This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/4050A17BAE1C5F3763D45A38DCFEACE0FE222BD6.cer File: 4050A17BAE1C5F3763D45A38DCFEACE0FE222BD6.cer (raw, json) Hash identifier: f1GSJiQtc/MmvQg5NAwYGsWtviUENUvUBamh/H6xkA4= Subject key identifier: 40:50:A1:7B:AE:1C:5F:37:63:D4:5A:38:DC:FE:AC:E0:FE:22:2B:D6 Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Certificate serial: 1A4F3244D7C02404315007A3515F57D6F138EC05 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Manifest: rsync://rsync.paas.rpki.ripe.net/repository/c86b65b1-45e9-4fb2-adc5-87ba711e21b7/1/4050A17BAE1C5F3763D45A38DCFEACE0FE222BD6.mft caRepository: rsync://rsync.paas.rpki.ripe.net/repository/c86b65b1-45e9-4fb2-adc5-87ba711e21b7/1/ Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml Certificate not before: Sat 13 Dec 2025 07:13:13 +0000 Certificate not after: Sat 12 Dec 2026 07:18:13 +0000 Subordinate resources: IP: 2a14:7581:9f20::/44 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 01:53:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:4f:32:44:d7:c0:24:04:31:50:07:a3:51:5f:57:d6:f1:38:ec:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Validity Not Before: Dec 13 07:13:13 2025 GMT Not After : Dec 12 07:18:13 2026 GMT Subject: CN=4050A17BAE1C5F3763D45A38DCFEACE0FE222BD6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:5f:5d:58:c4:8f:70:86:47:61:eb:d1:6d:2c: 4e:31:2d:6e:b2:7e:18:b0:52:1c:29:50:6b:fb:e1: b1:5f:da:06:12:8f:cd:e4:fb:0d:e3:2c:f4:9c:b8: 20:fb:8e:13:8c:5b:af:d4:22:31:65:b3:4b:23:16: dc:ad:e8:46:e4:fa:04:cf:2d:97:28:12:88:5e:4f: fe:30:5b:29:42:cb:03:84:8f:8b:79:d0:ab:dc:05: 68:3f:a0:62:ea:8a:4d:40:cb:02:47:32:c0:0a:69: 96:4f:0c:0c:a1:b0:19:23:b5:23:6f:10:2e:b3:a8: 13:0e:30:8a:bb:0d:8c:44:f4:e1:97:73:d6:c4:fd: d0:44:cf:01:73:ff:b6:ca:f1:a2:b0:1a:f4:82:ae: 41:25:74:8d:54:03:e5:1e:12:d2:e7:dc:a8:01:65: d2:4a:e6:39:e8:36:d5:97:47:29:32:00:7a:ff:e6: b2:f0:8a:7f:1c:02:ce:f0:36:20:02:4a:40:34:e0: c9:ee:48:d2:13:f1:99:89:e1:ea:37:56:95:12:a8: c8:03:ff:7b:2d:74:d0:e1:98:dd:d2:e3:af:60:08: a0:dc:b2:df:7e:2a:ed:1a:f5:0a:c8:f7:f0:17:2e: 4f:68:6c:6f:ee:db:29:31:5b:1d:59:4d:a5:07:eb: 7c:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 40:50:A1:7B:AE:1C:5F:37:63:D4:5A:38:DC:FE:AC:E0:FE:22:2B:D6 X509v3 Authority Key Identifier: keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject Information Access: CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/c86b65b1-45e9-4fb2-adc5-87ba711e21b7/1/ RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/c86b65b1-45e9-4fb2-adc5-87ba711e21b7/1/4050A17BAE1C5F3763D45A38DCFEACE0FE222BD6.mft RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:9f20::/44 Signature Algorithm: sha256WithRSAEncryption 12:ed:63:b4:e8:c2:5b:21:54:fb:11:12:6d:8b:45:5f:ec:5e: d3:94:d6:8d:c1:32:f0:a7:07:8f:8e:00:86:0b:d4:e7:c5:48: 72:24:88:64:7f:73:74:b6:2c:34:f5:2b:24:d8:c5:34:1e:11: e5:38:4c:24:f1:3f:9a:0f:0d:62:3d:ce:58:98:40:01:59:89: 80:7f:c3:1d:ab:94:1c:cb:60:66:ba:74:03:12:e3:19:fb:f3: 6c:1d:89:dd:72:21:8d:03:64:3d:fa:00:96:e9:d8:bd:9f:b0: 46:c6:1c:28:74:b6:ff:7b:9f:33:9a:e5:65:ed:65:c7:ac:12: 50:27:69:5c:ac:25:ed:61:3b:19:ad:eb:ab:f2:bb:2f:04:ee: eb:5e:09:0f:be:77:25:bb:e9:d7:16:5f:4e:b9:a5:76:f0:98: 0a:cb:47:51:1a:1b:82:94:9d:15:73:6b:10:b0:0d:0c:4c:ba: ce:61:7b:58:ca:ba:65:f3:99:9d:00:0a:9d:44:27:36:fd:37: 8d:1e:9f:39:b4:29:38:d8:01:b7:24:69:0f:50:1a:3c:5a:70: 93:1d:f2:f8:d6:ce:45:99:0f:83:34:b2:b0:85:22:ce:b4:7f: b6:f2:6f:db:c4:52:d5:6c:c4:18:19:6a:79:be:43:34:d2:59: 7b:63:76:f9 -----BEGIN CERTIFICATE----- MIIF2jCCBMKgAwIBAgIUGk8yRNfAJAQxUAejUV9X1vE47AUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj Y2ZkMzc3MjAeFw0yNTEyMTMwNzEzMTNaFw0yNjEyMTIwNzE4MTNaMDMxMTAvBgNV BAMTKDQwNTBBMTdCQUUxQzVGMzc2M0Q0NUEzOERDRkVBQ0UwRkUyMjJCRDYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjX11YxI9whkdh69FtLE4xLW6y fhiwUhwpUGv74bFf2gYSj83k+w3jLPScuCD7jhOMW6/UIjFls0sjFtyt6Ebk+gTP LZcoEoheT/4wWylCywOEj4t50KvcBWg/oGLqik1AywJHMsAKaZZPDAyhsBkjtSNv EC6zqBMOMIq7DYxE9OGXc9bE/dBEzwFz/7bK8aKwGvSCrkEldI1UA+UeEtLn3KgB ZdJK5jnoNtWXRykyAHr/5rLwin8cAs7wNiACSkA04MnuSNIT8ZmJ4eo3VpUSqMgD /3stdNDhmN3S469gCKDcst9+Ku0a9QrI9/AXLk9obG/u2ykxWx1ZTaUH63xjAgMB AAGjggLkMIIC4DAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRAUKF7rhxfN2PU Wjjc/qzg/iIr1jAfBgNVHSMEGDAWgBSoPUhlLzst909r+bqoqcF0zP03cjAOBgNV HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9BODNENDg2NTJGM0IyREY3NEY2QkY5QkFB OEE5QzE3NENDRkQzNzcyLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKG SHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUQxSVpT ODdMZmRQYV9tNnFLbkJkTXo5TjNJLmNlcjCCAT8GCCsGAQUFBwELBIIBMTCCAS0w XwYIKwYBBQUHMAWGU3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3Jl cG9zaXRvcnkvYzg2YjY1YjEtNDVlOS00ZmIyLWFkYzUtODdiYTcxMWUyMWI3LzEv MIGLBggrBgEFBQcwCoZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQv cmVwb3NpdG9yeS9jODZiNjViMS00NWU5LTRmYjItYWRjNS04N2JhNzExZTIxYjcv MS80MDUwQTE3QkFFMUM1RjM3NjNENDVBMzhEQ0ZFQUNFMEZFMjIyQkQ2Lm1mdDA8 BggrBgEFBQcwDYYwaHR0cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3Rp ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUH AQcBAf8EEzARMA8EAgACMAkDBwQqFHWBnyAwDQYJKoZIhvcNAQELBQADggEBABLt Y7TowlshVPsREm2LRV/sXtOU1o3BMvCnB4+OAIYL1OfFSHIkiGR/c3S2LDT1KyTY xTQeEeU4TCTxP5oPDWI9zliYQAFZiYB/wx2rlBzLYGa6dAMS4xn782wdid1yIY0D ZD36AJbp2L2fsEbGHCh0tv97nzOa5WXtZcesElAnaVysJe1hOxmt66vyuy8E7ute CQ++dyW76dcWX065pXbwmArLR1EaG4KUnRVzaxCwDQxMus5he1jKumXzmZ0ACp1E Jzb9N40enzm0KTjYAbckaQ9QGjxacJMd8vjWzkWZD4M0srCFIs60f7byb9vEUtVs xBgZanm+QzTSWXtjdvk= -----END CERTIFICATE-----Generated at Sun Dec 14 16:30:14 2025 by rpki-client