This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/TzLUClO7YLhnWebsClIHMAtBr3A.cer File: TzLUClO7YLhnWebsClIHMAtBr3A.cer (raw, json) Hash identifier: Sol7hT5MO9Bd0mH7ANC9n2JxIFix6muY7wc0VmFFLlg= Subject key identifier: 4F:32:D4:0A:53:BB:60:B8:67:59:E6:EC:0A:52:07:30:0B:41:AF:70 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B797E983DBBCE4903BDDB6E1C6D3682A6 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 12:18:18 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 185.50.176.0/22 IP: 2a01:aba0::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:10:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:98:3d:bb:ce:49:03:bd:db:6e:1c:6d:36:82:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 12:18:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4f32d40a53bb60b86759e6ec0a5207300b41af70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:74:19:8c:bf:2e:da:8d:a5:a0:cb:fd:2c:63: 54:a2:75:89:3b:ff:4b:1e:bb:1c:8a:cb:2d:c6:88: 44:84:b3:22:3b:ef:6c:42:7d:43:ea:9e:6e:b6:40: 98:bd:ee:6a:71:fb:cc:3f:ac:de:fb:c4:a5:e1:c5: a4:af:74:6b:bb:49:4f:47:15:df:97:dd:28:bf:fb: 67:70:3a:d7:7a:ac:f9:75:89:5c:2e:d3:4d:90:9e: 8c:71:99:54:1a:16:78:f4:85:9b:89:d6:f8:08:91: 2f:0c:8f:82:7c:72:06:3e:2e:5f:72:09:3e:60:f6: 8b:6b:06:77:44:99:91:08:0f:73:03:86:d6:50:0e: 91:9f:46:9a:b9:05:4c:0c:6c:60:cb:fb:8f:e7:a0: 05:70:a2:b7:e8:6e:16:3f:1c:00:8c:6f:0c:85:37: e0:69:7a:9e:8a:75:dd:fd:5e:ca:48:e3:62:fc:de: dd:62:1b:52:e3:82:d9:02:b1:f3:03:1e:10:9a:cd: 0c:da:77:37:11:93:38:90:ac:93:d8:a3:83:48:dc: 6d:71:bd:6c:80:2b:29:59:24:6b:03:c1:2c:ff:ed: c2:54:51:4c:fb:0d:19:02:18:18:47:6a:d5:96:ea: eb:71:02:e7:e1:01:ac:d0:c0:c1:f1:ba:62:d3:e4: ad:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:32:D4:0A:53:BB:60:B8:67:59:E6:EC:0A:52:07:30:0B:41:AF:70 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.50.176.0/22 IPv6: 2a01:aba0::/32 Signature Algorithm: sha256WithRSAEncryption 9e:55:59:35:83:a7:ba:19:a7:40:46:f9:f1:b1:96:cd:e8:be: 19:b4:bf:ef:df:68:62:a3:7f:54:b7:7e:89:13:12:5f:00:b2: 31:7d:51:c7:70:61:82:ca:19:f1:2b:9d:3c:af:75:d2:1d:21: 5b:d8:84:b4:86:f1:26:63:58:82:e6:3e:9b:e2:7e:4c:e2:98: 48:f2:c0:2a:ad:65:65:e4:fe:76:76:ce:80:5d:2c:4f:d6:c6: 83:d9:aa:45:ac:49:77:e5:7f:05:ed:30:56:64:e5:d7:dd:af: f0:44:cb:9c:c6:89:13:e8:81:fd:e2:4f:53:83:55:dd:12:64: 6a:a6:e4:95:40:1a:d4:fb:bb:95:f5:b6:da:b6:88:63:78:b8: 87:ad:c3:f6:30:1f:17:76:75:53:92:d1:0f:3b:ac:46:84:5e: c0:82:91:b6:d5:d0:7a:7d:d4:e4:55:4a:6c:f6:63:72:74:e4: 73:b1:9a:9f:a5:98:5c:45:95:f6:cf:db:f9:66:bf:74:57:fe: 33:a3:8c:78:72:2c:c9:d9:ed:f3:21:ef:ae:63:f5:bf:76:3c: 42:5e:98:cc:d7:a5:c2:07:fb:c4:ab:91:6c:62:cd:37:34:15: 92:0e:92:6f:71:1a:16:f6:b3:99:16:7a:e2:30:c2:d8:27:dd: a2:b0:33:4b -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgISAZt5fpg9u85JA73bbhxtNoKmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTIxODE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZjMyZDQwYTUzYmI2MGI4Njc1OWU2ZWMwYTUyMDczMDBiNDFhZjcwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHQZjL8u2o2loMv9LGNUonWJO/9L HrscisstxohEhLMiO+9sQn1D6p5utkCYve5qcfvMP6ze+8Sl4cWkr3Rru0lPRxXf l90ov/tncDrXeqz5dYlcLtNNkJ6McZlUGhZ49IWbidb4CJEvDI+CfHIGPi5fcgk+ YPaLawZ3RJmRCA9zA4bWUA6Rn0aauQVMDGxgy/uP56AFcKK36G4WPxwAjG8MhTfg aXqeinXd/V7KSONi/N7dYhtS44LZArHzAx4Qms0M2nc3EZM4kKyT2KODSNxtcb1s gCspWSRrA8Es/+3CVFFM+w0ZAhgYR2rVlurrcQLn4QGs0MDB8bpi0+StzwIDAQAB o4ICkzCCAo8wHQYDVR0OBBYEFE8y1ApTu2C4Z1nm7ApSBzALQa9wMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YzL2E3NWU2 My04MTQ5LTQ5YzYtOTM5Zi1jNmJmMmZmYjcyNTMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMvYTc1ZTYz LTgxNDktNDljNi05MzlmLWM2YmYyZmZiNzI1My8xL1R6TFVDbE83WUxobldlYnND bElITUF0QnIzQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCuTKwMA0EAgACMAcDBQAqAaugMA0GCSqGSIb3 DQEBCwUAA4IBAQCeVVk1g6e6GadARvnxsZbN6L4ZtL/v32hio39Ut36JExJfALIx fVHHcGGCyhnxK508r3XSHSFb2IS0hvEmY1iC5j6b4n5M4phI8sAqrWVl5P52ds6A XSxP1saD2apFrEl35X8F7TBWZOXX3a/wRMucxokT6IH94k9Tg1XdEmRqpuSVQBrU +7uV9bbatohjeLiHrcP2MB8XdnVTktEPO6xGhF7AgpG21dB6fdTkVUps9mNydORz sZqfpZhcRZX2z9v5Zr90V/4zo4x4cizJ2e3zIe+uY/W/djxCXpjM16XCB/vEq5Fs Ys03NBWSDpJvcRoW9rOZFnriMMLYJ92isDNL -----END CERTIFICATE-----Generated at Mon Feb 9 16:49:45 2026 by rpki-client