This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CzAFeBftL9lZWEYyD9uBTJ_EShM.cer File: CzAFeBftL9lZWEYyD9uBTJ_EShM.cer (raw, json) Hash identifier: BPsDhzUTxcTkX65PgYemrwnMwrsAyaVRovyccKYcxrQ= Subject key identifier: 0B:30:05:78:17:ED:2F:D9:59:58:46:32:0F:DB:81:4C:9F:C4:4A:13 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7CEDBEB92AA13BCE118626C7B2C737AD Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/fe/0f087b-7253-461e-9021-9a91219f06e1/1/CzAFeBftL9lZWEYyD9uBTJ_EShM.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/fe/0f087b-7253-461e-9021-9a91219f06e1/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 04:18:34 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 205183 IP: 130.43.168.0/24 IP: 2a0c:d780::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:be:b9:2a:a1:3b:ce:11:86:26:c7:b2:c7:37:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 04:18:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0b30057817ed2fd9595846320fdb814c9fc44a13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:60:83:3f:23:dd:ea:bb:c3:92:a6:d5:e1:31: 43:55:f0:37:d7:89:00:05:0d:40:2d:0c:1b:fc:01: 78:8a:d3:9d:8d:e0:32:76:88:ca:a5:0a:c3:22:f5: 16:a2:60:04:cc:ea:bf:40:6c:e2:03:fc:ae:56:a6: 7c:d4:5f:1d:20:20:1e:f4:77:08:11:71:30:9d:a9: 76:97:54:15:41:5f:86:e1:63:be:db:e4:dd:31:ab: 20:90:de:f1:4f:9c:32:70:2d:2c:7c:e9:37:e9:52: 72:ec:41:9a:02:f1:06:16:51:c5:e0:83:5d:c3:a0: c6:99:ed:a6:99:d1:6e:a8:57:28:30:57:7c:bc:15: 72:d1:cb:64:e8:66:3c:d6:25:3d:37:20:2a:11:bc: fc:b4:5d:a0:c8:27:79:2c:a2:8f:e9:b5:01:98:f1: 0c:a9:32:09:34:7a:e7:06:69:6e:e2:40:84:c6:ef: 32:e6:53:19:f4:b0:ea:41:df:fb:a9:a6:15:00:b9: 94:8b:00:36:87:a9:df:85:4a:1d:af:2f:96:1d:b0: b8:77:38:b0:c9:87:d6:e8:78:47:9b:08:59:b9:6b: f7:c6:d1:9d:6b:48:6c:6f:8f:7e:d3:ca:db:47:38: c8:5a:b2:53:f6:b1:86:91:4c:30:ea:b5:41:b0:79: 67:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:30:05:78:17:ED:2F:D9:59:58:46:32:0F:DB:81:4C:9F:C4:4A:13 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/0f087b-7253-461e-9021-9a91219f06e1/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/0f087b-7253-461e-9021-9a91219f06e1/1/CzAFeBftL9lZWEYyD9uBTJ_EShM.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 130.43.168.0/24 IPv6: 2a0c:d780::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 205183 Signature Algorithm: sha256WithRSAEncryption 77:70:66:c4:e2:f9:66:b6:cb:01:55:73:5f:29:a5:e3:39:78: e6:20:ba:e8:42:07:ce:69:58:4d:db:14:2f:1b:d0:e8:57:0e: 49:0e:31:c7:ff:c3:a6:fb:2c:5c:10:cd:e6:b1:93:46:a3:e1: d0:b8:a0:77:bb:26:bc:70:b8:77:7d:6c:9a:23:68:fc:0d:f6: 59:13:d6:18:0a:ae:07:6d:eb:a6:55:20:22:60:e6:b5:14:ae: 04:d2:4f:37:a3:4d:5b:a2:86:3f:09:82:3c:b9:fa:bd:ef:12: d1:42:c2:92:de:d0:9f:f1:6e:c1:04:b8:84:f6:3a:7e:ad:98: 8b:07:a0:79:0a:5c:b4:8f:3a:e0:77:3c:b3:b9:b5:70:c1:bc: 10:21:c8:04:df:61:1f:a6:dd:62:6c:43:ee:c5:24:d4:fb:06: da:47:3e:79:95:51:cc:92:91:7f:11:b3:7d:05:4a:f5:a4:2a: 00:ea:72:a6:ba:81:89:21:7e:75:da:8d:8e:d7:69:40:9d:4f: 3e:ec:4b:ba:ea:40:be:30:74:b1:ee:d4:5b:8c:df:52:43:45: 2b:ba:ed:04:53:aa:30:85:d1:a2:b7:07:cb:3c:03:92:c8:34: 12:b4:37:b7:20:12:68:8e:43:d9:19:14:4a:43:15:1b:09:50: 58:95:e4:a0 -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt87b65KqE7zhGGJseyxzetMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDQxODM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYjMwMDU3ODE3ZWQyZmQ5NTk1ODQ2MzIwZmRiODE0YzlmYzQ0YTEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGCDPyPd6rvDkqbV4TFDVfA314kA BQ1ALQwb/AF4itOdjeAydojKpQrDIvUWomAEzOq/QGziA/yuVqZ81F8dICAe9HcI EXEwnal2l1QVQV+G4WO+2+TdMasgkN7xT5wycC0sfOk36VJy7EGaAvEGFlHF4INd w6DGme2mmdFuqFcoMFd8vBVy0ctk6GY81iU9NyAqEbz8tF2gyCd5LKKP6bUBmPEM qTIJNHrnBmlu4kCExu8y5lMZ9LDqQd/7qaYVALmUiwA2h6nfhUodry+WHbC4dziw yYfW6HhHmwhZuWv3xtGda0hsb49+08rbRzjIWrJT9rGGkUww6rVBsHlnpwIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFAswBXgX7S/ZWVhGMg/bgUyfxEoTMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZlLzBmMDg3 Yi03MjUzLTQ2MWUtOTAyMS05YTkxMjE5ZjA2ZTEvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUvMGYwODdi LTcyNTMtNDYxZS05MDIxLTlhOTEyMTlmMDZlMS8xL0N6QUZlQmZ0TDlsWldFWXlE OXVCVEpfRVNoTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQAgiuoMA0EAgACMAcDBQMqDNeAMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwMhfzANBgkqhkiG9w0BAQsFAAOCAQEAd3BmxOL5ZrbL AVVzXyml4zl45iC66EIHzmlYTdsULxvQ6FcOSQ4xx//DpvssXBDN5rGTRqPh0Lig d7smvHC4d31smiNo/A32WRPWGAquB23rplUgImDmtRSuBNJPN6NNW6KGPwmCPLn6 ve8S0ULCkt7Qn/FuwQS4hPY6fq2YiwegeQpctI864Hc8s7m1cMG8ECHIBN9hH6bd YmxD7sUk1PsG2kc+eZVRzJKRfxGzfQVK9aQqAOpyprqBiSF+ddqNjtdpQJ1PPuxL uupAvjB0se7UW4zfUkNFK7rtBFOqMIXRorcHyzwDksg0ErQ3tyASaI5D2RkUSkMV GwlQWJXkoA== -----END CERTIFICATE-----Generated at Mon Jan 26 03:30:07 2026 by rpki-client