This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dMf46RuB_mSHMHxSJusET5I5bOo.cer File: dMf46RuB_mSHMHxSJusET5I5bOo.cer (raw, json) Hash identifier: yMSLZLb9sbfotwHGXQdQ4mVjS83hfAt+/9pq+wkkTF0= Subject key identifier: 74:C7:F8:E9:1B:81:FE:64:87:30:7C:52:26:EB:04:4F:92:39:6C:EA Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7D5B3FCD521265127CC0302ACC77341F Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f6/a9c6ac-f9a2-4462-8aaa-8b64f7c3a76e/1/dMf46RuB_mSHMHxSJusET5I5bOo.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f6/a9c6ac-f9a2-4462-8aaa-8b64f7c3a76e/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 06:18:10 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 193.176.136.0/21 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:3f:cd:52:12:65:12:7c:c0:30:2a:cc:77:34:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 06:18:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=74c7f8e91b81fe6487307c5226eb044f92396cea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:d4:a7:dd:51:d8:25:aa:1d:b3:05:33:c7:4c: 64:d1:f3:ae:7e:9d:36:d3:c4:d8:96:0e:9d:3b:ee: 36:f4:4e:d9:72:2c:eb:cc:33:17:f3:9b:dd:82:dc: cc:ed:15:f2:c7:b1:48:f5:01:5a:af:9a:41:20:6f: 83:5d:80:49:46:e9:f7:f8:d7:d3:99:a6:9c:ec:7c: 54:e6:76:d5:18:97:2d:c6:6d:d2:09:c3:c4:69:0f: aa:95:90:4b:8c:a4:e8:f5:76:49:ac:85:42:58:ed: ad:4c:04:e1:b6:3c:0b:7d:f6:ff:26:dc:15:ff:1d: 82:40:10:6b:09:a8:e2:49:42:7a:f4:6d:c6:9f:ab: 75:04:7e:c2:f8:31:d2:0d:07:ca:cd:89:57:22:4e: d9:00:4b:d9:7f:4e:3f:36:5a:c7:47:1b:56:78:76: 18:14:06:f9:f8:eb:3f:a7:a0:5a:5f:d7:55:c7:13: 09:b2:0b:95:e7:3a:b1:c4:e7:d3:73:14:9b:d6:0f: 35:d9:cc:47:1b:1f:54:d9:05:10:f5:70:6c:4d:9b: 49:c6:61:3b:21:46:67:d4:ae:1f:62:bd:76:5a:2a: c7:cd:32:a6:ab:71:a4:3a:fe:8c:91:1f:d7:38:a4: e4:4d:de:fa:21:95:dd:dd:d6:a2:24:52:f9:7b:2f: ae:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:C7:F8:E9:1B:81:FE:64:87:30:7C:52:26:EB:04:4F:92:39:6C:EA X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a9c6ac-f9a2-4462-8aaa-8b64f7c3a76e/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a9c6ac-f9a2-4462-8aaa-8b64f7c3a76e/1/dMf46RuB_mSHMHxSJusET5I5bOo.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.176.136.0/21 Signature Algorithm: sha256WithRSAEncryption 93:77:ae:f0:78:2f:7f:c9:7a:ea:b6:4f:86:3b:7e:db:e5:10: 2e:a5:8e:63:a5:08:b1:d9:09:17:82:a1:d1:67:4c:c1:79:35: 7c:88:3e:06:a7:d1:fa:c8:89:56:de:38:e3:07:c0:ea:6f:be: af:33:f2:d0:13:4e:37:0c:c2:b1:c6:3c:9d:a2:a2:96:26:a6: f4:12:4f:95:f1:07:5c:ba:60:fa:68:fd:15:45:84:c4:7b:4f: be:5c:d5:9d:95:f7:e2:65:b6:26:90:ca:b9:30:d5:dd:98:7b: d0:cc:c0:f8:bc:27:2f:f8:ba:44:6a:b5:3f:58:8a:15:c7:eb: 69:7d:5f:89:5f:4b:34:97:5b:9c:f2:06:53:30:21:f5:0d:7b: 61:d3:09:7d:94:36:9b:9d:2e:17:e9:a9:9b:78:b3:1b:41:31: 5d:c8:9b:47:da:62:eb:3a:8a:d8:ff:63:d0:b0:55:44:0c:61: ae:ef:36:ef:9c:72:b5:15:6b:86:4f:04:25:4c:5f:4f:c0:7b: a1:ed:ee:13:e3:73:9e:17:72:65:b6:67:8b:54:cf:fa:fd:4f: 99:7b:2a:42:52:3e:a0:a6:e7:6a:8b:ab:bb:47:96:d3:d5:aa: 13:9b:a0:ba:db:5e:0e:cd:44:44:74:4a:6a:dc:3d:79:36:84: e7:03:de:be -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgISAZt9Wz/NUhJlEnzAMCrMdzQfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDYxODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NGM3ZjhlOTFiODFmZTY0ODczMDdjNTIyNmViMDQ0ZjkyMzk2Y2VhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9Sn3VHYJaodswUzx0xk0fOufp02 08TYlg6dO+429E7ZcizrzDMX85vdgtzM7RXyx7FI9QFar5pBIG+DXYBJRun3+NfT maac7HxU5nbVGJctxm3SCcPEaQ+qlZBLjKTo9XZJrIVCWO2tTAThtjwLffb/JtwV /x2CQBBrCajiSUJ69G3Gn6t1BH7C+DHSDQfKzYlXIk7ZAEvZf04/NlrHRxtWeHYY FAb5+Os/p6BaX9dVxxMJsguV5zqxxOfTcxSb1g812cxHGx9U2QUQ9XBsTZtJxmE7 IUZn1K4fYr12WirHzTKmq3GkOv6MkR/XOKTkTd76IZXd3daiJFL5ey+uTQIDAQAB o4IChDCCAoAwHQYDVR0OBBYEFHTH+Okbgf5khzB8UibrBE+SOWzqMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y2L2E5YzZh Yy1mOWEyLTQ0NjItOGFhYS04YjY0ZjdjM2E3NmUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvYTljNmFj LWY5YTItNDQ2Mi04YWFhLThiNjRmN2MzYTc2ZS8xL2RNZjQ2UnVCX21TSE1IeFNK dXNFVDVJNWJPby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQDwbCIMA0GCSqGSIb3DQEBCwUAA4IBAQCTd67w eC9/yXrqtk+GO37b5RAupY5jpQix2QkXgqHRZ0zBeTV8iD4Gp9H6yIlW3jjjB8Dq b76vM/LQE043DMKxxjydoqKWJqb0Ek+V8QdcumD6aP0VRYTEe0++XNWdlffiZbYm kMq5MNXdmHvQzMD4vCcv+LpEarU/WIoVx+tpfV+JX0s0l1uc8gZTMCH1DXth0wl9 lDabnS4X6ambeLMbQTFdyJtH2mLrOorY/2PQsFVEDGGu7zbvnHK1FWuGTwQlTF9P wHuh7e4T43OeF3JltmeLVM/6/U+ZeypCUj6gpudqi6u7R5bT1aoTm6C6214OzURE dEpq3D15NoTnA96+ -----END CERTIFICATE-----Generated at Tue Jan 27 00:28:22 2026 by rpki-client