This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/XLOiFF-bTUZgWCrca3NUlp4InKk.cer File: XLOiFF-bTUZgWCrca3NUlp4InKk.cer (raw, json) Hash identifier: 0pHYx/ZIGGReRl1fyyre3RWOF45auhjSf6wZF0xRCLo= Subject key identifier: 5C:B3:A2:14:5F:9B:4D:46:60:58:2A:DC:6B:73:54:96:9E:08:9C:A9 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7BA3246185EB4037ABB103AF948819BC Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6f/d0661c-cebb-4e22-b197-139800a8c75f/1/XLOiFF-bTUZgWCrca3NUlp4InKk.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6f/d0661c-cebb-4e22-b197-139800a8c75f/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 22:17:27 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 194.127.172.0/23 IP: 194.127.178.0/23 IP: 2a10:4dc0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:24:61:85:eb:40:37:ab:b1:03:af:94:88:19:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 22:17:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5cb3a2145f9b4d4660582adc6b7354969e089ca9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:32:58:3b:6f:6d:a7:cc:7d:a1:b2:34:45:9f: 74:2e:3e:4a:61:e8:42:6c:bf:1a:d2:d8:8e:7d:eb: 83:e2:df:34:33:bb:cd:21:16:b1:71:03:2b:7d:18: b2:d1:1e:0c:8f:e0:7e:fa:44:33:58:eb:2f:b1:c0: 0d:33:b0:a4:f5:05:b4:36:ac:e1:d4:f7:8b:41:d6: 1d:73:bb:d3:65:22:c6:ac:76:91:2d:29:e3:fd:b7: 3f:50:e5:1a:0a:8f:0a:72:5f:df:73:8a:b3:8c:ad: 20:19:22:11:a3:f6:ca:aa:78:97:5e:03:6a:ba:c5: 27:0c:05:3b:e3:68:26:93:15:ed:83:98:75:c9:47: 17:be:06:c5:1e:8a:84:14:54:99:ad:ba:82:83:fd: 26:ef:0c:49:ca:bf:6b:88:60:db:b9:2b:d7:f9:79: 3d:29:cb:0c:7b:97:99:24:5a:3f:4c:71:13:06:43: 2f:c7:46:b6:bc:34:19:f3:c7:c7:cf:aa:09:6f:13: 5f:7d:b0:62:59:4f:f7:1a:b6:fe:eb:3c:80:72:f5: f2:3f:a7:b9:a5:73:2f:fd:b4:16:94:9d:dd:31:1c: a0:cd:cc:a3:aa:68:d9:8e:99:53:35:b1:74:23:fa: 6c:cd:67:51:2b:0f:24:d6:6d:c3:b9:ec:f6:1c:45: 6e:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:B3:A2:14:5F:9B:4D:46:60:58:2A:DC:6B:73:54:96:9E:08:9C:A9 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/d0661c-cebb-4e22-b197-139800a8c75f/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/d0661c-cebb-4e22-b197-139800a8c75f/1/XLOiFF-bTUZgWCrca3NUlp4InKk.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.127.172.0/23 194.127.178.0/23 IPv6: 2a10:4dc0::/29 Signature Algorithm: sha256WithRSAEncryption 27:74:0b:e0:d3:45:d9:8f:56:dd:bc:41:12:a1:62:ab:30:9e: 6f:f8:6c:6a:14:9d:96:e8:fa:7f:ab:9e:d2:81:92:27:0b:ea: f1:5f:dd:74:c4:71:df:b3:a7:ab:11:f7:a9:a2:db:ee:25:2c: 28:93:80:27:d7:69:da:60:03:7c:10:29:64:57:40:97:2a:36: 87:35:c2:c7:db:f4:49:7d:30:15:37:36:1b:cf:60:41:4d:35: 59:fb:25:44:da:98:0f:d4:e9:f8:2a:be:f9:53:3e:3a:0a:4d: 7d:ae:c6:ee:da:d0:70:b4:40:5d:ff:4e:7c:c9:38:fb:da:6d: 50:d4:31:20:89:87:db:e2:10:a3:4f:0c:74:24:5b:ca:a8:6e: 23:bb:25:08:d9:d4:8a:59:c2:0b:28:f5:82:d7:f4:f7:e0:52: 9d:fb:31:0e:fe:5d:82:b3:29:ff:4a:2f:98:72:46:77:8c:4a: 39:38:94:6b:b7:32:74:53:68:c1:27:85:d4:e9:c1:8b:20:b1: 3d:a4:60:44:d9:39:31:9d:c3:98:98:15:ab:5e:40:55:64:3a: d9:3f:a9:8e:74:a6:5e:a0:f7:7f:17:a4:74:5d:d3:d0:23:6d: 62:8a:79:23:ae:54:e4:c9:ad:ef:2f:a3:58:d3:93:a2:89:67: ec:64:1c:60 -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgISAZt7oyRhhetAN6uxA6+UiBm8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjIxNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1Y2IzYTIxNDVmOWI0ZDQ2NjA1ODJhZGM2YjczNTQ5NjllMDg5Y2E5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzJYO29tp8x9obI0RZ90Lj5KYehC bL8a0tiOfeuD4t80M7vNIRaxcQMrfRiy0R4Mj+B++kQzWOsvscANM7Ck9QW0Nqzh 1PeLQdYdc7vTZSLGrHaRLSnj/bc/UOUaCo8Kcl/fc4qzjK0gGSIRo/bKqniXXgNq usUnDAU742gmkxXtg5h1yUcXvgbFHoqEFFSZrbqCg/0m7wxJyr9riGDbuSvX+Xk9 KcsMe5eZJFo/THETBkMvx0a2vDQZ88fHz6oJbxNffbBiWU/3Grb+6zyAcvXyP6e5 pXMv/bQWlJ3dMRygzcyjqmjZjplTNbF0I/pszWdRKw8k1m3Duez2HEVunQIDAQAB o4ICmTCCApUwHQYDVR0OBBYEFFyzohRfm01GYFgq3GtzVJaeCJypMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZmL2QwNjYx Yy1jZWJiLTRlMjItYjE5Ny0xMzk4MDBhOGM3NWYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmYvZDA2NjFj LWNlYmItNGUyMi1iMTk3LTEzOTgwMGE4Yzc1Zi8xL1hMT2lGRi1iVFVaZ1dDcmNh M05VbHA0SW5Lay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF BwEHAQH/BCUwIzASBAIAATAMAwQBwn+sAwQBwn+yMA0EAgACMAcDBQMqEE3AMA0G CSqGSIb3DQEBCwUAA4IBAQAndAvg00XZj1bdvEESoWKrMJ5v+GxqFJ2W6Pp/q57S gZInC+rxX910xHHfs6erEfepotvuJSwok4An12naYAN8EClkV0CXKjaHNcLH2/RJ fTAVNzYbz2BBTTVZ+yVE2pgP1On4Kr75Uz46Ck19rsbu2tBwtEBd/058yTj72m1Q 1DEgiYfb4hCjTwx0JFvKqG4juyUI2dSKWcILKPWC1/T34FKd+zEO/l2Csyn/Si+Y ckZ3jEo5OJRrtzJ0U2jBJ4XU6cGLILE9pGBE2TkxncOYmBWrXkBVZDrZP6mOdKZe oPd/F6R0XdPQI21iinkjrlTkya3vL6NY05OiiWfsZBxg -----END CERTIFICATE-----Generated at Sun Jan 25 19:22:21 2026 by rpki-client