This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/T32IU5OzK17uOgv0M44Pqu88dTw.cer File: T32IU5OzK17uOgv0M44Pqu88dTw.cer (raw, json) Hash identifier: pPq/Y1pvpJRKyCNVNbWvt+OgwxeSW6x+vh5PnUisxeQ= Subject key identifier: 4F:7D:88:53:93:B3:2B:5E:EE:3A:0B:F4:33:8E:0F:AA:EF:3C:75:3C Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7B35E7A4B05A356AD325399D9A0C1D76 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/T32IU5OzK17uOgv0M44Pqu88dTw.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 20:18:08 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 208089 IP: 37.221.72.0/22 IP: 2a09:ea00::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:e7:a4:b0:5a:35:6a:d3:25:39:9d:9a:0c:1d:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 20:18:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4f7d885393b32b5eee3a0bf4338e0faaef3c753c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:7c:cb:63:70:06:4d:45:9d:f6:14:59:52:89: 9d:b5:4c:ea:82:ba:b0:cc:30:a7:a7:1d:08:2f:ea: 9e:ca:90:e0:69:55:13:98:94:3a:63:cf:d7:88:d3: d4:4e:f2:26:d5:0b:4b:a8:07:e0:53:fc:dc:5b:e8: 05:79:6b:59:9d:30:cf:d7:08:44:6f:ec:08:7d:a5: 74:68:f3:18:5d:92:50:ba:af:d0:4b:c8:a6:2c:67: 2b:96:08:f2:97:77:e2:32:72:1b:85:c4:79:ec:a8: 45:d1:d8:cb:8f:28:f0:80:86:8b:f4:45:e8:07:6a: a4:d2:da:74:de:a8:61:fa:e5:77:aa:7f:e0:b5:63: df:16:eb:93:bc:76:e0:c1:65:94:52:d4:40:fa:8f: 4f:3b:c1:a4:d8:26:90:d5:a0:f1:95:0d:8e:f0:32: fd:cb:20:30:e5:a2:7a:db:10:4e:df:ba:c5:39:6e: 3b:70:68:8b:86:d8:64:f6:12:4b:19:c0:4c:ef:d6: 1d:e8:1a:18:8c:bc:ce:f7:38:8f:30:b4:fe:6e:2e: b2:ec:88:dc:ab:13:b4:e3:b7:38:17:cd:89:9b:84: 1c:d6:51:fd:a5:f0:9c:05:94:da:c4:bf:84:b0:fc: 14:e7:86:1c:99:5e:ed:71:06:72:fb:38:1a:33:7f: cf:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:7D:88:53:93:B3:2B:5E:EE:3A:0B:F4:33:8E:0F:AA:EF:3C:75:3C X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f2a37c-a129-4c0b-9ed1-b18dac2d259b/1/T32IU5OzK17uOgv0M44Pqu88dTw.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.221.72.0/22 IPv6: 2a09:ea00::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 208089 Signature Algorithm: sha256WithRSAEncryption 21:cf:12:7e:c7:e2:da:9d:2a:9d:32:e2:12:47:a3:06:a9:1b: e5:0f:da:74:4c:08:a5:99:c0:5c:bb:84:3e:b2:e6:85:e1:3b: 57:83:28:fa:24:68:ff:00:8c:d6:e0:32:82:67:02:f7:2f:0d: 1a:21:ba:3f:f2:ed:3e:87:07:d0:1f:af:e2:ba:88:05:21:5a: da:82:36:31:e2:24:ed:df:a8:ef:69:7e:0a:07:0d:62:14:fe: 9b:22:da:2b:e3:56:49:1a:2f:15:d6:2c:d9:c7:af:84:d2:da: aa:48:a9:5e:3b:c9:87:a3:36:88:2f:ad:6c:92:22:20:52:06: 80:66:48:54:43:f0:6f:d5:4c:6f:79:a0:c6:04:bd:4d:54:c3: 60:86:c8:82:54:08:4e:53:75:58:1c:75:d5:e3:4b:cc:b6:94: 52:42:3b:26:03:48:0b:59:9b:d2:ee:c1:b3:01:8e:ca:dd:64: bf:44:88:c0:c1:12:05:f2:0a:4d:8f:e4:1a:6e:be:2a:33:7e: f2:4f:2a:91:80:44:8b:bd:4c:4d:6b:22:f6:77:71:19:16:a6: 8b:65:c5:7d:bf:3d:62:f5:f3:07:72:46:85:f8:48:22:47:df: 9e:14:05:bf:a9:77:4d:6c:2c:4d:fa:ff:41:67:70:65:73:64: 93:83:14:27 -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt7NeeksFo1atMlOZ2aDB12MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjAxODA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZjdkODg1MzkzYjMyYjVlZWUzYTBiZjQzMzhlMGZhYWVmM2M3NTNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHzLY3AGTUWd9hRZUomdtUzqgrqw zDCnpx0IL+qeypDgaVUTmJQ6Y8/XiNPUTvIm1QtLqAfgU/zcW+gFeWtZnTDP1whE b+wIfaV0aPMYXZJQuq/QS8imLGcrlgjyl3fiMnIbhcR57KhF0djLjyjwgIaL9EXo B2qk0tp03qhh+uV3qn/gtWPfFuuTvHbgwWWUUtRA+o9PO8Gk2CaQ1aDxlQ2O8DL9 yyAw5aJ62xBO37rFOW47cGiLhthk9hJLGcBM79Yd6BoYjLzO9ziPMLT+bi6y7Ijc qxO047c4F82Jm4Qc1lH9pfCcBZTaxL+EsPwU54YcmV7tcQZy+zgaM3/PYQIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFE99iFOTsyte7joL9DOOD6rvPHU8MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUwL2YyYTM3 Yy1hMTI5LTRjMGItOWVkMS1iMThkYWMyZDI1OWIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAvZjJhMzdj LWExMjktNGMwYi05ZWQxLWIxOGRhYzJkMjU5Yi8xL1QzMklVNU96SzE3dU9ndjBN NDRQcXU4OGRUdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCJd1IMA0EAgACMAcDBQAqCeoAMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwMs2TANBgkqhkiG9w0BAQsFAAOCAQEAIc8Sfsfi2p0q nTLiEkejBqkb5Q/adEwIpZnAXLuEPrLmheE7V4Mo+iRo/wCM1uAygmcC9y8NGiG6 P/LtPocH0B+v4rqIBSFa2oI2MeIk7d+o72l+CgcNYhT+myLaK+NWSRovFdYs2cev hNLaqkipXjvJh6M2iC+tbJIiIFIGgGZIVEPwb9VMb3mgxgS9TVTDYIbIglQITlN1 WBx11eNLzLaUUkI7JgNIC1mb0u7BswGOyt1kv0SIwMESBfIKTY/kGm6+KjN+8k8q kYBEi71MTWsi9ndxGRami2XFfb89YvXzB3JGhfhIIkffnhQFv6l3TWwsTfr/QWdw ZXNkk4MUJw== -----END CERTIFICATE-----Generated at Sun Jan 25 22:33:45 2026 by rpki-client