This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/iMaZNJivBRiWLl9I1chG3BddGIQ.cer File: iMaZNJivBRiWLl9I1chG3BddGIQ.cer (raw, json) Hash identifier: WZ8ViaEQJI1mbg5SqUUdQt5oHd91vTHSUYjLkldaigE= Subject key identifier: 88:C6:99:34:98:AF:05:18:96:2E:5F:48:D5:C8:46:DC:17:5D:18:84 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B77C6A8D1BA61C67ED56DE2A35036CD48 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/3d/81b00a-f68d-44f4-8825-982736b45bdf/1/iMaZNJivBRiWLl9I1chG3BddGIQ.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/3d/81b00a-f68d-44f4-8825-982736b45bdf/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 04:17:46 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 207801 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:a8:d1:ba:61:c6:7e:d5:6d:e2:a3:50:36:cd:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 04:17:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=88c6993498af0518962e5f48d5c846dc175d1884 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:9e:e0:d6:b3:e0:09:62:f8:d6:bf:74:bb:ca: 7b:f0:55:7a:d2:c4:a7:e3:66:48:e3:11:fa:38:e6: 71:3d:5f:c7:9a:bd:b5:4b:c9:24:c4:47:eb:16:47: 82:a7:5c:7b:b0:78:f4:38:19:d8:01:f8:ae:47:17: ab:8a:7d:fd:3f:b2:92:b4:f0:73:4d:44:e2:dc:c6: bd:f4:79:a4:f1:72:62:f7:2b:b7:31:fc:10:fe:9d: e8:b2:88:ee:82:5e:84:e2:3e:e5:b4:a7:ed:e0:35: b0:43:d6:1b:07:fc:5f:4b:55:aa:ac:09:93:7c:ed: df:8f:74:51:0e:a5:2a:28:4c:b6:30:57:f4:04:88: c5:2e:ea:d1:ec:4c:9c:a0:a5:b7:5f:71:0b:42:94: 9c:4b:18:0e:ba:b5:2d:1f:33:5f:c7:9e:5b:44:33: 15:f4:ee:74:7a:fb:ba:20:c0:76:0a:25:bf:ba:c9: 95:21:0d:1a:84:0f:bd:e1:42:61:fd:10:ab:da:88: 68:8a:ab:13:15:81:54:40:1b:86:fa:28:ec:12:91: fd:25:5f:e4:9e:50:e0:de:39:d6:29:d9:72:0b:bd: b0:21:2c:ba:d0:31:56:20:ad:06:7e:ee:8b:bd:40: ee:de:09:b4:48:af:01:4c:9c:06:40:2b:a1:6d:dc: 90:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:C6:99:34:98:AF:05:18:96:2E:5F:48:D5:C8:46:DC:17:5D:18:84 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/81b00a-f68d-44f4-8825-982736b45bdf/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/81b00a-f68d-44f4-8825-982736b45bdf/1/iMaZNJivBRiWLl9I1chG3BddGIQ.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-autonomousSysNum: critical Autonomous System Numbers: 207801 Signature Algorithm: sha256WithRSAEncryption 6a:c1:9f:ca:eb:84:7c:74:fe:2b:1b:56:13:6f:9f:65:2f:5d: d5:3f:ad:b2:76:73:5d:78:1b:01:ca:2d:e3:e5:32:67:22:98: da:b4:e8:2d:49:6d:d6:f8:14:f7:04:03:74:98:47:3c:a1:fa: 4c:9b:20:16:65:aa:bd:5a:fc:8c:b3:e6:cd:75:99:57:ac:11: d8:8b:62:f1:ed:42:8f:61:92:4e:e8:be:29:61:65:3f:c3:c1: 72:bb:62:8e:1d:7e:08:2b:55:2e:b8:c8:86:cc:09:d2:c9:8f: dd:17:ad:36:56:20:a3:76:fb:1f:8e:63:47:a6:bc:d8:3c:65: 42:32:e5:0d:7d:cb:94:b8:de:56:4b:b8:b0:bd:68:cc:73:4a: eb:12:91:ad:d3:1b:0e:c2:b8:40:e0:ef:82:e3:0f:94:8d:c1: 8b:1d:a8:5a:c7:d9:d9:57:5f:aa:d4:80:e6:24:01:4c:0b:68: a7:ce:72:7c:ab:eb:81:63:76:e2:09:2c:44:d9:87:57:c9:8e: 84:7e:50:59:5e:75:86:7d:05:36:8d:86:6a:ef:14:f3:89:21: 95:4b:6d:1f:80:18:bf:57:10:7c:6d:9f:12:34:10:b0:9e:52: 35:01:f7:fb:d4:2e:21:1b:fb:b4:ca:bf:b9:ba:ee:2a:22:b9: 2d:b6:e6:b8 -----BEGIN CERTIFICATE----- MIIFczCCBFugAwIBAgISAZt3xqjRumHGftVt4qNQNs1IMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDQxNzQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4OGM2OTkzNDk4YWYwNTE4OTYyZTVmNDhkNWM4NDZkYzE3NWQxODg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy57g1rPgCWL41r90u8p78FV60sSn 42ZI4xH6OOZxPV/Hmr21S8kkxEfrFkeCp1x7sHj0OBnYAfiuRxerin39P7KStPBz TUTi3Ma99Hmk8XJi9yu3MfwQ/p3osojugl6E4j7ltKft4DWwQ9YbB/xfS1WqrAmT fO3fj3RRDqUqKEy2MFf0BIjFLurR7EycoKW3X3ELQpScSxgOurUtHzNfx55bRDMV 9O50evu6IMB2CiW/usmVIQ0ahA+94UJh/RCr2ohoiqsTFYFUQBuG+ijsEpH9JV/k nlDg3jnWKdlyC72wISy60DFWIK0Gfu6LvUDu3gm0SK8BTJwGQCuhbdyQowIDAQAB o4ICfzCCAnswHQYDVR0OBBYEFIjGmTSYrwUYli5fSNXIRtwXXRiEMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNkLzgxYjAw YS1mNjhkLTQ0ZjQtODgyNS05ODI3MzZiNDViZGYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2QvODFiMDBh LWY2OGQtNDRmNC04ODI1LTk4MjczNmI0NWJkZi8xL2lNYVpOSml2QlJpV0xsOUkx Y2hHM0JkZEdJUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwMruTANBgkqhkiG9w0BAQsFAAOCAQEAasGfyuuEfHT+ KxtWE2+fZS9d1T+tsnZzXXgbAcot4+UyZyKY2rToLUlt1vgU9wQDdJhHPKH6TJsg FmWqvVr8jLPmzXWZV6wR2Iti8e1Cj2GSTui+KWFlP8PBcrtijh1+CCtVLrjIhswJ 0smP3RetNlYgo3b7H45jR6a82DxlQjLlDX3LlLjeVku4sL1ozHNK6xKRrdMbDsK4 QODvguMPlI3Bix2oWsfZ2VdfqtSA5iQBTAtop85yfKvrgWN24gksRNmHV8mOhH5Q WV51hn0FNo2Gau8U84khlUttH4AYv1cQfG2fEjQQsJ5SNQH3+9QuIRv7tMq/ubru KiK5LbbmuA== -----END CERTIFICATE-----Generated at Mon Feb 9 15:11:43 2026 by rpki-client