This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer File: _OTzlnKb9HjmNlSYIfb2lw2JP1I.cer (raw, json) Hash identifier: ONSTYpYwpZoCufuw/TI4+8pSCxTR8Cv8J7xX70bSWzE= Subject key identifier: FC:E4:F3:96:72:9B:F4:78:E6:36:54:98:21:F6:F6:97:0D:89:3F:52 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7DCA0C588851E66012EE705096D42A34 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 08:19:12 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 47648 IP: 152.89.188.0/22 IP: 185.239.196.0/22 IP: 195.68.248.0/23 IP: 195.68.254.0/23 IP: 2a0c:6180::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:0c:58:88:51:e6:60:12:ee:70:50:96:d4:2a:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 08:19:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fce4f396729bf478e636549821f6f6970d893f52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:d5:f4:51:d1:3d:b8:f8:97:63:b2:db:0f:b8: eb:26:47:c9:b3:e5:5d:ab:15:9e:3d:73:77:f3:24: 9d:0b:ca:ac:71:0f:cb:ef:27:56:ac:61:c1:ca:dd: c1:c4:54:c5:08:03:fd:72:c6:53:a1:1c:84:40:e2: 68:58:c2:bd:19:70:e2:8b:76:96:5c:32:43:0a:f9: 70:4b:48:cc:db:63:83:3d:8a:88:95:eb:9d:e3:0d: f0:3f:1a:fd:d1:bf:93:1c:63:3a:32:6f:eb:3d:84: 93:75:b1:ee:7f:93:dd:d3:b0:1f:49:1c:c1:0a:10: 51:30:a3:2e:79:ac:a8:1e:0a:ec:21:a8:11:ec:05: f4:9c:34:21:da:4b:c2:bb:c5:d0:5d:de:49:bd:0a: e2:53:b4:a4:c1:c7:8b:76:77:10:47:98:b2:79:45: ad:e9:bc:10:9a:47:10:0d:25:ef:51:d9:07:0b:d3: 5f:ff:0b:4e:0d:e9:9e:7a:1e:48:91:29:b1:41:d5: 7b:45:7c:0e:27:5a:0a:5c:0e:86:66:9e:d5:3b:36: 50:53:8e:17:3b:5a:b7:bc:83:80:e8:63:3d:32:8f: b7:cf:3b:92:5e:14:bf:ae:31:77:21:9e:c8:f7:54: 80:b3:9a:22:5f:b1:c3:78:07:32:8c:53:4e:7f:80: 1c:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:E4:F3:96:72:9B:F4:78:E6:36:54:98:21:F6:F6:97:0D:89:3F:52 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 152.89.188.0/22 185.239.196.0/22 195.68.248.0/23 195.68.254.0/23 IPv6: 2a0c:6180::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 47648 Signature Algorithm: sha256WithRSAEncryption 58:6d:7a:63:07:82:6b:52:47:3a:36:99:bc:85:c0:86:bc:d9: d1:8b:70:a4:f7:15:72:a5:b8:9a:92:cd:eb:9b:fa:76:1d:54: 9a:92:9e:c3:db:4b:38:b1:b9:8c:4a:96:ef:42:a2:28:fc:21: 9b:c7:37:23:45:62:80:ed:8a:9f:f5:d8:fe:87:e8:cb:ab:39: 6a:eb:4e:f9:f7:b6:75:92:15:61:60:d1:1e:9f:0c:4c:7f:76: 3f:1a:91:f3:33:35:3c:e0:9e:4d:49:9f:a9:49:04:ea:1f:1a: 17:9f:24:e6:c5:c8:12:79:35:ee:fe:78:44:6e:70:5c:5a:85: b3:44:0f:31:70:ce:29:12:b6:80:c5:00:b7:fb:c6:a9:da:5a: c8:b1:f4:05:b0:c1:b0:66:79:b5:eb:b4:4c:a0:89:8f:4a:60: db:bf:24:32:c2:c7:57:df:7b:fc:fe:57:82:30:ba:10:6f:9a: a3:81:d1:80:73:ac:46:df:1f:5f:17:98:b6:5c:65:c3:99:82: 3c:82:ad:86:69:7c:4b:4b:8e:06:82:f1:50:2f:78:85:da:f9: fc:58:c5:0c:d5:3c:5b:e3:91:10:dc:99:92:27:73:49:e9:53: 69:c6:ca:81:aa:14:98:8e:12:48:2e:91:02:25:4d:f5:bb:00: 14:0b:6f:42 -----BEGIN CERTIFICATE----- MIIFtTCCBJ2gAwIBAgISAZt9ygxYiFHmYBLucFCW1Co0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDgxOTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmY2U0ZjM5NjcyOWJmNDc4ZTYzNjU0OTgyMWY2ZjY5NzBkODkzZjUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6NX0UdE9uPiXY7LbD7jrJkfJs+Vd qxWePXN38ySdC8qscQ/L7ydWrGHByt3BxFTFCAP9csZToRyEQOJoWMK9GXDii3aW XDJDCvlwS0jM22ODPYqIleud4w3wPxr90b+THGM6Mm/rPYSTdbHuf5Pd07AfSRzB ChBRMKMueayoHgrsIagR7AX0nDQh2kvCu8XQXd5JvQriU7SkwceLdncQR5iyeUWt 6bwQmkcQDSXvUdkHC9Nf/wtODemeeh5IkSmxQdV7RXwOJ1oKXA6GZp7VOzZQU44X O1q3vIOA6GM9Mo+3zzuSXhS/rjF3IZ7I91SAs5oiX7HDeAcyjFNOf4AceQIDAQAB o4ICwTCCAr0wHQYDVR0OBBYEFPzk85Zym/R45jZUmCH29pcNiT9SMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYzLzM2Mjc1 ZS02NzU5LTRkNTItYjJkMS04YzcwZGU5ZTliOWQvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjMvMzYyNzVl LTY3NTktNGQ1Mi1iMmQxLThjNzBkZTllOWI5ZC8xL19PVHpsbktiOUhqbU5sU1lJ ZmIybHcySlAxSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUF BwEHAQH/BDEwLzAeBAIAATAYAwQCmFm8AwQCue/EAwQBw0T4AwQBw0T+MA0EAgAC MAcDBQMqDGGAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwC6IDANBgkqhkiG9w0B AQsFAAOCAQEAWG16YweCa1JHOjaZvIXAhrzZ0YtwpPcVcqW4mpLN65v6dh1UmpKe w9tLOLG5jEqW70KiKPwhm8c3I0VigO2Kn/XY/ofoy6s5autO+fe2dZIVYWDRHp8M TH92PxqR8zM1POCeTUmfqUkE6h8aF58k5sXIEnk17v54RG5wXFqFs0QPMXDOKRK2 gMUAt/vGqdpayLH0BbDBsGZ5teu0TKCJj0pg278kMsLHV997/P5XgjC6EG+ao4HR gHOsRt8fXxeYtlxlw5mCPIKthml8S0uOBoLxUC94hdr5/FjFDNU8W+ORENyZkidz SelTacbKgaoUmI4SSC6RAiVN9bsAFAtvQg== -----END CERTIFICATE-----Generated at Mon Feb 9 15:08:05 2026 by rpki-client