This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/avtfHyEUagk_P9rQxr_3V3avN8Y.cer File: avtfHyEUagk_P9rQxr_3V3avN8Y.cer (raw, json) Hash identifier: fmooahuYNDib42l9jeA/k3SBA0gaVCuH0TlcOj4WxFk= Subject key identifier: 6A:FB:5F:1F:21:14:6A:09:3F:3F:DA:D0:C6:BF:F7:57:76:AF:37:C6 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7FF2B93536D363CDF5B5F4EBF23C92FB Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/cc/e3c0c0-2383-48d5-8618-f98b9d227a94/1/avtfHyEUagk_P9rQxr_3V3avN8Y.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/cc/e3c0c0-2383-48d5-8618-f98b9d227a94/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 18:22:52 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 185.222.204.0/22 IP: 2a0c:e800::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:10:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:b9:35:36:d3:63:cd:f5:b5:f4:eb:f2:3c:92:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 18:22:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6afb5f1f21146a093f3fdad0c6bff75776af37c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:ec:a7:c0:0d:64:68:c5:d1:1f:e3:da:34:ad: 91:3c:5a:f2:15:f8:07:6d:d4:3e:88:a0:b1:d3:3f: 37:7b:b7:29:16:78:73:45:e9:cf:b2:b0:5a:c7:fa: d2:c0:3a:46:ba:9b:78:af:85:e9:a7:2a:fa:8b:ca: ec:98:2b:e7:48:13:a3:f5:26:2b:a5:a7:77:e9:c7: 36:a1:72:10:6c:0c:be:dc:b1:e6:95:46:63:e2:5e: d6:a4:72:71:a4:7c:a3:e4:8c:e3:e0:34:55:b8:93: d5:b1:44:72:4f:fc:e1:a2:3b:4c:c9:b1:d5:d8:cb: 6a:11:be:4a:27:53:eb:b3:b5:b5:90:2e:4b:fb:94: 35:3b:2e:b0:aa:80:a3:e1:28:d3:14:8f:88:f9:5d: fe:df:9f:a0:7b:84:0b:f1:91:5f:df:ee:be:53:ec: 82:ef:7f:42:5d:17:3e:2e:7f:22:24:a4:ca:7e:f9: 48:77:30:26:6a:57:95:16:e9:22:88:d9:cc:64:2f: e1:9b:4a:c9:9f:fe:a3:bd:47:22:4d:eb:a1:dc:c8: 3f:38:40:59:bf:8a:b7:0d:02:d0:6c:4c:14:34:6d: 3c:1d:fa:ca:ee:d5:ce:7b:0d:38:10:38:97:21:2d: 24:16:de:52:c5:65:a9:83:e6:30:ae:11:a4:ed:b9: 56:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:FB:5F:1F:21:14:6A:09:3F:3F:DA:D0:C6:BF:F7:57:76:AF:37:C6 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e3c0c0-2383-48d5-8618-f98b9d227a94/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e3c0c0-2383-48d5-8618-f98b9d227a94/1/avtfHyEUagk_P9rQxr_3V3avN8Y.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.222.204.0/22 IPv6: 2a0c:e800::/29 Signature Algorithm: sha256WithRSAEncryption 2f:9a:93:75:fc:9f:e7:65:b9:c5:03:f6:c8:59:6b:65:a7:db: bb:26:28:20:bb:7d:b5:4d:f9:ad:7d:84:74:7e:69:ac:d5:74: a8:bf:a7:03:9f:f6:85:da:89:c2:98:c7:69:77:62:47:f6:75: c0:da:d5:d1:74:95:16:d7:51:6f:4e:e4:94:25:69:b5:83:52: c8:2d:a9:79:25:86:49:62:83:54:68:ce:e6:20:26:0c:d1:db: 24:22:e1:8e:ff:95:c8:93:b9:fd:de:97:36:3d:8a:77:58:fa: 18:a6:95:43:30:a0:77:e7:7f:04:db:65:0d:d4:82:62:30:e6: 03:6d:a9:aa:80:03:5b:4b:2e:50:bc:29:64:57:0f:8e:6b:d1: a2:44:be:9e:08:ca:55:9b:ff:c8:e7:af:39:2e:3a:39:ee:fc: 37:e0:0b:e5:4f:64:3b:a4:40:c1:f2:4a:1b:df:5a:91:a1:63: f5:01:71:c0:c8:d0:8b:a9:6c:71:80:32:56:71:b1:a1:14:99: a3:fe:cb:84:96:70:b2:cb:9c:e9:60:50:09:9b:a8:18:39:6d: 52:95:55:7a:81:82:59:be:09:a5:de:cc:92:c2:d2:78:54:01: a9:80:a7:a3:65:cd:97:8c:79:49:0b:0c:8f:2e:44:4e:92:ae: 74:cc:01:a2 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgISAZt/8rk1NtNjzfW19OvyPJL7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTgyMjUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YWZiNWYxZjIxMTQ2YTA5M2YzZmRhZDBjNmJmZjc1Nzc2YWYzN2M2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuynwA1kaMXRH+PaNK2RPFryFfgH bdQ+iKCx0z83e7cpFnhzRenPsrBax/rSwDpGupt4r4Xppyr6i8rsmCvnSBOj9SYr pad36cc2oXIQbAy+3LHmlUZj4l7WpHJxpHyj5Izj4DRVuJPVsURyT/zhojtMybHV 2MtqEb5KJ1Prs7W1kC5L+5Q1Oy6wqoCj4SjTFI+I+V3+35+ge4QL8ZFf3+6+U+yC 739CXRc+Ln8iJKTKfvlIdzAmaleVFukiiNnMZC/hm0rJn/6jvUciTeuh3Mg/OEBZ v4q3DQLQbEwUNG08HfrK7tXOew04EDiXIS0kFt5SxWWpg+YwrhGk7blWawIDAQAB o4ICkzCCAo8wHQYDVR0OBBYEFGr7Xx8hFGoJPz/a0Ma/91d2rzfGMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NjL2UzYzBj MC0yMzgzLTQ4ZDUtODYxOC1mOThiOWQyMjdhOTQvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2MvZTNjMGMw LTIzODMtNDhkNS04NjE4LWY5OGI5ZDIyN2E5NC8xL2F2dGZIeUVVYWdrX1A5clF4 cl8zVjNhdk44WS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCud7MMA0EAgACMAcDBQMqDOgAMA0GCSqGSIb3 DQEBCwUAA4IBAQAvmpN1/J/nZbnFA/bIWWtlp9u7Jiggu321TfmtfYR0fmms1XSo v6cDn/aF2onCmMdpd2JH9nXA2tXRdJUW11FvTuSUJWm1g1LILal5JYZJYoNUaM7m ICYM0dskIuGO/5XIk7n93pc2PYp3WPoYppVDMKB3538E22UN1IJiMOYDbamqgANb Sy5QvClkVw+Oa9GiRL6eCMpVm//I5685Ljo57vw34AvlT2Q7pEDB8kob31qRoWP1 AXHAyNCLqWxxgDJWcbGhFJmj/suElnCyy5zpYFAJm6gYOW1SlVV6gYJZvgml3syS wtJ4VAGpgKejZc2XjHlJCwyPLkROkq50zAGi -----END CERTIFICATE-----Generated at Mon Feb 9 16:53:01 2026 by rpki-client