This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/oYanahiZ2_kCnhrv2QUXe7CdNo0.cer File: oYanahiZ2_kCnhrv2QUXe7CdNo0.cer (raw, json) Hash identifier: j1yWLZgnXXyrR7xPhvEMRbN1vp4jtjpf5eiMl45YNks= Subject key identifier: A1:86:A7:6A:18:99:DB:F9:02:9E:1A:EF:D9:05:17:7B:B0:9D:36:8D Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B77C73D26F901979122030389CEF72131 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/65/8595c8-4834-4d54-a391-312e5b491146/1/oYanahiZ2_kCnhrv2QUXe7CdNo0.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/65/8595c8-4834-4d54-a391-312e5b491146/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 04:18:24 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 193.5.121.0/24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:3d:26:f9:01:97:91:22:03:03:89:ce:f7:21:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 04:18:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a186a76a1899dbf9029e1aefd905177bb09d368d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:85:21:88:e1:3b:2c:e7:4c:05:ce:47:4d:46: 26:5d:c0:fc:69:8b:27:c0:0f:93:e1:c5:f0:90:af: a1:56:7a:74:57:ed:61:cd:63:07:33:68:74:46:5f: dc:2e:98:de:83:ac:f7:db:37:69:6a:04:e5:ce:cf: e6:43:ff:60:5a:d7:18:5f:e4:e4:d5:41:b5:4d:d1: e4:f4:f4:00:54:ed:b9:b2:77:e2:27:b0:74:dd:15: 1b:26:39:09:1e:07:c7:d1:70:c1:b3:c0:c1:5b:db: bf:3c:02:0b:de:05:10:c1:22:6c:b1:bd:64:0a:86: 47:47:5e:46:79:a9:03:1f:79:4b:19:89:40:58:af: 71:23:40:72:9a:f9:f8:f8:a2:fd:f6:00:ff:26:ed: be:18:4b:d3:28:0a:4a:80:1f:48:f8:3e:db:5e:29: 36:e1:68:2b:f1:f9:56:08:8e:87:97:4e:2f:37:4e: 96:d9:f5:8a:59:12:4d:56:0a:4e:50:3d:91:1b:a9: 47:52:c1:7b:2a:a1:ec:75:81:39:e2:07:8a:ed:dc: 9a:c5:b4:c6:dd:b8:92:25:79:fe:08:4c:d7:13:d2: 76:c3:58:c2:2a:68:88:5b:d7:e4:90:64:11:35:e5: 6d:dd:50:8c:c5:4f:62:1e:3d:0e:e3:64:cc:5d:e9: 57:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:86:A7:6A:18:99:DB:F9:02:9E:1A:EF:D9:05:17:7B:B0:9D:36:8D X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8595c8-4834-4d54-a391-312e5b491146/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8595c8-4834-4d54-a391-312e5b491146/1/oYanahiZ2_kCnhrv2QUXe7CdNo0.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.5.121.0/24 Signature Algorithm: sha256WithRSAEncryption 3c:fd:8f:3c:d9:c8:de:a9:1c:2d:9d:5a:92:76:2b:bb:9e:dc: 1a:fb:4a:10:5c:f1:0b:54:45:64:a6:b5:10:97:52:c0:bf:3c: 81:39:70:9e:be:b5:f0:b1:0c:d9:76:e7:cc:eb:51:5d:ef:0d: 10:15:68:53:d7:63:f7:3c:a8:ff:9b:bc:1c:10:48:b1:85:6a: a9:a7:bb:63:33:9c:9a:d3:92:9d:61:57:84:1f:b5:e5:bb:d5: bd:bc:36:07:00:56:58:8d:41:8a:5c:7e:84:0a:2b:73:14:69: 73:99:42:10:65:5c:19:34:19:5e:82:61:04:cf:ae:f3:8a:92: b6:34:e4:b3:e9:f0:b1:26:be:97:ef:ad:01:1d:df:d6:6a:59: b9:6d:3b:f8:56:74:a5:11:c2:c6:5a:86:01:bb:1e:cd:54:ab: 0d:c1:3c:3d:c2:43:bb:7d:f3:1e:45:42:99:2b:6f:60:7b:28: 13:53:67:25:6a:60:88:33:d6:10:33:be:4d:fc:4b:36:31:41: 1b:77:4c:49:a5:0b:11:9f:e1:63:87:93:b3:94:be:21:4e:97: bb:72:f4:9c:ad:41:4d:94:cb:4e:ab:5f:5e:95:53:cf:f2:0a: aa:f1:6e:6a:8d:5a:04:02:02:b6:37:42:cf:05:40:d5:ea:7c: 0e:13:41:9a -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgISAZt3xz0m+QGXkSIDA4nO9yExMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDQxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMTg2YTc2YTE4OTlkYmY5MDI5ZTFhZWZkOTA1MTc3YmIwOWQzNjhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYUhiOE7LOdMBc5HTUYmXcD8aYsn wA+T4cXwkK+hVnp0V+1hzWMHM2h0Rl/cLpjeg6z32zdpagTlzs/mQ/9gWtcYX+Tk 1UG1TdHk9PQAVO25snfiJ7B03RUbJjkJHgfH0XDBs8DBW9u/PAIL3gUQwSJssb1k CoZHR15GeakDH3lLGYlAWK9xI0Bymvn4+KL99gD/Ju2+GEvTKApKgB9I+D7bXik2 4Wgr8flWCI6Hl04vN06W2fWKWRJNVgpOUD2RG6lHUsF7KqHsdYE54geK7dyaxbTG 3biSJXn+CEzXE9J2w1jCKmiIW9fkkGQRNeVt3VCMxU9iHj0O42TMXelXawIDAQAB o4IChDCCAoAwHQYDVR0OBBYEFKGGp2oYmdv5Ap4a79kFF3uwnTaNMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY1Lzg1OTVj OC00ODM0LTRkNTQtYTM5MS0zMTJlNWI0OTExNDYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUvODU5NWM4 LTQ4MzQtNGQ1NC1hMzkxLTMxMmU1YjQ5MTE0Ni8xL29ZYW5haGlaMl9rQ25ocnYy UVVYZTdDZE5vMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQAwQV5MA0GCSqGSIb3DQEBCwUAA4IBAQA8/Y88 2cjeqRwtnVqSdiu7ntwa+0oQXPELVEVkprUQl1LAvzyBOXCevrXwsQzZdufM61Fd 7w0QFWhT12P3PKj/m7wcEEixhWqpp7tjM5ya05KdYVeEH7Xlu9W9vDYHAFZYjUGK XH6ECitzFGlzmUIQZVwZNBlegmEEz67zipK2NOSz6fCxJr6X760BHd/Walm5bTv4 VnSlEcLGWoYBux7NVKsNwTw9wkO7ffMeRUKZK29geygTU2clamCIM9YQM75N/Es2 MUEbd0xJpQsRn+Fjh5OzlL4hTpe7cvScrUFNlMtOq19elVPP8gqq8W5qjVoEAgK2 N0LPBUDV6nwOE0Ga -----END CERTIFICATE-----Generated at Mon Jan 26 05:09:04 2026 by rpki-client