This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/mJB4Bt2stIQwvdAlSJgBnkE6K94.cer File: mJB4Bt2stIQwvdAlSJgBnkE6K94.cer (raw, json) Hash identifier: JVepsJ68gbyeROBmAOeKsxqfKCDkgDGT+5Yz50aVFbg= Subject key identifier: 98:90:78:06:DD:AC:B4:84:30:BD:D0:25:48:98:01:9E:41:3A:2B:DE Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7DCAD40DEF775651343510A5107F775C Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/98/3e3b17-84c9-4472-bd33-12674e661e13/1/mJB4Bt2stIQwvdAlSJgBnkE6K94.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/98/3e3b17-84c9-4472-bd33-12674e661e13/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 08:20:03 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 193.239.200.0/23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:d4:0d:ef:77:56:51:34:35:10:a5:10:7f:77:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 08:20:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=98907806ddacb48430bdd0254898019e413a2bde Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:87:91:2f:87:08:3b:34:5b:f6:14:e7:e2:54: 95:45:50:58:f6:98:ed:7b:2d:18:cd:d1:0a:6d:d0: 82:e6:ca:65:ec:bd:ab:83:27:f6:1a:3a:ef:09:30: fc:86:41:a3:89:ba:5f:40:95:3e:68:54:23:ce:b9: c0:4b:a3:53:8d:57:ec:4e:2e:58:8f:63:d2:17:2a: c0:21:29:de:20:01:58:2f:7d:9b:bc:53:ac:0a:e4: 19:3f:b3:fa:56:df:90:4d:b3:f8:c9:21:18:e8:4e: 47:c3:4e:0c:bb:34:be:ca:8c:59:5c:85:1b:56:83: a2:27:bb:d9:c3:1c:8c:04:cc:0f:05:46:34:ab:53: aa:e9:eb:99:65:d2:e5:0b:78:a2:2e:cb:61:e2:bb: ce:12:90:12:b2:c3:55:1f:fc:1b:2b:9e:f9:8a:bc: 2b:a8:0d:1f:a8:b2:10:5f:81:a0:5e:5b:07:36:e2: c4:a0:fa:ae:c8:23:fd:88:13:60:c7:7b:a0:df:e7: 69:d6:5f:e6:2f:2b:7f:c5:bb:27:bc:fd:60:dd:d0: 09:31:f9:e9:84:89:9b:c8:cc:57:d5:80:aa:64:b5: 96:5f:ba:c3:36:58:75:50:bf:5d:22:37:b5:bf:3a: 6e:7b:18:15:98:1a:46:b1:cf:83:38:7b:f6:9c:0d: d8:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:90:78:06:DD:AC:B4:84:30:BD:D0:25:48:98:01:9E:41:3A:2B:DE X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3e3b17-84c9-4472-bd33-12674e661e13/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3e3b17-84c9-4472-bd33-12674e661e13/1/mJB4Bt2stIQwvdAlSJgBnkE6K94.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.239.200.0/23 Signature Algorithm: sha256WithRSAEncryption 25:94:e9:8c:7a:9d:c7:71:d2:66:1c:61:81:01:1c:ed:2b:8b: e2:ba:b3:28:ff:98:28:3f:85:7a:a8:01:0c:ce:82:62:be:b4: f3:56:11:2f:db:7d:ad:cc:af:60:a6:92:f3:56:f4:a4:1c:3e: c2:14:2b:d0:b5:e6:30:16:cf:b9:2e:2d:7c:a3:9c:e8:00:7d: 0d:8c:15:a6:cf:46:24:3f:a9:a9:c3:e3:ac:b2:dd:3f:a6:4d: 39:1b:51:38:cd:82:9f:59:d4:d6:7e:75:e0:35:4f:18:4a:1c: 78:08:a7:fe:c5:a7:11:e7:e5:28:9a:6f:ea:ec:ec:03:f2:4f: 3b:19:e7:0e:66:df:7b:43:cd:d0:a6:65:c6:f4:2b:2f:10:05: 0c:69:58:e4:94:52:be:2a:09:a0:2b:cc:5e:70:db:85:28:20: 6a:bc:08:0b:55:8c:57:c9:d8:b5:39:93:38:d6:74:63:e5:7c: 84:a7:d0:41:51:5a:37:17:c8:3f:c8:30:10:dd:c8:e2:08:93: 77:be:cb:22:1d:73:da:69:c3:5d:17:8e:25:3f:bf:a0:b9:05: 79:da:26:6b:df:0e:17:ad:8a:09:47:00:64:ce:55:eb:1d:b7: cf:c9:64:40:3e:cd:13:21:ba:90:d2:e7:d5:58:ca:fa:47:6c: 9b:09:dd:43 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgISAZt9ytQN73dWUTQ1EKUQf3dcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDgyMDAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ODkwNzgwNmRkYWNiNDg0MzBiZGQwMjU0ODk4MDE5ZTQxM2EyYmRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoeRL4cIOzRb9hTn4lSVRVBY9pjt ey0YzdEKbdCC5spl7L2rgyf2GjrvCTD8hkGjibpfQJU+aFQjzrnAS6NTjVfsTi5Y j2PSFyrAISneIAFYL32bvFOsCuQZP7P6Vt+QTbP4ySEY6E5Hw04MuzS+yoxZXIUb VoOiJ7vZwxyMBMwPBUY0q1Oq6euZZdLlC3iiLsth4rvOEpASssNVH/wbK575irwr qA0fqLIQX4GgXlsHNuLEoPquyCP9iBNgx3ug3+dp1l/mLyt/xbsnvP1g3dAJMfnp hImbyMxX1YCqZLWWX7rDNlh1UL9dIje1vzpuexgVmBpGsc+DOHv2nA3YkQIDAQAB o4IChDCCAoAwHQYDVR0OBBYEFJiQeAbdrLSEML3QJUiYAZ5BOiveMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk4LzNlM2Ix Ny04NGM5LTQ0NzItYmQzMy0xMjY3NGU2NjFlMTMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvM2UzYjE3 LTg0YzktNDQ3Mi1iZDMzLTEyNjc0ZTY2MWUxMy8xL21KQjRCdDJzdElRd3ZkQWxT SmdCbmtFNks5NC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQBwe/IMA0GCSqGSIb3DQEBCwUAA4IBAQAllOmM ep3HcdJmHGGBARztK4viurMo/5goP4V6qAEMzoJivrTzVhEv232tzK9gppLzVvSk HD7CFCvQteYwFs+5Li18o5zoAH0NjBWmz0YkP6mpw+Osst0/pk05G1E4zYKfWdTW fnXgNU8YShx4CKf+xacR5+Uomm/q7OwD8k87GecOZt97Q83QpmXG9CsvEAUMaVjk lFK+KgmgK8xecNuFKCBqvAgLVYxXydi1OZM41nRj5XyEp9BBUVo3F8g/yDAQ3cji CJN3vssiHXPaacNdF44lP7+guQV52iZr3w4XrYoJRwBkzlXrHbfPyWRAPs0TIbqQ 0ufVWMr6R2ybCd1D -----END CERTIFICATE-----Generated at Sun Jan 25 23:33:34 2026 by rpki-client