This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/oOOBtudsuVIOjY9Wd27KD-F2zEA.cer File: oOOBtudsuVIOjY9Wd27KD-F2zEA.cer (raw, json) Hash identifier: 6JQWUcaHcl5i+t1GMzZuMuCRa5EzqODKOvll42bRIAo= Subject key identifier: A0:E3:81:B6:E7:6C:B9:52:0E:8D:8F:56:77:6E:CA:0F:E1:76:CC:40 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B78A2F23A8640C13493C29CA2EE947978 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/oOOBtudsuVIOjY9Wd27KD-F2zEA.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 08:18:23 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 39650 AS: 204203 IP: 185.161.36.0/22 IP: 185.164.72.0/22 IP: 185.229.28.0/22 IP: 2a06:5a40::/29 IP: 2a0a:d400::/29 IP: 2a0d:6600::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:f2:3a:86:40:c1:34:93:c2:9c:a2:ee:94:79:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 08:18:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a0e381b6e76cb9520e8d8f56776eca0fe176cc40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:f0:5a:9f:aa:e9:be:e9:26:86:c3:1f:1b:a2: 03:a8:31:fb:42:36:ee:e4:fa:22:a2:0e:21:4b:0c: c5:08:f1:77:e4:15:89:fd:fb:39:af:2a:89:ce:dd: c0:e9:e8:4b:52:62:93:9d:2e:4e:54:54:6c:05:24: 18:af:00:50:d8:89:cf:48:d9:57:80:ce:14:3f:d8: d0:29:7d:b2:15:b1:af:f2:e7:d3:1d:fc:22:96:42: 2d:de:df:5a:2c:6c:fe:d8:98:42:0f:bb:c1:29:db: 84:e6:3c:39:fd:51:d6:41:b5:40:a2:f5:0a:6f:76: 37:37:1b:83:aa:84:35:2b:e8:a4:bb:0f:96:16:8f: f2:b4:7c:56:41:bb:1a:86:1b:32:ae:a6:d9:40:c5: 3c:b7:f5:b6:0a:cf:ed:52:74:10:10:84:84:93:7f: 51:b2:b0:f6:8a:5c:96:4c:fa:7e:e4:3b:1c:cc:6f: a6:e0:ca:66:7f:54:25:a7:23:36:88:d2:ba:5a:fc: c2:92:ad:04:0d:da:fc:5b:cf:dc:26:bf:0c:1d:7d: b2:31:aa:ee:6f:a4:fc:6e:22:d5:3e:f3:0d:9e:c2: 5e:bb:4c:01:d0:aa:16:6e:be:28:ad:b4:45:32:53: 4f:11:21:78:ad:28:32:6e:ca:dc:fd:db:4e:84:83: 79:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:E3:81:B6:E7:6C:B9:52:0E:8D:8F:56:77:6E:CA:0F:E1:76:CC:40 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/oOOBtudsuVIOjY9Wd27KD-F2zEA.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.161.36.0/22 185.164.72.0/22 185.229.28.0/22 IPv6: 2a06:5a40::/29 2a0a:d400::/29 2a0d:6600::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 39650 204203 Signature Algorithm: sha256WithRSAEncryption 3e:ab:d2:d5:e3:5f:a5:04:5c:1c:c8:50:24:84:fb:57:e0:7c: e3:0f:59:ea:98:bc:bf:5f:50:d9:e0:02:89:fd:d4:78:3c:aa: 41:3f:72:e0:3e:3d:98:51:9a:e0:a0:e7:7c:cd:df:ea:25:e5: 12:d2:7a:73:e3:15:25:c6:f0:f4:08:6e:a7:9d:cc:d9:6e:06: f1:71:a1:77:7b:82:b2:1a:7e:68:94:ca:ce:2f:fa:88:07:cf: fa:a9:f6:04:66:4f:82:d9:2e:c0:e0:bb:19:25:7f:ad:cd:f2: 36:c3:5b:2b:23:77:14:fa:9f:0a:03:00:4b:ab:c8:9c:49:84: 87:3e:94:99:5a:e7:43:ce:46:90:a1:b4:a0:2a:c5:06:b5:54: 83:c7:6b:ee:34:50:e9:54:c1:56:d6:47:67:fd:15:a0:9a:34: 3e:d3:d7:c3:66:c5:f5:db:23:cc:92:1a:8b:d4:80:dc:b0:0d: ad:51:a4:e9:bc:1a:eb:86:b6:27:ca:a9:67:56:16:3b:95:2f: ad:d5:85:75:04:06:52:a8:ab:34:f2:f2:22:c7:df:87:d7:90: a9:e6:70:47:77:05:fb:c6:c2:6f:52:3f:25:a3:b6:3f:d8:e3: 55:e3:83:a3:61:8a:7c:34:74:ad:d6:e4:4e:65:6f:dc:dc:cd: 83:b4:a6:ca -----BEGIN CERTIFICATE----- MIIFwjCCBKqgAwIBAgISAZt4ovI6hkDBNJPCnKLulHl4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDgxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMGUzODFiNmU3NmNiOTUyMGU4ZDhmNTY3NzZlY2EwZmUxNzZjYzQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvBan6rpvukmhsMfG6IDqDH7Qjbu 5Poiog4hSwzFCPF35BWJ/fs5ryqJzt3A6ehLUmKTnS5OVFRsBSQYrwBQ2InPSNlX gM4UP9jQKX2yFbGv8ufTHfwilkIt3t9aLGz+2JhCD7vBKduE5jw5/VHWQbVAovUK b3Y3NxuDqoQ1K+ikuw+WFo/ytHxWQbsahhsyrqbZQMU8t/W2Cs/tUnQQEISEk39R srD2ilyWTPp+5DsczG+m4Mpmf1QlpyM2iNK6WvzCkq0EDdr8W8/cJr8MHX2yMaru b6T8biLVPvMNnsJeu0wB0KoWbr4orbRFMlNPESF4rSgybsrc/dtOhIN5DQIDAQAB o4ICzjCCAsowHQYDVR0OBBYEFKDjgbbnbLlSDo2PVnduyg/hdsxAMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ5LzhlNmYw OC0zMGYwLTQ2ZGQtYTdhMS1hOWMzODQxMjhkNDIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkvOGU2ZjA4 LTMwZjAtNDZkZC1hN2ExLWE5YzM4NDEyOGQ0Mi8xL29PT0J0dWRzdVZJT2pZOVdk MjdLRC1GMnpFQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEgGCCsGAQUF BwEHAQH/BDkwNzAYBAIAATASAwQCuaEkAwQCuaRIAwQCueUcMBsEAgACMBUDBQMq BlpAAwUDKgrUAAMFAyoNZgAwHwYIKwYBBQUHAQgBAf8EEDAOoAwwCgIDAJriAgMD HaswDQYJKoZIhvcNAQELBQADggEBAD6r0tXjX6UEXBzIUCSE+1fgfOMPWeqYvL9f UNngAon91Hg8qkE/cuA+PZhRmuCg53zN3+ol5RLSenPjFSXG8PQIbqedzNluBvFx oXd7grIafmiUys4v+ogHz/qp9gRmT4LZLsDguxklf63N8jbDWysjdxT6nwoDAEur yJxJhIc+lJla50PORpChtKAqxQa1VIPHa+40UOlUwVbWR2f9FaCaND7T18NmxfXb I8ySGovUgNywDa1RpOm8GuuGtifKqWdWFjuVL63VhXUEBlKoqzTy8iLH34fXkKnm cEd3BfvGwm9SPyWjtj/Y41Xjg6Nhinw0dK3W5E5lb9zczYO0pso= -----END CERTIFICATE-----Generated at Tue Jan 27 01:06:18 2026 by rpki-client