This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/M0-fg9LXTAwP0A2nNVePc33X2gM.cer File: M0-fg9LXTAwP0A2nNVePc33X2gM.cer (raw, json) Hash identifier: k2on1GNrsG9J7ctB8DY59XuJSjiEIBvp220Lew1Z+Ik= Subject key identifier: 33:4F:9F:83:D2:D7:4C:0C:0F:D0:0D:A7:35:57:8F:73:7D:D7:DA:03 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019BE553C87FE725BF133CFD3EF9477C720F Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b1/9c5f06-59a7-4588-ac28-efd20f6c2ec3/1/M0-fg9LXTAwP0A2nNVePc33X2gM.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b1/9c5f06-59a7-4588-ac28-efd20f6c2ec3/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 22 Jan 2026 10:50:31 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 185.127.41.0/24 IP: 195.54.59.0/24 IP: 2a12:5340::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:e5:53:c8:7f:e7:25:bf:13:3c:fd:3e:f9:47:7c:72:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 22 10:50:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=334f9f83d2d74c0c0fd00da735578f737dd7da03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:49:4d:68:aa:12:0f:16:b0:0d:26:84:26:0c: 86:5d:dd:69:e4:ca:45:b8:8c:83:3f:3f:d6:eb:91: 78:f0:ca:b5:29:76:2f:20:b7:99:1e:b2:fc:c4:92: a1:b9:e7:36:8f:74:7d:ff:45:3d:22:e4:56:13:d2: 8d:5e:9b:2a:00:20:65:6a:c1:ef:be:55:dc:3f:05: 1e:1e:b0:2c:9b:6d:1d:76:2a:5a:69:e6:e2:ec:93: f8:92:6a:96:23:18:a0:b1:d4:46:88:7b:eb:f7:16: b4:8b:fe:19:ce:6d:05:6c:bd:ce:45:e1:eb:60:7b: 5b:d5:fd:39:ea:a0:f5:c0:d7:1a:85:33:73:e8:67: 70:91:b5:b7:2a:c1:0b:cf:12:42:dd:2e:7d:3d:f3: 26:22:ad:b0:4f:1e:fe:9b:6b:48:d5:60:6a:b4:78: b0:bf:10:34:9a:36:44:e3:9a:9f:bd:0b:b2:ab:b0: 14:3b:23:11:b0:d2:e9:23:d6:a0:4f:9f:7a:b2:a4: bd:09:3c:0e:7a:71:c8:c4:82:0c:bb:c8:f5:96:90: 6a:54:65:b2:53:d3:ad:8e:4a:b7:d8:0f:25:8f:04: 06:d3:e1:9f:d1:cc:29:19:9b:05:d9:e0:0a:3b:e7: 11:ac:2f:19:e9:79:40:49:29:b5:ee:9f:52:a3:79: 63:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:4F:9F:83:D2:D7:4C:0C:0F:D0:0D:A7:35:57:8F:73:7D:D7:DA:03 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9c5f06-59a7-4588-ac28-efd20f6c2ec3/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9c5f06-59a7-4588-ac28-efd20f6c2ec3/1/M0-fg9LXTAwP0A2nNVePc33X2gM.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.127.41.0/24 195.54.59.0/24 IPv6: 2a12:5340::/29 Signature Algorithm: sha256WithRSAEncryption 7d:a3:d8:6d:a7:ac:a6:e0:44:10:88:6c:d1:5a:58:60:97:f1: e7:52:59:f4:0f:2a:0f:95:f7:4c:79:4e:89:98:9c:a0:df:2c: ce:d7:a4:00:cb:c4:d0:61:4a:33:da:83:78:41:74:68:49:3d: 99:de:23:a1:c0:0d:35:99:17:7c:e4:83:08:27:8f:9e:b3:38: a3:7e:e7:9d:e8:c5:c3:30:16:58:0f:ff:c1:70:bc:2f:ee:6a: 15:59:0b:1a:38:8f:70:c5:3f:b2:24:fe:09:f3:da:ac:03:4e: 6d:30:fb:3d:3d:bd:e3:73:a4:42:42:61:81:ef:85:b3:6c:af: 76:d5:fc:eb:03:f0:32:68:4b:63:a7:c8:60:12:b9:3e:a0:48: 30:34:49:7f:f5:c9:38:99:6b:d6:b4:32:ef:94:04:d5:70:ed: f4:bd:b4:78:d9:74:d8:c8:94:5b:4a:d5:27:c8:e9:9b:5b:2d: fa:60:8e:8d:c2:71:01:56:42:85:e7:18:86:74:7e:41:a5:a3: b4:fa:74:ae:68:54:b5:64:e2:d8:4b:16:1f:10:68:54:43:27: 60:3c:47:1b:57:ed:f9:ab:f2:19:88:03:43:24:94:02:cc:87: de:00:47:b3:b5:9c:38:e1:17:4c:4f:93:e6:32:9a:14:9f:e5: 9e:1e:2b:94 -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgISAZvlU8h/5yW/Ezz9PvlHfHIPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTIyMTA1MDMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMzRmOWY4M2QyZDc0YzBjMGZkMDBkYTczNTU3OGY3MzdkZDdkYTAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArElNaKoSDxawDSaEJgyGXd1p5MpF uIyDPz/W65F48Mq1KXYvILeZHrL8xJKhuec2j3R9/0U9IuRWE9KNXpsqACBlasHv vlXcPwUeHrAsm20ddipaaebi7JP4kmqWIxigsdRGiHvr9xa0i/4Zzm0FbL3OReHr YHtb1f056qD1wNcahTNz6GdwkbW3KsELzxJC3S59PfMmIq2wTx7+m2tI1WBqtHiw vxA0mjZE45qfvQuyq7AUOyMRsNLpI9agT596sqS9CTwOenHIxIIMu8j1lpBqVGWy U9Otjkq32A8ljwQG0+Gf0cwpGZsF2eAKO+cRrC8Z6XlASSm17p9So3ljEwIDAQAB o4ICmTCCApUwHQYDVR0OBBYEFDNPn4PS10wMD9ANpzVXj3N919oDMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IxLzljNWYw Ni01OWE3LTQ1ODgtYWMyOC1lZmQyMGY2YzJlYzMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEvOWM1ZjA2 LTU5YTctNDU4OC1hYzI4LWVmZDIwZjZjMmVjMy8xL00wLWZnOUxYVEF3UDBBMm5O VmVQYzMzWDJnTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF BwEHAQH/BCUwIzASBAIAATAMAwQAuX8pAwQAwzY7MA0EAgACMAcDBQMqElNAMA0G CSqGSIb3DQEBCwUAA4IBAQB9o9htp6ym4EQQiGzRWlhgl/HnUln0DyoPlfdMeU6J mJyg3yzO16QAy8TQYUoz2oN4QXRoST2Z3iOhwA01mRd85IMIJ4+eszijfued6MXD MBZYD//BcLwv7moVWQsaOI9wxT+yJP4J89qsA05tMPs9Pb3jc6RCQmGB74WzbK92 1fzrA/AyaEtjp8hgErk+oEgwNEl/9ck4mWvWtDLvlATVcO30vbR42XTYyJRbStUn yOmbWy36YI6NwnEBVkKF5xiGdH5BpaO0+nSuaFS1ZOLYSxYfEGhUQydgPEcbV+35 q/IZiANDJJQCzIfeAEeztZw44RdMT5PmMpoUn+WeHiuU -----END CERTIFICATE-----Generated at Sun Jan 25 07:28:38 2026 by rpki-client