This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/u0CY4P3tthLyOdpSSgS14N6kxT8.cer File: u0CY4P3tthLyOdpSSgS14N6kxT8.cer (raw, json) Hash identifier: ZrJeva1TqbKWja2/cVHtU7pFcKNfk3prXK9yzs4oC5k= Subject key identifier: BB:40:98:E0:FD:ED:B6:12:F2:39:DA:52:4A:04:B5:E0:DE:A4:C5:3F Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7B36772231A35FC37D8110E899567FC9 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/e2/9b733e-9839-4f6f-b4b6-ff5aa9eef4e2/1/u0CY4P3tthLyOdpSSgS14N6kxT8.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/e2/9b733e-9839-4f6f-b4b6-ff5aa9eef4e2/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 20:18:45 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 42223 IP: 91.233.15.0/24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:77:22:31:a3:5f:c3:7d:81:10:e8:99:56:7f:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 20:18:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=bb4098e0fdedb612f239da524a04b5e0dea4c53f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:4f:ab:34:df:10:f3:6d:6a:08:ed:85:7a:83: 7b:18:f8:99:26:d0:85:f2:3b:af:0e:8c:ae:d4:ee: c8:20:8c:fc:66:5e:39:19:3a:d7:7f:94:ff:e3:d3: 4c:8a:4b:6e:25:58:41:41:6c:ca:cb:9c:49:49:13: 83:3f:b1:26:a0:f0:8c:e9:6e:95:92:88:53:7e:94: 5e:e4:b2:21:ca:4f:59:0a:9c:83:10:13:30:56:49: f7:7f:66:15:4a:2d:85:78:21:40:bd:e2:3a:a1:40: a4:79:1f:80:4f:13:2e:b3:be:a4:81:b5:a5:70:91: bc:2c:aa:6d:20:fd:6c:63:46:8a:e2:f4:f5:79:ce: 01:c5:a6:d7:64:be:99:40:f8:9b:2d:76:ad:2d:bd: 9b:86:bd:bb:32:1b:e3:d6:aa:04:56:11:df:74:2e: 23:53:e5:19:8b:14:50:f0:ca:13:09:c9:c9:a8:67: 9f:33:98:c5:0d:d4:91:5a:fe:60:f4:d7:3b:c1:bc: 97:27:70:7b:a3:78:61:1b:f9:63:60:c4:0f:be:51: ce:80:1a:c6:47:0e:37:c5:ec:1a:ea:41:26:bc:b0: 29:d9:d3:fe:5a:fd:c1:ec:f2:0b:4a:e5:29:73:e7: 9d:a0:86:36:47:d6:02:47:8d:da:70:c6:b4:d7:1a: a2:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:40:98:E0:FD:ED:B6:12:F2:39:DA:52:4A:04:B5:E0:DE:A4:C5:3F X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/9b733e-9839-4f6f-b4b6-ff5aa9eef4e2/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/9b733e-9839-4f6f-b4b6-ff5aa9eef4e2/1/u0CY4P3tthLyOdpSSgS14N6kxT8.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.233.15.0/24 sbgp-autonomousSysNum: critical Autonomous System Numbers: 42223 Signature Algorithm: sha256WithRSAEncryption 73:16:8b:2d:63:a0:5d:3b:88:25:67:47:0d:3d:c6:f4:b7:23: c7:d7:37:7c:7c:f4:e2:6d:58:d7:9d:05:df:df:21:5f:36:2d: 6c:e7:4a:3a:ee:2c:cf:51:26:d3:98:9c:27:3f:21:94:1e:6b: fc:cb:c4:29:47:80:17:b3:61:c5:7a:c5:00:ea:42:dd:c8:05: c4:b0:49:00:bd:39:41:b8:5f:71:06:9e:97:15:97:71:a8:83: b1:8f:20:eb:5c:8c:21:77:33:a2:91:65:05:67:03:ac:22:c1: 03:69:b6:e8:b8:4a:45:67:21:36:bc:33:48:37:d6:19:97:a9: 72:79:63:9e:0b:7b:01:43:e1:c6:fc:0e:2b:71:06:aa:54:0a: 94:c7:dc:54:9c:fc:1e:d4:54:37:2e:23:38:9d:80:63:10:ab: 0b:08:b3:82:4f:b5:85:6d:91:52:58:f4:cd:17:f1:5f:8e:87: 09:3b:42:3a:7b:73:6e:e4:98:dd:59:42:c7:be:4c:93:1b:66: 04:54:a9:d0:4c:a2:dc:c8:e0:aa:0b:29:45:4d:2e:0b:a2:98: 69:80:f7:44:2d:b1:9f:ac:2d:ef:c0:60:92:0c:a5:1a:f0:17: 05:98:8a:59:1e:b1:c7:7a:a8:6c:83:f2:2d:1d:26:f0:20:a5: f0:9e:77:40 -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgISAZt7NnciMaNfw32BEOiZVn/JMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjAxODQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiYjQwOThlMGZkZWRiNjEyZjIzOWRhNTI0YTA0YjVlMGRlYTRjNTNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqU+rNN8Q821qCO2FeoN7GPiZJtCF 8juvDoyu1O7IIIz8Zl45GTrXf5T/49NMiktuJVhBQWzKy5xJSRODP7EmoPCM6W6V kohTfpRe5LIhyk9ZCpyDEBMwVkn3f2YVSi2FeCFAveI6oUCkeR+ATxMus76kgbWl cJG8LKptIP1sY0aK4vT1ec4BxabXZL6ZQPibLXatLb2bhr27Mhvj1qoEVhHfdC4j U+UZixRQ8MoTCcnJqGefM5jFDdSRWv5g9Nc7wbyXJ3B7o3hhG/ljYMQPvlHOgBrG Rw43xewa6kEmvLAp2dP+Wv3B7PILSuUpc+edoIY2R9YCR43acMa01xqiKwIDAQAB o4ICoDCCApwwHQYDVR0OBBYEFLtAmOD97bYS8jnaUkoEteDepMU/MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2UyLzliNzMz ZS05ODM5LTRmNmYtYjRiNi1mZjVhYTllZWY0ZTIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvOWI3MzNl LTk4MzktNGY2Zi1iNGI2LWZmNWFhOWVlZjRlMi8xL3UwQ1k0UDN0dGhMeU9kcFNT Z1MxNE42a3hUOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQAW+kPMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC AwCk7zANBgkqhkiG9w0BAQsFAAOCAQEAcxaLLWOgXTuIJWdHDT3G9Lcjx9c3fHz0 4m1Y150F398hXzYtbOdKOu4sz1Em05icJz8hlB5r/MvEKUeAF7NhxXrFAOpC3cgF xLBJAL05QbhfcQaelxWXcaiDsY8g61yMIXczopFlBWcDrCLBA2m26LhKRWchNrwz SDfWGZepcnljngt7AUPhxvwOK3EGqlQKlMfcVJz8HtRUNy4jOJ2AYxCrCwizgk+1 hW2RUlj0zRfxX46HCTtCOntzbuSY3VlCx75MkxtmBFSp0Eyi3MjgqgspRU0uC6KY aYD3RC2xn6wt78BgkgylGvAXBZiKWR6xx3qobIPyLR0m8CCl8J53QA== -----END CERTIFICATE-----Generated at Fri Jan 2 09:50:51 2026 by rpki-client