This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/O85exzYI4kiFKD6RDrh78e-COgI.cer File: O85exzYI4kiFKD6RDrh78e-COgI.cer (raw, json) Hash identifier: f09VaHI1+J4OQczsqzI1rNEsrqUNTKH02JwTxSC2bUk= Subject key identifier: 3B:CE:5E:C7:36:08:E2:48:85:28:3E:91:0E:B8:7B:F1:EF:82:3A:02 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7BA5210CC4AC6D2BF122AB7508648D09 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c2/fff514-1e0e-493e-9ee5-6e99b79da520/1/O85exzYI4kiFKD6RDrh78e-COgI.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c2/fff514-1e0e-493e-9ee5-6e99b79da520/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 22:19:38 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 185.117.92.0/22 IP: 2a03:1e60::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:21:0c:c4:ac:6d:2b:f1:22:ab:75:08:64:8d:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 22:19:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3bce5ec73608e24885283e910eb87bf1ef823a02 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:f7:92:a2:35:46:22:56:19:73:f6:01:6a:80: 81:d1:7e:91:d2:bc:4e:cf:3e:8a:e0:a5:84:74:db: 69:be:15:b5:83:29:2d:d4:9d:20:84:ab:6a:59:37: c8:8f:2a:fe:11:c7:d9:14:a5:e9:9d:29:b4:33:b3: bf:ae:9c:46:72:49:33:9b:29:d4:f3:d8:7e:1d:6b: c5:5e:c9:a1:4d:76:80:17:d4:c4:f4:a3:02:50:89: 6f:a8:a3:80:9c:70:34:7c:a4:d4:1f:e8:1d:41:6b: a7:04:55:a9:93:b8:91:8a:63:a2:df:d4:bc:b0:59: 29:d0:e8:a7:16:15:60:c8:81:24:e1:a4:74:2b:80: 2f:56:51:89:18:0e:10:4c:d2:70:e5:2e:21:47:4a: bf:ef:8a:62:e4:07:5c:63:b3:60:4b:16:31:a0:98: 17:1f:f7:75:6f:40:ca:d0:ca:44:7b:68:aa:cd:d5: ed:81:96:66:da:a0:9e:b2:ed:a9:42:2c:a7:0e:b2: a5:e0:ea:66:fa:9e:d1:cb:7e:80:6a:4c:b7:49:5d: 37:0d:b8:b7:67:80:0f:f4:14:fe:61:74:71:98:42: 0d:46:3d:b6:4d:89:80:50:06:ec:be:5d:e1:b1:9d: 8e:2e:7f:d3:f2:ea:7b:83:aa:91:72:ca:57:21:2b: 4c:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:CE:5E:C7:36:08:E2:48:85:28:3E:91:0E:B8:7B:F1:EF:82:3A:02 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/fff514-1e0e-493e-9ee5-6e99b79da520/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/fff514-1e0e-493e-9ee5-6e99b79da520/1/O85exzYI4kiFKD6RDrh78e-COgI.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.117.92.0/22 IPv6: 2a03:1e60::/32 Signature Algorithm: sha256WithRSAEncryption 39:37:98:5b:96:8e:e8:36:70:1b:eb:ec:67:f5:87:5c:65:a1: f0:a2:6e:79:0d:dd:8e:40:22:f1:70:25:f0:3a:9a:a8:d3:a9: 41:ee:8b:4b:a1:75:c7:90:a7:44:54:cb:a7:fb:e9:75:4f:a5: d1:2d:42:8c:3b:ef:be:db:e7:7a:fa:9a:44:c6:cd:d3:13:de: 83:ab:d4:68:67:79:3f:cc:02:33:1b:48:17:43:9c:db:2e:85: 15:8e:60:40:bc:ca:2d:fb:06:48:22:31:05:c7:a5:90:cb:36: 3f:a5:f9:cd:68:de:89:6c:c2:0a:a0:06:c1:db:01:8b:aa:fe: 78:4a:13:06:29:cf:e5:72:34:04:f0:44:ce:be:ee:32:c0:ab: 7c:d0:ee:f9:7e:2a:ae:a1:b3:6f:37:93:46:7d:8c:b4:47:2a: 2f:92:ac:65:e8:ed:57:f3:98:88:44:24:9a:a4:92:95:91:61: 70:e7:00:01:73:fa:e8:92:6f:c4:dd:15:76:0b:fe:5f:1e:e8: 30:a2:92:2f:d0:41:cc:0a:e5:10:d4:af:3e:6c:bb:33:05:c1: bc:51:2d:98:1b:93:72:27:db:7a:e2:ba:bd:a4:60:e7:0d:0c: 50:9c:54:9f:23:4c:ad:48:1b:a8:c2:74:24:56:da:8d:d7:cc: ea:a4:da:7d -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgISAZt7pSEMxKxtK/Eiq3UIZI0JMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjIxOTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYmNlNWVjNzM2MDhlMjQ4ODUyODNlOTEwZWI4N2JmMWVmODIzYTAyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPeSojVGIlYZc/YBaoCB0X6R0rxO zz6K4KWEdNtpvhW1gykt1J0ghKtqWTfIjyr+EcfZFKXpnSm0M7O/rpxGckkzmynU 89h+HWvFXsmhTXaAF9TE9KMCUIlvqKOAnHA0fKTUH+gdQWunBFWpk7iRimOi39S8 sFkp0OinFhVgyIEk4aR0K4AvVlGJGA4QTNJw5S4hR0q/74pi5AdcY7NgSxYxoJgX H/d1b0DK0MpEe2iqzdXtgZZm2qCesu2pQiynDrKl4Opm+p7Ry36Aaky3SV03Dbi3 Z4AP9BT+YXRxmEINRj22TYmAUAbsvl3hsZ2OLn/T8up7g6qRcspXIStMoQIDAQAB o4ICkzCCAo8wHQYDVR0OBBYEFDvOXsc2COJIhSg+kQ64e/HvgjoCMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MyL2ZmZjUx NC0xZTBlLTQ5M2UtOWVlNS02ZTk5Yjc5ZGE1MjAvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzIvZmZmNTE0 LTFlMGUtNDkzZS05ZWU1LTZlOTliNzlkYTUyMC8xL084NWV4ellJNGtpRktENlJE cmg3OGUtQ09nSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCuXVcMA0EAgACMAcDBQAqAx5gMA0GCSqGSIb3 DQEBCwUAA4IBAQA5N5hblo7oNnAb6+xn9YdcZaHwom55Dd2OQCLxcCXwOpqo06lB 7otLoXXHkKdEVMun++l1T6XRLUKMO+++2+d6+ppExs3TE96Dq9RoZ3k/zAIzG0gX Q5zbLoUVjmBAvMot+wZIIjEFx6WQyzY/pfnNaN6JbMIKoAbB2wGLqv54ShMGKc/l cjQE8ETOvu4ywKt80O75fiquobNvN5NGfYy0Ryovkqxl6O1X85iIRCSapJKVkWFw 5wABc/rokm/E3RV2C/5fHugwopIv0EHMCuUQ1K8+bLszBcG8US2YG5NyJ9t64rq9 pGDnDQxQnFSfI0ytSBuownQkVtqN18zqpNp9 -----END CERTIFICATE-----Generated at Sun Jan 25 13:50:02 2026 by rpki-client