This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer File: P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer (raw, json) Hash identifier: hHypa8Ianh/rNA7uJ/+Slmp5jWthK0ISmJx/FKYoK3k= Subject key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B78A32DC4A0319E4568C9F17E888F53A9 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft caRepository: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/ Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 08:18:38 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 8820 IP: 46.236.192.0/18 IP: 78.41.48.0/22 IP: 81.92.0.0/20 IP: 82.139.192.0/18 IP: 195.8.224.0/19 IP: 212.17.224.0/19 IP: 212.60.128.0/19 IP: 213.240.128.0/18 IP: 2a01:170::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 15:30:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:2d:c4:a0:31:9e:45:68:c9:f1:7e:88:8f:53:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 08:18:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:45:9f:69:09:1c:00:c0:24:98:93:07:ad:a9: 67:9b:0a:fa:cf:02:e2:4f:c4:84:45:06:22:b5:c8: 1c:6b:24:a7:c5:5a:7a:ba:e5:2f:96:2c:ca:5f:5e: de:a4:3f:68:b8:92:92:5b:f1:97:d7:4e:84:7c:b7: 55:f5:06:21:d3:58:66:40:48:51:4f:14:00:4d:25: b5:d3:6e:80:d8:25:eb:6a:95:02:61:96:65:ad:7d: ab:c3:e7:fb:f0:ce:3b:12:95:70:bc:11:c8:59:fe: 41:69:6c:4d:01:80:6d:20:3d:cc:7e:9b:c1:e2:60: d7:f0:a9:d7:d4:0f:a5:95:ac:1e:52:cc:f0:76:0b: fd:e7:19:5c:dd:7c:31:48:2a:76:01:94:0f:69:0e: 62:c6:a2:d7:d2:49:5b:f6:7f:a8:b1:15:3e:8e:dd: 5e:00:75:d9:5d:f4:91:89:c9:4f:2d:da:c7:42:30: 4a:98:9f:17:d4:8f:1f:55:2c:9f:9e:d4:49:71:11: 77:e8:c3:d7:1d:68:7f:97:d1:37:5a:17:51:bd:03: ed:bd:fa:f5:a7:3e:3e:cc:09:11:dc:a5:57:be:af: 4d:83:60:82:b0:6b:0d:2e:ce:4f:e9:db:05:41:4a: 03:54:38:e9:1e:61:6c:b8:af:0f:b7:4e:a4:44:51: f1:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/ RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.236.192.0/18 78.41.48.0/22 81.92.0.0/20 82.139.192.0/18 195.8.224.0/19 212.17.224.0/19 212.60.128.0/19 213.240.128.0/18 IPv6: 2a01:170::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 8820 Signature Algorithm: sha256WithRSAEncryption 04:04:6c:8f:3f:1e:3e:de:53:97:3c:db:5e:5b:6e:ff:33:bf: 29:d4:ac:09:04:f9:9b:60:1d:c3:78:05:84:1f:c8:a8:c8:e8: d2:1e:90:84:c1:e3:f5:46:80:89:b1:37:95:34:ad:50:81:58: 48:c0:1d:3f:7f:d8:a3:1e:16:5f:d8:0a:07:09:8b:b2:20:45: a4:c8:68:91:49:26:8a:4a:20:da:21:0c:6a:7e:e9:ac:a9:d6: 46:10:3b:7e:3b:d2:83:80:6f:1b:fe:44:d9:a5:fd:eb:e2:7f: c2:ca:45:93:bd:24:7b:64:be:c1:c1:65:50:cf:49:3a:32:99: ad:e4:c0:71:84:db:65:09:54:d6:0c:0c:39:cf:99:01:1a:a9: 1d:31:20:0c:64:fe:bd:27:e8:f9:f9:f7:f2:44:28:b5:a6:fd: a4:d1:73:1c:31:11:30:ac:16:f6:bb:7d:e4:ad:df:60:e2:d5: f1:df:17:78:b9:f1:59:25:d8:86:e4:29:e5:69:0f:1e:d1:3a: 3d:d2:8b:eb:84:a2:7f:3c:fb:4e:ad:3c:8d:3b:24:b9:15:f1: 9e:c2:16:2c:2d:13:16:a7:b0:15:67:d6:79:68:94:26:74:a0: 39:d7:9d:3f:74:95:6c:a3:40:93:a7:05:eb:0c:56:83:26:e6: 2d:37:99:42 -----BEGIN CERTIFICATE----- MIIF6DCCBNCgAwIBAgISAZt4oy3EoDGeRWjJ8X6Ij1OpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDgxODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZmVjY2IxN2JlNTFlZTU5ZWM3NGQ2NGVlZDkxN2UyMjFlZTI4YTFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUWfaQkcAMAkmJMHralnmwr6zwLi T8SERQYitcgcaySnxVp6uuUvlizKX17epD9ouJKSW/GX106EfLdV9QYh01hmQEhR TxQATSW1026A2CXrapUCYZZlrX2rw+f78M47EpVwvBHIWf5BaWxNAYBtID3MfpvB 4mDX8KnX1A+llaweUszwdgv95xlc3XwxSCp2AZQPaQ5ixqLX0klb9n+osRU+jt1e AHXZXfSRiclPLdrHQjBKmJ8X1I8fVSyfntRJcRF36MPXHWh/l9E3WhdRvQPtvfr1 pz4+zAkR3KVXvq9Ng2CCsGsNLs5P6dsFQUoDVDjpHmFsuK8Pt06kRFHxtwIDAQAB o4IC9DCCAvAwHQYDVR0OBBYEFD/syxe+Ue5Z7HTWTu2RfiIe4oobMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzIyZGI3 NTU1LTlhYTQtNDk4My05MzE2LTczODA5ZGQzNTRiYy8wLzCBiwYIKwYBBQUHMAqG f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJk Yjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvM0ZFQ0NCMTdCRTUx RUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5tZnQwPAYIKwYBBQUHMA2GMGh0 dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g AQH/BA4wDDAKBggrBgEFBQcOAjBYBggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAME Bi7swAMEAk4pMAMEBFFcAAMEBlKLwAMEBcMI4AMEBdQR4AMEBdQ8gAMEBtXwgDAN BAIAAjAHAwUDKgEBcDAZBggrBgEFBQcBCAEB/wQKMAigBjAEAgIidDANBgkqhkiG 9w0BAQsFAAOCAQEABARsjz8ePt5TlzzbXltu/zO/KdSsCQT5m2Adw3gFhB/IqMjo 0h6QhMHj9UaAibE3lTStUIFYSMAdP3/Yox4WX9gKBwmLsiBFpMhokUkmikog2iEM an7prKnWRhA7fjvSg4BvG/5E2aX96+J/wspFk70ke2S+wcFlUM9JOjKZreTAcYTb ZQlU1gwMOc+ZARqpHTEgDGT+vSfo+fn38kQotab9pNFzHDERMKwW9rt95K3fYOLV 8d8XeLnxWSXYhuQp5WkPHtE6PdKL64Sifzz7Tq08jTskuRXxnsIWLC0TFqewFWfW eWiUJnSgOdedP3SVbKNAk6cF6wxWgybmLTeZQg== -----END CERTIFICATE-----Generated at Tue Jan 20 23:52:10 2026 by rpki-client