This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Z-B-9OfktoQIIZjk7JIUQ0TEGEM.cer File: Z-B-9OfktoQIIZjk7JIUQ0TEGEM.cer (raw, json) Hash identifier: yQ0VlHMaASl8aUraupXnJcLu27km7r5lR+mb50TnbiM= Subject key identifier: 67:E0:7E:F4:E7:E4:B6:84:08:21:98:E4:EC:92:14:43:44:C4:18:43 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7C80A1C633AC5B95C5BADEC97B38D8C7 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/e0/44f63e-f33d-4f22-8dfb-af6f338bcec2/1/Z-B-9OfktoQIIZjk7JIUQ0TEGEM.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/e0/44f63e-f33d-4f22-8dfb-af6f338bcec2/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 02:19:23 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 185.43.148.0/22 IP: 2a01:44a0::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:a1:c6:33:ac:5b:95:c5:ba:de:c9:7b:38:d8:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 02:19:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=67e07ef4e7e4b684082198e4ec92144344c41843 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:86:6f:7b:65:e4:ca:f1:7c:e2:c6:70:34:03: ee:93:14:20:fe:bd:d9:95:9e:c3:a9:49:6e:a9:e5: 89:a6:de:37:07:83:7d:c4:5d:5e:c4:c1:29:4e:a4: 6a:53:cd:d7:63:ef:98:5a:a1:78:56:9e:38:c6:45: 79:f9:99:8c:73:9b:fb:a5:77:e7:52:3a:74:cc:9a: 81:ce:0f:c2:6a:6f:e4:40:cd:06:7e:6e:de:f5:f1: 39:ea:8f:d1:77:17:24:38:7e:a8:1f:43:05:36:9b: da:e7:2a:9d:db:9d:9f:72:8f:cb:43:a2:86:1a:34: 90:dc:ba:0b:6d:31:0d:c3:48:17:bf:7b:3c:e2:b5: 56:d6:00:51:f9:5b:b1:86:ae:ff:d9:1b:96:72:58: 98:5e:c0:b1:ac:88:9e:26:ad:73:55:43:c9:da:ed: 9e:32:df:53:af:d8:50:39:a3:3d:0f:27:81:4c:d1: f3:5e:8c:47:e6:ed:d0:de:d9:51:37:af:89:16:42: da:ce:e9:74:93:d1:d4:d3:03:36:38:67:00:bd:74: b5:88:10:6e:89:35:c9:f3:a2:d6:e5:5f:f4:ec:99: 3c:d3:0d:7c:46:e4:12:9c:a9:aa:84:13:44:bc:39: 88:20:cf:4a:fe:61:75:e0:6c:2a:cd:c9:bd:27:ed: b3:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:E0:7E:F4:E7:E4:B6:84:08:21:98:E4:EC:92:14:43:44:C4:18:43 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/44f63e-f33d-4f22-8dfb-af6f338bcec2/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/44f63e-f33d-4f22-8dfb-af6f338bcec2/1/Z-B-9OfktoQIIZjk7JIUQ0TEGEM.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.43.148.0/22 IPv6: 2a01:44a0::/32 Signature Algorithm: sha256WithRSAEncryption 2a:b4:16:ea:53:50:43:2f:91:5d:82:f7:9d:85:27:da:00:bf: 78:17:03:e9:35:ca:77:94:4a:e5:a7:bf:7c:38:39:07:c2:bd: 1c:a9:a2:00:fc:e7:9c:32:87:4b:5c:da:2b:07:85:51:17:a9: 01:aa:fa:b2:63:c8:4a:14:5e:11:ce:0f:f9:4d:13:74:a2:bb: 3b:ce:f9:dc:69:ec:30:4b:e4:12:37:09:3c:03:dc:ba:e8:bf: c6:93:57:f2:08:cf:12:51:97:8d:67:a8:ab:bd:cc:80:8c:30: e2:43:e9:ce:32:af:72:d4:d4:9a:cd:7f:65:f5:34:f2:9f:75: 77:a3:63:da:c6:59:f3:f0:49:ed:f8:cd:f5:80:87:49:5c:54: ec:3d:93:3d:5e:5a:0e:59:0b:50:90:33:67:05:cf:d2:d8:34: 9b:b1:60:43:83:77:da:9c:f5:2a:a1:b0:0d:2f:44:03:38:c5: 04:6c:57:3e:6a:fd:1d:3f:62:af:a5:96:a1:59:32:ac:2a:62: 5f:ff:29:1d:64:c9:ae:7c:9e:d9:ef:3f:a3:0a:1b:75:21:96: 39:36:af:ec:9a:ca:0b:4e:2b:9b:7c:3d:9b:34:f7:aa:b5:a8: 6b:bc:16:cc:2b:7c:28:49:2a:9b:47:3b:66:41:32:9c:00:e5: 2d:45:43:ca -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgISAZt8gKHGM6xblcW63sl7ONjHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDIxOTIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2N2UwN2VmNGU3ZTRiNjg0MDgyMTk4ZTRlYzkyMTQ0MzQ0YzQxODQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4Zve2XkyvF84sZwNAPukxQg/r3Z lZ7DqUluqeWJpt43B4N9xF1exMEpTqRqU83XY++YWqF4Vp44xkV5+ZmMc5v7pXfn Ujp0zJqBzg/Cam/kQM0Gfm7e9fE56o/RdxckOH6oH0MFNpva5yqd252fco/LQ6KG GjSQ3LoLbTENw0gXv3s84rVW1gBR+Vuxhq7/2RuWcliYXsCxrIieJq1zVUPJ2u2e Mt9Tr9hQOaM9DyeBTNHzXoxH5u3Q3tlRN6+JFkLazul0k9HU0wM2OGcAvXS1iBBu iTXJ86LW5V/07Jk80w18RuQSnKmqhBNEvDmIIM9K/mF14Gwqzcm9J+2zGQIDAQAB o4ICkzCCAo8wHQYDVR0OBBYEFGfgfvTn5LaECCGY5OySFENExBhDMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2UwLzQ0ZjYz ZS1mMzNkLTRmMjItOGRmYi1hZjZmMzM4YmNlYzIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAvNDRmNjNl LWYzM2QtNGYyMi04ZGZiLWFmNmYzMzhiY2VjMi8xL1otQi05T2ZrdG9RSUlaams3 SklVUTBURUdFTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCuSuUMA0EAgACMAcDBQAqAUSgMA0GCSqGSIb3 DQEBCwUAA4IBAQAqtBbqU1BDL5FdgvedhSfaAL94FwPpNcp3lErlp798ODkHwr0c qaIA/OecModLXNorB4VRF6kBqvqyY8hKFF4Rzg/5TRN0ors7zvncaewwS+QSNwk8 A9y66L/Gk1fyCM8SUZeNZ6irvcyAjDDiQ+nOMq9y1NSazX9l9TTyn3V3o2Paxlnz 8Ent+M31gIdJXFTsPZM9XloOWQtQkDNnBc/S2DSbsWBDg3fanPUqobANL0QDOMUE bFc+av0dP2KvpZahWTKsKmJf/ykdZMmufJ7Z7z+jCht1IZY5Nq/smsoLTiubfD2b NPeqtahrvBbMK3woSSqbRztmQTKcAOUtRUPK -----END CERTIFICATE-----Generated at Tue Feb 10 04:19:01 2026 by rpki-client