This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/IbnyqCas92elDlmynsH_CSz9PBw.cer File: IbnyqCas92elDlmynsH_CSz9PBw.cer (raw, json) Hash identifier: aEzvzW7tPPqR23oQrHMFcfwr2/TtGt1DgNfKVRbRSE8= Subject key identifier: 21:B9:F2:A8:26:AC:F7:67:A5:0E:59:B2:9E:C1:FF:09:2C:FD:3C:1C Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019A9250E89993D8518DD19F9017B1C706A5 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/38/d70f78-082e-4ec2-8100-7cdcb50ed0e4/1/IbnyqCas92elDlmynsH_CSz9PBw.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/38/d70f78-082e-4ec2-8100-7cdcb50ed0e4/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Mon 17 Nov 2025 14:56:07 +0000 Certificate not after: Wed 01 Jul 2026 00:00:00 +0000 Subordinate resources: AS: 206215 IP: 167.150.22.0/24 IP: 167.150.220.0/24 IP: 2001:678:111c::/48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:92:50:e8:99:93:d8:51:8d:d1:9f:90:17:b1:c7:06:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Nov 17 14:56:07 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=21b9f2a826acf767a50e59b29ec1ff092cfd3c1c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:00:d1:83:0b:5a:a2:d6:42:d1:36:25:fe:da: ce:f5:82:6d:7f:75:fe:de:59:8d:df:01:ca:57:89: 54:9a:94:05:ea:69:04:3b:b0:6f:12:3a:1f:10:e1: fe:9b:39:99:9d:0d:e3:5f:bb:91:75:53:7c:26:6e: c4:18:33:db:14:ed:a2:12:95:17:ec:c1:5d:48:8e: 42:05:5f:4c:9b:1a:7e:e9:b2:04:24:05:8e:d1:15: ce:49:a1:8e:da:f9:eb:55:d3:ef:74:01:21:40:8b: 4f:9c:f1:76:3a:46:49:ff:70:49:46:4c:fc:8e:90: f1:a9:1f:9c:83:54:09:8b:d1:08:3c:9b:60:49:09: 91:5a:1a:40:bf:f0:68:9b:67:0d:b6:0b:0f:93:54: f9:6f:e1:7a:2d:8f:45:2e:74:62:7c:da:83:53:ca: 0f:77:99:b3:0e:cc:0f:a6:e9:5c:92:3b:69:da:19: 43:83:fd:0e:c4:5a:77:cb:ad:56:60:40:72:02:15: 0b:84:9b:33:5a:6a:0b:6a:11:61:83:5f:04:a4:56: d5:32:85:2a:2f:7a:32:fb:04:2f:9d:ea:4a:54:fc: 35:cf:d7:66:a8:6b:e7:60:9f:6f:7d:99:72:22:9f: 76:db:e2:d0:ff:a4:cd:86:4d:e7:da:23:0c:c0:ad: 54:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:B9:F2:A8:26:AC:F7:67:A5:0E:59:B2:9E:C1:FF:09:2C:FD:3C:1C X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d70f78-082e-4ec2-8100-7cdcb50ed0e4/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d70f78-082e-4ec2-8100-7cdcb50ed0e4/1/IbnyqCas92elDlmynsH_CSz9PBw.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 167.150.22.0/24 167.150.220.0/24 IPv6: 2001:678:111c::/48 sbgp-autonomousSysNum: critical Autonomous System Numbers: 206215 Signature Algorithm: sha256WithRSAEncryption 7e:95:ac:40:bd:54:67:01:ad:f0:2a:f3:ce:d8:46:99:99:70: c5:55:e3:b9:8c:64:2b:37:6c:63:07:6c:00:39:78:5f:34:3e: c6:c5:34:ad:8e:6f:81:40:25:42:71:eb:d9:97:9b:9c:ae:f2: b9:69:39:20:74:4a:61:04:94:e0:83:12:ab:1e:06:fd:7e:34: 0d:a3:c6:1e:82:47:5c:fb:23:50:3c:90:58:13:45:28:0b:d9: 3c:48:f0:cf:d9:e9:af:ce:18:03:01:0b:f4:d0:26:e5:dc:9b: 15:e0:62:2d:a2:28:40:bb:fd:b1:02:10:00:bd:07:3e:fd:9f: b0:b8:ac:39:69:0a:c2:2d:c6:70:f0:8d:7a:0c:eb:81:47:05: fd:e0:8d:d6:e7:06:e3:ec:25:ec:3a:84:54:09:e4:76:58:64: 19:8d:96:e2:58:ed:1a:10:0c:39:1d:5d:97:06:eb:8c:3e:31: 7a:be:74:f0:1f:c3:bf:9f:79:4d:eb:8e:d4:c9:02:33:99:77: 7c:88:c3:03:1f:69:4e:4f:b3:60:79:ea:7c:26:01:96:8c:35: e6:44:6e:f8:8d:8b:dc:02:2e:0c:5d:d6:ae:90:26:9d:35:5f: ca:b5:3d:41:a7:a3:e3:f1:86:0d:5d:1b:9e:ec:7a:3f:c7:1f: ca:4c:a4:70 -----BEGIN CERTIFICATE----- MIIFqzCCBJOgAwIBAgISAZqSUOiZk9hRjdGfkBexxwalMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjUxMTE3MTQ1NjA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMWI5ZjJhODI2YWNmNzY3YTUwZTU5YjI5ZWMxZmYwOTJjZmQzYzFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoADRgwtaotZC0TYl/trO9YJtf3X+ 3lmN3wHKV4lUmpQF6mkEO7BvEjofEOH+mzmZnQ3jX7uRdVN8Jm7EGDPbFO2iEpUX 7MFdSI5CBV9Mmxp+6bIEJAWO0RXOSaGO2vnrVdPvdAEhQItPnPF2OkZJ/3BJRkz8 jpDxqR+cg1QJi9EIPJtgSQmRWhpAv/Bom2cNtgsPk1T5b+F6LY9FLnRifNqDU8oP d5mzDswPpulckjtp2hlDg/0OxFp3y61WYEByAhULhJszWmoLahFhg18EpFbVMoUq L3oy+wQvnepKVPw1z9dmqGvnYJ9vfZlyIp922+LQ/6TNhk3n2iMMwK1UiQIDAQAB o4ICtzCCArMwHQYDVR0OBBYEFCG58qgmrPdnpQ5Zsp7B/wks/TwcMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzM4L2Q3MGY3 OC0wODJlLTRlYzItODEwMC03Y2RjYjUwZWQwZTQvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzgvZDcwZjc4 LTA4MmUtNGVjMi04MTAwLTdjZGNiNTBlZDBlNC8xL0libnlxQ2FzOTJlbERsbXlu c0hfQ1N6OVBCdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUF BwEHAQH/BCcwJTASBAIAATAMAwQAp5YWAwQAp5bcMA8EAgACMAkDBwAgAQZ4ERww GgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAyWHMA0GCSqGSIb3DQEBCwUAA4IBAQB+ laxAvVRnAa3wKvPO2EaZmXDFVeO5jGQrN2xjB2wAOXhfND7GxTStjm+BQCVCcevZ l5ucrvK5aTkgdEphBJTggxKrHgb9fjQNo8Yegkdc+yNQPJBYE0UoC9k8SPDP2emv zhgDAQv00Cbl3JsV4GItoihAu/2xAhAAvQc+/Z+wuKw5aQrCLcZw8I16DOuBRwX9 4I3W5wbj7CXsOoRUCeR2WGQZjZbiWO0aEAw5HV2XBuuMPjF6vnTwH8O/n3lN647U yQIzmXd8iMMDH2lOT7Ngeep8JgGWjDXmRG74jYvcAi4MXdaukCadNV/KtT1Bp6Pj 8YYNXRue7Ho/xx/KTKRw -----END CERTIFICATE-----Generated at Sat Dec 6 07:09:56 2025 by rpki-client