This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ixnz1__qlXJhUB6RZk_2gj7ZNq0.cer File: ixnz1__qlXJhUB6RZk_2gj7ZNq0.cer (raw, json) Hash identifier: bKpwsClqy/z7RH/+64nELAUumoivOS17K/X/hFbr+Q0= Subject key identifier: 8B:19:F3:D7:FF:EA:95:72:61:50:1E:91:66:4F:F6:82:3E:D9:36:AD Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7DCA6C091E207D554D41AF1048B07913 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f6/d1ade7-fbe2-4203-8551-b6542e6447a0/1/ixnz1__qlXJhUB6RZk_2gj7ZNq0.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f6/d1ade7-fbe2-4203-8551-b6542e6447a0/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 08:19:36 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 185.166.96.0/22 IP: 2a0a:de00::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:6c:09:1e:20:7d:55:4d:41:af:10:48:b0:79:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 08:19:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8b19f3d7ffea957261501e91664ff6823ed936ad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:6c:0d:43:5d:53:dd:a4:37:7e:31:04:c2:26: 43:e1:f4:2d:3f:a7:96:13:72:58:0c:f5:3c:70:b0: 39:32:21:09:f8:a1:ed:8a:3a:87:d7:ee:ee:b2:70: 67:55:55:c4:03:76:37:dd:62:d8:69:88:b1:e2:44: 28:a0:75:a2:3a:40:0e:90:c5:9d:43:b8:c1:96:5f: fc:8b:14:fa:11:0a:23:d9:59:7f:e6:32:e6:11:dc: 6b:1f:ee:44:72:af:e0:24:9f:f8:47:19:af:e0:5d: c1:84:0c:be:3c:36:73:62:09:e5:44:5e:f0:1d:4b: 28:59:f9:54:8d:4b:23:12:84:53:21:5e:45:7d:ed: 88:8e:c2:b8:a8:d3:f5:7b:4e:6d:90:f7:3b:a6:1d: 02:7c:4a:33:4c:f7:e1:42:4b:b7:08:51:a3:31:70: b8:60:d0:0c:c5:ae:fd:fc:6c:19:ce:01:8e:5d:41: 96:34:e9:23:4d:bb:2e:fb:39:12:3d:28:b2:4d:cc: 29:c6:ba:a4:44:58:70:85:e4:7e:c1:b0:5a:70:be: a4:9a:6e:bd:0f:c8:1f:78:8d:ab:9e:04:61:81:59: ae:3f:bd:55:1b:68:f1:9e:0f:67:48:fd:5b:b2:fd: 0b:9c:c8:bb:8d:de:7e:0e:87:30:86:5f:5f:61:2d: 25:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:19:F3:D7:FF:EA:95:72:61:50:1E:91:66:4F:F6:82:3E:D9:36:AD X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/d1ade7-fbe2-4203-8551-b6542e6447a0/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/d1ade7-fbe2-4203-8551-b6542e6447a0/1/ixnz1__qlXJhUB6RZk_2gj7ZNq0.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.166.96.0/22 IPv6: 2a0a:de00::/32 Signature Algorithm: sha256WithRSAEncryption ae:ff:a5:68:a3:7d:7d:1c:65:73:5f:6a:b6:5d:e5:af:8f:a3: 35:82:19:8e:ef:63:f5:cc:42:2e:c2:c7:65:a5:a1:3a:ba:dc: 50:bf:0f:22:b2:b7:0d:ce:a2:b2:27:1a:b1:2b:d0:d3:e7:e2: 9f:fb:77:27:76:87:d9:e7:73:41:63:b5:99:98:87:f2:01:b9: 6b:a8:09:32:5e:4c:f2:f2:06:d8:2f:56:19:30:ff:b8:40:36: 1a:83:68:d6:57:9f:65:b5:70:fd:a1:e7:e4:34:4f:39:c6:84: 1c:a5:d7:8d:ba:ab:a7:22:a3:ad:ac:b5:ae:16:80:71:c1:48: 9e:a8:37:be:b8:b2:8e:c9:0d:08:c0:dc:f9:2e:54:cd:7c:5d: 6c:7b:68:b5:4b:41:a9:38:21:9d:68:e3:b3:ab:da:f2:16:bf: 89:52:c9:49:70:87:0f:e0:df:19:5d:53:06:04:20:fd:06:80: a7:9e:b8:37:d8:17:5e:7e:c7:69:2d:99:41:d1:52:42:b6:e2: a4:00:16:2b:98:a6:8a:14:48:03:33:09:0f:db:53:7c:8c:53: dd:27:9c:7f:b1:a7:5b:06:dd:28:0a:f0:28:8b:c5:c3:f0:bb: 3c:57:73:e3:63:ee:6f:7e:b3:e7:58:b9:aa:0a:bf:f1:31:70: 84:2f:67:a0 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgISAZt9ymwJHiB9VU1BrxBIsHkTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDgxOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YjE5ZjNkN2ZmZWE5NTcyNjE1MDFlOTE2NjRmZjY4MjNlZDkzNmFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2wNQ11T3aQ3fjEEwiZD4fQtP6eW E3JYDPU8cLA5MiEJ+KHtijqH1+7usnBnVVXEA3Y33WLYaYix4kQooHWiOkAOkMWd Q7jBll/8ixT6EQoj2Vl/5jLmEdxrH+5Ecq/gJJ/4Rxmv4F3BhAy+PDZzYgnlRF7w HUsoWflUjUsjEoRTIV5Ffe2IjsK4qNP1e05tkPc7ph0CfEozTPfhQku3CFGjMXC4 YNAMxa79/GwZzgGOXUGWNOkjTbsu+zkSPSiyTcwpxrqkRFhwheR+wbBacL6kmm69 D8gfeI2rngRhgVmuP71VG2jxng9nSP1bsv0LnMi7jd5+Docwhl9fYS0llwIDAQAB o4ICkzCCAo8wHQYDVR0OBBYEFIsZ89f/6pVyYVAekWZP9oI+2TatMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y2L2QxYWRl Ny1mYmUyLTQyMDMtODU1MS1iNjU0MmU2NDQ3YTAvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvZDFhZGU3 LWZiZTItNDIwMy04NTUxLWI2NTQyZTY0NDdhMC8xL2l4bnoxX19xbFhKaFVCNlJa a18yZ2o3Wk5xMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCuaZgMA0EAgACMAcDBQAqCt4AMA0GCSqGSIb3 DQEBCwUAA4IBAQCu/6Voo319HGVzX2q2XeWvj6M1ghmO72P1zEIuwsdlpaE6utxQ vw8isrcNzqKyJxqxK9DT5+Kf+3cndofZ53NBY7WZmIfyAblrqAkyXkzy8gbYL1YZ MP+4QDYag2jWV59ltXD9oefkNE85xoQcpdeNuqunIqOtrLWuFoBxwUieqDe+uLKO yQ0IwNz5LlTNfF1se2i1S0GpOCGdaOOzq9ryFr+JUslJcIcP4N8ZXVMGBCD9BoCn nrg32BdefsdpLZlB0VJCtuKkABYrmKaKFEgDMwkP21N8jFPdJ5x/sadbBt0oCvAo i8XD8Ls8V3PjY+5vfrPnWLmqCr/xMXCEL2eg -----END CERTIFICATE-----Generated at Mon Jan 26 14:47:39 2026 by rpki-client