This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ZDHpYM0GEDmzsn_SXUFgdxxJi6s.cer File: ZDHpYM0GEDmzsn_SXUFgdxxJi6s.cer (raw, json) Hash identifier: kzIPtA/b3pJv99m0pMGJwGSjcbSlcr62pnxRqglHRHY= Subject key identifier: 64:31:E9:60:CD:06:10:39:B3:B2:7F:D2:5D:41:60:77:1C:49:8B:AB Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7F15AC9DB4200CD2BDF43E7E06E71186 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/72/4fd931-9f22-49f3-be57-e9daf79eb75e/1/ZDHpYM0GEDmzsn_SXUFgdxxJi6s.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/72/4fd931-9f22-49f3-be57-e9daf79eb75e/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 14:21:25 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 205229 IP: 185.224.176.0/22 IP: 2a14:3900::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 12:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:ac:9d:b4:20:0c:d2:bd:f4:3e:7e:06:e7:11:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 14:21:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6431e960cd061039b3b27fd25d4160771c498bab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:71:4e:a3:08:33:6e:92:31:eb:f2:c9:13:79: f8:06:08:1f:83:da:a4:55:b4:a0:75:d0:b3:7a:b9: 6d:2f:df:d3:35:32:73:ba:01:96:7e:fb:15:55:ae: cb:7c:74:fc:1f:3d:77:ce:50:c4:4b:69:87:52:ee: 0d:fe:a2:29:d2:03:f8:1b:04:85:28:16:47:00:c5: bb:0d:75:14:15:f5:5a:c3:fe:d4:6e:94:20:60:85: d7:9f:5c:75:a3:e2:07:1b:29:30:95:6c:04:8c:10: ca:38:84:54:af:fe:cf:57:c3:78:34:ae:cb:64:83: b2:2c:fb:bf:27:8b:8e:fb:fb:fa:d1:84:2c:23:4a: 66:23:a0:b0:1a:db:af:b8:69:b3:39:34:00:01:7b: e7:31:27:f9:ff:a5:49:5c:68:26:34:77:ba:e0:b0: ad:6c:10:fd:32:0b:f8:8c:17:d3:3f:4a:d3:5c:7e: b9:02:b9:f2:28:1e:20:19:bd:91:1f:bf:37:4f:a0: 60:2d:8c:8e:ff:9f:45:14:cc:3a:0c:e0:34:60:e5: 2c:6d:97:8b:71:d1:ff:f8:78:cf:85:78:b5:1e:92: 28:00:a7:8f:a1:2a:e5:9e:45:f2:6d:85:a5:04:50: b8:9f:12:4c:e2:b7:b8:19:8a:2c:b4:97:53:c3:e9: df:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:31:E9:60:CD:06:10:39:B3:B2:7F:D2:5D:41:60:77:1C:49:8B:AB X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/4fd931-9f22-49f3-be57-e9daf79eb75e/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/4fd931-9f22-49f3-be57-e9daf79eb75e/1/ZDHpYM0GEDmzsn_SXUFgdxxJi6s.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.224.176.0/22 IPv6: 2a14:3900::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 205229 Signature Algorithm: sha256WithRSAEncryption 8f:79:f8:65:72:00:19:a2:fd:59:d8:c4:dd:68:bd:b3:c8:cc: 32:30:32:a6:ee:fa:2f:7a:7d:c4:57:de:2f:d8:a2:1f:c9:63: f6:15:1e:d4:96:8b:14:6a:fa:83:be:b3:52:70:41:c0:2e:1a: 8d:31:88:94:5f:49:0e:f9:a7:36:0e:a3:02:50:52:9f:be:71: df:7e:6a:5e:3b:b7:f7:22:e9:3b:cf:1e:40:f0:f3:02:be:d7: cb:97:31:eb:71:91:0e:1e:28:e0:8d:1d:1c:87:23:ee:5e:16: f0:3a:d1:4c:fd:a5:e3:12:4c:be:e3:c7:70:71:aa:5e:59:2b: 41:77:e0:b2:3e:f0:b1:f1:dc:b1:b5:a6:4c:fc:1b:ec:b1:87: 61:53:52:e2:96:78:17:28:43:11:af:8d:67:1e:d6:85:eb:fc: 64:18:25:bf:61:10:51:bb:73:b4:c2:ee:65:28:9b:59:cb:36: 07:24:f0:13:d8:d3:61:4a:f4:f1:fb:d2:e4:15:fd:67:da:cf: 4a:92:71:64:f2:be:3c:e5:ca:fe:5d:17:a9:ba:05:e5:6d:95: 77:fa:18:41:29:1c:b2:9e:a4:3c:16:9d:d1:0c:ab:73:16:39: d1:69:d7:31:4c:7e:36:d8:8f:a7:4f:2c:8e:54:45:99:ad:fb: c3:0c:1c:6a -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt/FaydtCAM0r30Pn4G5xGGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTQyMTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NDMxZTk2MGNkMDYxMDM5YjNiMjdmZDI1ZDQxNjA3NzFjNDk4YmFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3FOowgzbpIx6/LJE3n4Bggfg9qk VbSgddCzerltL9/TNTJzugGWfvsVVa7LfHT8Hz13zlDES2mHUu4N/qIp0gP4GwSF KBZHAMW7DXUUFfVaw/7UbpQgYIXXn1x1o+IHGykwlWwEjBDKOIRUr/7PV8N4NK7L ZIOyLPu/J4uO+/v60YQsI0pmI6CwGtuvuGmzOTQAAXvnMSf5/6VJXGgmNHe64LCt bBD9Mgv4jBfTP0rTXH65ArnyKB4gGb2RH783T6BgLYyO/59FFMw6DOA0YOUsbZeL cdH/+HjPhXi1HpIoAKePoSrlnkXybYWlBFC4nxJM4re4GYostJdTw+nfdQIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFGQx6WDNBhA5s7J/0l1BYHccSYurMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzcyLzRmZDkz MS05ZjIyLTQ5ZjMtYmU1Ny1lOWRhZjc5ZWI3NWUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIvNGZkOTMx LTlmMjItNDlmMy1iZTU3LWU5ZGFmNzllYjc1ZS8xL1pESHBZTTBHRURtenNuX1NY VUZnZHh4Smk2cy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCueCwMA0EAgACMAcDBQMqFDkAMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwMhrTANBgkqhkiG9w0BAQsFAAOCAQEAj3n4ZXIAGaL9 WdjE3Wi9s8jMMjAypu76L3p9xFfeL9iiH8lj9hUe1JaLFGr6g76zUnBBwC4ajTGI lF9JDvmnNg6jAlBSn75x335qXju39yLpO88eQPDzAr7Xy5cx63GRDh4o4I0dHIcj 7l4W8DrRTP2l4xJMvuPHcHGqXlkrQXfgsj7wsfHcsbWmTPwb7LGHYVNS4pZ4FyhD Ea+NZx7Whev8ZBglv2EQUbtztMLuZSibWcs2ByTwE9jTYUr08fvS5BX9Z9rPSpJx ZPK+POXK/l0XqboF5W2Vd/oYQSkcsp6kPBad0QyrcxY50WnXMUx+NtiPp08sjlRF ma37wwwcag== -----END CERTIFICATE-----Generated at Fri Jan 2 16:58:53 2026 by rpki-client