This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yaf_ASy3LqhNG4PAAsMgPMAk5qY.cer File: yaf_ASy3LqhNG4PAAsMgPMAk5qY.cer (raw, json) Hash identifier: WujUpPWZzjhIWDfVP+yr9xXi2mubTAV8JFYj68e/k18= Subject key identifier: C9:A7:FF:01:2C:B7:2E:A8:4D:1B:83:C0:02:C3:20:3C:C0:24:E6:A6 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7AC9137B74CA8AFB0D212E2833603D1D Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/4c/42fb3c-61a6-45ca-a47e-d2d1209c4825/1/yaf_ASy3LqhNG4PAAsMgPMAk5qY.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/4c/42fb3c-61a6-45ca-a47e-d2d1209c4825/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 18:19:16 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 193.28.11.0/24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 05 Feb 2026 18:00:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c9:13:7b:74:ca:8a:fb:0d:21:2e:28:33:60:3d:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 18:19:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c9a7ff012cb72ea84d1b83c002c3203cc024e6a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:48:0f:96:ca:8e:6e:28:82:50:30:b4:0c:1f: 28:bc:92:60:16:30:9b:a2:f9:13:de:04:6a:9a:a6: ef:85:b0:46:b8:d2:df:50:ad:c4:85:04:5e:35:e0: 3c:40:e9:b3:2a:98:a9:7f:11:3c:52:79:b2:8f:7f: 08:0f:2e:bc:5d:f5:16:8d:43:1e:18:56:8c:9d:06: 40:b8:38:6a:19:05:44:19:0e:13:85:32:4f:ac:1b: 1b:44:44:6a:b9:7c:2a:6e:7d:52:6a:84:eb:25:0b: 18:66:94:17:81:05:b3:3f:c3:ac:2b:8d:7f:05:89: 18:77:51:7a:85:a6:2b:a5:3f:ed:91:f3:73:2c:f9: b1:3a:14:a3:9c:79:22:a6:48:ca:06:65:9a:05:64: 07:54:b1:41:04:35:1f:50:c8:da:bf:60:d2:34:1e: e3:a1:e4:57:6f:b4:26:f7:67:7c:1a:0e:66:3f:dd: 06:46:48:6e:f7:ad:cc:96:4e:0f:02:d2:4c:23:0b: 25:bb:dc:c1:2f:66:3e:6f:27:fa:39:b4:88:45:30: 9a:e4:ba:ca:f5:a0:81:5b:3a:12:46:32:76:8a:24: ef:eb:c7:fa:0d:73:02:ab:4d:06:b7:b5:cc:0d:a0: d3:49:a4:3e:5a:42:bc:12:99:3f:46:62:b3:af:11: 35:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:A7:FF:01:2C:B7:2E:A8:4D:1B:83:C0:02:C3:20:3C:C0:24:E6:A6 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/42fb3c-61a6-45ca-a47e-d2d1209c4825/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/42fb3c-61a6-45ca-a47e-d2d1209c4825/1/yaf_ASy3LqhNG4PAAsMgPMAk5qY.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.28.11.0/24 Signature Algorithm: sha256WithRSAEncryption 6d:02:22:35:b7:03:d1:94:ea:55:0d:ef:60:98:d9:44:9f:bf: b1:ab:1c:9e:5e:0e:43:eb:cc:c0:ce:7e:bd:76:72:2c:39:42: 5e:6c:71:e3:08:ce:a7:aa:0b:4a:e7:20:93:e9:6c:79:38:c9: b1:2d:56:6c:83:54:ef:07:d0:c4:60:6b:02:5e:b1:37:9a:b4: cd:26:dd:05:fc:f1:29:8c:85:1d:fd:ff:b6:0d:6c:08:24:94: 8c:ff:ed:b5:3e:6a:16:62:56:2b:51:1d:37:32:2e:ed:f7:49: 75:e5:66:89:a3:7d:3c:96:ad:e7:83:ba:c8:89:80:74:cb:74: df:0f:3d:2c:2c:5b:6b:94:cb:e6:ef:0a:ed:1e:52:00:c9:f7: 89:c8:b5:59:2d:51:1f:c4:6f:7e:df:4a:d8:a3:56:42:fe:1b: d4:66:41:cb:2c:8c:2c:22:94:cf:de:b5:61:ed:1a:5e:f9:7f: ec:7d:34:e1:43:34:f7:95:53:4a:32:f0:38:09:56:11:d5:9a: 1e:52:c2:3e:76:40:6f:58:76:00:d3:25:ce:75:63:e1:d8:37: 02:ee:98:1d:90:16:b7:91:ba:e5:a5:64:53:17:2e:78:3d:2b: d1:9b:1e:79:dd:8a:a6:23:e5:8b:27:2a:77:20:15:f2:40:af: a3:b9:45:a0 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgISAZt6yRN7dMqK+w0hLigzYD0dMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTgxOTE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjOWE3ZmYwMTJjYjcyZWE4NGQxYjgzYzAwMmMzMjAzY2MwMjRlNmE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5kgPlsqObiiCUDC0DB8ovJJgFjCb ovkT3gRqmqbvhbBGuNLfUK3EhQReNeA8QOmzKpipfxE8Unmyj38IDy68XfUWjUMe GFaMnQZAuDhqGQVEGQ4ThTJPrBsbRERquXwqbn1SaoTrJQsYZpQXgQWzP8OsK41/ BYkYd1F6haYrpT/tkfNzLPmxOhSjnHkipkjKBmWaBWQHVLFBBDUfUMjav2DSNB7j oeRXb7Qm92d8Gg5mP90GRkhu963Mlk4PAtJMIwslu9zBL2Y+byf6ObSIRTCa5LrK 9aCBWzoSRjJ2iiTv68f6DXMCq00Gt7XMDaDTSaQ+WkK8Epk/RmKzrxE1gwIDAQAB o4IChDCCAoAwHQYDVR0OBBYEFMmn/wEsty6oTRuDwALDIDzAJOamMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRjLzQyZmIz Yy02MWE2LTQ1Y2EtYTQ3ZS1kMmQxMjA5YzQ4MjUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMvNDJmYjNj LTYxYTYtNDVjYS1hNDdlLWQyZDEyMDljNDgyNS8xL3lhZl9BU3kzTHFoTkc0UEFB c01nUE1BazVxWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQAwRwLMA0GCSqGSIb3DQEBCwUAA4IBAQBtAiI1 twPRlOpVDe9gmNlEn7+xqxyeXg5D68zAzn69dnIsOUJebHHjCM6nqgtK5yCT6Wx5 OMmxLVZsg1TvB9DEYGsCXrE3mrTNJt0F/PEpjIUd/f+2DWwIJJSM/+21PmoWYlYr UR03Mi7t90l15WaJo308lq3ng7rIiYB0y3TfDz0sLFtrlMvm7wrtHlIAyfeJyLVZ LVEfxG9+30rYo1ZC/hvUZkHLLIwsIpTP3rVh7Rpe+X/sfTThQzT3lVNKMvA4CVYR 1ZoeUsI+dkBvWHYA0yXOdWPh2DcC7pgdkBa3kbrlpWRTFy54PSvRmx553YqmI+WL Jyp3IBXyQK+juUWg -----END CERTIFICATE-----Generated at Thu Feb 5 03:04:28 2026 by rpki-client