This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.cer File: o1E9KI2r3n3uBpvbY2Vzzpw-y2A.cer (raw, json) Hash identifier: tDqjw4QpB0hLWFbQd7rfyVGkUl30c58sTJFyQr4tBBQ= Subject key identifier: A3:51:3D:28:8D:AB:DE:7D:EE:06:9B:DB:63:65:73:CE:9C:3E:CB:60 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7BA45F92F1D2DB7B9607F8D66064799C Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 22:18:48 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 206996 IP: 5.249.160.0/21 IP: 45.141.36.0/23 IP: 45.146.252.0/22 IP: 88.214.56.0/22 IP: 92.42.44.0/22 IP: 134.255.216.0/22 IP: 134.255.231.0 -- 134.255.234.255 IP: 147.189.168.0/21 IP: 185.223.28.0/22 IP: 185.239.236.0/22 IP: 185.249.196.0/22 IP: 193.23.126.0/23 IP: 193.23.160.0/23 IP: 193.34.69.0/24 IP: 193.203.238.0/24 IP: 194.156.88.0/22 IP: 2a0c:3580::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 31 Jan 2026 15:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a4:5f:92:f1:d2:db:7b:96:07:f8:d6:60:64:79:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 22:18:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a3513d288dabde7dee069bdb636573ce9c3ecb60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:d5:62:ed:af:c2:df:48:f9:52:21:48:56:e4: 0c:83:3a:5f:97:80:3c:d0:a2:e0:b5:79:f1:4e:cc: 16:94:bf:64:b4:e9:87:a0:59:8e:e4:ed:46:6d:eb: a8:5d:b0:05:04:19:16:d3:29:00:4e:44:8e:1b:21: 67:28:f1:f4:38:02:c9:24:c5:94:50:5e:c1:35:fc: 9c:d1:45:53:71:82:b7:8f:2e:f1:91:83:21:8b:c0: c8:bf:e6:7b:b3:bc:18:9e:3c:dc:89:d2:9d:73:af: 7f:34:8f:26:eb:5d:f1:3c:46:39:76:16:07:f1:92: 00:5e:a0:74:b1:7e:68:ed:1e:bd:58:0a:24:f3:b6: 1e:0e:5b:31:19:6d:3a:fd:6a:c6:6f:05:3e:52:84: e9:0a:81:39:ba:37:07:5d:20:ee:8c:ce:e2:57:b3: c6:f3:27:81:ba:d5:1b:c1:62:ce:75:8f:ef:cb:06: af:4c:32:bd:fd:8e:97:06:c0:ca:71:1d:d3:06:f7: a4:02:ff:04:a7:f3:01:82:6f:a8:8f:87:dc:83:72: c2:d5:df:a2:c4:80:34:dc:88:a4:77:0a:ce:d4:73: 0a:24:27:d0:0b:65:f2:94:e5:24:57:08:3e:0f:53: 00:e9:81:88:14:b7:48:a6:56:9c:94:ab:be:e5:a5: e3:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:51:3D:28:8D:AB:DE:7D:EE:06:9B:DB:63:65:73:CE:9C:3E:CB:60 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.249.160.0/21 45.141.36.0/23 45.146.252.0/22 88.214.56.0/22 92.42.44.0/22 134.255.216.0/22 134.255.231.0-134.255.234.255 147.189.168.0/21 185.223.28.0/22 185.239.236.0/22 185.249.196.0/22 193.23.126.0/23 193.23.160.0/23 193.34.69.0/24 193.203.238.0/24 194.156.88.0/22 IPv6: 2a0c:3580::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 206996 Signature Algorithm: sha256WithRSAEncryption 36:05:4d:d5:88:bd:1a:cd:47:eb:7c:3f:eb:46:b6:82:49:8b: 43:d4:31:83:76:83:4c:04:31:76:e5:53:9a:cb:1a:7b:e6:6d: 52:5c:c5:b3:58:3a:ea:42:ec:2c:43:3d:20:bb:7a:99:28:6d: f0:4d:df:5d:12:aa:7f:75:ed:98:fa:19:d5:92:5e:14:18:6c: a5:55:a9:23:ed:cf:9b:3f:de:3d:05:22:b7:9d:ba:f0:89:98: f2:fe:33:b9:6f:59:77:55:fc:6f:32:d9:14:23:fe:56:83:f6: 64:d2:c0:13:bc:a8:ef:b1:f1:bb:ef:6d:ee:26:1c:76:d2:40: ce:dc:e3:29:a9:93:fa:08:33:9a:a1:07:d1:02:fb:0c:7c:89: b6:50:4c:01:3a:1f:90:22:01:29:00:73:bc:d9:62:55:40:08: 7c:ae:44:93:b2:b8:9f:85:1e:71:0b:0b:4d:91:ab:1c:ad:11: 4d:0e:69:5f:fa:a6:95:f9:b0:1b:27:39:01:15:da:d2:81:13: 55:8c:e3:7e:b6:2a:87:dd:84:88:58:bd:b9:57:4d:de:bd:fa: aa:b9:41:f5:ad:90:c1:32:a7:c5:c7:89:fd:9f:f8:6b:e2:a5: 8b:00:89:af:df:0a:ae:3b:59:00:c3:22:15:52:f0:8c:6a:aa: 82:b8:da:f4 -----BEGIN CERTIFICATE----- MIIGBzCCBO+gAwIBAgISAZt7pF+S8dLbe5YH+NZgZHmcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjIxODQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMzUxM2QyODhkYWJkZTdkZWUwNjliZGI2MzY1NzNjZTljM2VjYjYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9Vi7a/C30j5UiFIVuQMgzpfl4A8 0KLgtXnxTswWlL9ktOmHoFmO5O1GbeuoXbAFBBkW0ykATkSOGyFnKPH0OALJJMWU UF7BNfyc0UVTcYK3jy7xkYMhi8DIv+Z7s7wYnjzcidKdc69/NI8m613xPEY5dhYH 8ZIAXqB0sX5o7R69WAok87YeDlsxGW06/WrGbwU+UoTpCoE5ujcHXSDujM7iV7PG 8yeButUbwWLOdY/vywavTDK9/Y6XBsDKcR3TBvekAv8Ep/MBgm+oj4fcg3LC1d+i xIA03IikdwrO1HMKJCfQC2XylOUkVwg+D1MA6YGIFLdIplaclKu+5aXjgQIDAQAB o4IDEzCCAw8wHQYDVR0OBBYEFKNRPSiNq9597gab22Nlc86cPstgMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2U5Lzc5MjEx My1lMTNjLTQzZWUtODRkNy1lMGQ3ZGQ1ZTJlNmYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkvNzkyMTEz LWUxM2MtNDNlZS04NGQ3LWUwZDdkZDVlMmU2Zi8xL28xRTlLSTJyM24zdUJwdmJZ MlZ6enB3LXkyQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGRBggrBgEF BQcBBwEB/wSBgTB/MG4EAgABMGgDBAMF+aADBAEtjSQDBAItkvwDBAJY1jgDBAJc KiwDBAKG/9gwDAMEAIb/5wMEAIb/6gMEA5O9qAMEArnfHAMEArnv7AMEArn5xAME AcEXfgMEAcEXoAMEAMEiRQMEAMHL7gMEAsKcWDANBAIAAjAHAwUDKgw1gDAaBggr BgEFBQcBCAEB/wQLMAmgBzAFAgMDKJQwDQYJKoZIhvcNAQELBQADggEBADYFTdWI vRrNR+t8P+tGtoJJi0PUMYN2g0wEMXblU5rLGnvmbVJcxbNYOupC7CxDPSC7epko bfBN310Sqn917Zj6GdWSXhQYbKVVqSPtz5s/3j0FIreduvCJmPL+M7lvWXdV/G8y 2RQj/laD9mTSwBO8qO+x8bvvbe4mHHbSQM7c4ympk/oIM5qhB9EC+wx8ibZQTAE6 H5AiASkAc7zZYlVACHyuRJOyuJ+FHnELC02RqxytEU0OaV/6ppX5sBsnOQEV2tKB E1WM4362KofdhIhYvblXTd69+qq5QfWtkMEyp8XHif2f+GvipYsAia/fCq47WQDD IhVS8IxqqoK42vQ= -----END CERTIFICATE-----Generated at Fri Jan 30 22:36:38 2026 by rpki-client