This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/n98bEcryuCRFMXghJa6TOudpn3Y.cer File: n98bEcryuCRFMXghJa6TOudpn3Y.cer (raw, json) Hash identifier: zerGiNWgi9tgDZhoUAclJUKQx1TsdLUfCaYuUoKWMPI= Subject key identifier: 9F:DF:1B:11:CA:F2:B8:24:45:31:78:21:25:AE:93:3A:E7:69:9F:76 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B797E1CDC2D1D1281F7DA1344F0E62F39 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9f/8abe54-3dc7-4617-9907-472f4dad7fde/1/n98bEcryuCRFMXghJa6TOudpn3Y.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9f/8abe54-3dc7-4617-9907-472f4dad7fde/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 12:17:46 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 206176 IP: 195.114.30.0/24 IP: 2a10:c900::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:1c:dc:2d:1d:12:81:f7:da:13:44:f0:e6:2f:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 12:17:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9fdf1b11caf2b8244531782125ae933ae7699f76 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:95:a1:46:ef:6f:d4:03:8c:64:15:b2:bb:64: 46:30:bb:11:8b:fa:26:17:ac:0c:76:d3:04:42:06: a3:44:9f:d2:4b:25:70:8c:3b:15:2e:39:b0:57:24: 70:db:1b:26:67:45:a0:8b:d6:61:3f:45:42:3c:5c: a7:b4:d9:06:c1:27:83:49:b7:47:7a:ff:95:3b:09: ea:2c:c2:f6:3d:e1:57:0e:47:ad:8a:3b:fa:7b:4e: 2f:ce:63:9a:7c:d1:0c:d2:44:f2:5a:53:7b:30:e2: 62:32:a2:be:03:9b:9d:41:3d:3b:c4:89:6b:b0:82: b8:11:a7:b6:55:7e:12:ae:75:fe:73:66:c5:4d:46: a5:86:58:23:2d:b0:22:3f:30:e0:df:e3:a3:f2:c6: 68:24:80:a1:1c:31:a3:4b:fa:e6:62:51:d8:28:27: 62:e8:c8:48:47:87:f0:a9:40:93:ec:fc:dd:04:8b: 55:2a:98:6f:84:37:c3:2a:32:06:9a:30:df:41:bd: 2e:d6:67:ea:e0:e2:5f:76:6d:e9:77:82:32:76:f1: 00:86:eb:9e:c8:c6:34:da:5d:da:79:ce:c4:0f:e4: 4d:04:33:a6:3d:29:97:a1:54:64:6c:24:b7:82:84: 1d:12:62:27:0e:ba:c7:25:3e:e6:3b:25:50:b3:25: 31:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:DF:1B:11:CA:F2:B8:24:45:31:78:21:25:AE:93:3A:E7:69:9F:76 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8abe54-3dc7-4617-9907-472f4dad7fde/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8abe54-3dc7-4617-9907-472f4dad7fde/1/n98bEcryuCRFMXghJa6TOudpn3Y.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.114.30.0/24 IPv6: 2a10:c900::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 206176 Signature Algorithm: sha256WithRSAEncryption 2a:6a:2a:1b:86:9f:b5:e5:06:8a:62:bf:93:cb:0e:ce:85:98: 09:35:6a:75:26:6d:0f:09:ff:f7:2d:a9:cd:b2:ba:7d:f9:a1: df:70:09:45:ce:1d:d7:cd:6b:ef:bb:e1:e4:ad:0e:09:2f:3a: 59:ee:9e:a0:e2:28:63:84:a3:de:fa:30:4b:7a:2f:f9:24:9c: 5e:c6:ec:d2:c0:5a:04:69:2d:2e:ff:d7:bc:07:a8:b3:4a:7a: 51:55:19:84:9d:92:99:c0:f3:6f:da:d5:69:ac:6c:1f:1a:47: 84:a8:fa:12:eb:ae:d2:42:84:19:50:83:b6:5c:f9:df:bc:19: bd:a3:95:48:e0:fc:1d:77:5f:64:6e:67:e6:40:94:ad:a2:0c: 71:1a:f7:71:5c:19:38:ce:0c:ba:66:e5:67:58:8f:5c:49:94: 6a:30:b6:83:73:6b:75:20:d7:e2:a0:93:9d:45:70:0e:a2:0a: 32:c0:51:80:4c:24:1e:75:88:91:c1:04:9e:90:43:71:e1:a4: b6:db:81:11:4b:d6:a5:9b:a0:9b:f6:fe:e4:20:c3:3d:42:81: 5f:86:11:43:5f:ee:45:25:7c:1a:28:6b:b1:b6:c4:fc:f0:2b: d6:9c:a2:6e:28:29:96:d7:5f:d8:73:2d:34:a0:2e:86:9b:b8: 80:76:1d:80 -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt5fhzcLR0SgffaE0Tw5i85MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTIxNzQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZmRmMWIxMWNhZjJiODI0NDUzMTc4MjEyNWFlOTMzYWU3Njk5Zjc2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5pWhRu9v1AOMZBWyu2RGMLsRi/om F6wMdtMEQgajRJ/SSyVwjDsVLjmwVyRw2xsmZ0Wgi9ZhP0VCPFyntNkGwSeDSbdH ev+VOwnqLML2PeFXDketijv6e04vzmOafNEM0kTyWlN7MOJiMqK+A5udQT07xIlr sIK4Eae2VX4SrnX+c2bFTUalhlgjLbAiPzDg3+Oj8sZoJIChHDGjS/rmYlHYKCdi 6MhIR4fwqUCT7PzdBItVKphvhDfDKjIGmjDfQb0u1mfq4OJfdm3pd4IydvEAhuue yMY02l3aec7ED+RNBDOmPSmXoVRkbCS3goQdEmInDrrHJT7mOyVQsyUxkQIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFJ/fGxHK8rgkRTF4ISWukzrnaZ92MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzlmLzhhYmU1 NC0zZGM3LTQ2MTctOTkwNy00NzJmNGRhZDdmZGUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYvOGFiZTU0 LTNkYzctNDYxNy05OTA3LTQ3MmY0ZGFkN2ZkZS8xL245OGJFY3J5dUNSRk1YZ2hK YTZUT3VkcG4zWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQAw3IeMA0EAgACMAcDBQMqEMkAMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwMlYDANBgkqhkiG9w0BAQsFAAOCAQEAKmoqG4afteUG imK/k8sOzoWYCTVqdSZtDwn/9y2pzbK6ffmh33AJRc4d181r77vh5K0OCS86We6e oOIoY4Sj3vowS3ov+SScXsbs0sBaBGktLv/XvAeos0p6UVUZhJ2SmcDzb9rVaaxs HxpHhKj6Euuu0kKEGVCDtlz537wZvaOVSOD8HXdfZG5n5kCUraIMcRr3cVwZOM4M umblZ1iPXEmUajC2g3NrdSDX4qCTnUVwDqIKMsBRgEwkHnWIkcEEnpBDceGkttuB EUvWpZugm/b+5CDDPUKBX4YRQ1/uRSV8GihrsbbE/PAr1pyibigpltdf2HMtNKAu hpu4gHYdgA== -----END CERTIFICATE-----Generated at Mon Jan 26 21:07:10 2026 by rpki-client