This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2l8l6JUPaeLXW5O5L1QEGZ4ER2I.cer File: 2l8l6JUPaeLXW5O5L1QEGZ4ER2I.cer (raw, json) Hash identifier: z/f6JPrEnWBfj/fJe4kEWCiir5nRnLnJOAvSRs1pbgQ= Subject key identifier: DA:5F:25:E8:95:0F:69:E2:D7:5B:93:B9:2F:54:04:19:9E:04:47:62 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019A72C915A54883A348717FC1EE1ADDD6FC Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/1c/b4df4d-8a84-4be3-8e79-e2abc63100bb/1/2l8l6JUPaeLXW5O5L1QEGZ4ER2I.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/1c/b4df4d-8a84-4be3-8e79-e2abc63100bb/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Tue 11 Nov 2025 11:59:32 +0000 Certificate not after: Wed 01 Jul 2026 00:00:00 +0000 Subordinate resources: AS: 215125 IP: 2001:67c:e60::/48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:72:c9:15:a5:48:83:a3:48:71:7f:c1:ee:1a:dd:d6:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Nov 11 11:59:32 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=da5f25e8950f69e2d75b93b92f5404199e044762 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:9c:cd:29:5e:9e:55:e5:3a:41:0a:85:fc:7b: 40:6e:8f:83:a7:db:d0:fe:b3:7e:88:70:bd:c0:ac: 60:83:eb:83:7a:dd:3d:00:ed:cd:cf:0d:d1:8b:35: 05:c5:d4:c6:47:7b:4c:27:00:c9:f9:e2:e5:20:44: f7:3d:8f:bb:97:69:1c:ae:4c:d8:89:d4:5b:b3:ed: 5d:e8:08:bc:80:33:a5:dd:ef:b2:68:ed:a2:c4:b7: 8e:f1:53:3f:ec:84:cb:72:7a:46:5b:b4:e4:6c:95: f8:0a:67:13:fe:65:70:1f:fe:64:ca:5e:59:bf:6e: 24:37:68:1a:c9:91:dc:0a:33:dc:52:d5:78:04:0b: 09:ee:b1:5c:bd:d0:72:1a:39:6b:38:78:69:98:a9: ef:36:1b:63:85:aa:ba:2a:34:17:ed:64:c1:ee:f9: 9a:fe:b4:3e:5c:da:02:29:d2:d4:0b:09:2b:f0:39: 83:e1:b9:cc:84:ed:bf:32:6c:de:2c:06:bc:97:58: 12:29:03:17:42:7b:f7:9b:99:c9:54:08:0a:25:80: de:62:b3:85:1e:15:58:7d:a2:a9:16:41:76:b7:03: 2e:1a:43:23:c5:33:9d:21:12:29:a7:43:67:16:44: 1e:1e:67:cb:cc:44:56:9c:1e:e3:82:66:3d:03:f6: 7b:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:5F:25:E8:95:0F:69:E2:D7:5B:93:B9:2F:54:04:19:9E:04:47:62 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b4df4d-8a84-4be3-8e79-e2abc63100bb/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b4df4d-8a84-4be3-8e79-e2abc63100bb/1/2l8l6JUPaeLXW5O5L1QEGZ4ER2I.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:e60::/48 sbgp-autonomousSysNum: critical Autonomous System Numbers: 215125 Signature Algorithm: sha256WithRSAEncryption 1b:72:57:87:6b:2d:88:ec:ec:50:a2:87:b7:02:b2:ae:19:40: ae:5a:87:f8:c6:d0:a6:cf:4f:55:f9:63:8b:9d:86:4e:e1:d4: 65:ef:23:28:fa:22:a3:41:72:ba:bc:9e:8b:27:d4:30:f8:3f: cf:a8:ea:3b:4d:ca:8f:69:25:45:74:44:ad:b6:bc:e7:b4:3d: 26:84:48:09:09:3c:87:40:16:34:fc:09:c8:22:ad:12:df:53: 20:10:84:0d:63:3d:60:50:cf:cd:67:43:07:9f:8d:a5:7d:cf: 67:db:e8:70:b2:2f:d3:4a:5d:bb:f6:83:3e:ba:3a:50:ae:26: 60:ac:62:86:d8:d3:1c:ea:3b:93:b2:77:67:ea:df:f8:33:b9: c5:a9:0d:8a:c7:0e:71:af:16:c4:0f:06:d4:e8:08:d6:c5:00: 62:a5:e3:29:0c:53:ef:5a:4e:f9:a4:80:e0:df:e7:8c:3f:3f: a0:26:9a:0f:b2:f9:91:24:11:a8:55:79:bd:f5:c7:e4:8d:2f: 8e:d5:f1:9f:94:ad:36:bc:7b:42:37:c9:b9:1b:ea:f5:d7:53: 2a:85:20:e0:69:3b:d3:13:ee:2f:0c:dc:d6:37:af:f2:38:e0: 1d:86:f5:39:65:00:0f:48:c8:60:50:6f:71:4e:c8:65:58:7c: c0:c2:21:08 -----BEGIN CERTIFICATE----- MIIFlzCCBH+gAwIBAgISAZpyyRWlSIOjSHF/we4a3db8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjUxMTExMTE1OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYTVmMjVlODk1MGY2OWUyZDc1YjkzYjkyZjU0MDQxOTllMDQ0NzYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJzNKV6eVeU6QQqF/HtAbo+Dp9vQ /rN+iHC9wKxgg+uDet09AO3Nzw3RizUFxdTGR3tMJwDJ+eLlIET3PY+7l2kcrkzY idRbs+1d6Ai8gDOl3e+yaO2ixLeO8VM/7ITLcnpGW7TkbJX4CmcT/mVwH/5kyl5Z v24kN2gayZHcCjPcUtV4BAsJ7rFcvdByGjlrOHhpmKnvNhtjhaq6KjQX7WTB7vma /rQ+XNoCKdLUCwkr8DmD4bnMhO2/MmzeLAa8l1gSKQMXQnv3m5nJVAgKJYDeYrOF HhVYfaKpFkF2twMuGkMjxTOdIRIpp0NnFkQeHmfLzERWnB7jgmY9A/Z7QQIDAQAB o4ICozCCAp8wHQYDVR0OBBYEFNpfJeiVD2ni11uTuS9UBBmeBEdiMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjL2I0ZGY0 ZC04YTg0LTRiZTMtOGU3OS1lMmFiYzYzMTAwYmIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMvYjRkZjRk LThhODQtNGJlMy04ZTc5LWUyYWJjNjMxMDBiYi8xLzJsOGw2SlVQYWVMWFc1TzVM MVFFR1o0RVIySS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfA5gMBoGCCsGAQUFBwEIAQH/BAswCaAH MAUCAwNIVTANBgkqhkiG9w0BAQsFAAOCAQEAG3JXh2stiOzsUKKHtwKyrhlArlqH +MbQps9PVflji52GTuHUZe8jKPoio0FyuryeiyfUMPg/z6jqO03Kj2klRXRErba8 57Q9JoRICQk8h0AWNPwJyCKtEt9TIBCEDWM9YFDPzWdDB5+NpX3PZ9vocLIv00pd u/aDPro6UK4mYKxihtjTHOo7k7J3Z+rf+DO5xakNiscOca8WxA8G1OgI1sUAYqXj KQxT71pO+aSA4N/njD8/oCaaD7L5kSQRqFV5vfXH5I0vjtXxn5StNrx7QjfJuRvq 9ddTKoUg4Gk70xPuLwzc1jev8jjgHYb1OWUAD0jIYFBvcU7IZVh8wMIhCA== -----END CERTIFICATE-----Generated at Sat Dec 6 06:37:58 2025 by rpki-client