This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/20914720382A1F52B950212C138E5E1E81BA69B7.cer File: 20914720382A1F52B950212C138E5E1E81BA69B7.cer (raw, json) Hash identifier: NPD1J8L2889kbkAPkQ9OkkYPSLjbcOoDbC3J8vC1YqU= Subject key identifier: 20:91:47:20:38:2A:1F:52:B9:50:21:2C:13:8E:5E:1E:81:BA:69:B7 Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Certificate serial: 629857C4DD149F7F2C2629DF4F1D7028CCD7FF9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Manifest: rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/3/20914720382A1F52B950212C138E5E1E81BA69B7.mft caRepository: rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/3/ Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml Certificate not before: Sun 28 Dec 2025 13:57:07 +0000 Certificate not after: Sun 27 Dec 2026 14:02:07 +0000 Subordinate resources: IP: 2a14:7586:6000::/36 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 15:30:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:98:57:c4:dd:14:9f:7f:2c:26:29:df:4f:1d:70:28:cc:d7:ff:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Validity Not Before: Dec 28 13:57:07 2025 GMT Not After : Dec 27 14:02:07 2026 GMT Subject: CN=20914720382A1F52B950212C138E5E1E81BA69B7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:8c:5e:c0:d0:2e:e0:63:70:9f:72:da:4e:06: 02:81:70:80:ba:b4:49:da:51:ad:c7:35:a1:7f:e4: 4f:00:78:8a:a3:38:db:2c:ea:5b:a3:c0:9a:e9:c8: 47:85:f9:74:0b:aa:c6:ff:06:9b:cf:e5:48:6a:fc: e3:b5:f4:ff:97:27:8f:ad:e0:c2:d1:24:1b:b3:80: 69:bc:91:45:89:88:3b:cc:00:47:4c:eb:34:60:32: f6:bf:4d:10:55:e7:97:63:ef:8c:cb:5f:03:f4:f5: 90:71:ee:9f:b0:fb:d4:0e:99:a1:94:9f:64:10:84: 7c:e9:4d:a5:12:75:ec:10:15:76:91:9f:04:e7:1b: 66:7a:78:e4:f7:56:08:91:fa:4f:20:b2:a5:9c:8f: f6:85:1e:69:56:b5:0d:30:61:bc:ea:49:e6:1e:d9: 11:45:09:43:7f:ff:f0:b0:e8:b7:4e:26:63:f2:1d: e3:42:cd:89:96:6e:fd:5c:a6:e0:68:d0:c1:86:58: 25:5b:99:92:4a:7f:6a:5a:5d:e6:cc:a1:20:fc:cf: 39:52:51:55:d1:2b:7d:e9:ed:29:36:06:ac:c0:dc: 78:d9:e6:04:27:86:ef:a6:71:5c:87:04:0d:5d:e0: 44:62:15:52:cd:7d:83:a7:f0:69:02:4a:fb:19:16: 13:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 20:91:47:20:38:2A:1F:52:B9:50:21:2C:13:8E:5E:1E:81:BA:69:B7 X509v3 Authority Key Identifier: keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject Information Access: CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/3/ RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/f532b9eb-2fae-48a8-9793-33eec067ce39/3/20914720382A1F52B950212C138E5E1E81BA69B7.mft RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7586:6000::/36 Signature Algorithm: sha256WithRSAEncryption 7b:78:ea:d5:ee:82:c0:ff:0d:45:d5:ec:0a:47:4d:e0:48:70: 1e:e3:6e:d2:da:5f:33:f3:47:08:8a:b7:47:61:c6:9d:65:c6: 99:fd:52:dd:50:e5:46:c0:51:d9:7a:a4:ca:25:7e:63:47:f1: b4:d2:81:97:69:df:35:3c:79:43:60:49:5b:2e:1d:b5:b4:1f: 4c:07:12:c5:20:7c:cf:9c:cd:66:79:4d:56:c7:a0:c5:4f:82: cb:c5:3c:a4:4f:5f:d2:fb:ed:5f:a2:42:c7:db:ba:47:c1:54: 4d:cb:1a:b2:c0:a4:d2:13:d4:6e:4a:8b:da:f8:c7:97:da:55: 73:41:25:75:0b:51:cc:ee:80:3f:91:c1:4a:1b:48:17:42:1f: fb:bb:78:14:37:6e:63:54:9a:65:6a:64:d5:e1:9c:31:c4:44: 88:e4:bd:1f:af:8c:4b:df:49:1c:12:c4:cb:a4:db:fe:c0:23: de:11:c4:52:dc:7a:0b:db:b1:72:4a:2d:d3:7f:e7:0d:d9:a9: f6:f0:fd:57:3d:6e:f2:71:f9:66:e7:3c:6e:e9:93:97:aa:e5: 08:3c:1f:32:76:45:98:3d:34:44:4b:a1:5d:59:e7:67:78:89: 6a:84:94:94:77:93:f6:85:7a:ec:d9:72:8a:93:7e:a5:b3:62: 43:84:96:ce -----BEGIN CERTIFICATE----- MIIF2TCCBMGgAwIBAgIUYphXxN0Un38sJinfTx1wKMzX/5wwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj Y2ZkMzc3MjAeFw0yNTEyMjgxMzU3MDdaFw0yNjEyMjcxNDAyMDdaMDMxMTAvBgNV BAMTKDIwOTE0NzIwMzgyQTFGNTJCOTUwMjEyQzEzOEU1RTFFODFCQTY5QjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9jF7A0C7gY3CfctpOBgKBcIC6 tEnaUa3HNaF/5E8AeIqjONss6lujwJrpyEeF+XQLqsb/BpvP5Uhq/OO19P+XJ4+t 4MLRJBuzgGm8kUWJiDvMAEdM6zRgMva/TRBV55dj74zLXwP09ZBx7p+w+9QOmaGU n2QQhHzpTaUSdewQFXaRnwTnG2Z6eOT3VgiR+k8gsqWcj/aFHmlWtQ0wYbzqSeYe 2RFFCUN///Cw6LdOJmPyHeNCzYmWbv1cpuBo0MGGWCVbmZJKf2paXebMoSD8zzlS UVXRK33p7Sk2BqzA3HjZ5gQnhu+mcVyHBA1d4ERiFVLNfYOn8GkCSvsZFhPHAgMB AAGjggLjMIIC3zAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQgkUcgOCofUrlQ ISwTjl4egbpptzAfBgNVHSMEGDAWgBSoPUhlLzst909r+bqoqcF0zP03cjAOBgNV HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9BODNENDg2NTJGM0IyREY3NEY2QkY5QkFB OEE5QzE3NENDRkQzNzcyLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKG SHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUQxSVpT ODdMZmRQYV9tNnFLbkJkTXo5TjNJLmNlcjCCAT8GCCsGAQUFBwELBIIBMTCCAS0w XwYIKwYBBQUHMAWGU3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3Jl cG9zaXRvcnkvZjUzMmI5ZWItMmZhZS00OGE4LTk3OTMtMzNlZWMwNjdjZTM5LzMv MIGLBggrBgEFBQcwCoZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQv cmVwb3NpdG9yeS9mNTMyYjllYi0yZmFlLTQ4YTgtOTc5My0zM2VlYzA2N2NlMzkv My8yMDkxNDcyMDM4MkExRjUyQjk1MDIxMkMxMzhFNUUxRTgxQkE2OUI3Lm1mdDA8 BggrBgEFBQcwDYYwaHR0cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3Rp ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUH AQcBAf8EEjAQMA4EAgACMAgDBgQqFHWGYDANBgkqhkiG9w0BAQsFAAOCAQEAe3jq 1e6CwP8NRdXsCkdN4EhwHuNu0tpfM/NHCIq3R2HGnWXGmf1S3VDlRsBR2XqkyiV+ Y0fxtNKBl2nfNTx5Q2BJWy4dtbQfTAcSxSB8z5zNZnlNVsegxU+Cy8U8pE9f0vvt X6JCx9u6R8FUTcsassCk0hPUbkqL2vjHl9pVc0EldQtRzO6AP5HBShtIF0If+7t4 FDduY1SaZWpk1eGcMcREiOS9H6+MS99JHBLEy6Tb/sAj3hHEUtx6C9uxckot03/n Ddmp9vD9Vz1u8nH5Zuc8bumTl6rlCDwfMnZFmD00REuhXVnnZ3iJaoSUlHeT9oV6 7NlyipN+pbNiQ4SWzg== -----END CERTIFICATE-----Generated at Tue Jan 20 22:19:30 2026 by rpki-client