This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/omhVmAsnPlrlfcG56yLp9fOnzfc.cer File: omhVmAsnPlrlfcG56yLp9fOnzfc.cer (raw, json) Hash identifier: 3DpVaaAtCPX5ASzi1O+IHdFrjMyNJ1DbENtyVl5EQFE= Subject key identifier: A2:68:55:98:0B:27:3E:5A:E5:7D:C1:B9:EB:22:E9:F5:F3:A7:CD:F7 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7C134FA9C0DC373F973BA3240CB71AB8 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/62/8afdda-6c6b-4587-8a21-81eb61f5b71e/1/omhVmAsnPlrlfcG56yLp9fOnzfc.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/62/8afdda-6c6b-4587-8a21-81eb61f5b71e/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 00:19:59 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 137 IP: 90.147.0.0/16 IP: 138.41.0.0/16 IP: 185.191.180.0/22 IP: 192.167.0.0/16 IP: 193.204.0.0 -- 193.206.255.255 IP: 212.189.128.0/17 IP: 2001:760::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:4f:a9:c0:dc:37:3f:97:3b:a3:24:0c:b7:1a:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 00:19:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a26855980b273e5ae57dc1b9eb22e9f5f3a7cdf7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:aa:c5:65:4b:eb:9f:c6:94:0a:3b:c7:e5:aa: e6:d7:3b:a9:68:01:b1:0e:6e:ca:a4:0c:41:0b:63: da:9d:f0:ae:d5:85:9a:55:a4:10:e0:62:c0:23:bb: a9:53:59:a2:f0:3a:1e:ca:8b:c5:6d:5c:a3:29:07: f3:6d:5c:c6:71:a7:58:d3:72:fc:fb:df:74:fb:6f: 81:48:6d:98:d1:a1:2b:9f:ce:ad:9e:46:e7:98:73: f7:b0:f6:ec:72:0a:6c:14:f9:ba:87:da:dd:7a:0a: 93:c7:f5:6a:6e:85:c7:c7:4f:07:72:5d:ef:0d:57: eb:02:30:db:f5:2c:70:0b:69:cc:85:46:7c:0f:f3: 0a:d2:5b:f4:f1:0d:0e:a4:0b:5d:ed:4f:90:85:fd: 23:9f:8e:41:95:0d:3b:4c:14:7f:54:ee:2e:49:f5: c9:e2:f2:e2:db:c6:ee:5e:bf:2a:dd:eb:db:bb:17: 98:4d:ee:93:70:96:60:13:35:13:b5:d9:2a:24:d3: 39:4d:c7:e3:3e:14:96:ff:9a:f0:93:da:b6:39:21: 51:b0:18:d1:4a:ce:b6:a7:d0:1d:cc:b8:ae:28:7e: 26:c4:d9:c8:68:ed:d6:5d:8c:c8:4c:ba:f6:87:c0: f7:1d:83:60:e8:9a:d0:e7:d4:13:67:a4:9b:61:d1: 52:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:68:55:98:0B:27:3E:5A:E5:7D:C1:B9:EB:22:E9:F5:F3:A7:CD:F7 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8afdda-6c6b-4587-8a21-81eb61f5b71e/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8afdda-6c6b-4587-8a21-81eb61f5b71e/1/omhVmAsnPlrlfcG56yLp9fOnzfc.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 90.147.0.0/16 138.41.0.0/16 185.191.180.0/22 192.167.0.0/16 193.204.0.0-193.206.255.255 212.189.128.0/17 IPv6: 2001:760::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 137 Signature Algorithm: sha256WithRSAEncryption 26:8b:ae:ca:d1:8c:8b:b3:5e:13:d3:5e:03:9c:f2:64:f0:5e: 51:aa:b1:d2:9a:3a:86:4f:b0:5b:06:26:4c:73:d3:ef:53:6c: 21:3e:e3:58:0d:bf:b2:a1:81:90:04:32:be:9e:7d:14:73:c1: 17:14:2d:ab:0a:35:a9:89:ab:42:d7:83:02:46:6d:2a:b4:f5: d7:a5:6b:43:8b:f3:f3:3a:46:14:43:b6:61:b9:5b:3e:5c:5e: 7a:6b:77:35:be:8c:ae:7d:e7:c8:4f:1a:a8:2e:cf:3e:7f:37: 44:13:42:aa:b5:c6:59:eb:cf:bb:0b:88:08:14:63:7e:1b:66: 54:b3:c4:3d:f0:83:d8:62:65:fb:c6:5c:19:02:32:a9:d4:06: 52:e8:23:6e:d1:39:46:0c:f3:01:37:d0:3b:2a:38:62:d2:b6: ff:49:29:44:14:63:87:a1:e0:84:51:a7:3f:9b:d6:57:1e:d3: ec:41:67:5a:36:c9:4c:16:34:6a:9d:89:31:ce:ff:00:84:ff: 4b:c4:08:16:94:3f:03:52:f4:bb:1b:97:3f:96:61:04:a1:44: 13:bd:20:6e:6c:62:fe:4c:18:14:c1:f8:7b:e7:a4:67:9b:03: da:26:cd:ec:fd:48:d1:be:6c:44:e6:3d:a0:83:3e:f8:b7:c6: bc:cd:a2:85 -----BEGIN CERTIFICATE----- MIIFwzCCBKugAwIBAgISAZt8E0+pwNw3P5c7oyQMtxq4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDAxOTU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMjY4NTU5ODBiMjczZTVhZTU3ZGMxYjllYjIyZTlmNWYzYTdjZGY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6rFZUvrn8aUCjvH5arm1zupaAGx Dm7KpAxBC2PanfCu1YWaVaQQ4GLAI7upU1mi8DoeyovFbVyjKQfzbVzGcadY03L8 +990+2+BSG2Y0aErn86tnkbnmHP3sPbscgpsFPm6h9rdegqTx/VqboXHx08Hcl3v DVfrAjDb9SxwC2nMhUZ8D/MK0lv08Q0OpAtd7U+Qhf0jn45BlQ07TBR/VO4uSfXJ 4vLi28buXr8q3evbuxeYTe6TcJZgEzUTtdkqJNM5TcfjPhSW/5rwk9q2OSFRsBjR Ss62p9AdzLiuKH4mxNnIaO3WXYzITLr2h8D3HYNg6JrQ59QTZ6SbYdFSOwIDAQAB o4ICzzCCAsswHQYDVR0OBBYEFKJoVZgLJz5a5X3Buesi6fXzp833MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYyLzhhZmRk YS02YzZiLTQ1ODctOGEyMS04MWViNjFmNWI3MWUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIvOGFmZGRh LTZjNmItNDU4Ny04YTIxLTgxZWI2MWY1YjcxZS8xL29taFZtQXNuUGxybGZjRzU2 eUxwOWZPbnpmYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CME8GCCsGAQUF BwEHAQH/BEAwPjAtBAIAATAnAwMAWpMDAwCKKQMEArm/tAMDAMCnMAoDAwLBzAMD AMHOAwQH1L2AMA0EAgACMAcDBQAgAQdgMBkGCCsGAQUFBwEIAQH/BAowCKAGMAQC AgCJMA0GCSqGSIb3DQEBCwUAA4IBAQAmi67K0YyLs14T014DnPJk8F5RqrHSmjqG T7BbBiZMc9PvU2whPuNYDb+yoYGQBDK+nn0Uc8EXFC2rCjWpiatC14MCRm0qtPXX pWtDi/PzOkYUQ7ZhuVs+XF56a3c1voyufefITxqoLs8+fzdEE0KqtcZZ68+7C4gI FGN+G2ZUs8Q98IPYYmX7xlwZAjKp1AZS6CNu0TlGDPMBN9A7Kjhi0rb/SSlEFGOH oeCEUac/m9ZXHtPsQWdaNslMFjRqnYkxzv8AhP9LxAgWlD8DUvS7G5c/lmEEoUQT vSBubGL+TBgUwfh756RnmwPaJs3s/UjRvmxE5j2ggz74t8a8zaKF -----END CERTIFICATE-----Generated at Mon Jan 12 03:26:41 2026 by rpki-client