This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/z6loMZ1yqYp1lAAzi3D9xniRLeY.cer File: z6loMZ1yqYp1lAAzi3D9xniRLeY.cer (raw, json) Hash identifier: if7EjH+PfHaI4dm873t7Lb0pMsi1bWmO2MJnIfjp1Jo= Subject key identifier: CF:A9:68:31:9D:72:A9:8A:75:94:00:33:8B:70:FD:C6:78:91:2D:E6 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B79ED59D1C97B58D5D01F11C25FD06C9C Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/45/dc616f-de9b-478e-8539-8ce51018e2e6/1/z6loMZ1yqYp1lAAzi3D9xniRLeY.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/45/dc616f-de9b-478e-8539-8ce51018e2e6/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 14:19:16 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 41887 IP: 62.204.64.0/19 IP: 94.228.128.0/20 IP: 178.22.80.0/21 IP: 185.63.164.0/22 IP: 195.144.2.0/24 IP: 2a00:d00::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:59:d1:c9:7b:58:d5:d0:1f:11:c2:5f:d0:6c:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 14:19:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cfa968319d72a98a759400338b70fdc678912de6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:91:f7:7e:b0:85:18:80:cf:14:d4:f0:1f:f5: 9a:74:a2:5a:ef:b0:dd:c8:b8:c4:3c:21:17:ba:e8: a2:8a:df:1c:81:8d:cf:b8:d6:eb:f4:1b:7e:ea:a0: 40:af:c3:07:1e:ea:b6:8c:6f:56:3f:25:3d:56:59: db:9e:99:40:6a:90:a6:55:5b:40:e7:df:76:31:74: 1c:38:c2:4d:66:2d:b3:da:ed:e6:db:d8:ad:2e:82: bc:cf:a1:06:7a:ce:4a:ca:52:16:cd:2d:84:82:73: 0c:04:3f:dd:16:de:40:9e:0e:bf:7d:29:cb:71:22: 11:de:98:67:78:d0:69:af:47:5f:65:d1:f6:6e:20: f3:6f:6b:23:bb:89:8d:76:3d:b8:7e:b8:2c:5c:bb: 7d:e2:7e:66:05:14:14:96:9b:22:82:fe:f3:0d:57: 9e:0f:a9:23:b6:e9:10:c2:6e:1f:8a:f2:e5:6a:21: f6:50:02:93:e5:c6:72:f3:6a:2f:e2:9a:03:a8:1a: e3:5c:1f:0a:ca:28:50:75:e6:ad:ec:7f:c1:84:4f: c5:e3:cd:67:77:8f:21:e1:17:83:72:40:c8:39:c8: ee:fa:4a:e5:d0:ae:5d:98:ca:f9:8f:b9:6b:cf:05: cc:ca:d2:12:af:f6:46:df:f7:c9:77:6e:63:1f:7e: 52:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:A9:68:31:9D:72:A9:8A:75:94:00:33:8B:70:FD:C6:78:91:2D:E6 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/dc616f-de9b-478e-8539-8ce51018e2e6/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/dc616f-de9b-478e-8539-8ce51018e2e6/1/z6loMZ1yqYp1lAAzi3D9xniRLeY.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 62.204.64.0/19 94.228.128.0/20 178.22.80.0/21 185.63.164.0/22 195.144.2.0/24 IPv6: 2a00:d00::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 41887 Signature Algorithm: sha256WithRSAEncryption a8:b6:5c:ca:15:a9:23:38:b3:17:7e:f5:ca:3f:77:f9:d3:c0: 4d:a2:e7:8b:b2:53:69:32:ac:6b:83:86:da:c6:20:b6:7c:bd: 44:6b:dc:87:22:c1:cb:e4:7d:5f:aa:44:0c:8a:1b:a0:36:91: 87:f1:88:66:06:ec:bd:4f:5f:e8:8b:a1:fa:e5:9d:23:3d:d3: dc:dd:1b:ef:8e:66:d8:8c:41:04:d0:6e:a8:5c:9d:e9:11:df: 57:34:4d:ff:4a:6e:b1:be:23:4a:44:43:e4:bd:b6:3c:f8:8d: d1:82:db:3b:ab:ba:1c:03:40:13:fd:44:72:3a:ec:4f:e5:4f: c0:fa:84:cb:2e:c5:a6:13:51:c2:ff:52:9d:3e:52:7d:11:87: f8:a6:5f:74:77:32:22:e6:29:d2:cf:14:17:9d:aa:ce:05:15: f9:1e:e3:c8:7c:5c:63:7d:d7:6b:be:a6:6e:b8:e0:77:90:57: 2e:4b:58:c7:0f:29:1e:c2:c3:62:98:79:0a:06:a7:91:6b:c2: 89:1d:5d:80:9c:f4:71:af:49:a6:d6:fc:bf:1f:0f:89:45:ec: bb:3b:ba:33:f8:25:f9:c9:42:37:42:b6:bf:e0:7a:2a:61:c3: 45:72:7d:4c:7f:c4:91:2b:35:f3:ad:0c:cd:af:e0:a8:91:a3: 04:dd:3d:d5 -----BEGIN CERTIFICATE----- MIIFuzCCBKOgAwIBAgISAZt57VnRyXtY1dAfEcJf0GycMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTQxOTE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZmE5NjgzMTlkNzJhOThhNzU5NDAwMzM4YjcwZmRjNjc4OTEyZGU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZH3frCFGIDPFNTwH/WadKJa77Dd yLjEPCEXuuiiit8cgY3PuNbr9Bt+6qBAr8MHHuq2jG9WPyU9VlnbnplAapCmVVtA 5992MXQcOMJNZi2z2u3m29itLoK8z6EGes5KylIWzS2EgnMMBD/dFt5Ang6/fSnL cSIR3phneNBpr0dfZdH2biDzb2sju4mNdj24frgsXLt94n5mBRQUlpsigv7zDVee D6kjtukQwm4fivLlaiH2UAKT5cZy82ov4poDqBrjXB8KyihQdeat7H/BhE/F481n d48h4ReDckDIOcju+krl0K5dmMr5j7lrzwXMytISr/ZG3/fJd25jH35SWQIDAQAB o4ICxzCCAsMwHQYDVR0OBBYEFM+paDGdcqmKdZQAM4tw/cZ4kS3mMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ1L2RjNjE2 Zi1kZTliLTQ3OGUtODUzOS04Y2U1MTAxOGUyZTYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUvZGM2MTZm LWRlOWItNDc4ZS04NTM5LThjZTUxMDE4ZTJlNi8xL3o2bG9NWjF5cVlwMWxBQXpp M0Q5eG5pUkxlWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEYGCCsGAQUF BwEHAQH/BDcwNTAkBAIAATAeAwQFPsxAAwQEXuSAAwQDshZQAwQCuT+kAwQAw5AC MA0EAgACMAcDBQMqAA0AMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwCjnzANBgkq hkiG9w0BAQsFAAOCAQEAqLZcyhWpIzizF371yj93+dPATaLni7JTaTKsa4OG2sYg tny9RGvchyLBy+R9X6pEDIoboDaRh/GIZgbsvU9f6Iuh+uWdIz3T3N0b745m2IxB BNBuqFyd6RHfVzRN/0pusb4jSkRD5L22PPiN0YLbO6u6HANAE/1EcjrsT+VPwPqE yy7FphNRwv9SnT5SfRGH+KZfdHcyIuYp0s8UF52qzgUV+R7jyHxcY33Xa76mbrjg d5BXLktYxw8pHsLDYph5CgankWvCiR1dgJz0ca9Jptb8vx8PiUXsuzu6M/gl+clC N0K2v+B6KmHDRXJ9TH/EkSs1860Mza/gqJGjBN091Q== -----END CERTIFICATE-----Generated at Sun Jan 25 22:34:22 2026 by rpki-client