This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_TrysG9KUBbg5avtGD9GXbFfQdU.cer File: _TrysG9KUBbg5avtGD9GXbFfQdU.cer (raw, json) Hash identifier: nsDz0c0KILqLqSsNF8nT6chc1LZ6pLph0vqKgy9EqkU= Subject key identifier: FD:3A:F2:B0:6F:4A:50:16:E0:E5:AB:ED:18:3F:46:5D:B1:5F:41:D5 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7BA367CC1E8AAFB030E0FA22793A03C9 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/85/92262e-2276-4a88-a733-049bd7b1e119/1/_TrysG9KUBbg5avtGD9GXbFfQdU.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/85/92262e-2276-4a88-a733-049bd7b1e119/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 22:17:45 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 185.145.160.0/22 IP: 2a07:4880::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:67:cc:1e:8a:af:b0:30:e0:fa:22:79:3a:03:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 22:17:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fd3af2b06f4a5016e0e5abed183f465db15f41d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:d1:e4:c3:e1:31:a1:ae:38:71:ca:8d:f4:35: c2:0f:2d:b1:b2:e9:80:0f:2c:0e:9b:5e:b5:65:e4: 54:93:8d:9e:e9:a1:8a:c4:1f:4c:88:4d:65:9f:71: e9:e4:e7:7c:65:eb:41:d3:49:aa:95:39:6e:98:15: ea:ba:38:63:b1:04:7e:58:fc:95:93:bb:ac:c5:ba: 2b:fa:f9:42:e1:74:6f:72:2f:64:46:cd:04:0f:3a: 47:c5:46:9e:73:46:59:6d:62:f3:d5:e0:92:81:7b: 8b:7c:6b:3c:d0:3a:90:71:5f:0d:6e:57:7e:9d:cf: f1:fe:7d:f4:42:23:26:55:e6:68:1a:e5:df:ed:06: 5f:36:38:8b:d1:40:36:e8:e6:40:b8:84:aa:6f:4b: 16:15:13:08:3e:9c:ab:be:fb:2e:68:cc:95:8e:fc: b8:ea:8d:fc:b7:36:2e:4a:cb:30:95:85:e2:eb:9f: 50:de:be:29:61:f3:48:51:7b:04:b8:df:91:9b:44: 57:c5:ff:0d:8c:e9:ff:65:3c:ae:05:f7:ee:d6:86: 27:30:69:b5:91:37:6d:48:9e:09:f7:62:8f:15:63: f5:e0:d3:bb:22:94:ca:0f:c4:37:4a:5a:2d:0d:88: 1c:30:14:d2:ba:74:f9:9b:d2:9c:60:13:7e:c6:8f: 96:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:3A:F2:B0:6F:4A:50:16:E0:E5:AB:ED:18:3F:46:5D:B1:5F:41:D5 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/92262e-2276-4a88-a733-049bd7b1e119/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/92262e-2276-4a88-a733-049bd7b1e119/1/_TrysG9KUBbg5avtGD9GXbFfQdU.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.145.160.0/22 IPv6: 2a07:4880::/29 Signature Algorithm: sha256WithRSAEncryption 98:5d:cc:b3:8e:15:15:d4:6b:a4:9d:44:87:06:ab:5e:ab:11: f7:e6:11:83:a5:d0:e6:4f:ef:de:43:14:43:9d:ca:e0:d6:6f: 12:96:34:f9:46:0c:ed:e2:d3:00:63:1d:5f:12:35:09:a6:d0: 52:ce:e7:f3:5e:65:1a:94:29:83:9a:56:d1:c0:a0:a8:d5:36: 25:de:80:3e:b5:da:24:01:03:85:20:78:d1:1a:e6:ca:2a:18: 51:b2:90:74:33:1f:0a:8b:0c:bc:83:41:49:fe:16:39:3b:98: 43:e5:91:2c:b2:b4:01:d8:2f:09:94:d7:7f:ca:f5:24:66:45: b8:ab:6b:b2:a9:cb:88:09:21:0b:3a:8c:aa:f6:3f:39:a3:7f: d0:92:8d:96:c6:ec:5c:63:cb:60:2e:fe:f5:3a:d3:5b:54:22: a8:38:c3:76:25:c4:1c:e4:04:0a:c4:fe:d7:60:5d:f8:cf:f2: 04:4c:65:33:1d:2a:61:01:35:57:77:01:b9:e1:13:9b:2b:1b: 7c:57:fc:32:b6:1f:c2:b3:22:36:9d:57:34:3c:9d:cd:24:41: b9:2c:f5:19:0a:46:37:fb:ca:98:ef:8a:d2:82:c7:6a:17:ac: ad:4c:99:b3:d7:2f:21:f0:15:31:d3:77:b3:83:4d:44:fe:cd: 04:c2:cc:a5 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgISAZt7o2fMHoqvsDDg+iJ5OgPJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjIxNzQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmZDNhZjJiMDZmNGE1MDE2ZTBlNWFiZWQxODNmNDY1ZGIxNWY0MWQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNHkw+Exoa44ccqN9DXCDy2xsumA DywOm161ZeRUk42e6aGKxB9MiE1ln3Hp5Od8ZetB00mqlTlumBXqujhjsQR+WPyV k7usxbor+vlC4XRvci9kRs0EDzpHxUaec0ZZbWLz1eCSgXuLfGs80DqQcV8Nbld+ nc/x/n30QiMmVeZoGuXf7QZfNjiL0UA26OZAuISqb0sWFRMIPpyrvvsuaMyVjvy4 6o38tzYuSsswlYXi659Q3r4pYfNIUXsEuN+Rm0RXxf8NjOn/ZTyuBffu1oYnMGm1 kTdtSJ4J92KPFWP14NO7IpTKD8Q3SlotDYgcMBTSunT5m9KcYBN+xo+WswIDAQAB o4ICkzCCAo8wHQYDVR0OBBYEFP068rBvSlAW4OWr7Rg/Rl2xX0HVMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg1LzkyMjYy ZS0yMjc2LTRhODgtYTczMy0wNDliZDdiMWUxMTkvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODUvOTIyNjJl LTIyNzYtNGE4OC1hNzMzLTA0OWJkN2IxZTExOS8xL19UcnlzRzlLVUJiZzVhdnRH RDlHWGJGZlFkVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCuZGgMA0EAgACMAcDBQMqB0iAMA0GCSqGSIb3 DQEBCwUAA4IBAQCYXcyzjhUV1GuknUSHBqteqxH35hGDpdDmT+/eQxRDncrg1m8S ljT5Rgzt4tMAYx1fEjUJptBSzufzXmUalCmDmlbRwKCo1TYl3oA+tdokAQOFIHjR GubKKhhRspB0Mx8Kiwy8g0FJ/hY5O5hD5ZEssrQB2C8JlNd/yvUkZkW4q2uyqcuI CSELOoyq9j85o3/Qko2WxuxcY8tgLv71OtNbVCKoOMN2JcQc5AQKxP7XYF34z/IE TGUzHSphATVXdwG54RObKxt8V/wyth/CsyI2nVc0PJ3NJEG5LPUZCkY3+8qY74rS gsdqF6ytTJmz1y8h8BUx03ezg01E/s0Ewsyl -----END CERTIFICATE-----Generated at Tue Jan 27 03:57:40 2026 by rpki-client