This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/OfhzzTk5IDx3io6q8Wg-lGSsNAA.cer File: OfhzzTk5IDx3io6q8Wg-lGSsNAA.cer (raw, json) Hash identifier: CuHHHnN+u+S9JuqvXJEOdk4TrrybwRipSAILXzATUog= Subject key identifier: 39:F8:73:CD:39:39:20:3C:77:8A:8E:AA:F1:68:3E:94:64:AC:34:00 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7C7FF90A939E7C1FD7E2C79E01536601 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 02:18:40 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 194.32.80.0/23 IP: 194.32.148.0/23 IP: 2a0f:2c0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:f9:0a:93:9e:7c:1f:d7:e2:c7:9e:01:53:66:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 02:18:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=39f873cd3939203c778a8eaaf1683e9464ac3400 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:e1:1e:2c:cf:52:8f:19:b1:5b:4d:2c:64:b3: c9:0d:0d:cf:a2:85:83:01:4d:00:58:82:e2:4c:90: de:bc:e8:53:76:e8:7c:cc:1f:bd:e3:52:89:b0:3f: 1f:82:db:e8:1d:47:e0:77:81:5d:2a:ad:79:e9:b6: 26:04:00:9d:d3:08:0f:a0:ae:b4:79:b3:88:83:40: a5:69:8f:b9:f6:a2:ab:ea:e8:64:31:85:d1:ed:5a: 31:9f:8c:35:f9:c7:65:11:ad:ab:e4:a1:08:9f:3e: 10:48:63:31:14:5c:da:b1:bd:d1:16:34:e8:4e:aa: c8:49:ca:3a:4d:63:6a:23:b4:ca:f0:c2:bb:aa:32: 79:5e:f1:94:fa:8c:86:e2:43:30:1f:85:0c:1f:db: 70:60:34:5f:91:ae:fd:b3:9a:42:34:50:4e:55:68: e9:07:36:8d:71:9d:ec:2c:a4:1c:cd:89:4f:7e:85: 5f:7e:ad:2a:7c:9c:01:a1:ca:e5:41:72:4b:9f:9d: 18:43:b0:6f:1a:f6:62:41:e8:bd:d4:e7:64:03:fd: a3:ab:7e:aa:95:a2:25:5f:67:a3:c1:80:01:20:91: 48:45:49:c5:6f:cb:83:f8:12:0a:e1:a6:0a:3d:c6: 2a:7c:c0:f2:22:2e:f8:9c:3c:c7:1e:be:99:8b:00: 43:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:F8:73:CD:39:39:20:3C:77:8A:8E:AA:F1:68:3E:94:64:AC:34:00 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/90e923-2f2d-4086-819c-4e655b5b6427/1/OfhzzTk5IDx3io6q8Wg-lGSsNAA.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.32.80.0/23 194.32.148.0/23 IPv6: 2a0f:2c0::/29 Signature Algorithm: sha256WithRSAEncryption 95:80:b5:b1:07:aa:ec:27:fd:47:8a:06:48:fe:8b:ea:0e:12: 80:77:8c:44:da:2f:c5:36:8c:a7:d4:cc:ea:bf:09:16:57:6a: ab:6a:fa:0c:59:0c:e4:6a:d1:d9:fd:6a:4a:cc:00:b2:b2:ca: b1:8e:56:69:6e:85:54:68:38:d7:5a:c8:6f:8b:53:a6:d3:74: b2:12:da:cf:3e:e4:81:22:09:5e:f7:c6:f0:a8:8b:4a:21:38: 32:f7:c2:1d:ef:74:55:46:a9:3f:ed:cc:5a:d2:1c:77:73:83: 49:52:e6:66:83:aa:c1:93:7a:29:18:c5:86:4c:51:2f:69:3c: 2d:44:10:29:35:18:a1:e0:fb:7e:ac:01:83:30:bf:3c:48:0c: f6:7f:7c:02:0a:47:79:73:89:7e:c6:5e:fb:8f:9c:d8:48:2a: 25:b9:09:d8:99:06:cc:4d:08:5d:3d:7a:39:f3:1c:e1:84:c5: e9:88:86:3c:e2:ee:ed:44:9e:59:7a:4c:5f:d7:a7:2b:3b:83: 6b:fd:61:3b:a0:6d:ac:49:ad:a2:b5:d7:0a:86:3d:e5:1f:0f: 76:68:b2:5d:62:a1:44:51:6f:b8:d2:23:aa:e2:02:12:33:12: 41:87:98:0a:9f:1f:09:e9:9a:f0:38:fb:b3:63:2b:3b:fe:b8: 89:f2:1f:b4 -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgISAZt8f/kKk558H9fix54BU2YBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDIxODQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzOWY4NzNjZDM5MzkyMDNjNzc4YThlYWFmMTY4M2U5NDY0YWMzNDAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOEeLM9SjxmxW00sZLPJDQ3PooWD AU0AWILiTJDevOhTduh8zB+941KJsD8fgtvoHUfgd4FdKq156bYmBACd0wgPoK60 ebOIg0ClaY+59qKr6uhkMYXR7Voxn4w1+cdlEa2r5KEInz4QSGMxFFzasb3RFjTo TqrISco6TWNqI7TK8MK7qjJ5XvGU+oyG4kMwH4UMH9twYDRfka79s5pCNFBOVWjp BzaNcZ3sLKQczYlPfoVffq0qfJwBocrlQXJLn50YQ7BvGvZiQei91OdkA/2jq36q laIlX2ejwYABIJFIRUnFb8uD+BIK4aYKPcYqfMDyIi74nDzHHr6ZiwBDxwIDAQAB o4ICmTCCApUwHQYDVR0OBBYEFDn4c805OSA8d4qOqvFoPpRkrDQAMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMyLzkwZTky My0yZjJkLTQwODYtODE5Yy00ZTY1NWI1YjY0MjcvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIvOTBlOTIz LTJmMmQtNDA4Ni04MTljLTRlNjU1YjViNjQyNy8xL09maHp6VGs1SUR4M2lvNnE4 V2ctbEdTc05BQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF BwEHAQH/BCUwIzASBAIAATAMAwQBwiBQAwQBwiCUMA0EAgACMAcDBQMqDwLAMA0G CSqGSIb3DQEBCwUAA4IBAQCVgLWxB6rsJ/1HigZI/ovqDhKAd4xE2i/FNoyn1Mzq vwkWV2qravoMWQzkatHZ/WpKzACyssqxjlZpboVUaDjXWshvi1Om03SyEtrPPuSB Igle98bwqItKITgy98Id73RVRqk/7cxa0hx3c4NJUuZmg6rBk3opGMWGTFEvaTwt RBApNRih4Pt+rAGDML88SAz2f3wCCkd5c4l+xl77j5zYSColuQnYmQbMTQhdPXo5 8xzhhMXpiIY84u7tRJ5Zekxf16crO4Nr/WE7oG2sSa2itdcKhj3lHw92aLJdYqFE UW+40iOq4gISMxJBh5gKnx8J6ZrwOPuzYys7/riJ8h+0 -----END CERTIFICATE-----Generated at Mon Jan 12 04:04:55 2026 by rpki-client