This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer File: o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer (raw, json) Hash identifier: 6qJlTjsvcwMI/tfiGLwgGXqSelzGHzL3HPIdEt7KrSY= Subject key identifier: A3:A8:CA:F6:21:7C:EB:10:DD:8C:14:6F:96:B9:D7:73:ED:D8:88:64 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7C80DB165AAC58D8303F88138E9A4469 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 02:19:38 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 200990 IP: 185.81.228.0/22 IP: 2a03:6220::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:db:16:5a:ac:58:d8:30:3f:88:13:8e:9a:44:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 02:19:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a3a8caf6217ceb10dd8c146f96b9d773edd88864 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:aa:91:2b:20:55:d8:c4:92:b7:b8:9c:2b:88: 32:73:75:59:91:46:b4:02:cc:ac:e7:67:ed:98:cf: 30:c8:59:2d:53:f9:b0:2c:36:de:13:0c:c3:14:2e: 92:82:23:4b:42:8a:e3:27:61:de:22:ea:5f:5f:70: 52:2d:06:14:06:e3:de:8d:01:c7:84:8e:13:9e:40: 25:c1:82:83:ce:66:c2:3e:32:d6:ac:40:43:76:98: 3a:67:15:61:6d:01:f7:7b:dc:6d:3b:d0:32:22:b5: a0:08:40:8b:ba:73:6f:a5:09:04:6d:c6:0f:ee:9e: 95:4b:19:7a:05:e7:fd:4a:cf:6d:1b:67:c6:ae:65: 52:c5:ba:54:68:18:94:4e:c6:75:0d:5b:6f:38:99: 5c:d8:2d:ab:ba:da:5d:f0:19:58:80:01:99:e6:b6: d8:5a:9c:ec:27:b2:84:e2:22:bf:7d:67:4d:f4:fd: c8:b3:1e:7a:cb:ee:69:b2:6c:10:ab:e7:ff:2a:02: e1:17:a6:03:58:09:47:cf:de:e2:3f:45:b7:82:43: 04:6f:4c:e6:73:2a:06:4c:4f:ec:e8:02:a5:3f:97: 10:3d:fb:d7:2a:3e:57:da:8e:65:f8:2a:26:77:db: 3d:3c:04:79:30:95:3b:18:dc:74:98:d3:8f:c6:fa: fc:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:A8:CA:F6:21:7C:EB:10:DD:8C:14:6F:96:B9:D7:73:ED:D8:88:64 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.81.228.0/22 IPv6: 2a03:6220::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 200990 Signature Algorithm: sha256WithRSAEncryption ae:1d:3b:ea:67:9e:5c:03:64:df:03:dd:31:93:02:a0:38:74: dd:79:14:eb:2c:ac:20:41:0e:18:ba:ec:f3:d0:04:a9:46:96: 52:a0:5b:c9:ee:07:ca:0d:ca:12:81:96:92:96:b8:cd:19:83: 48:ab:39:8a:79:1d:d7:47:ba:52:39:f6:aa:e1:71:51:05:5e: b1:73:1b:12:e0:2b:c8:71:da:06:b3:1f:c7:f3:e6:b5:7e:1f: 37:38:8c:9a:f5:ff:c6:15:ef:b1:a7:4b:eb:ca:30:28:c3:6a: 36:3d:13:84:e6:66:65:20:46:9d:8f:b4:bd:62:1d:a4:aa:ac: 71:a5:72:e1:0e:2f:3b:f8:e0:07:34:49:f0:46:a1:93:f7:1a: 4d:eb:dd:ac:40:1f:db:f1:f0:11:83:d5:e3:fb:88:7e:17:d4: d8:2c:98:f2:eb:7a:46:db:1b:a2:5d:47:40:73:26:db:e4:2b: 67:2d:85:73:bd:44:d4:96:ad:d0:d3:61:ce:58:4e:3a:2a:30: 73:77:74:da:6c:92:26:47:a7:4d:2a:8b:e5:36:f3:55:f7:f9: 6e:b9:52:c6:32:83:a6:cb:00:6f:c0:1f:6e:7f:58:af:cb:0f: f3:31:67:2e:e3:08:3a:ea:6c:52:c0:8b:f1:b4:ca:9e:2f:a7: 89:ab:7e:94 -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt8gNsWWqxY2DA/iBOOmkRpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDIxOTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhM2E4Y2FmNjIxN2NlYjEwZGQ4YzE0NmY5NmI5ZDc3M2VkZDg4ODY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKqRKyBV2MSSt7icK4gyc3VZkUa0 Asys52ftmM8wyFktU/mwLDbeEwzDFC6SgiNLQorjJ2HeIupfX3BSLQYUBuPejQHH hI4TnkAlwYKDzmbCPjLWrEBDdpg6ZxVhbQH3e9xtO9AyIrWgCECLunNvpQkEbcYP 7p6VSxl6Bef9Ss9tG2fGrmVSxbpUaBiUTsZ1DVtvOJlc2C2rutpd8BlYgAGZ5rbY WpzsJ7KE4iK/fWdN9P3Isx56y+5psmwQq+f/KgLhF6YDWAlHz97iP0W3gkMEb0zm cyoGTE/s6AKlP5cQPfvXKj5X2o5l+Comd9s9PAR5MJU7GNx0mNOPxvr8MQIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFKOoyvYhfOsQ3YwUb5a513Pt2IhkMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NmLzVmZDAy My05MmVhLTRhNjMtYjdkMC1lNWNiYTIxMzczMDgvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2YvNWZkMDIz LTkyZWEtNGE2My1iN2QwLWU1Y2JhMjEzNzMwOC8xL282aks5aUY4NnhEZGpCUnZs cm5YYy0zWWlHUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCuVHkMA0EAgACMAcDBQAqA2IgMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwMRHjANBgkqhkiG9w0BAQsFAAOCAQEArh076meeXANk 3wPdMZMCoDh03XkU6yysIEEOGLrs89AEqUaWUqBbye4Hyg3KEoGWkpa4zRmDSKs5 inkd10e6Ujn2quFxUQVesXMbEuAryHHaBrMfx/PmtX4fNziMmvX/xhXvsadL68ow KMNqNj0ThOZmZSBGnY+0vWIdpKqscaVy4Q4vO/jgBzRJ8Eahk/caTevdrEAf2/Hw EYPV4/uIfhfU2CyY8ut6Rtsbol1HQHMm2+QrZy2Fc71E1Jat0NNhzlhOOiowc3d0 2mySJkenTSqL5TbzVff5brlSxjKDpssAb8Afbn9Yr8sP8zFnLuMIOupsUsCL8bTK ni+niat+lA== -----END CERTIFICATE-----Generated at Mon Feb 9 15:13:33 2026 by rpki-client