This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer File: Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer (raw, json) Hash identifier: 4ZXsmecrlBZ7AyRgSmyCPFH1Dg/2RMRX6NfkNofQ0rY= Subject key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7EA69051E64F1DDA90D1898DFBEF3821 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 12:20:03 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 48449 IP: 46.20.96.0/20 IP: 185.100.168.0/22 IP: 185.160.192.0/22 IP: 185.169.220.0/22 IP: 2a14:80::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 09:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:90:51:e6:4f:1d:da:90:d1:89:8d:fb:ef:38:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 12:20:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=67499595a65aab0b53768def08091e31061e9e65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:8a:ce:7f:be:26:a0:1a:d4:00:f1:00:c9:0e: 7f:98:2e:c3:96:9b:19:a9:c9:23:bd:55:fa:f8:e5: 54:1a:1b:8f:e7:4c:5b:0b:ad:42:e7:b1:95:44:eb: d5:82:f5:20:0f:b6:f1:aa:03:93:c1:d3:10:fd:53: 48:c3:6c:82:cf:15:27:68:c9:c8:72:b3:82:4f:0e: ed:3c:5b:e6:76:0b:1f:f2:a1:23:0a:4f:73:1d:4e: 81:2d:0c:62:b5:65:57:0e:e1:79:36:0a:59:61:d2: 09:c6:fa:34:2c:57:a7:10:62:36:35:cf:8c:d7:b1: 8a:a8:8b:e6:b0:61:ba:3d:b5:64:d5:22:bd:ea:57: f9:4d:6c:f7:18:53:56:8a:67:a3:aa:e1:95:e2:c5: 7d:54:ad:e3:9c:2e:e3:71:6e:b2:24:f4:fa:ba:4b: ce:ad:ac:54:de:20:79:db:01:91:ad:79:97:fd:ee: bd:dc:6d:65:af:f5:1f:70:da:dd:a1:25:a6:a4:85: a2:46:a0:c1:9f:0a:3b:42:f0:c9:eb:85:ab:aa:dd: e2:71:aa:e8:47:af:56:51:ab:c9:e9:c6:a6:ae:6c: 49:79:6d:cb:db:a4:27:fa:4f:7a:d6:23:f2:e5:88: 08:78:21:68:79:e1:cc:a9:b7:3a:b5:8b:28:26:f3: cf:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.20.96.0/20 185.100.168.0/22 185.160.192.0/22 185.169.220.0/22 IPv6: 2a14:80::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 48449 Signature Algorithm: sha256WithRSAEncryption 09:6c:82:d3:48:b9:f9:4f:5b:9b:22:73:a2:27:83:80:d0:7f: 7d:17:ee:f1:13:d3:8f:6b:c3:2f:0b:02:08:5f:a3:8a:73:0c: 8f:9b:53:00:7f:c3:ac:29:71:5a:90:5d:52:b1:9c:17:14:7f: 5f:77:63:b4:ef:6c:f7:b9:93:08:17:cd:f6:f7:8e:42:3e:cb: 93:91:ae:f3:7d:6f:81:1c:e1:21:d6:d1:1c:c4:96:14:70:fa: 8a:14:e1:1d:e5:72:0f:62:28:65:84:7c:b7:80:76:30:54:b8: 3a:d6:73:da:14:ba:75:48:1b:4d:00:07:ed:76:a1:e2:0e:bf: 03:fe:76:ec:5e:95:1f:7d:a1:e5:27:7a:1d:c6:0f:9b:93:74: 7b:52:bc:62:73:d2:be:31:14:49:d8:e5:bf:f7:5d:a0:c9:c2: f3:28:0d:80:c5:b5:6c:50:ed:98:3a:86:56:fb:e3:be:f7:b5: 98:47:e7:f0:1d:50:ba:a8:5a:58:b9:12:f4:ea:4c:f5:36:81: c5:db:ca:0d:f7:fc:ff:59:2b:ea:84:ad:4d:1d:8a:b2:2f:7d: 52:bf:b1:70:88:0b:4e:1e:9f:b8:db:ba:d3:b4:45:cd:4e:06: 18:34:00:18:76:5a:dd:a0:bb:76:66:74:f7:75:84:b6:0c:83: e8:43:0f:7c -----BEGIN CERTIFICATE----- MIIFtTCCBJ2gAwIBAgISAZt+ppBR5k8d2pDRiY377zghMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTIyMDAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NzQ5OTU5NWE2NWFhYjBiNTM3NjhkZWYwODA5MWUzMTA2MWU5ZTY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYrOf74moBrUAPEAyQ5/mC7DlpsZ qckjvVX6+OVUGhuP50xbC61C57GVROvVgvUgD7bxqgOTwdMQ/VNIw2yCzxUnaMnI crOCTw7tPFvmdgsf8qEjCk9zHU6BLQxitWVXDuF5NgpZYdIJxvo0LFenEGI2Nc+M 17GKqIvmsGG6PbVk1SK96lf5TWz3GFNWimejquGV4sV9VK3jnC7jcW6yJPT6ukvO raxU3iB52wGRrXmX/e693G1lr/UfcNrdoSWmpIWiRqDBnwo7QvDJ64Wrqt3icaro R69WUavJ6camrmxJeW3L26Qn+k961iPy5YgIeCFoeeHMqbc6tYsoJvPPQwIDAQAB o4ICwTCCAr0wHQYDVR0OBBYEFGdJlZWmWqsLU3aN7wgJHjEGHp5lMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVmL2I3NDRi OC1mMzlkLTQ5NWItYjIxNy0zNTUwODA0MTY1MmQvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYvYjc0NGI4 LWYzOWQtNDk1Yi1iMjE3LTM1NTA4MDQxNjUyZC8xL1owbVZsYVphcXd0VGRvM3ZD QWtlTVFZZW5tVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUF BwEHAQH/BDEwLzAeBAIAATAYAwQELhRgAwQCuWSoAwQCuaDAAwQCuancMA0EAgAC MAcDBQMqFACAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwC9QTANBgkqhkiG9w0B AQsFAAOCAQEACWyC00i5+U9bmyJzoieDgNB/fRfu8RPTj2vDLwsCCF+jinMMj5tT AH/DrClxWpBdUrGcFxR/X3djtO9s97mTCBfN9veOQj7Lk5Gu831vgRzhIdbRHMSW FHD6ihThHeVyD2IoZYR8t4B2MFS4OtZz2hS6dUgbTQAH7Xah4g6/A/527F6VH32h 5Sd6HcYPm5N0e1K8YnPSvjEUSdjlv/ddoMnC8ygNgMW1bFDtmDqGVvvjvve1mEfn 8B1QuqhaWLkS9OpM9TaBxdvKDff8/1kr6oStTR2Ksi99Ur+xcIgLTh6fuNu607RF zU4GGDQAGHZa3aC7dmZ093WEtgyD6EMPfA== -----END CERTIFICATE-----Generated at Wed Jan 21 15:41:08 2026 by rpki-client