This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3sQzl3xytL5diI9WhT7TGh_x78Y.cer File: 3sQzl3xytL5diI9WhT7TGh_x78Y.cer (raw, json) Hash identifier: VNJrIxD6OkSmoSREXZQ0VC4Z/c+mFWh2gedpXWEjFoI= Subject key identifier: DE:C4:33:97:7C:72:B4:BE:5D:88:8F:56:85:3E:D3:1A:1F:F1:EF:C6 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7CECBC216AB35B60FA5630E34246F93A Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/5b/456a85-b7a1-4183-a64f-223f508c055a/1/3sQzl3xytL5diI9WhT7TGh_x78Y.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/5b/456a85-b7a1-4183-a64f-223f508c055a/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 04:17:28 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 193.8.198.0/23 IP: 193.28.188.0/24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ec:bc:21:6a:b3:5b:60:fa:56:30:e3:42:46:f9:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 04:17:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dec433977c72b4be5d888f56853ed31a1ff1efc6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:d7:d0:6a:fc:a2:32:0f:70:ce:f9:1b:97:e1: 81:45:83:0c:90:90:f5:b1:66:95:3b:7b:f0:8f:f1: 2d:1a:7d:d8:05:49:18:6c:94:45:e7:f4:f4:35:fa: 9c:56:42:b2:dd:13:53:cd:30:33:2e:f2:1d:cf:2a: 1d:33:13:3b:55:bf:1f:3b:a4:64:d8:6e:46:49:6a: 1a:04:b4:25:d3:df:6f:bf:74:54:f7:e0:ee:b8:8d: dc:01:e5:36:69:48:52:23:2c:3d:99:96:af:98:34: a6:4d:13:75:41:0c:1b:d5:da:2d:a2:a5:cb:e3:0a: 0e:04:2a:1e:2e:35:ba:d1:c4:93:85:6a:4d:51:1e: 0c:cc:d4:c5:c5:8a:90:1e:7b:14:38:2c:34:06:a3: 8b:46:2d:ad:8c:33:94:96:32:93:42:63:43:5e:1d: 9e:b7:02:28:83:08:1e:7a:5f:09:83:2f:7d:a5:22: 76:8e:47:cc:f5:b8:b6:1c:c0:45:ea:48:d5:9b:c7: 78:b8:c3:06:60:a4:34:ea:2e:ca:4b:3a:aa:8b:27: d8:ba:c0:ad:e1:46:53:f1:dc:b9:23:a5:cd:47:1c: 2c:5e:c6:68:ae:d3:0d:34:ff:d7:81:7e:1d:28:f1: 28:d6:cd:b9:a8:be:e5:92:3d:a2:a2:59:47:05:77: 72:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:C4:33:97:7C:72:B4:BE:5D:88:8F:56:85:3E:D3:1A:1F:F1:EF:C6 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/456a85-b7a1-4183-a64f-223f508c055a/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/456a85-b7a1-4183-a64f-223f508c055a/1/3sQzl3xytL5diI9WhT7TGh_x78Y.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.8.198.0/23 193.28.188.0/24 Signature Algorithm: sha256WithRSAEncryption 45:e9:5f:ec:ef:3b:d0:ab:6b:28:02:e8:d0:e0:5c:26:dc:36: cf:4e:2d:c5:c9:06:8d:12:62:2f:4c:ed:03:92:5e:97:f9:23: 37:f7:de:58:62:0a:b2:6e:ed:de:cd:59:9b:e6:b4:23:fc:24: ae:d7:06:48:f0:e2:61:f1:c5:b8:fc:8b:c3:23:cb:64:4b:00: 86:a9:a9:6d:d4:5e:ee:6f:7a:f9:ee:b9:7b:3c:d6:8c:b1:30: e0:42:2f:b7:6b:8d:ef:4b:d9:5d:58:45:97:97:15:bf:f5:29: cf:8c:1a:25:98:1c:73:00:13:8c:eb:fe:a7:63:ca:47:02:ad: c8:82:02:3b:c4:0e:46:22:d9:8a:82:95:de:c2:2c:f2:e8:8f: 6f:86:de:10:10:f9:43:61:10:90:44:83:82:5c:5a:07:71:ef: ca:4b:9d:4e:ce:d1:0d:b0:c2:b2:0c:e6:b3:07:67:0c:0e:99: 19:29:d7:4d:e6:e8:35:34:ca:3d:a4:10:e1:57:7b:c6:a4:9f: 45:1a:b4:18:98:cd:c1:07:f0:cd:86:78:ad:03:d0:87:b7:f8: 69:bf:6d:7f:7b:a5:cd:00:fe:22:03:20:14:08:d7:a6:a5:b1: 93:63:3c:24:25:ac:d6:5e:66:2b:e9:86:04:80:ae:22:d1:c1: de:ac:c2:d1 -----BEGIN CERTIFICATE----- MIIFfjCCBGagAwIBAgISAZt87LwharNbYPpWMONCRvk6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDQxNzI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZWM0MzM5NzdjNzJiNGJlNWQ4ODhmNTY4NTNlZDMxYTFmZjFlZmM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNfQavyiMg9wzvkbl+GBRYMMkJD1 sWaVO3vwj/EtGn3YBUkYbJRF5/T0NfqcVkKy3RNTzTAzLvIdzyodMxM7Vb8fO6Rk 2G5GSWoaBLQl099vv3RU9+DuuI3cAeU2aUhSIyw9mZavmDSmTRN1QQwb1dotoqXL 4woOBCoeLjW60cSThWpNUR4MzNTFxYqQHnsUOCw0BqOLRi2tjDOUljKTQmNDXh2e twIogwgeel8Jgy99pSJ2jkfM9bi2HMBF6kjVm8d4uMMGYKQ06i7KSzqqiyfYusCt 4UZT8dy5I6XNRxwsXsZortMNNP/XgX4dKPEo1s25qL7lkj2iollHBXdysQIDAQAB o4ICijCCAoYwHQYDVR0OBBYEFN7EM5d8crS+XYiPVoU+0xof8e/GMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzViLzQ1NmE4 NS1iN2ExLTQxODMtYTY0Zi0yMjNmNTA4YzA1NWEvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIvNDU2YTg1 LWI3YTEtNDE4My1hNjRmLTIyM2Y1MDhjMDU1YS8xLzNzUXpsM3h5dEw1ZGlJOVdo VDdUR2hfeDc4WS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF BwEHAQH/BBYwFDASBAIAATAMAwQBwQjGAwQAwRy8MA0GCSqGSIb3DQEBCwUAA4IB AQBF6V/s7zvQq2soAujQ4Fwm3DbPTi3FyQaNEmIvTO0Dkl6X+SM3995YYgqybu3e zVmb5rQj/CSu1wZI8OJh8cW4/IvDI8tkSwCGqalt1F7ub3r57rl7PNaMsTDgQi+3 a43vS9ldWEWXlxW/9SnPjBolmBxzABOM6/6nY8pHAq3IggI7xA5GItmKgpXewizy 6I9vht4QEPlDYRCQRIOCXFoHce/KS51OztENsMKyDOazB2cMDpkZKddN5ug1NMo9 pBDhV3vGpJ9FGrQYmM3BB/DNhnitA9CHt/hpv21/e6XNAP4iAyAUCNempbGTYzwk JazWXmYr6YYEgK4i0cHerMLR -----END CERTIFICATE-----Generated at Mon Jan 12 01:23:59 2026 by rpki-client