This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer File: zvzkSb6o3q7bGATbolxYTfWHPcQ.cer (raw, json) Hash identifier: SuesuPhiVWeKS5RC1S2Ucdrric4yAgW/+AcHzRotuK4= Subject key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B797EB0533C8BAB7D5060B31B9075EEE3 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft caRepository: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/ Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 12:18:24 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 2.58.84.0/22 IP: 45.8.172.0/22 IP: 45.13.148.0/22 IP: 45.66.148.0/22 IP: 62.3.18.0/24 IP: 62.122.185.0 -- 62.122.186.255 IP: 83.138.50.0/24 IP: 89.107.9.0/24 IP: 130.193.75.0/24 IP: 146.19.22.0/24 IP: 146.19.53.0/24 IP: 146.19.215.0 -- 146.19.216.255 IP: 176.126.105.0/24 IP: 185.212.113.0/24 IP: 185.251.23.0/24 IP: 193.35.226.0/24 IP: 212.18.115.0 -- 212.18.116.255 IP: 212.24.127.0/24 IP: 213.5.128.0/24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 23 Jan 2026 09:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:b0:53:3c:8b:ab:7d:50:60:b3:1b:90:75:ee:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 12:18:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cefce449bea8deaedb1804dba25c584df5873dc4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:30:5e:f0:35:ba:81:43:f5:a5:af:cd:eb:cf: 86:ab:b7:fa:c0:38:07:c1:d6:bc:af:46:b1:87:49: 23:69:3f:04:c0:68:8e:dc:06:5f:ba:3a:ee:74:af: be:e5:5b:6d:c6:8f:a5:2b:3d:94:51:61:6c:08:02: 1f:99:e0:57:f3:3e:b5:38:9a:ce:62:3e:14:ae:2f: 26:64:0a:ca:3d:75:b2:27:46:d3:60:04:40:97:67: fa:ab:a0:33:fc:ad:a6:71:80:1e:59:d3:ff:f2:54: 11:35:93:99:2a:fd:91:55:6c:87:0c:4f:1e:2a:36: 42:96:a5:8f:4d:1f:f5:c1:a0:1e:d8:0f:77:b3:39: 57:eb:9a:f5:b6:ad:db:6a:1a:27:b7:ca:a7:e5:42: 25:8e:f0:5c:9c:48:56:14:34:5e:ff:81:09:2e:01: 27:2e:47:bb:41:25:57:f4:43:bd:83:05:77:2c:f5: 5b:81:41:8d:0e:bc:9d:0b:e9:b3:ec:10:a9:cb:43: 09:fc:68:de:3d:56:c4:7d:de:0e:50:d0:f5:73:d8: 9a:c4:2a:bc:d2:da:e0:f7:47:89:18:12:61:e2:2b: f4:a3:40:02:14:1a:4f:89:b5:9d:d1:6e:5b:86:26: 1e:8c:dc:98:40:01:17:4e:a5:07:b2:22:10:10:28: ea:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/ RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.58.84.0/22 45.8.172.0/22 45.13.148.0/22 45.66.148.0/22 62.3.18.0/24 62.122.185.0-62.122.186.255 83.138.50.0/24 89.107.9.0/24 130.193.75.0/24 146.19.22.0/24 146.19.53.0/24 146.19.215.0-146.19.216.255 176.126.105.0/24 185.212.113.0/24 185.251.23.0/24 193.35.226.0/24 212.18.115.0-212.18.116.255 212.24.127.0/24 213.5.128.0/24 Signature Algorithm: sha256WithRSAEncryption 66:4b:06:6c:03:64:bc:b6:c1:77:ea:bf:78:a6:b6:e3:61:21: 35:22:b9:fb:4b:46:15:bc:3d:1f:66:cd:f0:73:fa:75:fc:48: 67:51:c6:b9:dd:d1:03:94:77:28:cf:a5:7e:96:f3:38:2b:97: ad:fd:cb:1e:91:23:30:d8:af:41:04:d6:83:b2:65:dc:a1:d4: 2a:80:59:ec:68:b0:c1:60:30:81:e9:5f:32:d4:33:01:7f:46: d7:76:21:98:bb:ed:94:f0:0f:76:2f:0b:89:77:74:b7:1c:20: 4e:2f:e8:f5:a4:c6:42:bc:83:7e:2d:45:99:ef:bb:ce:dc:2e: 9a:07:c2:b2:74:69:94:d5:65:28:3f:0e:8f:09:f1:0d:15:77: d4:c9:a5:4d:cc:80:83:1d:a1:84:35:58:87:fb:11:60:db:5e: 75:5d:6b:38:23:f0:3e:a5:c8:a4:d5:ff:6a:c1:18:97:c0:81: 3f:ab:2a:78:a9:25:42:ce:5e:d7:c3:ab:19:ae:00:0a:94:d2: 93:43:5d:69:5c:67:e3:72:10:f2:d9:c4:31:3d:26:1f:d9:e6: 3e:6d:b8:1a:36:1c:4d:d2:94:21:0d:32:32:44:82:52:f2:97: de:7a:c7:9a:c9:4d:0a:a1:83:df:2e:96:33:2c:3f:be:88:ed: 69:79:eb:ad -----BEGIN CERTIFICATE----- MIIGHTCCBQWgAwIBAgISAZt5frBTPIurfVBgsxuQde7jMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTIxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZWZjZTQ0OWJlYThkZWFlZGIxODA0ZGJhMjVjNTg0ZGY1ODczZGM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DBe8DW6gUP1pa/N68+Gq7f6wDgH wda8r0axh0kjaT8EwGiO3AZfujrudK++5Vttxo+lKz2UUWFsCAIfmeBX8z61OJrO Yj4Uri8mZArKPXWyJ0bTYARAl2f6q6Az/K2mcYAeWdP/8lQRNZOZKv2RVWyHDE8e KjZClqWPTR/1waAe2A93szlX65r1tq3bahont8qn5UIljvBcnEhWFDRe/4EJLgEn Lke7QSVX9EO9gwV3LPVbgUGNDrydC+mz7BCpy0MJ/GjePVbEfd4OUND1c9iaxCq8 0trg90eJGBJh4iv0o0ACFBpPibWd0W5bhiYejNyYQAEXTqUHsiIQECjqiQIDAQAB o4IDKTCCAyUwHQYDVR0OBBYEFM785Em+qN6u2xgE26JcWE31hz3EMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2QxYjM1 ZjhiLTZmNDgtNGJhZC1iMTg1LTVjMWRhYThhY2RhOS8wLzCBiwYIKwYBBQUHMAqG f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFi MzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvQ0VGQ0U0NDlCRUE4 REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5tZnQwPAYIKwYBBQUHMA2GMGh0 dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g AQH/BA4wDDAKBggrBgEFBQcOAjCBpwYIKwYBBQUHAQcBAf8EgZcwgZQwgZEEAgAB MIGKAwQCAjpUAwQCLQisAwQCLQ2UAwQCLUKUAwQAPgMSMAwDBAA+erkDBAA+eroD BABTijIDBABZawkDBACCwUsDBACSExYDBACSEzUwDAMEAJIT1wMEAJIT2AMEALB+ aQMEALnUcQMEALn7FwMEAMEj4jAMAwQA1BJzAwQA1BJ0AwQA1Bh/AwQA1QWAMA0G CSqGSIb3DQEBCwUAA4IBAQBmSwZsA2S8tsF36r94prbjYSE1Irn7S0YVvD0fZs3w c/p1/EhnUca53dEDlHcoz6V+lvM4K5et/csekSMw2K9BBNaDsmXcodQqgFnsaLDB YDCB6V8y1DMBf0bXdiGYu+2U8A92LwuJd3S3HCBOL+j1pMZCvIN+LUWZ77vO3C6a B8KydGmU1WUoPw6PCfENFXfUyaVNzICDHaGENViH+xFg2151XWs4I/A+pcik1f9q wRiXwIE/qyp4qSVCzl7Xw6sZrgAKlNKTQ11pXGfjchDy2cQxPSYf2eY+bbgaNhxN 0pQhDTIyRIJS8pfeeseayU0KoYPfLpYzLD++iO1peeut -----END CERTIFICATE-----Generated at Thu Jan 22 12:28:09 2026 by rpki-client