This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_2mO6y5J_LX5xlqZhXrynOBmQdk.cer File: _2mO6y5J_LX5xlqZhXrynOBmQdk.cer (raw, json) Hash identifier: 3OD3q2OQwx68d7mWtRq3vHzVc/wW4uwPeG30rIdcysI= Subject key identifier: FF:69:8E:EB:2E:49:FC:B5:F9:C6:5A:99:85:7A:F2:9C:E0:66:41:D9 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B76EAD7D7C544BE5B221C4E5E5937828C Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/_2mO6y5J_LX5xlqZhXrynOBmQdk.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 00:17:40 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 8194 AS: 47352 AS: 210213 AS: 210591 IP: 31.24.192.0/21 IP: 185.1.236.0/24 IP: 195.244.144.0/20 IP: 212.70.160.0/19 IP: 2001:7f8:126::/48 IP: 2a00:1780::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:d7:d7:c5:44:be:5b:22:1c:4e:5e:59:37:82:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 00:17:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ff698eeb2e49fcb5f9c65a99857af29ce06641d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:fb:bd:2c:19:2a:7d:f8:82:bf:cf:92:f1:8f: a2:a8:22:fb:b0:f8:2e:b2:d4:31:69:57:1a:30:bd: 2b:4b:50:62:0b:57:36:61:4c:3e:e9:eb:1c:62:c8: 5f:0b:9d:c7:27:97:1f:f1:4a:a6:3b:35:db:74:ac: e8:f0:db:b1:1e:98:28:12:fd:c1:02:dc:7d:c1:49: 8a:28:e6:1c:aa:5b:05:fc:12:01:82:a4:17:4b:43: af:3b:29:37:d7:a9:52:8e:4b:36:6d:a3:cf:b3:14: 58:87:48:3f:f0:ec:fb:1c:18:12:34:c7:d0:44:c8: a5:8a:be:31:c3:64:f1:b7:9e:44:84:76:c8:54:39: 8f:a0:c5:96:98:07:07:6c:bc:ef:90:c8:7f:c3:84: b7:de:2a:54:7e:1b:59:cd:b1:02:3e:2e:a0:7b:b5: ab:58:40:f2:fc:ad:d0:01:ee:4a:4e:6f:0d:9d:bb: 64:29:51:09:0d:db:c9:be:e7:b3:f1:a4:d6:0c:30: 4a:cd:8d:85:89:67:44:54:00:a0:e0:6c:c7:3b:6c: 29:d8:66:ae:7f:1f:1b:1d:06:2f:68:32:38:b3:0f: 7d:ed:8b:c9:f1:ce:0b:a9:73:af:7c:f9:d5:3d:15: 93:12:14:b2:74:e6:57:a8:63:7b:81:bb:0e:0b:ba: 2d:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:69:8E:EB:2E:49:FC:B5:F9:C6:5A:99:85:7A:F2:9C:E0:66:41:D9 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/_2mO6y5J_LX5xlqZhXrynOBmQdk.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.24.192.0/21 185.1.236.0/24 195.244.144.0/20 212.70.160.0/19 IPv6: 2001:7f8:126::/48 2a00:1780::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 8194 47352 210213 210591 Signature Algorithm: sha256WithRSAEncryption 47:12:33:e9:a9:1c:ea:e1:35:ff:df:8a:3b:9d:d8:8b:f3:5d: 0b:0d:f2:38:5c:6e:a5:9c:81:cd:b5:43:39:24:df:6f:c7:8a: fb:7e:f9:cd:31:98:ae:61:c7:72:8b:2f:99:02:38:bc:de:53: 56:9a:e7:67:e8:91:ae:5f:ca:22:3d:95:68:bc:89:73:f3:30: ad:00:14:2e:fb:56:d6:9d:9f:27:d2:ef:0d:5e:1f:51:8f:c0: b3:5a:00:04:24:8b:f0:b7:9a:d4:41:1d:75:2d:47:72:88:d4: 20:26:ed:7e:9b:e1:51:3e:bf:78:eb:58:e1:22:9e:72:7c:82: 72:66:9a:73:cc:2c:93:12:d5:d8:07:79:ec:4a:ec:dd:0a:14: b0:cb:26:7e:84:17:bb:9c:8e:1a:48:94:1d:aa:f4:bf:2c:88: d6:88:94:66:b7:b6:5b:d0:04:9d:76:e9:ff:db:1e:1e:37:4b: d5:d2:f7:d2:d8:c0:74:66:40:5f:18:1f:63:c6:2e:b4:36:13: c6:c9:b8:78:81:a5:4a:58:b6:eb:6d:36:7a:7d:66:ec:5d:1f: 4b:83:8f:17:33:c3:b5:8f:16:3b:2d:0c:04:2b:f9:be:93:65: f7:c2:e5:67:b6:0d:36:a3:31:c6:dd:6c:ed:f1:29:e4:c5:be: 2d:97:78:14 -----BEGIN CERTIFICATE----- MIIFzDCCBLSgAwIBAgISAZt26tfXxUS+WyIcTl5ZN4KMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDAxNzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmZjY5OGVlYjJlNDlmY2I1ZjljNjVhOTk4NTdhZjI5Y2UwNjY0MWQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/u9LBkqffiCv8+S8Y+iqCL7sPgu stQxaVcaML0rS1BiC1c2YUw+6escYshfC53HJ5cf8UqmOzXbdKzo8NuxHpgoEv3B Atx9wUmKKOYcqlsF/BIBgqQXS0OvOyk316lSjks2baPPsxRYh0g/8Oz7HBgSNMfQ RMilir4xw2Txt55EhHbIVDmPoMWWmAcHbLzvkMh/w4S33ipUfhtZzbECPi6ge7Wr WEDy/K3QAe5KTm8NnbtkKVEJDdvJvuez8aTWDDBKzY2FiWdEVACg4GzHO2wp2Gau fx8bHQYvaDI4sw997YvJ8c4LqXOvfPnVPRWTEhSydOZXqGN7gbsOC7otyQIDAQAB o4IC2DCCAtQwHQYDVR0OBBYEFP9pjusuSfy1+cZamYV68pzgZkHZMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVmL2I0ZDc1 ZC05NTNhLTQwMzYtOTgzOS01N2NkNjhkOWNiNGUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYvYjRkNzVk LTk1M2EtNDAzNi05ODM5LTU3Y2Q2OGQ5Y2I0ZS8xL18ybU82eTVKX0xYNXhscVpo WHJ5bk9CbVFkay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUF BwEHAQH/BDowODAeBAIAATAYAwQDHxjAAwQAuQHsAwQEw/SQAwQF1EagMBYEAgAC MBADBwAgAQf4ASYDBQAqABeAMCgGCCsGAQUFBwEIAQH/BBkwF6AVMBMCAiACAgMA uPgCAwM1JQIDAzafMA0GCSqGSIb3DQEBCwUAA4IBAQBHEjPpqRzq4TX/34o7ndiL 810LDfI4XG6lnIHNtUM5JN9vx4r7fvnNMZiuYcdyiy+ZAji83lNWmudn6JGuX8oi PZVovIlz8zCtABQu+1bWnZ8n0u8NXh9Rj8CzWgAEJIvwt5rUQR11LUdyiNQgJu1+ m+FRPr9461jhIp5yfIJyZppzzCyTEtXYB3nsSuzdChSwyyZ+hBe7nI4aSJQdqvS/ LIjWiJRmt7Zb0ASddun/2x4eN0vV0vfS2MB0ZkBfGB9jxi60NhPGybh4gaVKWLbr bTZ6fWbsXR9Lg48XM8O1jxY7LQwEK/m+k2X3wuVntg02ozHG3Wzt8Snkxb4tl3gU -----END CERTIFICATE-----Generated at Tue Jan 27 08:29:18 2026 by rpki-client