This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fG3HOVgVrwRQSPTOORDQQAj_Onw.cer File: fG3HOVgVrwRQSPTOORDQQAj_Onw.cer (raw, json) Hash identifier: EL5PICZdheiWLr4JhDZfqDMYZfrwszuqkOM43+bycs8= Subject key identifier: 7C:6D:C7:39:58:15:AF:04:50:48:F4:CE:39:10:D0:40:08:FF:3A:7C Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B783538211AB0B06EBEFFE0BC8828DFB2 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/64/54687f-efa5-4620-8619-3155ba8cb74f/1/fG3HOVgVrwRQSPTOORDQQAj_Onw.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/64/54687f-efa5-4620-8619-3155ba8cb74f/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 06:18:32 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 20718 IP: 62.151.160.0/21 IP: 62.151.176.0/21 IP: 82.223.0.0/16 IP: 93.93.112.0/21 IP: 94.143.136.0/21 IP: 185.132.44.0/22 IP: 217.76.128.0/19 IP: 2001:ba0::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:10:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:35:38:21:1a:b0:b0:6e:be:ff:e0:bc:88:28:df:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 06:18:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7c6dc7395815af045048f4ce3910d04008ff3a7c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:cb:9c:42:c1:e5:d9:64:70:ba:f1:20:01:1b: 3d:40:60:ae:af:bc:d5:e0:45:aa:84:80:5e:7a:34: be:68:cf:24:cb:29:b0:74:3a:b8:a2:d2:28:39:c0: 84:61:6a:58:cd:95:73:ce:9b:84:33:de:85:ff:04: 2f:c4:f7:f7:6d:76:92:87:14:d9:53:2d:3b:a7:0f: 70:4b:d5:e0:47:f0:3e:7a:39:6b:72:b2:d8:7b:41: d5:2b:be:f2:ee:94:9b:61:54:69:5a:b1:ed:f4:6f: d8:ac:c3:d7:43:1e:52:71:4b:d5:44:ab:72:6f:d8: 21:c2:81:e1:4f:af:e5:22:c3:6b:a7:3b:37:ad:d6: 3b:00:41:2b:bf:6a:ce:ec:55:72:b7:65:67:92:97: a7:a2:2b:6d:4b:7f:f8:f7:f5:1d:9d:1c:17:96:3b: 7b:bf:bc:0a:24:1c:bb:88:3f:8a:69:a6:c6:b3:23: 48:7f:ac:4b:fe:4d:57:42:a3:94:84:89:2c:c1:7a: a7:df:ce:21:a1:01:25:15:1d:0a:a9:e2:0e:1c:97: b8:2a:9c:92:4a:cf:29:83:d0:78:6b:0c:1a:b3:83: eb:a3:85:ce:e9:ca:15:5f:31:63:e8:b9:01:14:67: 87:5d:c0:7d:39:47:fa:53:92:ab:e5:27:b7:d0:89: 3f:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:6D:C7:39:58:15:AF:04:50:48:F4:CE:39:10:D0:40:08:FF:3A:7C X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/54687f-efa5-4620-8619-3155ba8cb74f/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/54687f-efa5-4620-8619-3155ba8cb74f/1/fG3HOVgVrwRQSPTOORDQQAj_Onw.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 62.151.160.0/21 62.151.176.0/21 82.223.0.0/16 93.93.112.0/21 94.143.136.0/21 185.132.44.0/22 217.76.128.0/19 IPv6: 2001:ba0::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 20718 Signature Algorithm: sha256WithRSAEncryption 6a:b1:28:dc:ed:88:5e:bd:7d:50:9b:8b:8b:4e:91:36:00:17: 9f:bc:ef:68:05:65:af:4e:7b:cf:42:8a:8c:1c:51:bc:1e:f3: 83:09:52:b6:d5:60:bf:cb:8d:47:90:df:c2:2f:48:9b:8a:7a: 1f:dc:72:95:68:52:76:15:9f:d6:1f:76:5f:82:01:24:74:37: 89:e6:a5:f4:6b:b3:8c:3d:e3:d4:3f:5f:85:4a:be:8c:63:7c: 4e:63:f2:96:71:8f:75:f3:52:97:5a:64:e5:89:1f:c1:21:c3: 52:a1:09:14:98:30:c5:43:40:5d:2f:17:b6:d9:d5:9f:f8:b4: 67:0f:06:f5:3b:ab:0a:e9:14:2d:8a:b0:d7:06:b5:b4:cd:b5: 68:d5:6f:6d:2b:e9:d3:9e:28:db:a6:e6:ce:7b:1f:b0:7f:64: 28:ac:51:6b:7d:f6:e1:5b:83:61:22:52:4d:5c:4b:11:9a:42: 5b:90:4c:74:5e:83:00:0e:50:58:b3:ad:9f:9f:4a:b4:73:d1: dd:84:de:54:c2:d2:ee:27:b6:32:d3:5b:de:27:0c:7e:82:c0: c3:8e:c9:22:07:88:67:07:69:6c:63:8d:e0:4e:d5:8b:8e:d6: dc:37:a2:00:24:f1:4d:82:57:c9:39:98:16:04:0f:65:4d:ed: 37:8c:71:f6 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgISAZt4NTghGrCwbr7/4LyIKN+yMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDYxODMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3YzZkYzczOTU4MTVhZjA0NTA0OGY0Y2UzOTEwZDA0MDA4ZmYzYTdjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA58ucQsHl2WRwuvEgARs9QGCur7zV 4EWqhIBeejS+aM8kyymwdDq4otIoOcCEYWpYzZVzzpuEM96F/wQvxPf3bXaShxTZ Uy07pw9wS9XgR/A+ejlrcrLYe0HVK77y7pSbYVRpWrHt9G/YrMPXQx5ScUvVRKty b9ghwoHhT6/lIsNrpzs3rdY7AEErv2rO7FVyt2VnkpenoittS3/49/UdnRwXljt7 v7wKJBy7iD+KaabGsyNIf6xL/k1XQqOUhIkswXqn384hoQElFR0KqeIOHJe4KpyS Ss8pg9B4awwas4Pro4XO6coVXzFj6LkBFGeHXcB9OUf6U5Kr5Se30Ik/ZwIDAQAB o4IC0TCCAs0wHQYDVR0OBBYEFHxtxzlYFa8EUEj0zjkQ0EAI/zp8MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY0LzU0Njg3 Zi1lZmE1LTQ2MjAtODYxOS0zMTU1YmE4Y2I3NGYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQvNTQ2ODdm LWVmYTUtNDYyMC04NjE5LTMxNTViYThjYjc0Zi8xL2ZHM0hPVmdWcndSUVNQVE9P UkRRUUFqX09udy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFEGCCsGAQUF BwEHAQH/BEIwQDAvBAIAATApAwQDPpegAwQDPpewAwMAUt8DBANdXXADBANej4gD BAK5hCwDBAXZTIAwDQQCAAIwBwMFACABC6AwGQYIKwYBBQUHAQgBAf8ECjAIoAYw BAICUO4wDQYJKoZIhvcNAQELBQADggEBAGqxKNztiF69fVCbi4tOkTYAF5+872gF Za9Oe89CiowcUbwe84MJUrbVYL/LjUeQ38IvSJuKeh/ccpVoUnYVn9Yfdl+CASR0 N4nmpfRrs4w949Q/X4VKvoxjfE5j8pZxj3XzUpdaZOWJH8Ehw1KhCRSYMMVDQF0v F7bZ1Z/4tGcPBvU7qwrpFC2KsNcGtbTNtWjVb20r6dOeKNum5s57H7B/ZCisUWt9 9uFbg2EiUk1cSxGaQluQTHRegwAOUFizrZ+fSrRz0d2E3lTC0u4ntjLTW94nDH6C wMOOySIHiGcHaWxjjeBO1YuO1tw3ogAk8U2CV8k5mBYED2VN7TeMcfY= -----END CERTIFICATE-----Generated at Mon Feb 9 16:49:35 2026 by rpki-client