This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/atOL1MDQ6fMCgCGYTNg1VgR_Y5g.cer File: atOL1MDQ6fMCgCGYTNg1VgR_Y5g.cer (raw, json) Hash identifier: HjFiGxyXMe9azPG1LrRcUXvA1b76mroFuQiHo5Fr1Fo= Subject key identifier: 6A:D3:8B:D4:C0:D0:E9:F3:02:80:21:98:4C:D8:35:56:04:7F:63:98 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B76EACDF6A31C665B1225A667D27C2046 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/61/928618-2a69-4fbf-96c9-ce700074a7fc/1/atOL1MDQ6fMCgCGYTNg1VgR_Y5g.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/61/928618-2a69-4fbf-96c9-ce700074a7fc/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 00:17:38 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 138.32.24.0/22 IP: 138.32.168.0/22 IP: 153.15.0.0/16 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:cd:f6:a3:1c:66:5b:12:25:a6:67:d2:7c:20:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 00:17:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6ad38bd4c0d0e9f3028021984cd83556047f6398 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:1d:c3:9e:1c:ea:75:88:7f:cd:33:7c:a6:d9: c6:de:11:e6:65:8b:fb:0c:87:d7:83:2a:2a:28:be: 94:1b:41:15:31:73:8c:98:cd:1c:1b:1e:5f:d0:8e: 41:f1:96:06:42:04:79:97:ce:0a:a2:46:41:e0:c2: 9c:eb:f4:69:39:ae:6b:0b:3c:91:5f:8f:aa:8b:5e: 22:59:d3:f4:1a:36:09:54:07:ac:c0:f3:6d:c3:81: c2:e1:4d:d5:15:91:3f:20:08:ad:4b:21:8f:bb:25: 6b:b9:1a:0f:65:6e:d9:9e:af:6f:26:b6:8a:f5:60: af:bf:01:84:60:bf:b7:07:80:89:b3:32:71:a7:f3: ad:3c:dd:73:ac:a1:c5:f9:e1:fb:f5:25:cf:fc:9e: d7:28:6d:7d:b9:f3:47:3a:e0:9c:67:b3:de:63:24: 86:ab:10:20:1b:4c:68:ad:b6:7c:c9:95:67:17:cf: 2c:4a:5b:16:1a:37:0b:b4:47:6b:07:52:6a:41:84: 44:2f:b8:b4:7d:5a:41:3a:6d:47:c8:fb:49:dd:3f: 17:cf:2c:20:ca:d6:d5:b2:d3:2e:51:83:99:a7:72: 62:20:41:27:cc:02:1a:80:d6:81:49:02:81:fc:32: a1:55:90:49:3a:7a:63:61:e8:b1:a5:81:cf:7d:0f: 3e:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:D3:8B:D4:C0:D0:E9:F3:02:80:21:98:4C:D8:35:56:04:7F:63:98 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/928618-2a69-4fbf-96c9-ce700074a7fc/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/928618-2a69-4fbf-96c9-ce700074a7fc/1/atOL1MDQ6fMCgCGYTNg1VgR_Y5g.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.32.24.0/22 138.32.168.0/22 153.15.0.0/16 Signature Algorithm: sha256WithRSAEncryption a6:87:25:79:63:12:19:6e:fa:c1:c5:62:3b:9d:1d:3c:16:3f: 0e:db:64:19:4e:38:f9:f2:71:eb:15:47:0c:91:d4:53:b3:17: 04:9f:e2:02:2c:2f:6b:69:36:bf:2d:c1:12:f6:7d:93:37:ca: 09:23:52:67:3b:d7:56:99:bf:b6:71:ac:84:9d:a4:b7:4e:53: 9a:4a:9e:4d:d8:be:11:b5:76:c2:2c:6b:09:fb:19:d4:00:e7: 21:83:10:e7:1b:f4:a7:69:21:3d:06:3f:5c:0f:a3:ca:9f:a1: e6:25:ad:9c:30:7c:53:41:45:b9:b0:31:a5:87:8a:c9:75:b6: d7:ef:f2:04:41:ea:03:bd:2b:38:97:48:77:06:91:d8:e0:5b: 65:57:ac:1b:20:26:74:ef:7c:55:3d:8e:89:74:a0:d9:bf:87: 85:1d:4a:b2:98:17:43:cd:43:7e:0e:3b:01:eb:c3:e2:f8:d0: 89:5b:f1:e8:61:55:68:2e:b8:3c:06:ef:02:b8:36:12:6a:ac: 88:8d:14:92:9e:97:e9:84:04:41:c5:c9:27:74:de:3f:34:c1: 35:a2:a6:47:14:99:f1:bf:a6:8e:1e:c0:11:f9:8f:85:e4:0c: 63:5a:16:ec:a5:7b:9f:3c:65:8e:3b:4b:e3:62:f0:93:83:7e: 79:c9:9a:08 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgISAZt26s32oxxmWxIlpmfSfCBGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDAxNzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YWQzOGJkNGMwZDBlOWYzMDI4MDIxOTg0Y2Q4MzU1NjA0N2Y2Mzk4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzh3DnhzqdYh/zTN8ptnG3hHmZYv7 DIfXgyoqKL6UG0EVMXOMmM0cGx5f0I5B8ZYGQgR5l84KokZB4MKc6/RpOa5rCzyR X4+qi14iWdP0GjYJVAeswPNtw4HC4U3VFZE/IAitSyGPuyVruRoPZW7Znq9vJraK 9WCvvwGEYL+3B4CJszJxp/OtPN1zrKHF+eH79SXP/J7XKG19ufNHOuCcZ7PeYySG qxAgG0xorbZ8yZVnF88sSlsWGjcLtEdrB1JqQYREL7i0fVpBOm1HyPtJ3T8Xzywg ytbVstMuUYOZp3JiIEEnzAIagNaBSQKB/DKhVZBJOnpjYeixpYHPfQ8+IQIDAQAB o4ICjzCCAoswHQYDVR0OBBYEFGrTi9TA0OnzAoAhmEzYNVYEf2OYMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYxLzkyODYx OC0yYTY5LTRmYmYtOTZjOS1jZTcwMDA3NGE3ZmMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEvOTI4NjE4 LTJhNjktNGZiZi05NmM5LWNlNzAwMDc0YTdmYy8xL2F0T0wxTURRNmZNQ2dDR1lU TmcxVmdSX1k1Zy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCoGCCsGAQUF BwEHAQH/BBswGTAXBAIAATARAwQCiiAYAwQCiiCoAwMAmQ8wDQYJKoZIhvcNAQEL BQADggEBAKaHJXljEhlu+sHFYjudHTwWPw7bZBlOOPnycesVRwyR1FOzFwSf4gIs L2tpNr8twRL2fZM3ygkjUmc711aZv7ZxrISdpLdOU5pKnk3YvhG1dsIsawn7GdQA 5yGDEOcb9KdpIT0GP1wPo8qfoeYlrZwwfFNBRbmwMaWHisl1ttfv8gRB6gO9KziX SHcGkdjgW2VXrBsgJnTvfFU9jol0oNm/h4UdSrKYF0PNQ34OOwHrw+L40Ilb8ehh VWguuDwG7wK4NhJqrIiNFJKel+mEBEHFySd03j80wTWipkcUmfG/po4ewBH5j4Xk DGNaFuyle588ZY47S+Ni8JODfnnJmgg= -----END CERTIFICATE-----Generated at Sun Jan 25 23:35:15 2026 by rpki-client