This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/34DEF610B33BA719BA344A660C4BDA8333112372.cer File: 34DEF610B33BA719BA344A660C4BDA8333112372.cer (raw, json) Hash identifier: pXjDCrisMgrSKE8zA9g7GO2rwAdhRIq0UqEOP6cYrO0= Subject key identifier: 34:DE:F6:10:B3:3B:A7:19:BA:34:4A:66:0C:4B:DA:83:33:11:23:72 Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Certificate serial: 4CC3470097D9061AAE689C7EBB8D947E878C4531 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Manifest: rsync://rsync.paas.rpki.ripe.net/repository/2ed4b7eb-17a7-44e1-9ca2-098a32383c90/1/34DEF610B33BA719BA344A660C4BDA8333112372.mft caRepository: rsync://rsync.paas.rpki.ripe.net/repository/2ed4b7eb-17a7-44e1-9ca2-098a32383c90/1/ Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml Certificate not before: Sat 24 Jan 2026 22:47:18 +0000 Certificate not after: Sat 23 Jan 2027 22:52:18 +0000 Subordinate resources: IP: 2a14:7581:3700::/40 IP: 2a14:7581:9f10::/44 IP: 2a14:7586:7000::/36 IP: 2a14:7586:9000:: -- 2a14:7586:afff:ffff:ffff:ffff:ffff:ffff Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 01:36:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:c3:47:00:97:d9:06:1a:ae:68:9c:7e:bb:8d:94:7e:87:8c:45:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Validity Not Before: Jan 24 22:47:18 2026 GMT Not After : Jan 23 22:52:18 2027 GMT Subject: CN=34DEF610B33BA719BA344A660C4BDA8333112372 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:fa:8b:8c:cd:0d:f3:cd:f6:d8:42:c2:20:ec: 2c:8b:56:26:71:cc:de:c0:37:b0:59:64:dd:56:a7: 92:b7:a4:4f:f9:d5:9e:bc:86:24:88:fc:be:50:24: c9:f7:60:21:12:02:2d:f6:af:2c:44:75:9b:c8:56: a7:a5:2d:70:68:e8:a0:c9:0f:9e:6a:99:3a:98:7c: c7:fb:6a:3c:a6:62:4c:e1:57:14:0b:fe:80:bd:55: 98:af:80:1b:a2:63:30:64:74:c7:cf:c5:98:95:bf: 59:fb:a1:00:f7:bd:9d:57:66:cd:84:8b:bb:e3:2c: cb:9e:06:27:f0:bc:3b:15:d0:78:90:de:39:b5:4e: 7e:b0:ff:3c:19:15:46:4a:5d:b0:d1:29:c4:ed:11: 4b:a7:3b:ba:8e:7a:05:78:72:aa:27:29:de:48:f5: f4:81:4d:c5:30:af:d4:c2:4a:1b:c3:3a:0b:2d:03: 51:b8:da:ef:04:82:e7:36:2f:2b:75:8e:06:f4:01: 13:45:e5:da:19:1a:da:e3:f6:b3:41:5c:75:f5:3c: 27:c9:d7:73:ca:ab:f1:52:9a:2b:e2:f2:a0:38:2b: e0:a4:eb:59:2c:ea:5f:e9:a2:42:c7:76:58:61:c1: 1d:a7:aa:05:b7:67:ae:bd:c9:a7:82:17:80:90:2a: 64:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 34:DE:F6:10:B3:3B:A7:19:BA:34:4A:66:0C:4B:DA:83:33:11:23:72 X509v3 Authority Key Identifier: keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject Information Access: CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/2ed4b7eb-17a7-44e1-9ca2-098a32383c90/1/ RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/2ed4b7eb-17a7-44e1-9ca2-098a32383c90/1/34DEF610B33BA719BA344A660C4BDA8333112372.mft RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:3700::/40 2a14:7581:9f10::/44 2a14:7586:7000::/36 2a14:7586:9000::-2a14:7586:afff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 56:86:31:15:78:86:31:39:c3:34:5e:4a:97:56:32:8e:75:56: 15:90:dd:3b:8d:15:47:55:55:c6:66:c3:96:a3:25:ff:22:a4: 03:a9:17:92:d5:a7:bc:90:31:3a:5c:5f:ba:a8:08:14:5b:54: 21:06:7d:15:8d:ec:b3:ac:b2:23:34:7a:30:db:62:37:3c:e0: fa:ce:ad:e6:3a:b8:21:24:03:97:72:88:88:e1:a0:42:5f:d9: ac:66:90:57:ba:e0:cd:93:d4:46:9e:fe:39:81:02:9a:4a:9a: 3e:ee:a9:6b:5c:bc:42:e5:3a:79:51:23:12:84:c6:72:18:ef: 8a:c0:89:4b:ea:62:d9:fa:f2:ac:a2:ab:c0:d3:e2:17:25:87: 7f:26:12:7d:fb:35:44:bc:07:93:0e:be:89:1c:6d:71:9c:16: b0:2e:8d:fc:8b:97:5a:a6:33:35:52:36:2c:af:a5:99:1b:da: 10:08:f8:61:43:46:57:eb:8a:6d:34:33:7d:98:b1:9f:77:7d: ea:23:f2:ce:01:3e:ea:52:81:8e:c3:63:ba:68:e2:5d:0a:fd: e8:ae:01:5e:e6:cf:48:9b:39:18:c5:bd:7b:33:08:7b:00:93: 82:11:67:22:4a:c1:7e:09:5b:f1:f5:da:56:91:c5:c2:86:cf: 6d:d4:ca:c2 -----BEGIN CERTIFICATE----- MIIF/DCCBOSgAwIBAgIUTMNHAJfZBhquaJx+u42UfoeMRTEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj Y2ZkMzc3MjAeFw0yNjAxMjQyMjQ3MThaFw0yNzAxMjMyMjUyMThaMDMxMTAvBgNV BAMTKDM0REVGNjEwQjMzQkE3MTlCQTM0NEE2NjBDNEJEQTgzMzMxMTIzNzIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk+ouMzQ3zzfbYQsIg7CyLViZx zN7AN7BZZN1Wp5K3pE/51Z68hiSI/L5QJMn3YCESAi32ryxEdZvIVqelLXBo6KDJ D55qmTqYfMf7ajymYkzhVxQL/oC9VZivgBuiYzBkdMfPxZiVv1n7oQD3vZ1XZs2E i7vjLMueBifwvDsV0HiQ3jm1Tn6w/zwZFUZKXbDRKcTtEUunO7qOegV4cqonKd5I 9fSBTcUwr9TCShvDOgstA1G42u8Eguc2Lyt1jgb0ARNF5doZGtrj9rNBXHX1PCfJ 13PKq/FSmivi8qA4K+Ck61ks6l/pokLHdlhhwR2nqgW3Z669yaeCF4CQKmQ5AgMB AAGjggMGMIIDAjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQ03vYQszunGbo0 SmYMS9qDMxEjcjAfBgNVHSMEGDAWgBSoPUhlLzst909r+bqoqcF0zP03cjAOBgNV HQ8BAf8EBAMCAQYwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3lu Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9BODNENDg2NTJGM0IyREY3NEY2QkY5QkFB OEE5QzE3NENDRkQzNzcyLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKG SHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcUQxSVpT ODdMZmRQYV9tNnFLbkJkTXo5TjNJLmNlcjCCAT8GCCsGAQUFBwELBIIBMTCCAS0w XwYIKwYBBQUHMAWGU3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3Jl cG9zaXRvcnkvMmVkNGI3ZWItMTdhNy00NGUxLTljYTItMDk4YTMyMzgzYzkwLzEv MIGLBggrBgEFBQcwCoZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQv cmVwb3NpdG9yeS8yZWQ0YjdlYi0xN2E3LTQ0ZTEtOWNhMi0wOThhMzIzODNjOTAv MS8zNERFRjYxMEIzM0JBNzE5QkEzNDRBNjYwQzRCREE4MzMzMTEyMzcyLm1mdDA8 BggrBgEFBQcwDYYwaHR0cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3Rp ZmljYXRpb24ueG1sMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwRAYIKwYBBQUH AQcBAf8ENTAzMDEEAgACMCsDBgAqFHWBNwMHBCoUdYGfEAMGBCoUdYZwMBADBgQq FHWGkAMGBCoUdYagMA0GCSqGSIb3DQEBCwUAA4IBAQBWhjEVeIYxOcM0XkqXVjKO dVYVkN07jRVHVVXGZsOWoyX/IqQDqReS1ae8kDE6XF+6qAgUW1QhBn0VjeyzrLIj NHow22I3POD6zq3mOrghJAOXcoiI4aBCX9msZpBXuuDNk9RGnv45gQKaSpo+7qlr XLxC5Tp5USMShMZyGO+KwIlL6mLZ+vKsoqvA0+IXJYd/JhJ9+zVEvAeTDr6JHG1x nBawLo38i5dapjM1UjYsr6WZG9oQCPhhQ0ZX64ptNDN9mLGfd33qI/LOAT7qUoGO w2O6aOJdCv3orgFe5s9ImzkYxb17Mwh7AJOCEWciSsF+CVvx9dpWkcXChs9t1MrC -----END CERTIFICATE-----Generated at Sun Jan 25 12:03:35 2026 by rpki-client