This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/NW2albrOGXhcQGR2Y_MdkFYmHC8.cer File: NW2albrOGXhcQGR2Y_MdkFYmHC8.cer (raw, json) Hash identifier: 3thmZ4zjVXBjex+9CL+tHa5XLBoCoLBoLJjr21sdHtM= Subject key identifier: 35:6D:9A:95:BA:CE:19:78:5C:40:64:76:63:F3:1D:90:56:26:1C:2F Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7B365DEBEE1159D2C71A4FA44F3034CF Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ba/dd9c90-31a9-4995-9da3-4efde6eb32d4/1/NW2albrOGXhcQGR2Y_MdkFYmHC8.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ba/dd9c90-31a9-4995-9da3-4efde6eb32d4/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 20:18:39 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 185.32.192.0/22 IP: 2a04:5840::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:5d:eb:ee:11:59:d2:c7:1a:4f:a4:4f:30:34:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 20:18:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=356d9a95bace19785c40647663f31d9056261c2f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:47:13:f8:80:e6:ad:96:b2:a5:3a:22:30:f4: 4a:51:d2:3e:ed:43:8a:dd:14:c7:8b:1a:99:fe:f7: 4a:a7:0a:84:24:01:73:c3:b9:b7:2f:7b:55:9b:5a: 36:69:7f:0a:48:a8:fa:75:28:7d:e9:89:99:16:59: eb:f0:f9:10:36:e9:a1:40:cf:79:31:e5:2f:86:f1: 0b:28:82:82:a1:ea:ec:b9:bf:dd:12:0d:b0:9d:f9: 85:97:9a:77:98:5f:b2:43:8f:90:d3:f0:d1:de:77: 24:9f:b1:5c:92:01:ab:0b:6c:8a:c6:12:dc:6a:d1: 50:08:90:8f:60:de:82:e1:c3:7c:7e:28:90:d4:8b: d8:8f:9b:c9:15:4a:bd:8d:13:96:2d:c5:ba:90:ef: 28:a6:f1:cb:f9:6d:f4:df:7b:d2:0a:ab:5c:07:ed: 93:e9:fd:be:82:b8:82:13:17:14:32:29:3c:ab:33: 07:d3:80:70:31:a2:89:91:89:cd:f0:9d:52:88:53: 66:87:98:a5:bf:9f:73:ae:12:64:52:24:2d:cc:cc: d9:c0:38:71:07:88:8a:d8:8a:7a:f0:f5:92:a7:dc: 92:60:a0:1f:5f:7d:cf:7c:db:8e:7d:78:14:4f:b0: 9a:b2:10:ee:f4:6a:12:e0:f3:a6:19:64:dc:2a:2b: ad:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:6D:9A:95:BA:CE:19:78:5C:40:64:76:63:F3:1D:90:56:26:1C:2F X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/dd9c90-31a9-4995-9da3-4efde6eb32d4/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/dd9c90-31a9-4995-9da3-4efde6eb32d4/1/NW2albrOGXhcQGR2Y_MdkFYmHC8.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.32.192.0/22 IPv6: 2a04:5840::/29 Signature Algorithm: sha256WithRSAEncryption 0d:b6:a9:42:69:b7:be:31:27:7c:4e:91:65:a6:fb:4e:0f:ae: f8:7a:78:20:5a:16:ae:15:27:d2:21:f9:69:1e:ad:5b:b4:50: 91:54:12:a0:b4:c3:e1:3f:d3:d1:10:9b:92:4c:a2:b7:c9:a7: 9f:49:bd:13:a6:40:b5:10:80:91:50:2d:6a:62:9c:a4:b7:7e: 3e:5d:73:4a:28:d3:0d:ab:f4:c0:b5:e1:9d:c2:0f:11:ef:a5: 40:21:f8:b6:0c:37:61:82:e4:97:fd:72:d3:b5:bf:4a:ed:e4: d1:37:47:76:3c:a1:d0:d7:28:7b:1f:3d:81:3a:34:13:62:8e: 7c:b5:f4:07:89:bb:66:69:40:41:82:75:40:44:25:ec:84:8e: 77:b0:eb:4f:8d:0f:7a:22:ba:b6:fe:f9:be:18:03:78:c3:cf: 8f:6b:27:4b:44:80:f7:36:a4:5a:7b:54:1f:47:cd:84:3b:21: ad:47:bd:21:75:de:ed:6f:95:f4:17:00:b2:6d:6a:30:7d:fa: 22:97:33:61:0c:ce:ac:00:70:80:05:09:f4:c3:27:29:fb:04: a2:2f:e3:ff:13:8a:fc:56:3f:41:68:9e:a0:2a:2d:97:50:a8: ec:ea:78:3e:e0:2a:45:08:9a:a2:60:f5:38:2c:b1:a1:12:09: 83:07:4e:d6 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgISAZt7Nl3r7hFZ0scaT6RPMDTPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjAxODM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNTZkOWE5NWJhY2UxOTc4NWM0MDY0NzY2M2YzMWQ5MDU2MjYxYzJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUcT+IDmrZaypToiMPRKUdI+7UOK 3RTHixqZ/vdKpwqEJAFzw7m3L3tVm1o2aX8KSKj6dSh96YmZFlnr8PkQNumhQM95 MeUvhvELKIKCoersub/dEg2wnfmFl5p3mF+yQ4+Q0/DR3nckn7FckgGrC2yKxhLc atFQCJCPYN6C4cN8fiiQ1IvYj5vJFUq9jROWLcW6kO8opvHL+W3033vSCqtcB+2T 6f2+griCExcUMik8qzMH04BwMaKJkYnN8J1SiFNmh5ilv59zrhJkUiQtzMzZwDhx B4iK2Ip68PWSp9ySYKAfX33PfNuOfXgUT7CashDu9GoS4POmGWTcKiut4wIDAQAB o4ICkzCCAo8wHQYDVR0OBBYEFDVtmpW6zhl4XEBkdmPzHZBWJhwvMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JhL2RkOWM5 MC0zMWE5LTQ5OTUtOWRhMy00ZWZkZTZlYjMyZDQvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEvZGQ5Yzkw LTMxYTktNDk5NS05ZGEzLTRlZmRlNmViMzJkNC8xL05XMmFsYnJPR1hoY1FHUjJZ X01ka0ZZbUhDOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCuSDAMA0EAgACMAcDBQMqBFhAMA0GCSqGSIb3 DQEBCwUAA4IBAQANtqlCabe+MSd8TpFlpvtOD674enggWhauFSfSIflpHq1btFCR VBKgtMPhP9PREJuSTKK3yaefSb0TpkC1EICRUC1qYpykt34+XXNKKNMNq/TAteGd wg8R76VAIfi2DDdhguSX/XLTtb9K7eTRN0d2PKHQ1yh7Hz2BOjQTYo58tfQHibtm aUBBgnVARCXshI53sOtPjQ96Irq2/vm+GAN4w8+PaydLRID3NqRae1QfR82EOyGt R70hdd7tb5X0FwCybWowffoilzNhDM6sAHCABQn0wycp+wSiL+P/E4r8Vj9BaJ6g Ki2XUKjs6ng+4CpFCJqiYPU4LLGhEgmDB07W -----END CERTIFICATE-----Generated at Sun Jan 25 23:33:55 2026 by rpki-client