This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/34DEF610B33BA719BA344A660C4BDA8333112372.cer File: 34DEF610B33BA719BA344A660C4BDA8333112372.cer (raw, json) Hash identifier: EOZJgpcUgbVzK1YqC0fgOxRBqaik8DwKMzP3zAVzQo4= Subject key identifier: 34:DE:F6:10:B3:3B:A7:19:BA:34:4A:66:0C:4B:DA:83:33:11:23:72 Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Certificate serial: 4FCD3841E81E7B791F1BCAE66DCFEDC4C6EA42DD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Manifest: rsync://rsync.paas.rpki.ripe.net/repository/2ed4b7eb-17a7-44e1-9ca2-098a32383c90/1/34DEF610B33BA719BA344A660C4BDA8333112372.mft caRepository: rsync://rsync.paas.rpki.ripe.net/repository/2ed4b7eb-17a7-44e1-9ca2-098a32383c90/1/ Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml Certificate not before: Mon 19 Jan 2026 15:23:20 +0000 Certificate not after: Mon 18 Jan 2027 15:28:20 +0000 Subordinate resources: IP: 2a14:7581:3700::/40 IP: 2a14:7581:9f10::/44 IP: 2a14:7586:7000::/36 IP: 2a14:7586:9000:: -- 2a14:7586:afff:ffff:ffff:ffff:ffff:ffff Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 15:30:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:cd:38:41:e8:1e:7b:79:1f:1b:ca:e6:6d:cf:ed:c4:c6:ea:42:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Validity Not Before: Jan 19 15:23:20 2026 GMT Not After : Jan 18 15:28:20 2027 GMT Subject: CN=34DEF610B33BA719BA344A660C4BDA8333112372 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:fa:8b:8c:cd:0d:f3:cd:f6:d8:42:c2:20:ec: 2c:8b:56:26:71:cc:de:c0:37:b0:59:64:dd:56:a7: 92:b7:a4:4f:f9:d5:9e:bc:86:24:88:fc:be:50:24: c9:f7:60:21:12:02:2d:f6:af:2c:44:75:9b:c8:56: a7:a5:2d:70:68:e8:a0:c9:0f:9e:6a:99:3a:98:7c: c7:fb:6a:3c:a6:62:4c:e1:57:14:0b:fe:80:bd:55: 98:af:80:1b:a2:63:30:64:74:c7:cf:c5:98:95:bf: 59:fb:a1:00:f7:bd:9d:57:66:cd:84:8b:bb:e3:2c: cb:9e:06:27:f0:bc:3b:15:d0:78:90:de:39:b5:4e: 7e:b0:ff:3c:19:15:46:4a:5d:b0:d1:29:c4:ed:11: 4b:a7:3b:ba:8e:7a:05:78:72:aa:27:29:de:48:f5: f4:81:4d:c5:30:af:d4:c2:4a:1b:c3:3a:0b:2d:03: 51:b8:da:ef:04:82:e7:36:2f:2b:75:8e:06:f4:01: 13:45:e5:da:19:1a:da:e3:f6:b3:41:5c:75:f5:3c: 27:c9:d7:73:ca:ab:f1:52:9a:2b:e2:f2:a0:38:2b: e0:a4:eb:59:2c:ea:5f:e9:a2:42:c7:76:58:61:c1: 1d:a7:aa:05:b7:67:ae:bd:c9:a7:82:17:80:90:2a: 64:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 34:DE:F6:10:B3:3B:A7:19:BA:34:4A:66:0C:4B:DA:83:33:11:23:72 X509v3 Authority Key Identifier: keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject Information Access: CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/2ed4b7eb-17a7-44e1-9ca2-098a32383c90/1/ RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/2ed4b7eb-17a7-44e1-9ca2-098a32383c90/1/34DEF610B33BA719BA344A660C4BDA8333112372.mft RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:3700::/40 2a14:7581:9f10::/44 2a14:7586:7000::/36 2a14:7586:9000::-2a14:7586:afff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 9c:40:91:70:cf:57:61:f9:c2:10:69:6a:73:66:73:b1:e1:63: 2c:28:ef:b0:ae:6b:9c:b9:86:a1:69:fc:5c:29:70:46:a2:92: ab:3f:51:31:d7:87:46:fb:6b:b3:f3:22:c8:f3:a5:aa:78:82: 7c:9c:2b:5f:24:6f:45:81:20:7e:20:0a:d5:71:31:df:50:db: 47:5e:84:17:8a:23:a4:34:27:23:31:c2:80:7c:67:c9:40:0d: 51:a5:b2:3a:98:a5:d9:a0:7a:be:e5:a8:7c:ca:a5:60:ef:ab: 3e:3d:79:35:bb:6c:4f:6a:22:2d:1b:96:bc:a0:9a:d1:2e:06: ed:6e:eb:33:96:f8:84:1b:89:65:91:1f:0f:87:1a:87:72:7f: 48:00:55:b2:00:a1:99:84:e3:53:93:26:18:cf:fb:ac:45:30: 55:a9:fc:31:6c:c1:b5:f3:b3:e4:78:70:53:aa:91:91:e6:8d: 86:61:0e:91:df:8e:0d:1e:25:ee:b4:e6:04:20:9e:dd:04:58: 98:d9:c3:2f:1a:38:fa:0a:83:aa:3a:b9:1b:93:fe:85:22:43: 9c:7a:66:56:49:87:67:44:ab:d3:40:2f:f7:8d:e2:28:ff:40: e8:4c:0b:93:0d:e7:c3:af:ff:dd:21:8f:e0:99:0f:0f:de:b8: 74:e4:ef:15 -----BEGIN CERTIFICATE----- MIIF/DCCBOSgAwIBAgIUT804Qegee3kfG8rmbc/txMbqQt0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj Y2ZkMzc3MjAeFw0yNjAxMTkxNTIzMjBaFw0yNzAxMTgxNTI4MjBaMDMxMTAvBgNV BAMTKDM0REVGNjEwQjMzQkE3MTlCQTM0NEE2NjBDNEJEQTgzMzMxMTIzNzIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk+ouMzQ3zzfbYQsIg7CyLViZx zN7AN7BZZN1Wp5K3pE/51Z68hiSI/L5QJMn3YCESAi32ryxEdZvIVqelLXBo6KDJ D55qmTqYfMf7ajymYkzhVxQL/oC9VZivgBuiYzBkdMfPxZiVv1n7oQD3vZ1XZs2E i7vjLMueBifwvDsV0HiQ3jm1Tn6w/zwZFUZKXbDRKcTtEUunO7qOegV4cqonKd5I 9fSBTcUwr9TCShvDOgstA1G42u8Eguc2Lyt1jgb0ARNF5doZGtrj9rNBXHX1PCfJ 13PKq/FSmivi8qA4K+Ck61ks6l/pokLHdlhhwR2nqgW3Z669yaeCF4CQKmQ5AgMB AAGjggMGMIIDAjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQ03vYQszunGbo0 SmYMS9qDMxEjcjAfBgNVHSMEGDAWgBSoPUhlLzst909r+bqoqcF0zP03cjAOBgNV HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9BODNENDg2NTJGM0IyREY3NEY2QkY5QkFB OEE5QzE3NENDRkQzNzcyLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKG SHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUQxSVpT ODdMZmRQYV9tNnFLbkJkTXo5TjNJLmNlcjCCAT8GCCsGAQUFBwELBIIBMTCCAS0w XwYIKwYBBQUHMAWGU3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3Jl cG9zaXRvcnkvMmVkNGI3ZWItMTdhNy00NGUxLTljYTItMDk4YTMyMzgzYzkwLzEv MIGLBggrBgEFBQcwCoZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQv cmVwb3NpdG9yeS8yZWQ0YjdlYi0xN2E3LTQ0ZTEtOWNhMi0wOThhMzIzODNjOTAv MS8zNERFRjYxMEIzM0JBNzE5QkEzNDRBNjYwQzRCREE4MzMzMTEyMzcyLm1mdDA8 BggrBgEFBQcwDYYwaHR0cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3Rp ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwRAYIKwYBBQUH AQcBAf8ENTAzMDEEAgACMCsDBgAqFHWBNwMHBCoUdYGfEAMGBCoUdYZwMBADBgQq FHWGkAMGBCoUdYagMA0GCSqGSIb3DQEBCwUAA4IBAQCcQJFwz1dh+cIQaWpzZnOx 4WMsKO+wrmucuYahafxcKXBGopKrP1Ex14dG+2uz8yLI86WqeIJ8nCtfJG9FgSB+ IArVcTHfUNtHXoQXiiOkNCcjMcKAfGfJQA1RpbI6mKXZoHq+5ah8yqVg76s+PXk1 u2xPaiItG5a8oJrRLgbtbuszlviEG4llkR8PhxqHcn9IAFWyAKGZhONTkyYYz/us RTBVqfwxbMG187PkeHBTqpGR5o2GYQ6R344NHiXutOYEIJ7dBFiY2cMvGjj6CoOq Orkbk/6FIkOcemZWSYdnRKvTQC/3jeIo/0DoTAuTDefDr//dIY/gmQ8P3rh05O8V -----END CERTIFICATE-----Generated at Tue Jan 20 22:19:36 2026 by rpki-client