This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dOkZZagJ0axaoPDQVQassN2wKrg.cer File: dOkZZagJ0axaoPDQVQassN2wKrg.cer (raw, json) Hash identifier: YdOsYl1M+Ikz0L97MkPla9XS+ipmAJo99cfLrdLMiug= Subject key identifier: 74:E9:19:65:A8:09:D1:AC:5A:A0:F0:D0:55:06:AC:B0:DD:B0:2A:B8 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7D20BD2CA1E3C18A52E6E1B58516FE45 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rsync.paas.rpki.ripe.net/repository/22cf8ba7-cb02-418b-be04-4d9f3a07e950/0/74E91965A809D1AC5AA0F0D05506ACB0DDB02AB8.mft caRepository: rsync://rsync.paas.rpki.ripe.net/repository/22cf8ba7-cb02-418b-be04-4d9f3a07e950/0/ Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 05:14:16 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 214451 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:20:bd:2c:a1:e3:c1:8a:52:e6:e1:b5:85:16:fe:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 05:14:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=74e91965a809d1ac5aa0f0d05506acb0ddb02ab8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:a7:59:29:47:70:41:9c:3c:51:ea:c6:78:b3: f5:a0:d9:c0:d0:b9:e3:a2:02:f9:4c:7e:1f:0d:78: a3:4c:7a:d6:95:eb:a5:af:7e:34:c5:82:a1:eb:4f: e8:a3:63:9d:b6:e3:0a:95:75:f7:47:58:0e:77:b2: 2d:82:ae:b2:64:10:1a:e5:68:f0:e7:1b:6b:a5:e4: 44:b9:c6:53:e8:88:6d:46:19:66:a4:25:0d:76:c9: 5b:2c:04:a6:28:35:4b:7f:dc:d3:47:1c:8c:fa:76: c3:2c:74:d8:ea:c3:c0:09:dc:96:03:f0:e9:f0:45: 99:b4:8d:a6:43:0f:6f:90:54:9a:81:3e:c8:71:03: 1f:ef:55:09:2e:14:77:81:48:20:5f:39:13:10:ac: 73:e2:4a:61:40:94:8d:29:e6:92:f6:ec:16:53:76: 75:97:c4:b9:82:e7:a3:0a:a0:87:d2:9c:6b:ae:7e: 86:52:0f:c7:2e:1c:59:1e:49:91:9a:fe:ad:41:4a: 27:38:6a:21:4c:3d:fe:98:b7:80:02:89:c4:d3:c6: 64:27:32:0d:25:e6:59:6b:c2:d3:00:4d:ba:86:47: 26:7a:15:ac:1f:01:ac:d3:95:70:4d:49:88:48:a9: 62:14:59:ad:89:45:b2:6f:54:5c:0c:1e:86:3a:1a: 1a:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:E9:19:65:A8:09:D1:AC:5A:A0:F0:D0:55:06:AC:B0:DD:B0:2A:B8 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/22cf8ba7-cb02-418b-be04-4d9f3a07e950/0/ RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/22cf8ba7-cb02-418b-be04-4d9f3a07e950/0/74E91965A809D1AC5AA0F0D05506ACB0DDB02AB8.mft RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-autonomousSysNum: critical Autonomous System Numbers: 214451 Signature Algorithm: sha256WithRSAEncryption a2:62:22:d5:c9:56:f3:49:c8:0f:1e:28:b8:07:7d:cc:5b:9e: 09:2b:21:85:7d:11:60:76:e2:b7:6a:61:0c:bd:8f:f1:9c:3b: bd:8a:f8:9c:8a:83:0e:78:10:c3:ce:63:ae:aa:26:d2:58:ee: 4e:78:d8:2b:e0:c1:c1:30:68:71:ce:52:81:18:62:ad:51:51: 0c:f6:75:d2:8f:66:5d:8f:78:cf:a8:5e:f4:a8:63:15:01:80: a8:69:8b:ec:20:a3:f9:f3:d6:42:3e:79:83:db:53:f3:92:77: cd:10:fd:19:03:c3:d4:88:50:f4:f0:51:5e:5a:55:f9:5e:13: a9:1f:1d:45:ff:48:87:65:b2:a4:68:7b:75:b7:b0:ab:45:38: 92:a2:21:9b:09:c2:cf:68:29:5e:fa:be:a2:2b:30:87:a0:b0: be:cc:f3:13:f1:a3:67:ff:ca:ab:48:aa:f2:a3:28:ac:07:66: 3a:70:b9:70:43:bf:dd:83:40:63:f4:bb:b7:a9:fd:6f:ff:7d: e7:3a:a7:42:2b:ce:ba:65:26:56:12:98:39:72:38:a8:50:e1: ab:1d:6a:b9:90:02:0f:66:e0:cf:53:4f:0a:be:58:bb:47:93: be:4a:75:54:1f:f2:6d:86:6b:28:07:6d:49:bb:0d:89:7f:75: bd:75:0e:ca -----BEGIN CERTIFICATE----- MIIFjzCCBHegAwIBAgISAZt9IL0soePBilLm4bWFFv5FMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDUxNDE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NGU5MTk2NWE4MDlkMWFjNWFhMGYwZDA1NTA2YWNiMGRkYjAyYWI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1adZKUdwQZw8UerGeLP1oNnA0Lnj ogL5TH4fDXijTHrWleulr340xYKh60/oo2OdtuMKlXX3R1gOd7Itgq6yZBAa5Wjw 5xtrpeREucZT6IhtRhlmpCUNdslbLASmKDVLf9zTRxyM+nbDLHTY6sPACdyWA/Dp 8EWZtI2mQw9vkFSagT7IcQMf71UJLhR3gUggXzkTEKxz4kphQJSNKeaS9uwWU3Z1 l8S5guejCqCH0pxrrn6GUg/HLhxZHkmRmv6tQUonOGohTD3+mLeAAonE08ZkJzIN JeZZa8LTAE26hkcmehWsHwGs05VwTUmISKliFFmtiUWyb1RcDB6GOhoaewIDAQAB o4ICmzCCApcwHQYDVR0OBBYEFHTpGWWoCdGsWqDw0FUGrLDdsCq4MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzIyY2Y4 YmE3LWNiMDItNDE4Yi1iZTA0LTRkOWYzYTA3ZTk1MC8wLzCBiwYIKwYBBQUHMAqG f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJj ZjhiYTctY2IwMi00MThiLWJlMDQtNGQ5ZjNhMDdlOTUwLzAvNzRFOTE5NjVBODA5 RDFBQzVBQTBGMEQwNTUwNkFDQjBEREIwMkFCOC5tZnQwPAYIKwYBBQUHMA2GMGh0 dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g AQH/BA4wDDAKBggrBgEFBQcOAjAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDRbMw DQYJKoZIhvcNAQELBQADggEBAKJiItXJVvNJyA8eKLgHfcxbngkrIYV9EWB24rdq YQy9j/GcO72K+JyKgw54EMPOY66qJtJY7k542CvgwcEwaHHOUoEYYq1RUQz2ddKP Zl2PeM+oXvSoYxUBgKhpi+wgo/nz1kI+eYPbU/OSd80Q/RkDw9SIUPTwUV5aVfle E6kfHUX/SIdlsqRoe3W3sKtFOJKiIZsJws9oKV76vqIrMIegsL7M8xPxo2f/yqtI qvKjKKwHZjpwuXBDv92DQGP0u7ep/W//fec6p0IrzrplJlYSmDlyOKhQ4asdarmQ Ag9m4M9TTwq+WLtHk75KdVQf8m2GaygHbUm7DYl/db11Dso= -----END CERTIFICATE-----Generated at Mon Feb 9 18:28:16 2026 by rpki-client