This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ZMX9HcDEV9nsET0jvUk1xyPp7PQ.cer File: ZMX9HcDEV9nsET0jvUk1xyPp7PQ.cer (raw, json) Hash identifier: GS58cvYt5x5ISApy/KlTz+M3s5EkOCqzn+8NcCiEAGE= Subject key identifier: 64:C5:FD:1D:C0:C4:57:D9:EC:11:3D:23:BD:49:35:C7:23:E9:EC:F4 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7B35CF9D4431BF0326AAE928BC09FAAA Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/3b/a4640c-e69a-4337-b1aa-4cb0679ace7f/1/ZMX9HcDEV9nsET0jvUk1xyPp7PQ.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/3b/a4640c-e69a-4337-b1aa-4cb0679ace7f/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 20:18:02 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 211465 IP: 194.42.126.0/23 IP: 2001:678:1078::/48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:cf:9d:44:31:bf:03:26:aa:e9:28:bc:09:fa:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 20:18:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=64c5fd1dc0c457d9ec113d23bd4935c723e9ecf4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:cc:2b:79:4d:30:cf:d5:f8:2b:60:70:dc:a5: 54:ce:4e:d0:9a:73:70:76:ea:b9:d7:f2:34:60:21: 78:40:dd:d3:87:54:f8:de:e3:0c:18:78:c8:4a:82: 86:ff:7b:dd:b5:5c:b6:8a:76:69:56:7e:dc:08:dd: 0e:2a:0c:35:9f:a4:41:d9:a1:91:2e:07:24:1a:9f: 2f:3d:4a:a7:1c:16:6b:3f:e0:f6:b1:6f:ec:0c:ee: 6f:45:86:0e:d1:5c:0a:8e:70:7a:7f:1b:e3:9c:ca: a3:51:a6:cf:0b:8a:28:69:9a:6e:f7:fe:d5:55:43: 38:e4:c3:62:b0:46:e7:04:65:f8:12:df:e6:50:55: 1b:12:09:69:af:71:ac:e4:91:72:1c:1c:b3:e8:a4: df:c2:b7:82:0b:fd:ad:1e:d3:7d:6b:6c:00:e2:cb: 1e:b8:d0:57:31:76:4e:8a:1a:ac:ba:34:59:c9:f3: 50:40:04:c5:30:78:11:06:bf:17:77:f3:68:ab:20: 6e:0d:f5:49:4c:14:cd:ab:f2:83:07:ad:89:3b:53: 9a:3e:bd:c5:4d:a0:25:9a:4e:3f:c8:66:7f:26:4b: 05:78:87:4f:15:e1:c7:4a:69:0a:67:ec:db:5d:8a: 70:c3:7e:be:c4:b4:45:67:5c:e6:1c:30:ae:6d:de: b0:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:C5:FD:1D:C0:C4:57:D9:EC:11:3D:23:BD:49:35:C7:23:E9:EC:F4 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/a4640c-e69a-4337-b1aa-4cb0679ace7f/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/a4640c-e69a-4337-b1aa-4cb0679ace7f/1/ZMX9HcDEV9nsET0jvUk1xyPp7PQ.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.42.126.0/23 IPv6: 2001:678:1078::/48 sbgp-autonomousSysNum: critical Autonomous System Numbers: 211465 Signature Algorithm: sha256WithRSAEncryption 21:1a:5d:d8:bd:8b:63:75:6a:f8:2c:d2:0a:6d:16:0c:5e:5f: b4:3e:6f:c8:ea:30:f9:33:1e:72:87:eb:f0:53:9d:d8:58:5c: 35:37:48:69:bb:31:15:ee:6f:c0:4e:2a:7f:aa:39:d8:d4:b8: 68:8e:8d:60:7b:42:c1:b3:eb:8f:f2:06:6b:30:81:3a:de:db: 2d:81:45:77:c3:89:a0:7f:24:9b:7f:44:31:65:fa:cf:67:b6: 30:b9:0d:a5:a5:59:d1:9e:18:ff:56:e5:b8:65:bc:fb:e6:0e: 54:5b:aa:da:5a:a4:aa:89:ca:21:11:af:54:ff:01:1f:da:ac: fa:6e:dd:20:2d:d5:ac:fa:4c:fd:13:e7:53:56:5d:59:c3:02: 61:a4:48:51:f4:58:f4:c3:a2:8f:1b:e0:43:44:23:d9:54:59: a4:f7:f0:95:a1:25:24:c1:e1:0f:f8:74:2a:91:59:11:97:f5: 39:2e:7e:8e:9d:ca:cf:04:fa:0c:ef:d7:f9:63:e1:12:6f:f0: e9:75:f6:43:e4:d4:2f:fd:8f:99:f7:b3:b1:86:7a:2a:a1:2e: a8:e3:30:ae:f0:b0:69:e8:f8:33:e0:b1:63:c0:a5:01:a1:e2: 11:29:ae:21:78:3d:60:df:22:8b:ea:8a:f6:9b:28:2a:d2:1d: da:1b:63:d4 -----BEGIN CERTIFICATE----- MIIFpTCCBI2gAwIBAgISAZt7Nc+dRDG/Ayaq6Si8CfqqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjAxODAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NGM1ZmQxZGMwYzQ1N2Q5ZWMxMTNkMjNiZDQ5MzVjNzIzZTllY2Y0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8wreU0wz9X4K2Bw3KVUzk7QmnNw duq51/I0YCF4QN3Th1T43uMMGHjISoKG/3vdtVy2inZpVn7cCN0OKgw1n6RB2aGR LgckGp8vPUqnHBZrP+D2sW/sDO5vRYYO0VwKjnB6fxvjnMqjUabPC4ooaZpu9/7V VUM45MNisEbnBGX4Et/mUFUbEglpr3Gs5JFyHByz6KTfwreCC/2tHtN9a2wA4sse uNBXMXZOihqsujRZyfNQQATFMHgRBr8Xd/NoqyBuDfVJTBTNq/KDB62JO1OaPr3F TaAlmk4/yGZ/JksFeIdPFeHHSmkKZ+zbXYpww36+xLRFZ1zmHDCubd6w6QIDAQAB o4ICsTCCAq0wHQYDVR0OBBYEFGTF/R3AxFfZ7BE9I71JNccj6ez0MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNiL2E0NjQw Yy1lNjlhLTQzMzctYjFhYS00Y2IwNjc5YWNlN2YvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2IvYTQ2NDBj LWU2OWEtNDMzNy1iMWFhLTRjYjA2NzlhY2U3Zi8xL1pNWDlIY0RFVjluc0VUMGp2 VWsxeHlQcDdQUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUF BwEHAQH/BCEwHzAMBAIAATAGAwQBwip+MA8EAgACMAkDBwAgAQZ4EHgwGgYIKwYB BQUHAQgBAf8ECzAJoAcwBQIDAzoJMA0GCSqGSIb3DQEBCwUAA4IBAQAhGl3YvYtj dWr4LNIKbRYMXl+0Pm/I6jD5Mx5yh+vwU53YWFw1N0hpuzEV7m/ATip/qjnY1Lho jo1ge0LBs+uP8gZrMIE63tstgUV3w4mgfySbf0QxZfrPZ7YwuQ2lpVnRnhj/VuW4 Zbz75g5UW6raWqSqicohEa9U/wEf2qz6bt0gLdWs+kz9E+dTVl1ZwwJhpEhR9Fj0 w6KPG+BDRCPZVFmk9/CVoSUkweEP+HQqkVkRl/U5Ln6OncrPBPoM79f5Y+ESb/Dp dfZD5NQv/Y+Z97OxhnoqoS6o4zCu8LBp6Pgz4LFjwKUBoeIRKa4heD1g3yKL6or2 mygq0h3aG2PU -----END CERTIFICATE-----Generated at Mon Feb 9 15:06:56 2026 by rpki-client