This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a-OcMb6T9W5jvSbVscBy3HdTGeY.cer File: a-OcMb6T9W5jvSbVscBy3HdTGeY.cer (raw, json) Hash identifier: jsfx65s23GSBk7o0lDN5E+VMLYwKtNuzu8/MUO4suws= Subject key identifier: 6B:E3:9C:31:BE:93:F5:6E:63:BD:26:D5:B1:C0:72:DC:77:53:19:E6 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7F1429B435B03C04AE0EF0DCCB0248AD Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/7f/03c9d3-0e25-4cc7-96a3-117bf42941ca/1/a-OcMb6T9W5jvSbVscBy3HdTGeY.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/7f/03c9d3-0e25-4cc7-96a3-117bf42941ca/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 14:19:46 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 51597 IP: 91.219.80.0/22 IP: 176.116.192.0/21 IP: 2001:678:318::/48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 04 Jan 2026 06:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:29:b4:35:b0:3c:04:ae:0e:f0:dc:cb:02:48:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 14:19:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6be39c31be93f56e63bd26d5b1c072dc775319e6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:b5:ec:9e:16:c7:19:6b:77:e4:19:cb:e5:e9: 71:a7:33:b2:90:9e:8f:b4:05:cc:d0:d7:0a:a8:10: 07:83:0c:bb:82:6d:d9:57:f6:bb:64:97:b2:4d:53: a0:bd:95:ae:55:3e:c3:3e:e6:a8:2c:34:6e:fd:48: fe:e2:74:b0:db:1f:51:dd:ef:df:61:36:0a:b4:6f: ac:c6:b3:fe:2d:64:85:8b:bc:b5:f6:f8:e5:e1:0c: 6d:54:18:23:03:b4:88:be:1d:17:b0:0e:3e:d3:b2: f1:a6:e3:c5:97:45:43:bf:0c:78:47:38:05:db:b0: 11:f5:41:47:5f:77:d8:40:37:5c:49:ef:19:47:b4: 80:ef:45:27:b4:81:4d:87:bc:d1:00:db:87:9c:09: 0a:99:63:0d:d0:ad:1e:b5:c2:f2:32:56:de:50:0f: 41:48:07:b1:b1:c0:85:a5:08:2c:f9:cf:dd:2e:b4: 74:34:ce:74:8b:59:aa:b6:68:f0:9c:0d:cf:af:f4: 09:57:f2:e6:74:d6:d1:9b:b4:bf:e6:b7:cf:f8:a0: cc:94:a2:e1:df:39:11:a4:9e:67:d9:b9:18:08:06: e4:09:16:35:ff:0a:1f:31:42:1a:27:8a:a1:cd:1a: 23:e8:82:35:66:c8:bd:d7:ab:45:90:f8:14:4f:6b: d4:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:E3:9C:31:BE:93:F5:6E:63:BD:26:D5:B1:C0:72:DC:77:53:19:E6 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/03c9d3-0e25-4cc7-96a3-117bf42941ca/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/03c9d3-0e25-4cc7-96a3-117bf42941ca/1/a-OcMb6T9W5jvSbVscBy3HdTGeY.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.219.80.0/22 176.116.192.0/21 IPv6: 2001:678:318::/48 sbgp-autonomousSysNum: critical Autonomous System Numbers: 51597 Signature Algorithm: sha256WithRSAEncryption 29:5a:75:b4:d3:67:90:d4:fa:b9:e8:5b:92:c6:46:68:ce:58: 69:a7:12:1e:c7:86:bc:c6:32:5d:63:78:69:9a:7c:23:a0:35: 76:bc:b1:9b:43:50:46:02:4b:9a:51:3d:c2:91:dd:4d:40:9f: e3:d3:3b:7e:dc:aa:14:47:fa:b7:02:d7:bb:91:c5:63:d4:6c: 19:62:d7:52:8b:51:96:31:ea:bc:0d:f9:dd:d6:d0:78:06:0f: f9:e7:45:c3:c2:3f:d0:a3:46:a5:97:c6:9b:78:95:98:00:25: d4:51:f2:d0:cb:ef:c1:36:50:be:f9:c6:90:01:64:45:ca:d7: 19:4b:50:26:ce:07:a2:1b:97:8f:bd:bd:cf:05:68:9d:5c:dc: db:f8:71:e1:fb:f1:ba:75:39:01:f8:2e:04:bb:cc:18:f4:cc: bb:7f:fa:fd:de:1b:fa:2d:92:50:5c:da:61:ae:da:43:97:f5: 04:63:75:4a:fa:7c:43:78:5a:ef:f4:80:6e:c9:c0:83:e8:a3: ff:55:08:8d:d7:43:8b:9e:78:6b:d1:d5:5d:41:e4:36:41:99: 9e:cb:86:58:d8:2c:1e:24:ad:dc:01:bd:ab:8c:86:5e:3b:2d: 10:0a:b3:a9:bc:64:a3:d9:f9:b6:96:9c:cf:ae:20:b3:4f:ee: dd:fd:1e:66 -----BEGIN CERTIFICATE----- MIIFqzCCBJOgAwIBAgISAZt/FCm0NbA8BK4O8NzLAkitMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTQxOTQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YmUzOWMzMWJlOTNmNTZlNjNiZDI2ZDViMWMwNzJkYzc3NTMxOWU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6rXsnhbHGWt35BnL5elxpzOykJ6P tAXM0NcKqBAHgwy7gm3ZV/a7ZJeyTVOgvZWuVT7DPuaoLDRu/Uj+4nSw2x9R3e/f YTYKtG+sxrP+LWSFi7y19vjl4QxtVBgjA7SIvh0XsA4+07LxpuPFl0VDvwx4RzgF 27AR9UFHX3fYQDdcSe8ZR7SA70UntIFNh7zRANuHnAkKmWMN0K0etcLyMlbeUA9B SAexscCFpQgs+c/dLrR0NM50i1mqtmjwnA3Pr/QJV/LmdNbRm7S/5rfP+KDMlKLh 3zkRpJ5n2bkYCAbkCRY1/wofMUIaJ4qhzRoj6II1Zsi916tFkPgUT2vU2wIDAQAB o4ICtzCCArMwHQYDVR0OBBYEFGvjnDG+k/VuY70m1bHActx3UxnmMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdmLzAzYzlk My0wZTI1LTRjYzctOTZhMy0xMTdiZjQyOTQxY2EvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2YvMDNjOWQz LTBlMjUtNGNjNy05NmEzLTExN2JmNDI5NDFjYS8xL2EtT2NNYjZUOVc1anZTYlZz Y0J5M0hkVEdlWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUF BwEHAQH/BCcwJTASBAIAATAMAwQCW9tQAwQDsHTAMA8EAgACMAkDBwAgAQZ4Axgw GgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAMmNMA0GCSqGSIb3DQEBCwUAA4IBAQAp WnW002eQ1Pq56FuSxkZozlhppxIex4a8xjJdY3hpmnwjoDV2vLGbQ1BGAkuaUT3C kd1NQJ/j0zt+3KoUR/q3Ate7kcVj1GwZYtdSi1GWMeq8Dfnd1tB4Bg/550XDwj/Q o0all8abeJWYACXUUfLQy+/BNlC++caQAWRFytcZS1AmzgeiG5ePvb3PBWidXNzb +HHh+/G6dTkB+C4Eu8wY9My7f/r93hv6LZJQXNphrtpDl/UEY3VK+nxDeFrv9IBu ycCD6KP/VQiN10OLnnhr0dVdQeQ2QZmey4ZY2CweJK3cAb2rjIZeOy0QCrOpvGSj 2fm2lpzPriCzT+7d/R5m -----END CERTIFICATE-----Generated at Sat Jan 3 13:19:36 2026 by rpki-client