This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/jlZhaX2pC1gAvEKt-bRZUyGXVdA.cer File: jlZhaX2pC1gAvEKt-bRZUyGXVdA.cer (raw, json) Hash identifier: Z+C1zHIxDXP8tiewubgabGhADknS1Cct2eHPmdGMbg4= Subject key identifier: 8E:56:61:69:7D:A9:0B:58:00:BC:42:AD:F9:B4:59:53:21:97:55:D0 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7AC77E0F67D63AE38373295F3A90C2B7 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/97/8cf47b-7971-4257-a342-a1c9d3e5fbba/1/jlZhaX2pC1gAvEKt-bRZUyGXVdA.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/97/8cf47b-7971-4257-a342-a1c9d3e5fbba/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 18:17:32 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 210640 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:7e:0f:67:d6:3a:e3:83:73:29:5f:3a:90:c2:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 18:17:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8e5661697da90b5800bc42adf9b45953219755d0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:e3:d4:d7:db:09:9f:a5:c9:6d:2e:2f:e3:28: 37:94:0b:e0:e9:c2:5f:c1:2a:53:57:72:b0:f6:f9: 79:b6:de:b7:c2:fd:d3:d6:c2:6b:5a:9b:13:45:9d: dc:08:77:b5:4d:83:eb:f7:b7:78:72:e4:d9:14:25: 9a:2c:34:60:e3:ff:69:0d:b1:5a:ba:c0:96:99:4d: c3:ae:50:ea:ad:70:a4:6f:0b:47:af:67:0c:b1:b9: 0d:17:a9:ba:35:68:c3:38:cc:24:cb:8e:ec:9e:88: de:4e:0b:77:33:d0:09:2e:a6:11:ac:1a:20:1d:64: 62:8c:ad:e6:97:b1:66:52:ba:72:46:41:0e:fe:f6: 59:db:20:7b:92:53:de:fe:78:47:6b:c2:13:0e:d7: 2d:4b:75:14:77:08:54:81:2f:f5:bc:24:19:d7:5d: cf:95:27:a0:30:56:4d:d0:4c:0f:b0:fb:8a:d8:a2: 39:4d:be:a3:73:de:10:26:9e:12:57:be:44:8d:8a: f2:a1:2f:18:c4:1e:95:ff:da:fe:da:31:05:d3:b3: 31:d2:3e:ca:e0:aa:a4:d8:04:58:d1:d9:6e:44:b2: d7:97:e6:e0:13:13:e4:28:63:0e:bf:f7:50:ff:9c: 10:50:8b:c3:4f:8d:aa:8b:88:0e:a1:7d:12:2e:d8: 4d:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:56:61:69:7D:A9:0B:58:00:BC:42:AD:F9:B4:59:53:21:97:55:D0 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/8cf47b-7971-4257-a342-a1c9d3e5fbba/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/8cf47b-7971-4257-a342-a1c9d3e5fbba/1/jlZhaX2pC1gAvEKt-bRZUyGXVdA.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-autonomousSysNum: critical Autonomous System Numbers: 210640 Signature Algorithm: sha256WithRSAEncryption 25:b3:a9:88:c7:e0:76:85:e3:f0:b1:47:9d:4b:0c:e9:5a:6c: b1:d4:8e:5c:c6:49:45:62:8d:67:99:6b:5e:b1:2f:97:08:d9: d8:18:28:d7:cd:3f:2a:09:d5:59:74:56:49:cb:52:ea:01:1e: f0:6c:f4:01:3d:61:8b:3f:97:e7:2d:c5:c7:5a:01:08:e2:35: 16:3a:3e:b9:20:63:9b:58:c3:0d:5b:ef:32:6a:5f:40:f2:88: 0c:31:57:af:d5:5e:c9:34:e9:54:09:6f:72:4c:8f:5b:af:14: 38:86:bf:bf:19:a3:83:90:c0:a4:89:1c:5a:f6:b0:28:cc:01: 6f:96:12:83:98:de:d5:ee:5a:63:70:c8:b0:7e:35:19:eb:2d: 41:6f:4b:c9:f6:31:6e:89:21:2e:63:4f:96:7f:48:b0:d7:bb: aa:1a:b0:f4:18:e4:16:1a:3b:c9:98:7b:5c:9b:5e:42:c8:cf: c2:24:5a:95:e3:27:38:33:62:46:24:b1:e7:cf:da:bf:29:ba: d2:6c:fe:5c:fb:f4:38:57:9f:52:0b:fd:b9:b8:11:fa:d1:35: 62:86:08:1a:3b:7b:ea:b4:4a:26:bd:18:c4:85:cf:55:a9:f3: 11:54:56:cb:4f:8d:06:a0:61:52:6d:b8:52:5e:f0:c5:da:3a: a3:0e:ce:3b -----BEGIN CERTIFICATE----- MIIFczCCBFugAwIBAgISAZt6x34PZ9Y644NzKV86kMK3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTgxNzMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ZTU2NjE2OTdkYTkwYjU4MDBiYzQyYWRmOWI0NTk1MzIxOTc1NWQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ePU19sJn6XJbS4v4yg3lAvg6cJf wSpTV3Kw9vl5tt63wv3T1sJrWpsTRZ3cCHe1TYPr97d4cuTZFCWaLDRg4/9pDbFa usCWmU3DrlDqrXCkbwtHr2cMsbkNF6m6NWjDOMwky47snojeTgt3M9AJLqYRrBog HWRijK3ml7FmUrpyRkEO/vZZ2yB7klPe/nhHa8ITDtctS3UUdwhUgS/1vCQZ113P lSegMFZN0EwPsPuK2KI5Tb6jc94QJp4SV75EjYryoS8YxB6V/9r+2jEF07Mx0j7K 4Kqk2ARY0dluRLLXl+bgExPkKGMOv/dQ/5wQUIvDT42qi4gOoX0SLthNUQIDAQAB o4ICfzCCAnswHQYDVR0OBBYEFI5WYWl9qQtYALxCrfm0WVMhl1XQMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk3LzhjZjQ3 Yi03OTcxLTQyNTctYTM0Mi1hMWM5ZDNlNWZiYmEvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTcvOGNmNDdi LTc5NzEtNDI1Ny1hMzQyLWExYzlkM2U1ZmJiYS8xL2psWmhhWDJwQzFnQXZFS3Qt YlJaVXlHWFZkQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwM20DANBgkqhkiG9w0BAQsFAAOCAQEAJbOpiMfgdoXj 8LFHnUsM6VpssdSOXMZJRWKNZ5lrXrEvlwjZ2Bgo180/KgnVWXRWSctS6gEe8Gz0 AT1hiz+X5y3Fx1oBCOI1Fjo+uSBjm1jDDVvvMmpfQPKIDDFXr9VeyTTpVAlvckyP W68UOIa/vxmjg5DApIkcWvawKMwBb5YSg5je1e5aY3DIsH41GestQW9LyfYxbokh LmNPln9IsNe7qhqw9BjkFho7yZh7XJteQsjPwiRaleMnODNiRiSx58/avym60mz+ XPv0OFefUgv9ubgR+tE1YoYIGjt76rRKJr0YxIXPVanzEVRWy0+NBqBhUm24Ul7w xdo6ow7OOw== -----END CERTIFICATE-----Generated at Mon Feb 9 15:10:52 2026 by rpki-client