This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CBG8UM_tnQLlgZaiyByYjjC6EmA.cer File: CBG8UM_tnQLlgZaiyByYjjC6EmA.cer (raw, json) Hash identifier: eqHyes+E/+jcadKGE/x9JtO/Gt6HN8RYosFKeobtYV4= Subject key identifier: 08:11:BC:50:CF:ED:9D:02:E5:81:96:A2:C8:1C:98:8E:30:BA:12:60 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7DCAE52793A9FE741F7F1453D0CCA659 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/CBG8UM_tnQLlgZaiyByYjjC6EmA.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 08:20:07 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 185.33.116.0/22 IP: 2a00:cc20::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:e5:27:93:a9:fe:74:1f:7f:14:53:d0:cc:a6:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 08:20:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0811bc50cfed9d02e58196a2c81c988e30ba1260 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:76:73:c4:91:2b:89:8b:45:ec:5e:08:15:57: e0:0f:3c:a4:1d:06:ac:32:16:f0:11:fb:59:59:a6: fb:e7:cf:71:b9:fb:9d:dd:52:51:7f:80:19:fd:be: 57:75:d6:54:39:ac:43:5b:e0:b7:03:9e:0b:75:d1: 68:6a:a4:df:4d:9a:4e:f9:2d:bf:ca:e0:15:f8:64: 31:48:0d:3a:ca:46:21:0e:7d:3d:d4:a6:ff:c5:6d: 33:c9:93:9b:21:7b:b5:23:b9:07:8c:f2:e1:53:56: 66:4d:66:d2:7e:98:89:db:e9:73:b3:68:b7:76:3a: 1f:7b:b5:e3:49:7e:9f:26:f9:15:54:67:8a:e6:11: 8f:a6:75:07:c7:99:15:34:19:21:d9:62:d5:cf:c7: 2a:5d:0c:4b:d4:52:d0:fd:84:6f:40:f1:29:e2:eb: 75:7e:12:d5:f1:69:81:28:73:db:cb:16:ff:47:1c: 69:01:41:3d:f0:9b:71:1b:dc:66:cc:fd:ad:e0:a7: 96:53:5f:34:ec:fe:f1:95:fa:8b:46:27:db:55:12: db:2b:c4:6d:9e:07:8b:37:06:d9:0f:fe:77:be:59: c2:b4:f7:b1:83:2e:4a:3d:a0:1f:f8:ff:a9:74:30: 0c:c8:38:17:9a:02:db:a3:b5:c0:70:17:09:49:7e: fd:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:11:BC:50:CF:ED:9D:02:E5:81:96:A2:C8:1C:98:8E:30:BA:12:60 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/CBG8UM_tnQLlgZaiyByYjjC6EmA.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.33.116.0/22 IPv6: 2a00:cc20::/32 Signature Algorithm: sha256WithRSAEncryption 42:d9:94:51:02:c3:d7:06:04:3a:6c:1f:09:2d:2f:69:59:fa: 27:d4:92:a0:ad:27:ac:6f:f5:41:14:89:5a:26:96:69:56:a6: d6:2b:7d:3e:36:d5:0f:dc:6e:37:0a:78:12:64:30:99:87:41: 85:0c:85:0e:f1:37:89:ab:89:43:55:79:39:96:07:0a:d4:08: 55:a5:af:b5:3d:2b:28:65:44:18:0f:02:e0:64:96:f3:34:f7: 4a:96:d0:91:9b:1a:08:a9:0a:52:46:d8:b1:da:c3:52:cc:67: b9:26:58:2f:32:e8:c7:cf:a4:fa:28:aa:05:68:1e:47:13:0b: 30:ff:ce:4d:19:2b:49:3c:c4:5e:77:f5:c9:e5:b7:2b:9b:74: 1a:4c:9e:7c:1a:f6:5e:0b:38:1a:9a:db:a0:53:9e:3c:bf:38: 0a:05:f4:d7:1c:9f:5b:d4:be:35:f0:08:6f:81:e6:6e:97:ca: 95:75:79:f5:2e:c1:3e:5b:71:ec:72:42:37:95:a9:e5:42:b2: 63:6d:34:7e:1a:c6:49:82:f9:89:ec:2d:0a:9a:3d:f1:6b:90: 59:6f:35:19:01:4b:14:b1:f8:27:72:b5:c7:cf:86:32:d7:59: 3a:09:2c:92:a2:b5:d0:8d:d3:82:b3:3e:dd:11:3e:ad:1a:9c: 6d:95:3f:54 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgISAZt9yuUnk6n+dB9/FFPQzKZZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDgyMDA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwODExYmM1MGNmZWQ5ZDAyZTU4MTk2YTJjODFjOTg4ZTMwYmExMjYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHZzxJEriYtF7F4IFVfgDzykHQas MhbwEftZWab7589xufud3VJRf4AZ/b5XddZUOaxDW+C3A54LddFoaqTfTZpO+S2/ yuAV+GQxSA06ykYhDn091Kb/xW0zyZObIXu1I7kHjPLhU1ZmTWbSfpiJ2+lzs2i3 djofe7XjSX6fJvkVVGeK5hGPpnUHx5kVNBkh2WLVz8cqXQxL1FLQ/YRvQPEp4ut1 fhLV8WmBKHPbyxb/RxxpAUE98JtxG9xmzP2t4KeWU1807P7xlfqLRifbVRLbK8Rt ngeLNwbZD/53vlnCtPexgy5KPaAf+P+pdDAMyDgXmgLbo7XAcBcJSX793wIDAQAB o4ICkzCCAo8wHQYDVR0OBBYEFAgRvFDP7Z0C5YGWosgcmI4wuhJgMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQwLzBjODE5 NC03NmQxLTQ2NWUtYTc0Ni1lZTVhNjc0M2JlNTYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAvMGM4MTk0 LTc2ZDEtNDY1ZS1hNzQ2LWVlNWE2NzQzYmU1Ni8xL0NCRzhVTV90blFMbGdaYWl5 QnlZampDNkVtQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCuSF0MA0EAgACMAcDBQAqAMwgMA0GCSqGSIb3 DQEBCwUAA4IBAQBC2ZRRAsPXBgQ6bB8JLS9pWfon1JKgrSesb/VBFIlaJpZpVqbW K30+NtUP3G43CngSZDCZh0GFDIUO8TeJq4lDVXk5lgcK1AhVpa+1PSsoZUQYDwLg ZJbzNPdKltCRmxoIqQpSRtix2sNSzGe5JlgvMujHz6T6KKoFaB5HEwsw/85NGStJ PMRed/XJ5bcrm3QaTJ58GvZeCzgamtugU548vzgKBfTXHJ9b1L418AhvgeZul8qV dXn1LsE+W3HsckI3lanlQrJjbTR+GsZJgvmJ7C0Kmj3xa5BZbzUZAUsUsfgncrXH z4Yy11k6CSySorXQjdOCsz7dET6tGpxtlT9U -----END CERTIFICATE-----Generated at Mon Jan 26 04:46:08 2026 by rpki-client