This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.cer File: 8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.cer (raw, json) Hash identifier: nWRJ2z41wTe1qVoieAwkIxdVEBGK5HAPVnQ65fxrlqE= Subject key identifier: 8E:07:D3:1C:64:52:F7:A6:B2:4E:63:CD:DC:49:0E:12:E0:AF:B3:8C Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Certificate serial: 6A0F76145532B18ECF98AC022B91434D0C6EF013 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Manifest: rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.mft caRepository: rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/ Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml Certificate not before: Mon 26 Jan 2026 06:05:26 +0000 Certificate not after: Mon 25 Jan 2027 06:10:26 +0000 Subordinate resources: IP: 2a14:7581:4000::/36 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:0f:76:14:55:32:b1:8e:cf:98:ac:02:2b:91:43:4d:0c:6e:f0:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Validity Not Before: Jan 26 06:05:26 2026 GMT Not After : Jan 25 06:10:26 2027 GMT Subject: CN=8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:2b:8c:a6:0b:53:f3:e3:6f:5b:4d:7f:83:43: 31:17:81:1b:08:9c:7f:cf:5c:5b:00:98:8d:ab:37: c1:ae:b0:56:29:c2:87:53:4a:27:83:00:d3:fa:62: 9d:4a:b8:21:67:49:b3:4d:8a:dd:4f:86:49:5c:63: b3:ff:d7:a3:27:53:63:97:37:b2:27:9f:1b:9d:71: 5d:98:42:e8:e7:83:a0:28:95:92:76:99:29:be:45: c1:32:e6:60:e9:7e:1a:3a:06:e5:0d:34:be:bd:24: c9:3d:bf:0d:d8:dc:bb:06:d7:91:f0:ec:88:72:8a: 78:46:e4:8d:6c:b5:68:1f:f0:b1:95:dd:93:1e:78: a3:b9:ef:0e:0b:b1:d5:9c:25:a3:4c:ad:e6:6d:21: d1:e1:83:41:48:a4:af:dc:d3:cf:04:fc:71:7d:d1: 13:0c:bd:24:65:7b:08:2d:65:5d:2d:ab:fb:90:96: 78:65:9f:79:3c:42:6d:d7:5c:ff:08:0a:b1:b7:33: 74:b2:4f:4b:09:e7:be:7b:d8:73:61:c4:28:26:3b: ff:e6:51:16:cc:52:e2:f8:86:e3:de:f2:ba:c1:35: e5:42:60:4e:d6:76:5e:63:64:4b:26:5c:54:5a:3b: 52:d4:62:c3:c5:71:ca:3c:a3:eb:71:6c:c3:82:47: 5c:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 8E:07:D3:1C:64:52:F7:A6:B2:4E:63:CD:DC:49:0E:12:E0:AF:B3:8C X509v3 Authority Key Identifier: keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject Information Access: CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/ RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.mft RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:4000::/36 Signature Algorithm: sha256WithRSAEncryption 18:c2:8a:58:e3:34:03:b3:ee:59:04:20:7f:33:34:00:5e:26: a1:84:f0:e8:7b:0f:a8:44:e2:cf:dc:15:8b:d6:25:16:d3:db: 7d:6a:fc:5a:06:87:92:14:27:7e:32:b3:4b:8c:78:b1:95:7b: 3f:7f:38:aa:a5:f0:cd:c1:e1:63:b6:fe:a7:92:c0:99:59:57: 36:2e:24:39:af:08:45:85:8b:96:31:c3:f8:2d:05:a3:34:06: d4:a8:e2:1b:3b:86:59:33:29:1a:56:a9:8d:71:1c:04:07:f7: c3:c5:71:e0:71:73:f8:a0:25:cb:ff:cd:4a:0f:ca:22:d2:ae: 15:66:6e:ea:5e:85:a8:c7:9d:d6:a5:d4:fe:25:4a:34:6d:67: 63:28:81:77:0b:43:69:f3:11:36:1b:76:a6:65:00:a0:09:5f: 63:5b:52:6c:75:75:a8:39:2c:4f:12:06:f2:39:7c:8a:1c:0f: 77:a6:1c:d6:d3:07:59:be:ed:38:9e:7b:75:89:8b:1a:dc:64: 32:dd:54:6c:06:0e:ac:07:8d:37:3e:97:72:fa:1c:83:ab:74: c8:46:ee:c2:ab:af:c0:72:7b:71:a9:38:8d:9c:d7:84:07:d4: 62:61:a2:fb:18:85:7b:46:95:19:5d:f8:86:31:34:fe:d7:8f: 14:bb:6d:42 -----BEGIN CERTIFICATE----- MIIF2TCCBMGgAwIBAgIUag92FFUysY7PmKwCK5FDTQxu8BMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj Y2ZkMzc3MjAeFw0yNjAxMjYwNjA1MjZaFw0yNzAxMjUwNjEwMjZaMDMxMTAvBgNV BAMTKDhFMDdEMzFDNjQ1MkY3QTZCMjRFNjNDRERDNDkwRTEyRTBBRkIzOEMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5K4ymC1Pz429bTX+DQzEXgRsI nH/PXFsAmI2rN8GusFYpwodTSieDANP6Yp1KuCFnSbNNit1PhklcY7P/16MnU2OX N7InnxudcV2YQujng6AolZJ2mSm+RcEy5mDpfho6BuUNNL69JMk9vw3Y3LsG15Hw 7IhyinhG5I1stWgf8LGV3ZMeeKO57w4LsdWcJaNMreZtIdHhg0FIpK/c088E/HF9 0RMMvSRlewgtZV0tq/uQlnhln3k8Qm3XXP8ICrG3M3SyT0sJ57572HNhxCgmO//m URbMUuL4huPe8rrBNeVCYE7Wdl5jZEsmXFRaO1LUYsPFcco8o+txbMOCR1w7AgMB AAGjggLjMIIC3zAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSOB9McZFL3prJO Y83cSQ4S4K+zjDAfBgNVHSMEGDAWgBSoPUhlLzst909r+bqoqcF0zP03cjAOBgNV HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9BODNENDg2NTJGM0IyREY3NEY2QkY5QkFB OEE5QzE3NENDRkQzNzcyLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKG SHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUQxSVpT ODdMZmRQYV9tNnFLbkJkTXo5TjNJLmNlcjCCAT8GCCsGAQUFBwELBIIBMTCCAS0w XwYIKwYBBQUHMAWGU3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3Jl cG9zaXRvcnkvMzExZTQ3YzQtMDJmMC00NjU3LTkwMjItZDJiODNjZmY4NzU1LzQv MIGLBggrBgEFBQcwCoZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQv cmVwb3NpdG9yeS8zMTFlNDdjNC0wMmYwLTQ2NTctOTAyMi1kMmI4M2NmZjg3NTUv NC84RTA3RDMxQzY0NTJGN0E2QjI0RTYzQ0REQzQ5MEUxMkUwQUZCMzhDLm1mdDA8 BggrBgEFBQcwDYYwaHR0cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3Rp ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUH AQcBAf8EEjAQMA4EAgACMAgDBgQqFHWBQDANBgkqhkiG9w0BAQsFAAOCAQEAGMKK WOM0A7PuWQQgfzM0AF4moYTw6HsPqETiz9wVi9YlFtPbfWr8WgaHkhQnfjKzS4x4 sZV7P384qqXwzcHhY7b+p5LAmVlXNi4kOa8IRYWLljHD+C0FozQG1KjiGzuGWTMp GlapjXEcBAf3w8Vx4HFz+KAly//NSg/KItKuFWZu6l6FqMed1qXU/iVKNG1nYyiB dwtDafMRNht2pmUAoAlfY1tSbHV1qDksTxIG8jl8ihwPd6Yc1tMHWb7tOJ57dYmL GtxkMt1UbAYOrAeNNz6Xcvocg6t0yEbuwquvwHJ7cak4jZzXhAfUYmGi+xiFe0aV GV34hjE0/tePFLttQg== -----END CERTIFICATE-----Generated at Mon Jan 26 13:30:31 2026 by rpki-client