This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/UDmdRDW7hfrpEKvjjmhTMgTf1gs.cer File: UDmdRDW7hfrpEKvjjmhTMgTf1gs.cer (raw, json) Hash identifier: IvoY5jg1HWeWoj9YCNJESO665euJkbHTs3MuHJQIQBk= Subject key identifier: 50:39:9D:44:35:BB:85:FA:E9:10:AB:E3:8E:68:53:32:04:DF:D6:0B Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7DC95A0EA23056729396DF76C8A47284 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/92/4f3f08-986b-48e4-85dd-34ffdb442113/1/UDmdRDW7hfrpEKvjjmhTMgTf1gs.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/92/4f3f08-986b-48e4-85dd-34ffdb442113/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 08:18:26 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 44071 IP: 185.167.188.0/22 IP: 2a0b:a600::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 09:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c9:5a:0e:a2:30:56:72:93:96:df:76:c8:a4:72:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 08:18:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=50399d4435bb85fae910abe38e68533204dfd60b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:fa:a1:68:e5:27:6e:5d:8d:1d:67:99:8f:35: 99:09:a1:e5:a4:52:03:68:72:ac:27:60:c0:9c:0b: b8:5b:34:1d:92:ca:59:75:c9:36:65:c2:7f:cb:f1: d7:55:73:c2:fb:db:93:81:b8:1b:90:c8:b0:c0:e3: 92:4c:d7:b0:3a:c5:b3:f5:f1:10:8e:48:9d:37:af: 27:af:c0:d5:83:77:8f:3e:d9:f1:1c:ad:ce:76:70: d3:d5:6e:72:f7:48:d9:46:fd:9d:52:58:da:98:db: b8:7c:03:9e:a4:5b:a7:0a:9f:d9:80:98:e6:0d:56: 52:b4:df:c5:d5:ac:11:e8:f0:59:02:39:81:33:9a: 51:73:d1:66:21:2a:03:60:4a:97:3e:af:d1:a5:49: 1c:1c:da:9a:d7:cd:58:ca:d8:ec:37:66:93:f4:c3: e6:b3:1c:22:1c:ba:c3:a5:d4:1f:ae:4f:91:e7:d2: 23:1a:5b:80:da:15:d7:9e:ec:2e:91:71:fc:fd:db: b8:5a:3b:67:5f:56:92:1d:ea:53:92:c8:75:3f:fe: de:84:b6:c8:6c:0e:d3:77:8a:52:cb:ad:50:98:3d: 72:52:b3:f7:7b:48:57:46:7a:59:4a:59:e9:30:bc: d9:b5:a7:5c:e8:fc:85:a6:01:51:c7:db:b4:13:5a: ae:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:39:9D:44:35:BB:85:FA:E9:10:AB:E3:8E:68:53:32:04:DF:D6:0B X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/4f3f08-986b-48e4-85dd-34ffdb442113/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/4f3f08-986b-48e4-85dd-34ffdb442113/1/UDmdRDW7hfrpEKvjjmhTMgTf1gs.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.167.188.0/22 IPv6: 2a0b:a600::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 44071 Signature Algorithm: sha256WithRSAEncryption 19:cf:57:43:7b:c8:3c:0f:b7:49:4a:c2:85:06:5a:75:c7:04: c9:bd:09:d6:ea:2a:9b:a7:7b:3d:28:09:9d:40:a9:d5:fe:95: 4b:06:63:58:c2:e2:24:ad:54:e7:d1:75:b9:3d:69:6d:4b:7d: ef:c1:2d:39:a6:f2:a0:84:8e:7f:1e:dc:9c:33:6f:23:dd:f3: 9f:54:1b:82:99:af:0b:85:96:e6:2e:16:c9:76:52:ee:0d:02: 2e:72:8f:cc:9b:21:90:b8:0c:9b:dc:06:df:63:c1:7d:a2:7c: 4c:37:95:cf:d9:50:bc:d6:ae:5c:ff:1f:1f:a9:a9:cd:02:a8: 3e:7b:16:38:bb:2e:7c:0f:12:8f:75:5e:fc:f3:35:58:0c:c0: e7:6e:b8:7c:ed:5c:25:4e:49:31:44:de:74:08:ee:37:2d:48: b2:d2:39:25:66:7e:fe:21:72:26:dd:2b:1f:b2:73:86:23:e3: 57:94:8a:7e:41:2b:99:bc:39:85:43:2b:ba:8f:4c:80:45:e3: af:42:f0:9f:c3:58:9e:53:ee:97:cd:18:d7:80:a6:8e:2f:96: fe:a3:48:d8:26:08:6b:85:ec:99:1a:16:64:59:d7:9c:a2:8c: f3:bc:ff:f4:d6:5f:7e:17:6d:0f:5f:50:b6:3e:5f:36:1d:35: 97:56:a7:02 -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt9yVoOojBWcpOW33bIpHKEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDgxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MDM5OWQ0NDM1YmI4NWZhZTkxMGFiZTM4ZTY4NTMzMjA0ZGZkNjBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPqhaOUnbl2NHWeZjzWZCaHlpFID aHKsJ2DAnAu4WzQdkspZdck2ZcJ/y/HXVXPC+9uTgbgbkMiwwOOSTNewOsWz9fEQ jkidN68nr8DVg3ePPtnxHK3OdnDT1W5y90jZRv2dUljamNu4fAOepFunCp/ZgJjm DVZStN/F1awR6PBZAjmBM5pRc9FmISoDYEqXPq/RpUkcHNqa181YytjsN2aT9MPm sxwiHLrDpdQfrk+R59IjGluA2hXXnuwukXH8/du4WjtnX1aSHepTksh1P/7ehLbI bA7Td4pSy61QmD1yUrP3e0hXRnpZSlnpMLzZtadc6PyFpgFRx9u0E1quuQIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFFA5nUQ1u4X66RCr445oUzIE39YLMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyLzRmM2Yw OC05ODZiLTQ4ZTQtODVkZC0zNGZmZGI0NDIxMTMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIvNGYzZjA4 LTk4NmItNDhlNC04NWRkLTM0ZmZkYjQ0MjExMy8xL1VEbWRSRFc3aGZycEVLdmpq bWhUTWdUZjFncy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCuae8MA0EAgACMAcDBQAqC6YAMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwCsJzANBgkqhkiG9w0BAQsFAAOCAQEAGc9XQ3vIPA+3 SUrChQZadccEyb0J1uoqm6d7PSgJnUCp1f6VSwZjWMLiJK1U59F1uT1pbUt978Et OabyoISOfx7cnDNvI93zn1QbgpmvC4WW5i4WyXZS7g0CLnKPzJshkLgMm9wG32PB faJ8TDeVz9lQvNauXP8fH6mpzQKoPnsWOLsufA8Sj3Ve/PM1WAzA5264fO1cJU5J MUTedAjuNy1IstI5JWZ+/iFyJt0rH7JzhiPjV5SKfkErmbw5hUMruo9MgEXjr0Lw n8NYnlPul80Y14Cmji+W/qNI2CYIa4XsmRoWZFnXnKKM87z/9NZffhdtD19Qtj5f Nh01l1anAg== -----END CERTIFICATE-----Generated at Wed Jan 21 15:36:43 2026 by rpki-client