This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3OGyX9kbX7wf-xIYxn7VWK53jAQ.cer File: 3OGyX9kbX7wf-xIYxn7VWK53jAQ.cer (raw, json) Hash identifier: 0Kj3KSbk3S1oWPIhrdAa373qNMLi84FbwTOqSBLYeDc= Subject key identifier: DC:E1:B2:5F:D9:1B:5F:BC:1F:FB:12:18:C6:7E:D5:58:AE:77:8C:04 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7A5ACC46A9F6D35E88BF35869F0C2D61 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/45/3252c0-5725-449f-92a1-643bb27f7fbf/1/3OGyX9kbX7wf-xIYxn7VWK53jAQ.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/45/3252c0-5725-449f-92a1-643bb27f7fbf/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 16:18:49 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 47773 IP: 2a10:8dc0::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:cc:46:a9:f6:d3:5e:88:bf:35:86:9f:0c:2d:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 16:18:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dce1b25fd91b5fbc1ffb1218c67ed558ae778c04 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:24:44:f4:9f:3d:fb:1b:43:b5:22:e5:da:a3: d3:a7:31:96:0a:49:ab:47:ea:0f:48:04:9c:8b:71: 26:f4:d1:77:0e:2d:5e:42:63:1f:a6:72:63:3b:27: 1c:af:14:70:e0:54:20:d0:4f:8e:7d:8d:53:13:e8: 26:b4:31:90:b6:f0:16:0f:7a:eb:f0:14:ef:3b:75: 1e:2e:b5:f1:7f:1e:3b:1d:7c:76:27:69:f1:cb:3f: b2:f8:97:3e:d0:71:c0:da:de:a9:5e:8f:5c:1f:5b: 25:b3:92:45:ea:af:a8:40:e5:1e:44:81:d9:0e:10: dc:c9:bc:5b:68:36:d2:f6:4f:c9:09:97:40:51:02: be:c2:a0:73:03:2c:99:51:ec:e4:fe:9f:93:f9:f9: a2:e9:f3:34:5c:af:67:7b:72:e3:d5:93:e9:64:ae: 8f:ee:6f:1a:2f:cd:d3:bb:4b:1a:e6:d8:1b:76:1d: 20:b4:69:14:9d:e0:35:27:7b:0c:23:0e:ff:94:46: 91:2c:f3:df:3e:7e:9d:79:3c:3d:95:5b:e8:38:4e: e6:8e:6b:cd:ca:8e:c5:43:0e:f8:64:43:ef:ff:0a: fb:95:50:d8:f7:42:6d:74:fe:48:95:fe:2e:0c:19: 72:fe:90:08:c3:b8:0f:ab:40:67:ec:47:c7:ff:35: db:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:E1:B2:5F:D9:1B:5F:BC:1F:FB:12:18:C6:7E:D5:58:AE:77:8C:04 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/3252c0-5725-449f-92a1-643bb27f7fbf/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/3252c0-5725-449f-92a1-643bb27f7fbf/1/3OGyX9kbX7wf-xIYxn7VWK53jAQ.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a10:8dc0::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 47773 Signature Algorithm: sha256WithRSAEncryption 84:c1:f6:55:5c:6a:93:17:21:4c:60:03:91:cc:b7:66:ad:c8: b1:cc:cb:02:e0:68:6d:82:06:c5:56:53:82:e6:c8:d7:60:52: c9:d0:ac:44:4b:a5:2f:c8:e6:8a:b8:7e:62:9b:b0:ae:04:2f: 95:4a:f4:3b:f5:4a:c2:9c:29:c6:f4:b5:f5:9f:d5:32:0d:d0: b9:3b:1a:9c:a4:51:11:4e:47:65:10:23:c4:97:7e:de:93:a1: af:f6:e4:15:98:71:af:7c:1b:49:a3:41:ba:ff:63:5c:56:75: 9e:e4:45:45:dc:ab:53:b8:90:f0:0a:c9:69:5d:d0:76:bc:04: 46:cf:4b:df:86:dc:9e:77:46:bb:d2:c9:5c:d7:8b:ad:e7:f4: 60:e6:a4:67:94:0c:7c:63:d6:59:69:95:3d:47:4b:7b:24:dc: 9e:b0:e3:b7:9f:86:d6:b9:9b:e2:b1:7f:3b:d5:1f:ca:eb:a6: 23:fe:61:e0:fa:43:59:5f:7d:5c:84:a9:55:75:7e:18:93:e1: 30:71:f7:f2:b3:b8:03:a2:b1:5d:4d:cf:2f:7c:f6:2e:af:33: cd:ef:19:4d:4e:d8:2c:f0:eb:0d:ff:03:fb:16:d1:31:75:7d: 6b:a6:2b:6a:7e:85:34:c6:de:57:88:5b:3a:90:50:4a:57:63: 20:ec:98:a2 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgISAZt6WsxGqfbTXoi/NYafDC1hMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTYxODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkY2UxYjI1ZmQ5MWI1ZmJjMWZmYjEyMThjNjdlZDU1OGFlNzc4YzA0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiRE9J89+xtDtSLl2qPTpzGWCkmr R+oPSASci3Em9NF3Di1eQmMfpnJjOyccrxRw4FQg0E+OfY1TE+gmtDGQtvAWD3rr 8BTvO3UeLrXxfx47HXx2J2nxyz+y+Jc+0HHA2t6pXo9cH1sls5JF6q+oQOUeRIHZ DhDcybxbaDbS9k/JCZdAUQK+wqBzAyyZUezk/p+T+fmi6fM0XK9ne3Lj1ZPpZK6P 7m8aL83Tu0sa5tgbdh0gtGkUneA1J3sMIw7/lEaRLPPfPn6deTw9lVvoOE7mjmvN yo7FQw74ZEPv/wr7lVDY90JtdP5Ilf4uDBly/pAIw7gPq0Bn7EfH/zXbCwIDAQAB o4ICoTCCAp0wHQYDVR0OBBYEFNzhsl/ZG1+8H/sSGMZ+1Viud4wEMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ1LzMyNTJj MC01NzI1LTQ0OWYtOTJhMS02NDNiYjI3ZjdmYmYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUvMzI1MmMw LTU3MjUtNDQ5Zi05MmExLTY0M2JiMjdmN2ZiZi8xLzNPR3lYOWtiWDd3Zi14SVl4 bjdWV0s1M2pBUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUF BwEHAQH/BBEwDzANBAIAAjAHAwUAKhCNwDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF AgMAup0wDQYJKoZIhvcNAQELBQADggEBAITB9lVcapMXIUxgA5HMt2atyLHMywLg aG2CBsVWU4LmyNdgUsnQrERLpS/I5oq4fmKbsK4EL5VK9Dv1SsKcKcb0tfWf1TIN 0Lk7GpykURFOR2UQI8SXft6Toa/25BWYca98G0mjQbr/Y1xWdZ7kRUXcq1O4kPAK yWld0Ha8BEbPS9+G3J53RrvSyVzXi63n9GDmpGeUDHxj1llplT1HS3sk3J6w47ef hta5m+KxfzvVH8rrpiP+YeD6Q1lffVyEqVV1fhiT4TBx9/KzuAOisV1Nzy989i6v M83vGU1O2Czw6w3/A/sW0TF1fWumK2p+hTTG3leIWzqQUEpXYyDsmKI= -----END CERTIFICATE-----Generated at Sun Jan 11 23:39:53 2026 by rpki-client