This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/OJwTxrPB3GsiFQNaZC8e-5sA3fU.cer File: OJwTxrPB3GsiFQNaZC8e-5sA3fU.cer (raw, json) Hash identifier: 33kXCVDHJQotId6zNklkWp4FFGHt+mGM8XP/PzjMIq4= Subject key identifier: 38:9C:13:C6:B3:C1:DC:6B:22:15:03:5A:64:2F:1E:FB:9B:00:DD:F5 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7BA3A06281E8AADF28CD2E391B10B6F3 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2d/80eb21-af20-48eb-a2dc-6210eab05b70/1/OJwTxrPB3GsiFQNaZC8e-5sA3fU.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2d/80eb21-af20-48eb-a2dc-6210eab05b70/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 22:17:59 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 206125 IP: 2001:67c:ecc::/48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:a0:62:81:e8:aa:df:28:cd:2e:39:1b:10:b6:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 22:17:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=389c13c6b3c1dc6b2215035a642f1efb9b00ddf5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:30:19:08:53:f9:53:d1:20:43:be:3f:21:59: 12:11:6d:88:53:30:46:82:58:95:74:9b:aa:0e:2c: 92:4e:7a:17:b3:e3:c5:00:c1:17:6a:f6:a1:43:5f: b0:be:d3:f1:9f:d3:2c:ad:8d:af:a4:4e:6d:d0:0e: 47:37:c0:2c:24:cd:ad:1d:97:af:a2:79:f2:9c:13: fa:2b:9d:b8:6f:3e:d7:40:62:49:01:eb:5a:b0:77: 67:0f:ef:f5:b1:90:fd:57:30:26:9f:9e:00:72:2e: a5:c9:3b:5f:9c:b5:9a:f1:2c:de:2d:0d:1a:34:63: 8c:6b:50:ee:20:3f:6e:50:26:e0:4a:38:21:c7:48: cc:4e:65:18:9c:a2:c3:b5:b2:8d:ef:52:af:34:3e: 59:29:35:83:31:9b:87:2d:a6:f2:8a:cd:c0:8e:5c: f1:77:86:49:f9:34:09:ab:0b:33:8e:bb:d4:41:bf: 28:33:56:2e:15:df:b4:44:d2:b8:68:fb:f4:ee:19: 9b:ef:f5:09:84:1c:a1:b8:92:88:65:2c:43:cd:d2: d6:b5:c7:92:33:40:5e:cb:df:cd:0a:d5:4e:47:dc: fe:36:c3:fc:0a:7f:27:c5:ea:01:c7:f1:15:c4:c0: ea:8a:f4:b8:1d:22:08:73:88:de:e8:34:d9:e1:af: 6d:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:9C:13:C6:B3:C1:DC:6B:22:15:03:5A:64:2F:1E:FB:9B:00:DD:F5 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/80eb21-af20-48eb-a2dc-6210eab05b70/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/80eb21-af20-48eb-a2dc-6210eab05b70/1/OJwTxrPB3GsiFQNaZC8e-5sA3fU.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:ecc::/48 sbgp-autonomousSysNum: critical Autonomous System Numbers: 206125 Signature Algorithm: sha256WithRSAEncryption 68:f2:80:c4:27:6d:c9:1f:bd:a0:53:c9:da:2b:89:d8:60:67: eb:7d:83:90:90:0d:a4:43:df:12:48:e8:6a:2a:9a:1e:3d:9b: d8:d7:aa:ce:e2:27:5b:31:4b:18:e3:39:20:de:64:01:ac:50: 02:ad:d9:58:e5:de:47:5f:40:25:15:03:c1:ca:45:75:1a:ae: 1e:a0:9e:79:24:32:a9:df:03:75:3b:df:3b:c7:f0:a3:62:86: 7c:50:21:af:11:6e:a3:e8:90:f6:4b:ad:9b:07:8a:71:d0:f0: b3:a9:c2:5e:ef:c3:99:80:52:7d:71:ca:c2:d9:6a:39:28:11: 29:e8:df:d7:0c:bf:b7:37:c8:64:e8:a0:4a:9d:bd:0b:4a:41: 42:18:29:3b:29:04:69:54:63:90:2d:12:06:b4:e4:3d:f8:45: 49:07:e9:ef:9f:2c:8d:dc:dd:b4:33:f0:a6:c1:88:5e:19:48: bd:5b:20:c5:7c:85:c8:fd:ca:c8:a9:bc:c2:a0:f4:9c:83:16: 30:4f:f8:7c:c5:de:98:fb:f0:d3:8a:51:d0:e8:57:f4:5b:40: 5c:e8:ca:6d:42:2e:76:eb:f6:44:e7:14:a6:5e:da:10:66:53: 79:e7:78:58:ce:75:56:e2:7c:ba:b1:5e:1a:a8:f0:aa:80:7a: bb:72:3c:27 -----BEGIN CERTIFICATE----- MIIFlzCCBH+gAwIBAgISAZt7o6Bigeiq3yjNLjkbELbzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjIxNzU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzODljMTNjNmIzYzFkYzZiMjIxNTAzNWE2NDJmMWVmYjliMDBkZGY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8DAZCFP5U9EgQ74/IVkSEW2IUzBG gliVdJuqDiySTnoXs+PFAMEXavahQ1+wvtPxn9MsrY2vpE5t0A5HN8AsJM2tHZev onnynBP6K524bz7XQGJJAetasHdnD+/1sZD9VzAmn54Aci6lyTtfnLWa8SzeLQ0a NGOMa1DuID9uUCbgSjghx0jMTmUYnKLDtbKN71KvND5ZKTWDMZuHLabyis3Ajlzx d4ZJ+TQJqwszjrvUQb8oM1YuFd+0RNK4aPv07hmb7/UJhByhuJKIZSxDzdLWtceS M0Bey9/NCtVOR9z+NsP8Cn8nxeoBx/EVxMDqivS4HSIIc4je6DTZ4a9t3wIDAQAB o4ICozCCAp8wHQYDVR0OBBYEFDicE8azwdxrIhUDWmQvHvubAN31MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJkLzgwZWIy MS1hZjIwLTQ4ZWItYTJkYy02MjEwZWFiMDViNzAvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQvODBlYjIx LWFmMjAtNDhlYi1hMmRjLTYyMTBlYWIwNWI3MC8xL09Kd1R4clBCM0dzaUZRTmFa QzhlLTVzQTNmVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfA7MMBoGCCsGAQUFBwEIAQH/BAswCaAH MAUCAwMlLTANBgkqhkiG9w0BAQsFAAOCAQEAaPKAxCdtyR+9oFPJ2iuJ2GBn632D kJANpEPfEkjoaiqaHj2b2NeqzuInWzFLGOM5IN5kAaxQAq3ZWOXeR19AJRUDwcpF dRquHqCeeSQyqd8DdTvfO8fwo2KGfFAhrxFuo+iQ9kutmweKcdDws6nCXu/DmYBS fXHKwtlqOSgRKejf1wy/tzfIZOigSp29C0pBQhgpOykEaVRjkC0SBrTkPfhFSQfp 758sjdzdtDPwpsGIXhlIvVsgxXyFyP3KyKm8wqD0nIMWME/4fMXemPvw04pR0OhX 9FtAXOjKbUIuduv2ROcUpl7aEGZTeed4WM51VuJ8urFeGqjwqoB6u3I8Jw== -----END CERTIFICATE-----Generated at Sun Jan 25 21:09:20 2026 by rpki-client