This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0DFlUCO9FBcx1W-4RT_wUU9yiGU.cer File: 0DFlUCO9FBcx1W-4RT_wUU9yiGU.cer (raw, json) Hash identifier: pZIvf41bzkm69xkdMQlB1HslOaH++isvFfB8kGby9UM= Subject key identifier: D0:31:65:50:23:BD:14:17:31:D5:6F:B8:45:3F:F0:51:4F:72:88:65 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019ACAF15574DDFFAF8FF48D9B76745FDB19 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/0DFlUCO9FBcx1W-4RT_wUU9yiGU.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 28 Nov 2025 14:50:05 +0000 Certificate not after: Wed 01 Jul 2026 00:00:00 +0000 Subordinate resources: AS: 59862 IP: 80.173.224.0/22 IP: 84.247.36.0/22 IP: 85.8.172.0/22 IP: 85.204.172.0/22 IP: 93.119.20.0/22 IP: 153.92.176.0/22 IP: 156.67.20.0/22 IP: 157.97.160.0 -- 157.97.162.255 IP: 176.223.88.0/21 IP: 185.63.88.0/22 IP: 185.195.4.0/22 IP: 188.215.20.0/22 IP: 2a03:a60::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:ca:f1:55:74:dd:ff:af:8f:f4:8d:9b:76:74:5f:db:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Nov 28 14:50:05 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=d031655023bd141731d56fb8453ff0514f728865 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:54:48:23:55:fb:0c:5b:da:a9:57:01:d6:cd: 71:fe:77:2e:5f:b8:88:df:ea:11:df:dd:73:63:a3: a4:f0:d3:fe:7a:47:32:94:49:77:5a:64:13:d2:02: b7:bd:c1:c2:7c:e1:a4:49:64:01:5f:a6:8f:7d:f0: 4e:4a:ea:a7:94:4c:52:a9:35:11:b0:02:49:87:bd: 9f:09:d4:64:09:cf:2c:79:65:93:40:ee:d4:82:3c: 7c:29:1e:d0:2d:8b:0a:90:a8:48:28:a8:fc:51:21: 4a:c1:a1:cf:84:9a:71:3c:29:89:29:d1:dd:83:3c: 0d:84:0c:cc:bd:7b:a6:b7:cc:ca:48:37:42:93:65: bc:a8:8a:bb:db:f5:fd:c0:92:13:3d:be:7b:5d:6c: 83:70:e2:06:70:b2:2c:48:dd:de:e9:ff:c8:2a:5e: 83:fc:82:72:34:9a:c3:58:b1:e5:76:0c:c4:a1:36: c6:49:1f:de:db:35:3d:e6:0a:12:1a:72:5e:fb:e8: c6:37:7e:c9:ff:2e:e1:5d:9a:36:c1:73:ea:8a:d6: 77:91:ed:a9:d8:c8:e5:37:06:77:f0:1e:25:2e:0b: d8:6a:12:0f:ec:9a:51:f9:c0:99:30:6f:6c:3c:75: bd:2d:c8:ac:82:58:5e:da:5a:c8:97:42:c6:b2:f1: 16:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:31:65:50:23:BD:14:17:31:D5:6F:B8:45:3F:F0:51:4F:72:88:65 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/0DFlUCO9FBcx1W-4RT_wUU9yiGU.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.173.224.0/22 84.247.36.0/22 85.8.172.0/22 85.204.172.0/22 93.119.20.0/22 153.92.176.0/22 156.67.20.0/22 157.97.160.0-157.97.162.255 176.223.88.0/21 185.63.88.0/22 185.195.4.0/22 188.215.20.0/22 IPv6: 2a03:a60::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 59862 Signature Algorithm: sha256WithRSAEncryption 0c:f4:82:50:08:93:0d:ff:18:f4:57:93:7e:57:bb:d2:0d:a0: e2:04:f2:a3:08:0c:2e:43:4a:9d:0b:3a:36:58:17:f1:45:07: 11:18:1a:c3:77:bf:5c:82:a5:b4:06:84:bf:cb:c8:67:d0:ca: 29:90:f1:d4:4e:14:8d:33:4e:ee:ef:d1:24:8f:92:22:bf:df: bc:7f:e3:42:58:9f:f9:9d:91:3f:7b:15:41:1a:9f:46:8a:1f: 0f:b0:ff:e1:94:40:82:45:a7:9d:fc:23:d5:ea:cc:6d:af:7d: a2:6a:11:19:07:a7:29:39:ca:20:1c:5d:ba:28:7d:0b:bd:12: e9:86:c9:11:a8:14:2f:9f:f6:25:44:13:66:b9:3e:a9:12:70: ce:6f:1e:70:0e:65:67:7c:e0:92:a9:b4:cb:63:88:60:55:42: 08:53:d6:da:4a:58:b3:35:8a:7a:12:57:a7:62:bb:5f:95:53: 51:44:0a:3b:87:35:fc:83:cd:85:ce:1d:25:63:6d:bc:92:54: cc:1d:95:54:7c:6a:51:37:a0:7a:96:bd:94:56:96:2e:1b:ec: 53:67:ac:98:7c:21:b4:14:05:47:8a:74:71:02:9f:6e:f5:4b: e0:79:d5:48:80:3d:4a:cf:96:39:7e:13:6b:0b:0f:1f:74:07: ef:e5:50:a1 -----BEGIN CERTIFICATE----- MIIF7TCCBNWgAwIBAgISAZrK8VV03f+vj/SNm3Z0X9sZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjUxMTI4MTQ1MDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMDMxNjU1MDIzYmQxNDE3MzFkNTZmYjg0NTNmZjA1MTRmNzI4ODY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11RII1X7DFvaqVcB1s1x/ncuX7iI 3+oR391zY6Ok8NP+ekcylEl3WmQT0gK3vcHCfOGkSWQBX6aPffBOSuqnlExSqTUR sAJJh72fCdRkCc8seWWTQO7Ugjx8KR7QLYsKkKhIKKj8USFKwaHPhJpxPCmJKdHd gzwNhAzMvXumt8zKSDdCk2W8qIq72/X9wJITPb57XWyDcOIGcLIsSN3e6f/IKl6D /IJyNJrDWLHldgzEoTbGSR/e2zU95goSGnJe++jGN37J/y7hXZo2wXPqitZ3ke2p 2MjlNwZ38B4lLgvYahIP7JpR+cCZMG9sPHW9Lcisglhe2lrIl0LGsvEWHwIDAQAB o4IC+TCCAvUwHQYDVR0OBBYEFNAxZVAjvRQXMdVvuEU/8FFPcohlMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYxLzljZjk1 Zi03M2QzLTRlNGYtYTk3OS1kOGJkMmY1NmJjOGMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEvOWNmOTVm LTczZDMtNGU0Zi1hOTc5LWQ4YmQyZjU2YmM4Yy8xLzBERmxVQ085RkJjeDFXLTRS VF93VVU5eWlHVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHgGCCsGAQUF BwEHAQH/BGkwZzBWBAIAATBQAwQCUK3gAwQCVPckAwQCVQisAwQCVcysAwQCXXcU AwQCmVywAwQCnEMUMAwDBAWdYaADBACdYaIDBAOw31gDBAK5P1gDBAK5wwQDBAK8 1xQwDQQCAAIwBwMFACoDCmAwGgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAOnWMA0G CSqGSIb3DQEBCwUAA4IBAQAM9IJQCJMN/xj0V5N+V7vSDaDiBPKjCAwuQ0qdCzo2 WBfxRQcRGBrDd79cgqW0BoS/y8hn0MopkPHUThSNM07u79Ekj5Iiv9+8f+NCWJ/5 nZE/exVBGp9Gih8PsP/hlECCRaed/CPV6sxtr32iahEZB6cpOcogHF26KH0LvRLp hskRqBQvn/YlRBNmuT6pEnDObx5wDmVnfOCSqbTLY4hgVUIIU9baSlizNYp6Elen YrtflVNRRAo7hzX8g82Fzh0lY228klTMHZVUfGpRN6B6lr2UVpYuG+xTZ6yYfCG0 FAVHinRxAp9u9UvgedVIgD1Kz5Y5fhNrCw8fdAfv5VCh -----END CERTIFICATE-----Generated at Sat Dec 6 07:06:54 2025 by rpki-client