This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/nKMZ6lHIADqtlKjifOaUkqouM6g.cer File: nKMZ6lHIADqtlKjifOaUkqouM6g.cer (raw, json) Hash identifier: OEP4i8zZgeLzrFktj02Sy6q703b9CaBL/HMe7Eyg79c= Subject key identifier: 9C:A3:19:EA:51:C8:00:3A:AD:94:A8:E2:7C:E6:94:92:AA:2E:33:A8 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7DCA37269888D0A4D89B37B42869D608 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c0/61494c-0744-4991-ab67-0ad3c7962c09/1/nKMZ6lHIADqtlKjifOaUkqouM6g.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c0/61494c-0744-4991-ab67-0ad3c7962c09/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 08:19:23 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 34578 IP: 159.144.0.0/16 IP: 192.112.254.0/24 IP: 2a00:9480::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:37:26:98:88:d0:a4:d8:9b:37:b4:28:69:d6:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 08:19:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9ca319ea51c8003aad94a8e27ce69492aa2e33a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:2d:e1:b9:99:a3:5f:54:fb:fa:22:a6:e9:03: bb:27:47:d6:58:66:3d:1d:39:df:87:51:4f:8e:73: f5:35:d1:c1:48:75:0c:a4:4e:15:e9:f7:cd:ef:67: e7:f1:27:80:a1:4a:3d:4d:61:45:53:4c:92:82:6e: ca:58:99:8d:8f:04:a3:3a:e0:4e:6f:e7:64:1e:8c: a5:ec:ca:53:52:31:d3:f0:d3:30:c6:84:52:83:50: 5f:e9:73:ab:e6:1c:ac:10:59:05:d6:02:0c:22:5c: c9:b6:ce:75:60:d4:03:12:4a:83:c2:6f:96:b2:a0: a2:73:ab:d2:0d:5f:47:e4:0d:b1:c2:c7:13:1e:f0: d0:b6:83:c9:57:e9:24:2e:f0:66:d2:9e:6e:56:2c: 6f:e3:d7:2e:99:41:cf:87:11:8b:fc:2b:44:f1:7f: f3:47:57:1d:d8:9e:55:70:72:cb:90:43:c9:f0:14: ab:7e:d2:dc:83:34:6e:c4:ef:79:62:09:29:28:be: 6c:6a:93:0b:41:49:eb:6b:28:74:dc:9b:3d:5a:79: 19:7c:89:64:71:6c:c0:59:2d:b9:b8:44:6c:c4:f6: ca:ee:32:35:3a:da:c5:ae:17:a5:bc:9c:10:62:f0: 4a:33:4e:ff:eb:88:32:85:53:c8:42:30:6d:77:28: bb:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:A3:19:EA:51:C8:00:3A:AD:94:A8:E2:7C:E6:94:92:AA:2E:33:A8 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/61494c-0744-4991-ab67-0ad3c7962c09/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/61494c-0744-4991-ab67-0ad3c7962c09/1/nKMZ6lHIADqtlKjifOaUkqouM6g.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.144.0.0/16 192.112.254.0/24 IPv6: 2a00:9480::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 34578 Signature Algorithm: sha256WithRSAEncryption 3c:77:fc:ce:07:b5:9f:20:75:30:d3:d5:9b:77:3e:3d:6c:e5: a1:01:09:2e:c5:64:9c:68:82:54:d1:11:42:ec:d1:90:68:d5: ab:4c:16:09:c1:4f:f7:a6:42:41:5e:87:07:05:89:cc:f2:96: 10:2e:b9:59:ca:73:6f:86:93:55:59:ce:8d:ed:1e:d3:1f:84: 75:7a:39:b1:e6:5d:e8:9d:c5:d7:7d:93:b8:f9:f1:88:55:09: fd:31:9f:85:43:9f:b0:df:d1:ee:c1:03:a8:2d:38:26:42:89: 2b:45:43:f9:32:88:41:e6:5e:fc:fb:13:89:6c:82:18:ea:88: fe:4f:2b:fd:7a:59:f2:d7:26:10:4a:96:e6:05:b6:33:bb:e1: c9:64:2f:a6:4a:f0:e7:ce:8e:12:7b:62:7b:2e:3f:57:39:42: b3:38:da:a2:e2:62:05:38:eb:7a:f8:24:b7:37:4e:9e:9c:d8: c5:26:ef:b6:37:34:e8:0c:89:bc:f8:f5:0c:99:b2:25:24:e3: a2:b2:87:8e:6b:5c:97:c3:7b:7b:b6:f4:e9:00:19:73:da:b0: 0c:b9:33:bd:93:74:74:8e:ca:1f:96:1c:fd:33:9c:97:e7:b1: f1:bc:2a:6f:02:d2:be:a6:34:9c:81:1a:20:6d:51:8b:f7:32: fc:d3:b3:41 -----BEGIN CERTIFICATE----- MIIFqDCCBJCgAwIBAgISAZt9yjcmmIjQpNibN7QoadYIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDgxOTIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5Y2EzMTllYTUxYzgwMDNhYWQ5NGE4ZTI3Y2U2OTQ5MmFhMmUzM2E4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAri3huZmjX1T7+iKm6QO7J0fWWGY9 HTnfh1FPjnP1NdHBSHUMpE4V6ffN72fn8SeAoUo9TWFFU0ySgm7KWJmNjwSjOuBO b+dkHoyl7MpTUjHT8NMwxoRSg1Bf6XOr5hysEFkF1gIMIlzJts51YNQDEkqDwm+W sqCic6vSDV9H5A2xwscTHvDQtoPJV+kkLvBm0p5uVixv49cumUHPhxGL/CtE8X/z R1cd2J5VcHLLkEPJ8BSrftLcgzRuxO95YgkpKL5sapMLQUnrayh03Js9WnkZfIlk cWzAWS25uERsxPbK7jI1OtrFrhelvJwQYvBKM07/64gyhVPIQjBtdyi7twIDAQAB o4ICtDCCArAwHQYDVR0OBBYEFJyjGepRyAA6rZSo4nzmlJKqLjOoMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MwLzYxNDk0 Yy0wNzQ0LTQ5OTEtYWI2Ny0wYWQzYzc5NjJjMDkvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAvNjE0OTRj LTA3NDQtNDk5MS1hYjY3LTBhZDNjNzk2MmMwOS8xL25LTVo2bEhJQURxdGxLamlm T2FVa3FvdU02Zy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDMGCCsGAQUF BwEHAQH/BCQwIjARBAIAATALAwMAn5ADBADAcP4wDQQCAAIwBwMFACoAlIAwGgYI KwYBBQUHAQgBAf8ECzAJoAcwBQIDAIcSMA0GCSqGSIb3DQEBCwUAA4IBAQA8d/zO B7WfIHUw09Wbdz49bOWhAQkuxWScaIJU0RFC7NGQaNWrTBYJwU/3pkJBXocHBYnM 8pYQLrlZynNvhpNVWc6N7R7TH4R1ejmx5l3oncXXfZO4+fGIVQn9MZ+FQ5+w39Hu wQOoLTgmQokrRUP5MohB5l78+xOJbIIY6oj+Tyv9elny1yYQSpbmBbYzu+HJZC+m SvDnzo4Se2J7Lj9XOUKzONqi4mIFOOt6+CS3N06enNjFJu+2NzToDIm8+PUMmbIl JOOisoeOa1yXw3t7tvTpABlz2rAMuTO9k3R0jsoflhz9M5yX57HxvCpvAtK+pjSc gRogbVGL9zL807NB -----END CERTIFICATE-----Generated at Mon Feb 9 15:13:45 2026 by rpki-client