This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/y58ZzBrXh0Wl2rMdY0BX4pq_7Yw.cer File: y58ZzBrXh0Wl2rMdY0BX4pq_7Yw.cer (raw, json) Hash identifier: baZ5VAba0R2iPSBOg7EVtglmXjx3yWHZv/PA4A3EJvc= Subject key identifier: CB:9F:19:CC:1A:D7:87:45:A5:DA:B3:1D:63:40:57:E2:9A:BF:ED:8C Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7C12404972241E8DB3BCE037C486E099 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d7/af1d49-d0e4-4d68-8dee-dd69a4ee1350/1/y58ZzBrXh0Wl2rMdY0BX4pq_7Yw.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d7/af1d49-d0e4-4d68-8dee-dd69a4ee1350/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 00:18:49 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 207706 IP: 94.154.7.0/24 IP: 2a0f:ebc0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:40:49:72:24:1e:8d:b3:bc:e0:37:c4:86:e0:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 00:18:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cb9f19cc1ad78745a5dab31d634057e29abfed8c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:c0:b1:9b:97:d2:e9:68:d1:70:6f:f1:fb:4a: c7:dc:e0:09:5a:a4:94:4f:0d:de:91:3e:3e:58:7a: 24:fe:0c:f9:5f:6c:9c:db:1f:4f:dc:f2:09:a5:22: 71:b9:8d:38:dc:96:6b:18:55:a1:d3:c3:68:c6:f6: 08:07:5a:23:0e:d3:a1:02:60:77:e0:71:e8:2d:40: d6:fd:2d:36:10:36:a0:e7:38:1c:10:63:77:94:d0: e9:30:7a:9f:82:d5:5a:81:d3:6b:75:4e:c0:56:c5: ed:e0:a4:8e:ba:5c:44:39:1a:d9:cf:d3:a6:78:a5: d3:59:3d:cc:20:0d:69:22:82:1f:07:b2:17:b9:54: 14:7d:42:fe:05:b1:d3:6c:4b:7b:9a:79:29:09:80: d1:fc:09:e7:82:30:21:08:a0:14:5e:4a:84:f8:31: b5:8d:a4:5c:51:2a:b7:f9:66:89:06:fd:66:fc:eb: fb:30:b4:ba:c2:2c:89:83:21:56:d2:c9:fa:e2:15: aa:6e:e0:cd:79:5c:ae:a5:a0:a6:ba:01:79:5a:e1: b0:c9:56:45:05:18:cd:a6:35:76:ed:6d:38:66:a7: c6:87:0b:e7:fa:a6:a2:31:b0:0f:e8:0d:cc:04:81: 02:1f:85:44:d4:8c:c8:91:50:35:53:ee:9f:fb:6a: 40:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:9F:19:CC:1A:D7:87:45:A5:DA:B3:1D:63:40:57:E2:9A:BF:ED:8C X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/af1d49-d0e4-4d68-8dee-dd69a4ee1350/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/af1d49-d0e4-4d68-8dee-dd69a4ee1350/1/y58ZzBrXh0Wl2rMdY0BX4pq_7Yw.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 94.154.7.0/24 IPv6: 2a0f:ebc0::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 207706 Signature Algorithm: sha256WithRSAEncryption a8:0b:28:ed:94:4b:85:fe:a0:36:04:9c:9f:8a:fb:06:5a:05: 05:d5:19:0e:93:f7:e6:3c:9d:24:c5:33:03:21:63:98:c5:f4: ec:ff:5f:9f:a9:2c:72:69:9a:5f:a1:d8:94:b7:e1:d6:9d:dc: 48:94:a9:6d:57:6c:a5:52:f5:d0:73:ef:79:10:44:2b:b6:ba: 96:e0:84:14:a5:42:0d:c5:cf:ea:3f:17:95:81:e3:92:4b:ca: 8f:d3:ce:26:64:22:21:df:05:38:fb:13:9c:11:b0:e0:23:18: 68:2e:db:b9:66:07:b8:e6:e8:d4:ad:a6:e9:c5:a2:29:8d:03: 08:5b:5e:6b:55:4f:be:d1:c9:88:e0:ce:8c:b6:5d:f3:99:e2: 0b:89:38:26:da:33:78:50:7c:ed:47:17:11:9f:6f:7c:82:b3: 11:bd:e4:58:2f:c0:56:40:ee:fb:36:62:5c:c3:e9:3c:06:c6: 41:e4:c3:44:cc:ce:ae:a8:06:8a:97:36:98:fd:b8:3b:37:81: ca:6c:ba:8b:d3:fd:f5:3f:47:ac:5c:e2:9b:46:34:b4:92:91: d7:a8:31:a0:3c:af:c5:37:fc:63:3d:d9:51:85:55:70:43:d3: 7e:0b:89:47:b7:e3:12:4b:0e:67:ff:e5:68:63:94:e1:2f:49: d9:b6:31:2d -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt8EkBJciQejbO84DfEhuCZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDAxODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYjlmMTljYzFhZDc4NzQ1YTVkYWIzMWQ2MzQwNTdlMjlhYmZlZDhjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMCxm5fS6WjRcG/x+0rH3OAJWqSU Tw3ekT4+WHok/gz5X2yc2x9P3PIJpSJxuY043JZrGFWh08NoxvYIB1ojDtOhAmB3 4HHoLUDW/S02EDag5zgcEGN3lNDpMHqfgtVagdNrdU7AVsXt4KSOulxEORrZz9Om eKXTWT3MIA1pIoIfB7IXuVQUfUL+BbHTbEt7mnkpCYDR/AnngjAhCKAUXkqE+DG1 jaRcUSq3+WaJBv1m/Ov7MLS6wiyJgyFW0sn64hWqbuDNeVyupaCmugF5WuGwyVZF BRjNpjV27W04ZqfGhwvn+qaiMbAP6A3MBIECH4VE1IzIkVA1U+6f+2pAwQIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFMufGcwa14dFpdqzHWNAV+Kav+2MMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q3L2FmMWQ0 OS1kMGU0LTRkNjgtOGRlZS1kZDY5YTRlZTEzNTAvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcvYWYxZDQ5 LWQwZTQtNGQ2OC04ZGVlLWRkNjlhNGVlMTM1MC8xL3k1OFp6QnJYaDBXbDJyTWRZ MEJYNHBxXzdZdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQAXpoHMA0EAgACMAcDBQMqD+vAMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwMrWjANBgkqhkiG9w0BAQsFAAOCAQEAqAso7ZRLhf6g NgScn4r7BloFBdUZDpP35jydJMUzAyFjmMX07P9fn6kscmmaX6HYlLfh1p3cSJSp bVdspVL10HPveRBEK7a6luCEFKVCDcXP6j8XlYHjkkvKj9POJmQiId8FOPsTnBGw 4CMYaC7buWYHuObo1K2m6cWiKY0DCFtea1VPvtHJiODOjLZd85niC4k4JtozeFB8 7UcXEZ9vfIKzEb3kWC/AVkDu+zZiXMPpPAbGQeTDRMzOrqgGipc2mP24OzeBymy6 i9P99T9HrFzim0Y0tJKR16gxoDyvxTf8Yz3ZUYVVcEPTfguJR7fjEksOZ//laGOU 4S9J2bYxLQ== -----END CERTIFICATE-----Generated at Mon Feb 9 15:13:17 2026 by rpki-client