L+iccYg= Subject key identifier: 38:62:88:65:AF:D8:A4:DF:AF:DD:EF:81:1E:FC:FC:79:C0:38:73:32 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7EA6FEECCCE0D69D2E4EB8CEF6C1C021 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 12:20:32 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 202567 IP: 185.152.200.0/22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:fe:ec:cc:e0:d6:9d:2e:4e:b8:ce:f6:c1:c0:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 12:20:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=38628865afd8a4dfafddef811efcfc79c0387332 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:da:45:54:35:a6:1b:6e:fd:e1:7b:a4:e3:f4: df:ed:a6:7c:45:e5:f5:71:11:c5:51:0b:3c:b5:65: b0:41:2e:e0:15:c3:5c:be:a8:e9:ec:65:b6:03:ea: 88:6c:bb:ee:46:57:60:d2:b4:ea:10:c1:78:bb:e3: 4c:eb:59:ff:75:11:77:12:1b:30:4a:d9:a0:33:9c: 8d:cf:c4:b0:66:25:a5:0a:41:63:ed:7e:e7:6c:91: a2:bd:42:47:58:6f:f9:7e:0e:52:af:f8:4f:24:05: 99:5e:1d:78:d1:b9:27:3a:25:93:8d:5f:f2:53:2f: 94:42:1a:bf:60:2e:52:56:d7:4e:88:50:09:a1:2c: 37:0f:6a:06:99:f5:2e:1b:59:25:1d:f1:c0:97:e5: 3d:0f:8d:5f:cd:ba:b7:37:a1:27:3f:46:70:11:f9: e1:1c:fe:f0:44:97:99:a2:8b:b0:bc:02:02:e8:65: 17:e1:77:0a:57:db:3f:77:4b:68:08:a9:72:b6:32: 88:27:6c:5c:51:91:70:5c:4f:b1:c9:ce:55:ed:a8: 89:a7:ea:ac:8a:e5:93:a5:6a:cd:d2:57:ab:e8:f2: 79:cb:79:fa:a3:20:a4:50:a2:7b:aa:d9:96:13:c5: 01:65:07:02:13:f6:b7:4c:a7:bf:55:18:a2:fd:b4: b4:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:62:88:65:AF:D8:A4:DF:AF:DD:EF:81:1E:FC:FC:79:C0:38:73:32 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.152.200.0/22 sbgp-autonomousSysNum: critical Autonomous System Numbers: 202567 Signature Algorithm: sha256WithRSAEncryption ac:b1:85:1a:9b:af:13:f7:1c:f6:cd:8c:f0:c5:8c:01:e0:c8: f6:50:41:1d:88:49:e0:9a:53:9f:0e:3f:b0:d2:7e:48:3d:a1: 8d:fc:68:f1:01:78:0b:05:64:2f:b6:42:c7:5b:2c:3d:46:70: 42:66:2b:5b:85:1c:2d:a7:54:69:f2:09:c0:54:79:a8:ea:b3: 8d:78:cf:f2:ce:09:71:d0:6a:21:0a:4a:b8:75:46:d3:c7:55: 25:01:47:83:6e:82:73:1e:b4:c3:b8:38:5e:f8:ce:1e:46:c7: fe:fe:1b:f8:0b:15:9d:00:49:7c:26:6d:f3:95:04:3f:af:32: f2:e2:10:63:89:89:84:69:96:bf:3b:0a:5d:2b:ee:e7:c7:4e: ce:d7:73:c5:36:dc:e8:fc:3c:26:6d:ea:70:4e:95:cd:8a:a7: d4:b1:49:90:47:dd:75:45:f9:5a:dc:35:97:f7:0b:4b:03:04: 77:d5:c7:93:52:64:70:82:69:38:0d:bb:bd:49:bb:a5:9b:a2: e5:75:43:b3:32:07:0c:00:8d:50:73:2b:52:c1:d4:4a:b5:99: 2f:bd:09:ab:01:fe:77:de:13:d6:1b:6a:c6:21:b1:35:e0:cd: 95:26:7c:01:42:db:35:f1:a8:36:62:20:4b:a1:d3:eb:05:71: b7:53:de:92 -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgISAZt+pv7szODWnS5OuM72wcAhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTIyMDMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzODYyODg2NWFmZDhhNGRmYWZkZGVmODExZWZjZmM3OWMwMzg3MzMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNpFVDWmG2794Xuk4/Tf7aZ8ReX1 cRHFUQs8tWWwQS7gFcNcvqjp7GW2A+qIbLvuRldg0rTqEMF4u+NM61n/dRF3Ehsw StmgM5yNz8SwZiWlCkFj7X7nbJGivUJHWG/5fg5Sr/hPJAWZXh140bknOiWTjV/y Uy+UQhq/YC5SVtdOiFAJoSw3D2oGmfUuG1klHfHAl+U9D41fzbq3N6EnP0ZwEfnh HP7wRJeZoouwvAIC6GUX4XcKV9s/d0toCKlytjKIJ2xcUZFwXE+xyc5V7aiJp+qs iuWTpWrN0ler6PJ5y3n6oyCkUKJ7qtmWE8UBZQcCE/a3TKe/VRii/bS0OQIDAQAB o4ICoDCCApwwHQYDVR0OBBYEFDhiiGWv2KTfr93vgR78/HnAOHMyMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg1LzJiZjFi MS0xNjgzLTRjOTktOWZiZS1kYmVlNjZkNzMzMTMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODUvMmJmMWIx LTE2ODMtNGM5OS05ZmJlLWRiZWU2NmQ3MzMxMy8xL09HS0laYV9ZcE4tdjNlLUJI dno4ZWNBNGN6SS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQCuZjIMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC AwMXRzANBgkqhkiG9w0BAQsFAAOCAQEArLGFGpuvE/cc9s2M8MWMAeDI9lBBHYhJ 4JpTnw4/sNJ+SD2hjfxo8QF4CwVkL7ZCx1ssPUZwQmYrW4UcLadUafIJwFR5qOqz jXjP8s4JcdBqIQpKuHVG08dVJQFHg26Ccx60w7g4XvjOHkbH/v4b+AsVnQBJfCZt 85UEP68y8uIQY4mJhGmWvzsKXSvu58dOztdzxTbc6Pw8Jm3qcE6VzYqn1LFJkEfd dUX5Wtw1l/cLSwMEd9XHk1JkcIJpOA27vUm7pZui5XVDszIHDACNUHMrUsHUSrWZ L70JqwH+d94T1htqxiGxNeDNlSZ8AULbNfGoNmIgS6HT6wVxt1Pekg== -----END CERTIFICATE-----Generated at Mon Feb 9 22:35:06 2026 by rpki-client