This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Z-HO3-CCbw-Xdb36jpQlMAvenxM.cer File: Z-HO3-CCbw-Xdb36jpQlMAvenxM.cer (raw, json) Hash identifier: N+VV0GINMX3Ly5dSXdXkcBTMiXSLXsNFnwKzxGFRPJo= Subject key identifier: 67:E1:CE:DF:E0:82:6F:0F:97:75:BD:FA:8E:94:25:30:0B:DE:9F:13 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7C80C785FC1C8714F5542882C03D1F6B Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/Z-HO3-CCbw-Xdb36jpQlMAvenxM.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 02:19:33 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 198287 IP: 194.126.129.0/24 IP: 2a05:3700::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:c7:85:fc:1c:87:14:f5:54:28:82:c0:3d:1f:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 02:19:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=67e1cedfe0826f0f9775bdfa8e9425300bde9f13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:8b:77:c5:a8:61:e5:2f:1d:c4:2e:ca:d7:fa: 79:42:22:57:e8:0b:ee:88:ca:1e:c1:09:17:aa:b6: 3f:9c:ba:9c:de:ce:e1:7e:50:84:de:e1:91:39:bd: d7:da:23:11:4c:85:5d:98:63:2f:48:45:9a:7a:cc: e5:69:64:37:dd:44:79:e2:fa:23:92:e2:65:c8:54: 08:9a:69:86:15:30:d3:df:24:76:87:8e:f8:90:78: 85:99:19:61:cb:08:0e:44:1f:94:bf:c0:f2:07:1b: 15:02:d0:63:d7:9a:70:ae:a0:b2:38:ec:cd:47:f7: fd:d9:17:c1:dc:98:9c:c8:a6:9e:4b:30:56:f6:1e: 8c:30:d8:51:47:a8:15:af:bc:a2:cc:4e:38:dc:57: ea:a7:43:f8:49:ad:00:09:da:94:38:59:71:50:e9: 12:f4:bc:5b:82:97:12:25:87:19:11:60:f2:90:ff: 52:15:f2:73:1e:8f:14:18:b4:c3:8d:2d:86:53:84: bb:3a:f0:b7:14:33:94:8e:6f:f4:0f:a9:26:14:ec: fd:37:56:fa:fb:78:3b:7f:17:ad:b6:e0:35:7d:e5: bd:e2:70:c3:e5:4c:b6:7e:1c:39:60:25:60:f6:03: a4:6d:bf:30:fc:e1:37:d6:cb:fb:97:a9:7a:45:da: fe:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:E1:CE:DF:E0:82:6F:0F:97:75:BD:FA:8E:94:25:30:0B:DE:9F:13 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/Z-HO3-CCbw-Xdb36jpQlMAvenxM.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.126.129.0/24 IPv6: 2a05:3700::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 198287 Signature Algorithm: sha256WithRSAEncryption 7f:20:70:b1:32:de:50:f0:b2:dc:8f:21:1e:97:7f:0e:89:6b: 81:70:c4:3e:92:7d:9a:cf:2f:aa:e1:cc:b7:d7:d9:e5:64:b4: 4a:f9:06:bd:30:29:41:fb:e3:f5:ee:37:cb:bb:54:ae:14:fd: 6d:aa:04:83:71:a3:f5:18:e0:66:ac:6d:ee:7b:ed:3d:7e:f0: 97:de:85:f2:a0:8d:bc:2c:91:80:71:35:8b:be:71:9a:5d:35: 69:56:cf:df:d4:fd:5c:62:ec:de:45:cd:28:0b:c2:1c:b1:3d: d0:0a:87:ef:a2:fe:14:fb:e2:9d:27:f7:bf:a4:eb:17:b5:9c: 1e:e9:2b:1e:2e:33:44:79:c7:b2:d0:a8:46:2c:3c:cf:36:33: 98:4f:2d:c8:cb:86:08:26:4a:4f:85:7a:04:2f:e8:36:7a:56: 56:ba:37:3b:6d:de:ec:f7:c5:27:a7:31:5c:19:4c:81:cf:6f: 4e:ec:5c:d7:4c:f1:6a:9a:af:d7:49:79:1d:82:2a:5a:55:cc: 9f:94:8b:0f:98:fa:e2:80:34:68:b9:18:90:8c:11:6e:5a:b4: 8d:6a:cd:80:d4:eb:1f:60:10:d2:c6:59:9e:58:72:14:a1:7e: 30:bc:1f:89:83:46:17:0e:15:ed:20:cf:31:43:53:d9:1a:f8: e8:d7:95:f0 -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt8gMeF/ByHFPVUKILAPR9rMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDIxOTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2N2UxY2VkZmUwODI2ZjBmOTc3NWJkZmE4ZTk0MjUzMDBiZGU5ZjEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4t3xahh5S8dxC7K1/p5QiJX6Avu iMoewQkXqrY/nLqc3s7hflCE3uGROb3X2iMRTIVdmGMvSEWaeszlaWQ33UR54voj kuJlyFQImmmGFTDT3yR2h474kHiFmRlhywgORB+Uv8DyBxsVAtBj15pwrqCyOOzN R/f92RfB3JicyKaeSzBW9h6MMNhRR6gVr7yizE443Ffqp0P4Sa0ACdqUOFlxUOkS 9LxbgpcSJYcZEWDykP9SFfJzHo8UGLTDjS2GU4S7OvC3FDOUjm/0D6kmFOz9N1b6 +3g7fxettuA1feW94nDD5Uy2fhw5YCVg9gOkbb8w/OE31sv7l6l6Rdr+XwIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFGfhzt/ggm8Pl3W9+o6UJTAL3p8TMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IzLzE5ZmE0 YS1mNDFkLTRiYWYtYjllYS1lYzliNzU1MjEyOTcvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMvMTlmYTRh LWY0MWQtNGJhZi1iOWVhLWVjOWI3NTUyMTI5Ny8xL1otSE8zLUNDYnctWGRiMzZq cFFsTUF2ZW54TS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQAwn6BMA0EAgACMAcDBQMqBTcAMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwMGjzANBgkqhkiG9w0BAQsFAAOCAQEAfyBwsTLeUPCy 3I8hHpd/DolrgXDEPpJ9ms8vquHMt9fZ5WS0SvkGvTApQfvj9e43y7tUrhT9baoE g3Gj9RjgZqxt7nvtPX7wl96F8qCNvCyRgHE1i75xml01aVbP39T9XGLs3kXNKAvC HLE90AqH76L+FPvinSf3v6TrF7WcHukrHi4zRHnHstCoRiw8zzYzmE8tyMuGCCZK T4V6BC/oNnpWVro3O23e7PfFJ6cxXBlMgc9vTuxc10zxapqv10l5HYIqWlXMn5SL D5j64oA0aLkYkIwRblq0jWrNgNTrH2AQ0sZZnlhyFKF+MLwfiYNGFw4V7SDPMUNT 2Rr46NeV8A== -----END CERTIFICATE-----Generated at Tue Jan 27 00:09:38 2026 by rpki-client