This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/nfToC0ytTlC3iO3xaXZxLe7_bA0.cer File: nfToC0ytTlC3iO3xaXZxLe7_bA0.cer (raw, json) Hash identifier: Iacmy2dxl3HcYm3Mq6esoPvtmbk7SEmSpJPvJAJGA+Q= Subject key identifier: 9D:F4:E8:0B:4C:AD:4E:50:B7:88:ED:F1:69:76:71:2D:EE:FF:6C:0D Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7B35C86C9B77C236DE38E4F96B921A9D Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/50/34011d-01bf-48a1-a8c3-c9fc5f452995/1/nfToC0ytTlC3iO3xaXZxLe7_bA0.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/50/34011d-01bf-48a1-a8c3-c9fc5f452995/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 20:18:00 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 206321 IP: 2001:67c:2d2c::/48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:c8:6c:9b:77:c2:36:de:38:e4:f9:6b:92:1a:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 20:18:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9df4e80b4cad4e50b788edf16976712deeff6c0d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:16:a8:61:ad:04:32:6a:1c:63:e4:a1:96:cd: 91:0c:4c:b1:64:84:cd:26:1a:59:b4:de:45:1c:99: 3a:8c:1d:5d:5a:56:b3:b4:13:a9:06:91:c0:48:b0: 85:d2:86:f5:87:0a:14:5d:1f:74:c8:27:6d:3d:05: 29:d0:e1:48:0f:85:dd:50:3a:a7:7e:63:b6:06:a2: 2c:98:61:d6:95:2d:f7:d0:d3:84:1a:93:64:1f:16: c3:3e:46:d6:3b:97:32:87:ed:13:06:7f:53:98:f8: ac:9a:6b:9a:66:ab:f8:09:a3:40:f5:6b:82:77:d2: bb:45:69:1c:a4:1a:cf:5a:81:3c:9e:c1:fd:5d:14: a5:b9:81:3a:5a:30:2b:01:d3:f6:88:8d:09:bb:fe: d9:94:3d:5f:cd:e1:3f:82:93:e8:5b:66:72:ee:f9: 74:9a:a3:43:62:d3:b3:2d:de:69:bb:be:9b:25:05: c0:89:e8:9f:5b:21:db:7f:8a:94:ba:e4:e4:c3:1c: 40:d1:40:88:df:cc:b5:d8:72:6b:45:5e:e4:3b:5d: a2:39:cf:16:da:5c:97:9a:18:87:7e:4b:41:18:be: be:90:39:5c:43:91:d3:3b:18:c3:72:d9:5d:7a:e4: fa:76:f6:c2:ed:3c:d9:e0:b0:63:02:40:92:75:ac: ba:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:F4:E8:0B:4C:AD:4E:50:B7:88:ED:F1:69:76:71:2D:EE:FF:6C:0D X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/34011d-01bf-48a1-a8c3-c9fc5f452995/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/34011d-01bf-48a1-a8c3-c9fc5f452995/1/nfToC0ytTlC3iO3xaXZxLe7_bA0.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:2d2c::/48 sbgp-autonomousSysNum: critical Autonomous System Numbers: 206321 Signature Algorithm: sha256WithRSAEncryption 26:69:ae:dd:8f:a4:9a:ac:33:6c:ea:1b:20:a7:8d:2d:ec:59: a8:45:85:ef:5c:be:18:d6:a3:e5:19:68:df:34:38:e1:92:07: 37:94:23:83:06:d6:0c:c3:69:ea:77:cb:84:11:c8:bd:1c:21: 99:55:68:d3:ef:0d:02:63:11:3f:da:57:7c:be:38:3f:97:79: 4c:47:21:63:c8:12:ba:b1:c0:6c:fb:b2:40:40:19:36:bb:c7: f9:b6:27:37:3d:84:10:34:7c:7f:75:e7:85:be:71:3c:f7:32: 26:c2:f0:61:f5:4f:db:b4:f5:06:70:25:fa:cd:a2:c1:b0:4c: b2:7f:1b:35:b2:f7:cd:8c:02:b3:38:d2:f2:df:02:96:c2:2f: 2d:eb:19:f4:dc:74:db:ff:e5:2d:73:e3:92:7d:94:b9:eb:57: 20:21:80:9a:35:0f:1b:13:5d:75:82:4e:d5:5d:8c:dd:75:16: 20:e7:39:9b:71:e6:e0:09:8e:c7:41:79:29:d4:81:d6:cd:6b: 90:2f:84:33:0d:d1:8f:73:6e:08:f2:d2:29:f4:14:26:ba:33: 12:f3:70:ae:68:25:5d:89:49:74:ea:ef:30:a0:85:22:5b:85: 66:5b:b2:e2:86:b6:38:53:cd:72:b2:d7:04:94:c7:ad:0c:66: 3b:bf:9b:29 -----BEGIN CERTIFICATE----- MIIFlzCCBH+gAwIBAgISAZt7Nchsm3fCNt445PlrkhqdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjAxODAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZGY0ZTgwYjRjYWQ0ZTUwYjc4OGVkZjE2OTc2NzEyZGVlZmY2YzBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BaoYa0EMmocY+Shls2RDEyxZITN JhpZtN5FHJk6jB1dWlaztBOpBpHASLCF0ob1hwoUXR90yCdtPQUp0OFID4XdUDqn fmO2BqIsmGHWlS330NOEGpNkHxbDPkbWO5cyh+0TBn9TmPismmuaZqv4CaNA9WuC d9K7RWkcpBrPWoE8nsH9XRSluYE6WjArAdP2iI0Ju/7ZlD1fzeE/gpPoW2Zy7vl0 mqNDYtOzLd5pu76bJQXAieifWyHbf4qUuuTkwxxA0UCI38y12HJrRV7kO12iOc8W 2lyXmhiHfktBGL6+kDlcQ5HTOxjDctldeuT6dvbC7TzZ4LBjAkCSday6pwIDAQAB o4ICozCCAp8wHQYDVR0OBBYEFJ306AtMrU5Qt4jt8Wl2cS3u/2wNMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUwLzM0MDEx ZC0wMWJmLTQ4YTEtYThjMy1jOWZjNWY0NTI5OTUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAvMzQwMTFk LTAxYmYtNDhhMS1hOGMzLWM5ZmM1ZjQ1Mjk5NS8xL25mVG9DMHl0VGxDM2lPM3hh WFp4TGU3X2JBMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC0sMBoGCCsGAQUFBwEIAQH/BAswCaAH MAUCAwMl8TANBgkqhkiG9w0BAQsFAAOCAQEAJmmu3Y+kmqwzbOobIKeNLexZqEWF 71y+GNaj5Rlo3zQ44ZIHN5QjgwbWDMNp6nfLhBHIvRwhmVVo0+8NAmMRP9pXfL44 P5d5TEchY8gSurHAbPuyQEAZNrvH+bYnNz2EEDR8f3Xnhb5xPPcyJsLwYfVP27T1 BnAl+s2iwbBMsn8bNbL3zYwCszjS8t8ClsIvLesZ9Nx02//lLXPjkn2UuetXICGA mjUPGxNddYJO1V2M3XUWIOc5m3Hm4AmOx0F5KdSB1s1rkC+EMw3Rj3NuCPLSKfQU JrozEvNwrmglXYlJdOrvMKCFIluFZluy4oa2OFPNcrLXBJTHrQxmO7+bKQ== -----END CERTIFICATE-----Generated at Mon Feb 9 18:25:51 2026 by rpki-client