This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8GtFnaioypFoM85L3-cXqaOLeo.cer File: a8GtFnaioypFoM85L3-cXqaOLeo.cer (raw, json) Hash identifier: n+4yZtjtxLLUwRHvKvlLJifKyr+fNyuRCl9dmYPcNxM= Subject key identifier: 6B:C1:AD:16:76:A2:A3:2A:45:A0:CF:39:2F:7F:9C:5E:A6:8E:2D:EA Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B77592ECC3B8DE4A5929355CF7DF435E6 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9b/22392e-aa67-4588-b809-ef1aaaabfe2b/1/a8GtFnaioypFoM85L3-cXqaOLeo.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9b/22392e-aa67-4588-b809-ef1aaaabfe2b/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 02:18:12 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 33867 IP: 195.248.64.0/24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:2e:cc:3b:8d:e4:a5:92:93:55:cf:7d:f4:35:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 02:18:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6bc1ad1676a2a32a45a0cf392f7f9c5ea68e2dea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:9d:01:79:bf:78:01:c7:f2:70:fe:87:83:8c: 91:4f:3b:49:3c:62:c5:da:1c:3a:e1:a7:4e:ff:2e: 7f:09:14:ce:c3:73:49:7c:1d:46:43:c9:64:ee:2c: 03:53:2d:7b:27:bd:b8:5c:9c:cc:88:92:b4:6a:24: e6:bb:15:7a:43:3d:e7:c5:2b:ef:6a:69:d9:74:70: bb:75:0c:17:9f:3c:ff:8d:cc:bb:49:15:40:94:fd: 27:ac:d7:f7:3f:4e:7e:58:95:4c:4f:8e:d9:da:eb: 8b:3f:fd:ba:cc:e8:b3:2a:33:3c:8a:47:12:b9:35: 16:fc:da:f2:3c:55:4b:c3:7f:bd:5f:e1:58:db:8a: 1f:47:73:07:91:2a:66:e4:d0:ef:96:4d:53:d2:7f: 52:f9:10:63:5e:9c:5a:2c:89:59:26:b4:f0:d1:be: a2:75:11:ae:f6:32:eb:55:52:7e:50:3a:5d:88:2e: b4:2b:31:e0:f1:eb:eb:b1:a6:ca:49:4c:65:fb:fd: ca:c4:49:f6:b2:78:73:75:f0:e8:cc:4d:0e:4f:87: c3:46:b6:3f:87:fe:e7:a5:04:63:85:dc:14:5d:bc: 5d:3d:77:e7:8e:73:2f:a2:6b:c4:c3:be:90:a2:9b: eb:96:26:af:2b:38:9e:eb:aa:85:31:16:69:8c:ec: f2:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:C1:AD:16:76:A2:A3:2A:45:A0:CF:39:2F:7F:9C:5E:A6:8E:2D:EA X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/22392e-aa67-4588-b809-ef1aaaabfe2b/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/22392e-aa67-4588-b809-ef1aaaabfe2b/1/a8GtFnaioypFoM85L3-cXqaOLeo.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.248.64.0/24 sbgp-autonomousSysNum: critical Autonomous System Numbers: 33867 Signature Algorithm: sha256WithRSAEncryption 13:d8:a6:6d:37:be:dc:89:19:ea:47:32:00:e3:3e:4a:b5:47: e8:07:bd:99:0d:01:28:3b:76:bf:b3:de:42:e0:3e:0a:07:00: a8:dd:d9:3e:a3:ae:58:87:a7:0e:3f:42:91:3b:26:62:8f:7f: c1:a2:21:07:08:67:89:d4:bb:90:79:fd:c8:4e:20:da:c6:1a: 77:64:4a:bc:41:9b:05:c5:4a:2f:39:58:c6:7c:df:30:a8:30: 0a:9a:fe:e9:e8:39:8d:20:6c:5c:80:eb:0d:6e:22:86:9c:e8: e0:cb:dc:61:4e:98:b4:49:41:5a:ac:ee:7b:d2:2c:02:18:9b: 1b:82:cf:ed:33:aa:1a:d4:a0:66:cc:38:9b:6f:fe:0a:c3:1a: e2:92:84:87:e8:06:5a:14:d8:46:a1:e4:d5:9d:02:27:78:45: f8:4f:b3:a1:f6:b9:28:90:af:05:b1:5d:48:8d:e8:36:2e:1b: 37:c6:bc:b2:64:c8:b6:53:9d:8f:2d:23:14:9f:f1:3a:8b:e7: 7e:b0:21:41:de:b5:b4:9c:ca:50:9a:a0:33:20:6c:5f:00:a4: ce:e3:f6:97:b5:ed:d0:47:9c:83:96:64:b4:ec:1f:e2:39:0e: 92:3c:b4:09:b9:86:83:e2:7d:33:1e:13:af:1b:75:17:cb:37: 60:c2:4c:f5 -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgISAZt3WS7MO43kpZKTVc999DXmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDIxODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YmMxYWQxNjc2YTJhMzJhNDVhMGNmMzkyZjdmOWM1ZWE2OGUyZGVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqp0Beb94AcfycP6Hg4yRTztJPGLF 2hw64adO/y5/CRTOw3NJfB1GQ8lk7iwDUy17J724XJzMiJK0aiTmuxV6Qz3nxSvv amnZdHC7dQwXnzz/jcy7SRVAlP0nrNf3P05+WJVMT47Z2uuLP/26zOizKjM8ikcS uTUW/NryPFVLw3+9X+FY24ofR3MHkSpm5NDvlk1T0n9S+RBjXpxaLIlZJrTw0b6i dRGu9jLrVVJ+UDpdiC60KzHg8evrsabKSUxl+/3KxEn2snhzdfDozE0OT4fDRrY/ h/7npQRjhdwUXbxdPXfnjnMvomvEw76QopvrliavKzie66qFMRZpjOzyWwIDAQAB o4ICoDCCApwwHQYDVR0OBBYEFGvBrRZ2oqMqRaDPOS9/nF6mji3qMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzliLzIyMzky ZS1hYTY3LTQ1ODgtYjgwOS1lZjFhYWFhYmZlMmIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIvMjIzOTJl LWFhNjctNDU4OC1iODA5LWVmMWFhYWFiZmUyYi8xL2E4R3RGbmFpb3lwRm9NODVM My1jWHFhT0xlby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQAw/hAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC AwCESzANBgkqhkiG9w0BAQsFAAOCAQEAE9imbTe+3IkZ6kcyAOM+SrVH6Ae9mQ0B KDt2v7PeQuA+CgcAqN3ZPqOuWIenDj9CkTsmYo9/waIhBwhnidS7kHn9yE4g2sYa d2RKvEGbBcVKLzlYxnzfMKgwCpr+6eg5jSBsXIDrDW4ihpzo4MvcYU6YtElBWqzu e9IsAhibG4LP7TOqGtSgZsw4m2/+CsMa4pKEh+gGWhTYRqHk1Z0CJ3hF+E+zofa5 KJCvBbFdSI3oNi4bN8a8smTItlOdjy0jFJ/xOovnfrAhQd61tJzKUJqgMyBsXwCk zuP2l7Xt0Eecg5ZktOwf4jkOkjy0CbmGg+J9Mx4Trxt1F8s3YMJM9Q== -----END CERTIFICATE-----Generated at Tue Jan 27 07:15:40 2026 by rpki-client