This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/criGdSR84YZaNT9M71sqwoijlpg.cer File: criGdSR84YZaNT9M71sqwoijlpg.cer (raw, json) Hash identifier: 5mwDi+sYd9Vw355Pq+Rgzh/JjB2Sk59ICF89J0gIkpE= Subject key identifier: 72:B8:86:75:24:7C:E1:86:5A:35:3F:4C:EF:5B:2A:C2:88:A3:96:98 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7BA51D05EC6A1C133C7EF65CF6E3A969 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c4/14dd6e-6773-47ff-8e3b-1137073fa8f6/1/criGdSR84YZaNT9M71sqwoijlpg.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c4/14dd6e-6773-47ff-8e3b-1137073fa8f6/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 22:19:37 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 202302 IP: 31.42.188.0/22 IP: 46.175.144.0/21 IP: 91.219.60.0/22 IP: 194.61.52.0/22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 09:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:1d:05:ec:6a:1c:13:3c:7e:f6:5c:f6:e3:a9:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 22:19:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=72b88675247ce1865a353f4cef5b2ac288a39698 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:4f:d7:81:49:5c:b3:cf:e8:5d:8b:02:43:dc: 98:3e:af:e2:3c:f7:b4:fd:bf:74:20:89:3f:d3:eb: 6a:8b:82:a5:84:ab:e0:31:db:d3:0c:4d:78:73:01: ce:f7:93:19:57:ca:1e:da:c7:70:ec:a8:6d:da:d0: 32:92:48:75:77:e7:36:43:ed:13:d9:0d:39:af:f1: 2e:f1:a8:14:9e:73:2b:59:0a:50:fb:27:21:32:3f: 74:e5:2b:24:1a:50:d9:de:a4:46:29:f3:9a:7d:c1: b3:db:fc:e9:2d:41:5f:b4:74:04:fe:4b:49:d5:ac: f9:57:59:b0:1b:ed:e2:ad:c3:d6:91:43:b2:02:79: f5:ac:1d:6d:0a:1f:47:31:95:17:f9:24:cf:85:2b: 73:98:bc:b3:7c:b6:e1:4b:8d:56:42:ce:c2:9d:90: ab:0b:19:bb:08:aa:b8:e6:1c:02:ef:8e:0e:68:4b: 60:7f:5a:55:25:d6:58:41:f8:ec:c0:0a:bc:6d:2a: 4a:ab:da:9b:e7:b9:a0:ec:33:62:ba:51:ca:75:19: 6d:5e:e8:a8:7a:b6:9f:db:dc:6e:82:80:5c:31:07: 37:5b:d0:ab:13:e9:10:9c:0d:ef:a9:75:3f:00:36: 6a:f1:42:80:a1:97:0d:24:36:af:87:3c:ea:1c:94: 11:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:B8:86:75:24:7C:E1:86:5A:35:3F:4C:EF:5B:2A:C2:88:A3:96:98 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/14dd6e-6773-47ff-8e3b-1137073fa8f6/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/14dd6e-6773-47ff-8e3b-1137073fa8f6/1/criGdSR84YZaNT9M71sqwoijlpg.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.42.188.0/22 46.175.144.0/21 91.219.60.0/22 194.61.52.0/22 sbgp-autonomousSysNum: critical Autonomous System Numbers: 202302 Signature Algorithm: sha256WithRSAEncryption 53:e5:c4:4d:d0:a7:8e:79:31:dc:f1:8f:b4:42:28:54:ff:1f: db:ea:75:43:88:58:28:48:3d:fc:75:9c:78:00:69:64:f1:8d: b2:fd:0c:62:fc:65:16:75:32:65:87:22:e1:c3:b5:68:de:da: 3c:42:46:69:a3:25:24:c7:5a:f3:ec:e4:e2:a7:0b:7d:46:9d: 91:84:cb:0b:82:da:1a:dd:01:d4:9a:d1:d1:ef:81:01:6c:94: b9:19:69:e3:44:33:c9:b6:e3:3c:bb:af:18:50:57:91:88:23: aa:66:19:f8:4a:a3:a3:0a:b5:4c:0c:cb:87:49:ad:89:d7:6c: 1f:1b:c2:63:1a:f6:0d:81:c2:d1:19:55:54:2c:7d:7c:62:1b: 29:7d:08:f7:ad:0c:22:f3:dd:b0:45:0c:83:b8:70:a1:7a:62: 7d:b4:bc:91:41:26:22:af:e7:b8:11:8a:90:04:31:38:8c:31: 60:7e:39:10:7c:30:77:b3:be:c9:0f:45:ad:20:2c:7c:85:57: 96:f5:0f:67:3a:d0:d1:55:9a:27:b0:4b:72:74:55:db:33:c7: 52:c8:50:27:ac:62:76:a3:14:6d:bd:27:fb:3a:d3:92:48:d9: a7:67:75:d3:10:64:b6:d0:76:81:23:a1:0d:14:bb:a7:23:a9: 41:42:f1:d0 -----BEGIN CERTIFICATE----- MIIFpjCCBI6gAwIBAgISAZt7pR0F7GocEzx+9lz246lpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjIxOTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MmI4ODY3NTI0N2NlMTg2NWEzNTNmNGNlZjViMmFjMjg4YTM5Njk4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmE/XgUlcs8/oXYsCQ9yYPq/iPPe0 /b90IIk/0+tqi4KlhKvgMdvTDE14cwHO95MZV8oe2sdw7Kht2tAykkh1d+c2Q+0T 2Q05r/Eu8agUnnMrWQpQ+ychMj905SskGlDZ3qRGKfOafcGz2/zpLUFftHQE/ktJ 1az5V1mwG+3ircPWkUOyAnn1rB1tCh9HMZUX+STPhStzmLyzfLbhS41WQs7CnZCr Cxm7CKq45hwC744OaEtgf1pVJdZYQfjswAq8bSpKq9qb57mg7DNiulHKdRltXuio eraf29xugoBcMQc3W9CrE+kQnA3vqXU/ADZq8UKAoZcNJDavhzzqHJQRTwIDAQAB o4ICsjCCAq4wHQYDVR0OBBYEFHK4hnUkfOGGWjU/TO9bKsKIo5aYMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M0LzE0ZGQ2 ZS02NzczLTQ3ZmYtOGUzYi0xMTM3MDczZmE4ZjYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQvMTRkZDZl LTY3NzMtNDdmZi04ZTNiLTExMzcwNzNmYThmNi8xL2NyaUdkU1I4NFlaYU5UOU03 MXNxd29pamxwZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUF BwEHAQH/BCIwIDAeBAIAATAYAwQCHyq8AwQDLq+QAwQCW9s8AwQCwj00MBoGCCsG AQUFBwEIAQH/BAswCaAHMAUCAwMWPjANBgkqhkiG9w0BAQsFAAOCAQEAU+XETdCn jnkx3PGPtEIoVP8f2+p1Q4hYKEg9/HWceABpZPGNsv0MYvxlFnUyZYci4cO1aN7a PEJGaaMlJMda8+zk4qcLfUadkYTLC4LaGt0B1JrR0e+BAWyUuRlp40QzybbjPLuv GFBXkYgjqmYZ+Eqjowq1TAzLh0mtiddsHxvCYxr2DYHC0RlVVCx9fGIbKX0I960M IvPdsEUMg7hwoXpifbS8kUEmIq/nuBGKkAQxOIwxYH45EHwwd7O+yQ9FrSAsfIVX lvUPZzrQ0VWaJ7BLcnRV2zPHUshQJ6xidqMUbb0n+zrTkkjZp2d10xBkttB2gSOh DRS7pyOpQULx0A== -----END CERTIFICATE-----Generated at Sun Jan 11 18:15:46 2026 by rpki-client