This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.cer File: 1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.cer (raw, json) Hash identifier: l0kfKA3GzAHAxX228mYy+osWyFkiE0z2qLXaekgnuDw= Subject key identifier: D7:36:7F:C2:4D:00:4F:71:DD:2A:EF:03:F9:CB:4F:2E:3F:90:86:AA Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7C1121875C14A0BADC81B04A724C1B25 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a1/d8c6b8-d14a-47d9-a054-b9c794e03cba/1/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a1/d8c6b8-d14a-47d9-a054-b9c794e03cba/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 00:17:36 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 91.236.193.0/24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:11:21:87:5c:14:a0:ba:dc:81:b0:4a:72:4c:1b:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 00:17:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d7367fc24d004f71dd2aef03f9cb4f2e3f9086aa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:a1:f4:91:a5:9b:2e:98:fa:f4:e6:59:bb:4d: 0a:a2:9a:39:f9:eb:fe:06:e2:f3:0c:49:eb:83:f7: 7f:ac:6b:00:be:df:99:72:66:6b:f0:07:4e:b2:2f: fd:17:18:68:78:38:57:6b:c0:d5:bb:92:25:f2:b7: 19:ed:0d:db:ee:ea:bd:29:e5:27:d2:5a:ab:66:1b: c5:3c:b2:ab:05:e0:be:96:8d:0c:ed:d9:dc:33:cd: 51:3d:1e:d9:76:c4:72:af:8d:f7:8e:d5:4c:43:cd: 15:51:28:6b:de:1f:4f:19:2b:d9:3c:0b:3f:d1:83: 95:c0:70:36:c4:17:32:a5:f2:2c:06:33:0f:d0:74: 5a:dd:5b:fb:30:37:ee:95:d5:d2:05:fe:41:e0:b4: c2:80:4f:8f:8b:5a:4a:9e:ff:64:bd:85:03:e0:43: e3:68:10:05:10:70:1b:f1:60:23:cf:ec:c7:dc:1e: e2:1c:6a:a1:ac:be:d7:ea:6c:56:bf:95:76:c9:7f: 5f:c8:7f:26:de:87:8a:ee:93:e3:92:21:7a:4a:2a: 3b:7d:34:35:09:d7:f2:b3:11:52:c7:a9:76:58:b5: d7:2b:c6:0d:1c:d1:ec:92:d8:2e:52:b1:05:f3:d7: 98:67:d0:b6:0e:33:d2:f8:3e:2c:c4:1f:e3:35:6b: 9d:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:36:7F:C2:4D:00:4F:71:DD:2A:EF:03:F9:CB:4F:2E:3F:90:86:AA X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d8c6b8-d14a-47d9-a054-b9c794e03cba/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d8c6b8-d14a-47d9-a054-b9c794e03cba/1/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.236.193.0/24 Signature Algorithm: sha256WithRSAEncryption 5d:a9:f5:40:f8:d6:c0:4b:be:4e:5a:5c:f7:9c:50:fc:49:0c: b7:9f:07:e3:d4:56:f7:b5:4b:c4:d1:8a:d2:85:ba:f3:5f:68: cd:6f:70:98:d9:b5:e3:f7:1e:a0:a8:90:0f:13:c3:e8:09:eb: 3e:cc:d8:a8:86:a9:ed:f5:dc:36:51:0f:32:8c:77:57:1e:68: 0f:7b:72:b3:3d:67:85:17:1a:45:2c:ca:0a:58:6e:9b:5a:6a: 8d:02:7b:1a:8c:9b:4c:4b:cb:b5:f4:13:1a:23:c1:76:bb:64: 75:69:0f:92:fd:d4:a6:ae:2d:c5:51:77:1f:fc:56:f1:d2:c4: 30:b3:25:23:fb:01:9f:8a:1e:a3:e2:ea:0c:3e:da:1b:e9:9b: d1:60:48:93:46:a9:5b:75:8a:ed:02:b8:08:97:1a:bd:79:3e: eb:e4:11:26:00:32:7a:3e:f5:be:af:59:2d:da:e8:16:c2:ee: 5f:3c:6c:e9:54:f2:75:89:19:90:50:39:36:5c:27:a5:6d:00: c2:a2:1e:87:cf:2f:fd:b9:89:21:66:c7:12:5f:79:b0:41:f7: b9:1b:67:ea:80:c5:28:19:b8:6f:2f:d6:7b:05:51:76:65:25: 98:24:c3:d7:97:eb:c5:77:65:b7:1d:c1:c5:ce:97:6f:ef:89: db:ec:ee:a0 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgISAZt8ESGHXBSgutyBsEpyTBslMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDAxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNzM2N2ZjMjRkMDA0ZjcxZGQyYWVmMDNmOWNiNGYyZTNmOTA4NmFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKH0kaWbLpj69OZZu00Kopo5+ev+ BuLzDEnrg/d/rGsAvt+ZcmZr8AdOsi/9FxhoeDhXa8DVu5Il8rcZ7Q3b7uq9KeUn 0lqrZhvFPLKrBeC+lo0M7dncM81RPR7ZdsRyr433jtVMQ80VUShr3h9PGSvZPAs/ 0YOVwHA2xBcypfIsBjMP0HRa3Vv7MDfuldXSBf5B4LTCgE+Pi1pKnv9kvYUD4EPj aBAFEHAb8WAjz+zH3B7iHGqhrL7X6mxWv5V2yX9fyH8m3oeK7pPjkiF6Sio7fTQ1 CdfysxFSx6l2WLXXK8YNHNHsktguUrEF89eYZ9C2DjPS+D4sxB/jNWudewIDAQAB o4IChDCCAoAwHQYDVR0OBBYEFNc2f8JNAE9x3SrvA/nLTy4/kIaqMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ExL2Q4YzZi OC1kMTRhLTQ3ZDktYTA1NC1iOWM3OTRlMDNjYmEvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEvZDhjNmI4 LWQxNGEtNDdkOS1hMDU0LWI5Yzc5NGUwM2NiYS8xLzF6Wl93azBBVDNIZEt1OEQt Y3RQTGotUWhxby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQAW+zBMA0GCSqGSIb3DQEBCwUAA4IBAQBdqfVA +NbAS75OWlz3nFD8SQy3nwfj1Fb3tUvE0YrShbrzX2jNb3CY2bXj9x6gqJAPE8Po Ces+zNiohqnt9dw2UQ8yjHdXHmgPe3KzPWeFFxpFLMoKWG6bWmqNAnsajJtMS8u1 9BMaI8F2u2R1aQ+S/dSmri3FUXcf/Fbx0sQwsyUj+wGfih6j4uoMPtob6ZvRYEiT RqlbdYrtArgIlxq9eT7r5BEmADJ6PvW+r1kt2ugWwu5fPGzpVPJ1iRmQUDk2XCel bQDCoh6Hzy/9uYkhZscSX3mwQfe5G2fqgMUoGbhvL9Z7BVF2ZSWYJMPXl+vFd2W3 HcHFzpdv74nb7O6g -----END CERTIFICATE-----Generated at Sun Jan 25 23:53:20 2026 by rpki-client