This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ziLdGXJbalnnnw_zl4mlZY5KX90.cer File: ziLdGXJbalnnnw_zl4mlZY5KX90.cer (raw, json) Hash identifier: DB7YQaOVt4iJCqVbL2lts5zfVNeKiFLcRbeGuhxJhuU= Subject key identifier: CE:22:DD:19:72:5B:6A:59:E7:9F:0F:F3:97:89:A5:65:8E:4A:5F:DD Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7CEDD8B84775D24E696D6EE4163621ED Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6c/c75f12-97a4-4d9e-9978-b1822755f712/1/ziLdGXJbalnnnw_zl4mlZY5KX90.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6c/c75f12-97a4-4d9e-9978-b1822755f712/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 04:18:40 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 56395 IP: 185.215.120.0/22 IP: 2a0b:a940::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:d8:b8:47:75:d2:4e:69:6d:6e:e4:16:36:21:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 04:18:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ce22dd19725b6a59e79f0ff39789a5658e4a5fdd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:95:88:93:27:68:dd:25:7d:b2:eb:8c:03:ae: 2c:ac:cc:72:c5:a5:c8:b1:60:b8:2e:68:31:30:0d: df:70:8f:bd:bd:0b:3d:06:b0:4f:0b:bd:3a:96:62: c2:d8:58:02:43:a1:e7:ef:f8:c4:da:10:20:58:71: 3c:4e:69:fd:8e:ff:ba:4d:77:19:8e:c5:c7:c2:3b: b0:bd:93:4b:6f:bf:6c:ef:ab:c8:ea:2e:c3:31:8f: 2e:e1:b8:41:59:5a:b9:ec:b9:b6:b4:c5:f4:fd:28: 0b:74:b5:d8:57:63:a4:0c:e3:3f:4f:fb:69:a5:33: 60:e7:b8:a5:97:b0:6c:e7:92:21:60:5b:3a:d0:e6: b7:5d:58:32:0d:9f:fb:30:2b:3a:b7:2a:0b:28:22: 7f:65:29:1f:df:24:79:88:a5:b7:53:71:bc:fb:ed: db:99:61:de:6d:a5:03:7f:dc:b1:c8:d3:27:af:f8: fb:57:a4:3d:8f:09:d8:0d:df:68:b1:f6:51:ee:3a: 17:75:64:27:40:11:b0:e6:f3:ae:4c:3a:79:26:97: 82:d0:87:68:6e:40:21:47:73:4b:c4:12:57:fc:f2: 89:c1:7b:48:cf:29:d1:54:85:4c:96:a6:26:35:1b: c2:b5:e2:9f:aa:31:61:f6:6e:1a:29:d7:5b:68:48: c2:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:22:DD:19:72:5B:6A:59:E7:9F:0F:F3:97:89:A5:65:8E:4A:5F:DD X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/c75f12-97a4-4d9e-9978-b1822755f712/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/c75f12-97a4-4d9e-9978-b1822755f712/1/ziLdGXJbalnnnw_zl4mlZY5KX90.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.215.120.0/22 IPv6: 2a0b:a940::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 56395 Signature Algorithm: sha256WithRSAEncryption 2e:3d:03:5f:b5:d4:47:04:18:3d:76:39:4b:cd:eb:0c:05:19: 00:7d:75:de:72:52:7e:18:b1:bc:92:72:96:18:c2:ae:64:06: f3:e9:5d:84:98:b7:b8:29:32:dc:03:56:ac:08:8e:28:fd:7a: f7:5d:01:ff:0e:e3:4d:35:cd:c3:c0:30:68:1a:23:08:f1:dc: 23:0d:f4:4d:78:29:e4:bc:f0:3e:74:2d:7c:12:d8:83:9d:ec: e5:5b:cb:39:a3:41:45:dc:2c:57:0e:85:f7:1d:af:92:0d:ac: 20:85:02:fe:67:fd:0b:dc:43:dc:17:e9:0b:43:63:48:63:4f: d2:39:d8:3a:07:da:8c:c8:37:5f:e9:79:5e:2b:5f:bc:90:37: 69:30:f6:92:d3:e9:68:96:69:b3:59:e9:05:14:10:f1:d9:83: 76:c3:53:bf:53:b0:a8:a7:d1:0f:d9:68:09:94:75:28:5c:83: 6f:2f:83:33:d6:a1:3e:49:ef:a7:de:d6:28:3b:8c:90:2a:15: f5:67:cd:e3:71:28:4e:09:0e:68:09:4b:46:4b:f6:b4:a6:b0: 8f:d4:92:a4:62:c1:9f:ec:63:e2:fd:46:cb:e9:42:78:78:77: b4:f7:4c:84:ce:cf:5f:34:c5:7b:33:8b:3e:5b:3d:d0:83:c4: 5f:5e:94:8c -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt87di4R3XSTmltbuQWNiHtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDQxODQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZTIyZGQxOTcyNWI2YTU5ZTc5ZjBmZjM5Nzg5YTU2NThlNGE1ZmRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpWIkydo3SV9suuMA64srMxyxaXI sWC4LmgxMA3fcI+9vQs9BrBPC706lmLC2FgCQ6Hn7/jE2hAgWHE8Tmn9jv+6TXcZ jsXHwjuwvZNLb79s76vI6i7DMY8u4bhBWVq57Lm2tMX0/SgLdLXYV2OkDOM/T/tp pTNg57ill7Bs55IhYFs60Oa3XVgyDZ/7MCs6tyoLKCJ/ZSkf3yR5iKW3U3G8++3b mWHebaUDf9yxyNMnr/j7V6Q9jwnYDd9osfZR7joXdWQnQBGw5vOuTDp5JpeC0Ido bkAhR3NLxBJX/PKJwXtIzynRVIVMlqYmNRvCteKfqjFh9m4aKddbaEjCUwIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFM4i3RlyW2pZ558P85eJpWWOSl/dMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZjL2M3NWYx Mi05N2E0LTRkOWUtOTk3OC1iMTgyMjc1NWY3MTIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmMvYzc1ZjEy LTk3YTQtNGQ5ZS05OTc4LWIxODIyNzU1ZjcxMi8xL3ppTGRHWEpiYWxubm53X3ps NG1sWlk1S1g5MC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCudd4MA0EAgACMAcDBQMqC6lAMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwDcSzANBgkqhkiG9w0BAQsFAAOCAQEALj0DX7XURwQY PXY5S83rDAUZAH113nJSfhixvJJylhjCrmQG8+ldhJi3uCky3ANWrAiOKP16910B /w7jTTXNw8AwaBojCPHcIw30TXgp5LzwPnQtfBLYg53s5VvLOaNBRdwsVw6F9x2v kg2sIIUC/mf9C9xD3BfpC0NjSGNP0jnYOgfajMg3X+l5XitfvJA3aTD2ktPpaJZp s1npBRQQ8dmDdsNTv1OwqKfRD9loCZR1KFyDby+DM9ahPknvp97WKDuMkCoV9WfN 43EoTgkOaAlLRkv2tKawj9SSpGLBn+xj4v1Gy+lCeHh3tPdMhM7PXzTFezOLPls9 0IPEX16UjA== -----END CERTIFICATE-----Generated at Tue Jan 27 06:10:57 2026 by rpki-client