This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3DyyDFynxO2OQgeLGmcoeg2ZHOw.cer File: 3DyyDFynxO2OQgeLGmcoeg2ZHOw.cer (raw, json) Hash identifier: yIhvjJB1kFHamHVSXDCGCTXzMY/ohaXDOnzcz3gEeb0= Subject key identifier: DC:3C:B2:0C:5C:A7:C4:ED:8E:42:07:8B:1A:67:28:7A:0D:99:1C:EC Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7EA4C382BB3C3E558AC19B119C9BAF10 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/3DyyDFynxO2OQgeLGmcoeg2ZHOw.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 12:18:05 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 200960 AS: 201446 IP: 31.14.103.0/24 IP: 31.14.255.0/24 IP: 46.175.128.0/24 IP: 89.46.88.0/22 IP: 185.18.196.0/22 IP: 185.23.116.0/22 IP: 185.45.72.0/22 IP: 185.68.108.0/22 IP: 185.92.244.0/22 IP: 185.177.152.0/22 IP: 193.84.177.0/24 IP: 195.60.239.0/24 IP: 212.63.108.0/22 IP: 217.148.136.0/22 IP: 2a00:69e0::/32 IP: 2a03:f6c0::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:c3:82:bb:3c:3e:55:8a:c1:9b:11:9c:9b:af:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 12:18:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dc3cb20c5ca7c4ed8e42078b1a67287a0d991cec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:fe:2c:31:13:17:1a:47:97:68:10:61:df:43: 04:4b:10:05:1d:ed:12:34:8d:85:db:44:e0:0e:8d: 43:a7:f1:02:3b:85:fa:31:d7:6a:20:d2:59:92:cf: bc:19:4e:3d:31:5d:a4:ed:01:3a:23:60:2e:e9:f1: a6:7a:f4:68:08:35:6d:2e:36:1b:d4:e3:ac:d3:de: bd:49:b1:7f:ff:17:5a:5e:c4:75:c1:60:5e:eb:99: 5b:62:3e:51:ba:a9:b5:60:d7:0c:6c:4f:98:a6:b4: 17:33:6d:45:22:6e:1e:43:f3:55:ea:0a:da:e3:db: 4d:96:fa:a9:e8:6a:95:3d:84:a2:c5:09:89:40:0f: 3c:a8:b6:61:6a:d8:02:37:90:24:d0:c8:97:1e:ae: e4:2b:d7:64:71:af:dc:45:97:19:cb:94:11:fd:73: df:58:cd:4a:a9:c9:13:84:b4:45:2e:3e:20:f2:c4: f6:9f:d0:0b:4d:7e:0c:e2:97:d3:87:89:e7:f2:a7: 92:d0:5b:1f:3d:e1:75:96:3c:ce:23:7b:59:6d:94: ca:99:c9:b3:61:89:1f:86:d3:7b:60:a3:bc:5c:eb: 44:1d:fe:57:37:09:b5:f4:59:b6:4b:bb:f4:56:64: 09:06:7f:cb:bd:51:37:12:39:5a:a0:c6:0a:8c:e8: da:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:3C:B2:0C:5C:A7:C4:ED:8E:42:07:8B:1A:67:28:7A:0D:99:1C:EC X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/3DyyDFynxO2OQgeLGmcoeg2ZHOw.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.14.103.0/24 31.14.255.0/24 46.175.128.0/24 89.46.88.0/22 185.18.196.0/22 185.23.116.0/22 185.45.72.0/22 185.68.108.0/22 185.92.244.0/22 185.177.152.0/22 193.84.177.0/24 195.60.239.0/24 212.63.108.0/22 217.148.136.0/22 IPv6: 2a00:69e0::/32 2a03:f6c0::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 200960 201446 Signature Algorithm: sha256WithRSAEncryption 9c:1d:74:ed:47:c6:fa:df:bf:8b:6d:a1:cb:3f:1d:2e:58:c3: 8f:b1:2b:60:be:d8:d3:83:f7:ef:82:21:86:97:02:2d:1c:95: 9f:e1:08:e9:83:4e:fd:d6:cc:20:3f:83:38:83:15:3a:ac:9d: 63:1d:ec:a6:2c:f8:bf:a5:16:86:52:06:9e:7c:9f:c5:25:36: 91:54:41:41:f8:f6:12:73:a7:be:6c:11:41:d7:4b:2d:dd:a6: bf:1b:ba:2e:91:c4:98:df:58:9c:6e:6f:3b:a6:c0:94:90:fb: 5b:93:86:cb:0a:22:63:b0:34:78:ff:4c:4c:cb:bb:87:ab:fc: b1:39:b3:b7:eb:90:86:b3:dd:5f:db:70:3e:6c:ac:31:b6:29: 5c:68:ff:39:38:69:6f:4a:7e:b8:8c:93:ae:c1:55:09:49:fe: 94:0a:f3:3f:e6:82:5b:eb:64:bb:e4:a7:74:4a:b2:b2:3c:11: 93:59:b1:e0:a6:ad:ee:b3:65:c4:3e:7e:94:aa:4f:9c:4e:c0: b8:d2:c2:c7:5e:31:69:77:20:a6:e7:76:1e:d0:e0:de:6c:02: 7a:0a:42:b0:cf:b7:ba:48:33:2d:d3:2b:fc:fe:ed:03:45:44: 1a:8c:9b:5d:b1:d6:29:6b:f8:74:e6:84:58:be:f4:7e:5c:a7: 71:e3:80:f9 -----BEGIN CERTIFICATE----- MIIF/jCCBOagAwIBAgISAZt+pMOCuzw+VYrBmxGcm68QMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTIxODA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYzNjYjIwYzVjYTdjNGVkOGU0MjA3OGIxYTY3Mjg3YTBkOTkxY2VjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwv4sMRMXGkeXaBBh30MESxAFHe0S NI2F20TgDo1Dp/ECO4X6MddqINJZks+8GU49MV2k7QE6I2Au6fGmevRoCDVtLjYb 1OOs0969SbF//xdaXsR1wWBe65lbYj5Ruqm1YNcMbE+YprQXM21FIm4eQ/NV6gra 49tNlvqp6GqVPYSixQmJQA88qLZhatgCN5Ak0MiXHq7kK9dkca/cRZcZy5QR/XPf WM1KqckThLRFLj4g8sT2n9ALTX4M4pfTh4nn8qeS0FsfPeF1ljzOI3tZbZTKmcmz YYkfhtN7YKO8XOtEHf5XNwm19Fm2S7v0VmQJBn/LvVE3EjlaoMYKjOjafwIDAQAB o4IDCjCCAwYwHQYDVR0OBBYEFNw8sgxcp8TtjkIHixpnKHoNmRzsMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ1L2E4NWYz ZC02NWEyLTRmNmMtOWNiOS04MjY2MGVlNGVhYzQvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUvYTg1ZjNk LTY1YTItNGY2Yy05Y2I5LTgyNjYwZWU0ZWFjNC8xLzNEeXlERnlueE8yT1FnZUxH bWNvZWcyWkhPdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGDBggrBgEF BQcBBwEB/wR0MHIwWgQCAAEwVAMEAB8OZwMEAB8O/wMEAC6vgAMEAlkuWAMEArkS xAMEArkXdAMEArktSAMEArlEbAMEArlc9AMEArmxmAMEAMFUsQMEAMM87wMEAtQ/ bAMEAtmUiDAUBAIAAjAOAwUAKgBp4AMFACoD9sAwHwYIKwYBBQUHAQgBAf8EEDAO oAwwCgIDAxEAAgMDEuYwDQYJKoZIhvcNAQELBQADggEBAJwddO1Hxvrfv4ttocs/ HS5Yw4+xK2C+2NOD9++CIYaXAi0clZ/hCOmDTv3WzCA/gziDFTqsnWMd7KYs+L+l FoZSBp58n8UlNpFUQUH49hJzp75sEUHXSy3dpr8bui6RxJjfWJxubzumwJSQ+1uT hssKImOwNHj/TEzLu4er/LE5s7frkIaz3V/bcD5srDG2KVxo/zk4aW9KfriMk67B VQlJ/pQK8z/mglvrZLvkp3RKsrI8EZNZseCmre6zZcQ+fpSqT5xOwLjSwsdeMWl3 IKbndh7Q4N5sAnoKQrDPt7pIMy3TK/z+7QNFRBqMm12x1ilr+HTmhFi+9H5cp3Hj gPk= -----END CERTIFICATE-----Generated at Sun Jan 25 19:22:37 2026 by rpki-client