This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Znrl7XyovV-O_zCw5Hq035OCj_E.cer File: Znrl7XyovV-O_zCw5Hq035OCj_E.cer (raw, json) Hash identifier: D503KQCxkpwmamvmR5GTrbNzGnodWCB9Q5kViwnnMg4= Subject key identifier: 66:7A:E5:ED:7C:A8:BD:5F:8E:FF:30:B0:E4:7A:B4:DF:93:82:8F:F1 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B77C75E52874CCE95145FF92BFA4B53B4 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2c/4ae0bd-d7e4-44d5-877e-4a9ce2131b42/1/Znrl7XyovV-O_zCw5Hq035OCj_E.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2c/4ae0bd-d7e4-44d5-877e-4a9ce2131b42/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 04:18:33 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 206182 IP: 185.77.48.0/22 IP: 2a03:52e0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:5e:52:87:4c:ce:95:14:5f:f9:2b:fa:4b:53:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 04:18:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=667ae5ed7ca8bd5f8eff30b0e47ab4df93828ff1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:d3:51:54:2c:c6:a5:31:8b:8f:9a:25:49:a1: ef:9e:b6:d2:7d:0a:c6:1b:cf:18:b7:fe:98:c5:93: cc:c2:87:bc:22:04:e2:5f:9a:9f:04:48:9f:ba:90: 04:90:d2:1f:b8:14:e6:c8:66:f0:db:9c:1c:70:8f: 7b:37:eb:9f:c7:ca:bd:a9:89:e8:fb:62:d6:0e:1c: 03:e9:e7:4c:cb:5e:43:24:8f:22:6b:64:e1:b0:0a: d7:be:7b:e9:36:0a:31:e6:a2:06:7b:d9:5a:42:06: 88:82:87:fe:bd:c0:dd:9c:37:9d:e1:66:96:40:af: 8b:2e:65:d1:e9:c2:00:ff:8c:52:57:2b:7a:0f:2e: bc:40:be:55:ef:94:19:24:57:bf:00:a7:2f:60:e0: 86:2a:95:01:39:1a:bd:ea:3b:84:d5:71:e6:ce:33: 06:20:9c:ea:0d:20:53:e8:87:2e:9b:86:a9:f9:fb: 6c:81:81:82:82:56:82:27:ab:d1:18:fa:20:63:3f: 18:c4:15:00:30:7e:b8:7e:d2:07:12:ac:d2:00:60: 2c:33:07:80:90:e6:61:03:2a:13:26:d1:da:1b:d8: e0:65:e5:5f:96:df:59:86:40:c9:95:a7:d9:52:fa: e2:31:4b:06:05:08:f5:1d:93:8a:f7:10:b7:0c:6a: 0f:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:7A:E5:ED:7C:A8:BD:5F:8E:FF:30:B0:E4:7A:B4:DF:93:82:8F:F1 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4ae0bd-d7e4-44d5-877e-4a9ce2131b42/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4ae0bd-d7e4-44d5-877e-4a9ce2131b42/1/Znrl7XyovV-O_zCw5Hq035OCj_E.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.77.48.0/22 IPv6: 2a03:52e0::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 206182 Signature Algorithm: sha256WithRSAEncryption 14:b9:97:bb:9b:30:98:f4:b7:56:bd:bf:c9:f6:0d:9f:44:88: d3:bf:83:f2:6a:cc:75:f6:3b:7a:4e:36:a3:59:de:5a:e5:76: af:1e:56:69:24:e2:e0:36:f5:09:1e:bf:4b:b6:21:e9:ec:3c: 80:6b:22:e9:9f:45:f1:ba:a7:74:53:6b:ce:0b:44:c0:4e:7d: fa:e8:c0:48:d6:73:5f:f5:80:f4:54:a7:b5:8d:55:be:b1:ba: d6:ca:61:86:bb:66:f9:7a:31:7a:31:c0:ca:d6:87:1f:56:7b: c2:18:b0:da:3c:81:ef:5f:63:86:a4:d4:46:f3:46:4f:08:3f: b2:2b:59:ee:f2:71:ac:7c:e9:37:ec:64:6d:18:73:df:82:d7: 60:f4:eb:c6:53:ec:a5:b7:06:f3:c4:05:55:35:9c:e6:ac:1a: 8c:fe:52:2e:f1:a6:b5:f9:a2:78:4c:f3:94:8d:21:ca:d9:f2: 8e:e3:52:34:fe:b8:47:07:93:23:39:13:e2:6c:32:8b:75:77: fc:96:40:72:d7:4a:3c:ff:28:23:7c:24:f4:ab:b8:08:0d:6c: 73:1e:55:6f:c4:2f:d6:04:62:23:33:69:db:a7:e6:d9:a7:e9: 73:6c:bf:82:bf:6f:ae:43:75:93:6a:e3:d9:7c:d4:0e:99:b0: 32:f3:4e:7e -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt3x15Sh0zOlRRf+Sv6S1O0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDQxODMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NjdhZTVlZDdjYThiZDVmOGVmZjMwYjBlNDdhYjRkZjkzODI4ZmYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtNRVCzGpTGLj5olSaHvnrbSfQrG G88Yt/6YxZPMwoe8IgTiX5qfBEifupAEkNIfuBTmyGbw25wccI97N+ufx8q9qYno +2LWDhwD6edMy15DJI8ia2ThsArXvnvpNgox5qIGe9laQgaIgof+vcDdnDed4WaW QK+LLmXR6cIA/4xSVyt6Dy68QL5V75QZJFe/AKcvYOCGKpUBORq96juE1XHmzjMG IJzqDSBT6Icum4ap+ftsgYGCglaCJ6vRGPogYz8YxBUAMH64ftIHEqzSAGAsMweA kOZhAyoTJtHaG9jgZeVflt9ZhkDJlafZUvriMUsGBQj1HZOK9xC3DGoPVwIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFGZ65e18qL1fjv8wsOR6tN+Tgo/xMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJjLzRhZTBi ZC1kN2U0LTQ0ZDUtODc3ZS00YTljZTIxMzFiNDIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMvNGFlMGJk LWQ3ZTQtNDRkNS04NzdlLTRhOWNlMjEzMWI0Mi8xL1pucmw3WHlvdlYtT196Q3c1 SHEwMzVPQ2pfRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCuU0wMA0EAgACMAcDBQMqA1LgMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwMlZjANBgkqhkiG9w0BAQsFAAOCAQEAFLmXu5swmPS3 Vr2/yfYNn0SI07+D8mrMdfY7ek42o1neWuV2rx5WaSTi4Db1CR6/S7Yh6ew8gGsi 6Z9F8bqndFNrzgtEwE59+ujASNZzX/WA9FSntY1VvrG61sphhrtm+XoxejHAytaH H1Z7whiw2jyB719jhqTURvNGTwg/sitZ7vJxrHzpN+xkbRhz34LXYPTrxlPspbcG 88QFVTWc5qwajP5SLvGmtfmieEzzlI0hytnyjuNSNP64RweTIzkT4mwyi3V3/JZA ctdKPP8oI3wk9Ku4CA1scx5Vb8Qv1gRiIzNp26fm2afpc2y/gr9vrkN1k2rj2XzU DpmwMvNOfg== -----END CERTIFICATE-----Generated at Mon Feb 9 15:14:30 2026 by rpki-client