This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yugVDpWV2-mnSiib_Q6NKxzms40.cer File: yugVDpWV2-mnSiib_Q6NKxzms40.cer (raw, json) Hash identifier: HV2Mz9yRVEen67Yvg87/IfYP51lbNdtCUnjsNHhIgtk= Subject key identifier: CA:E8:15:0E:95:95:DB:E9:A7:4A:28:9B:FD:0E:8D:2B:1C:E6:B3:8D Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B30E6766554D8DFD65D8BA9A75D56C122 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://repo.rpki.space/repo/Pfcloud/2/CAE8150E9595DBE9A74A289BFD0E8D2B1CE6B38D.mft caRepository: rsync://repo.rpki.space/repo/Pfcloud/2/ Notify URL: https://repo.rpki.space/rrdp/notification.xml Certificate not before: Thu 18 Dec 2025 09:59:28 +0000 Certificate not after: Wed 01 Jul 2026 00:00:00 +0000 Subordinate resources: AS: 51396 AS: 215310 IP: 2a14:8000::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:30:e6:76:65:54:d8:df:d6:5d:8b:a9:a7:5d:56:c1:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Dec 18 09:59:28 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=cae8150e9595dbe9a74a289bfd0e8d2b1ce6b38d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:4a:5e:86:12:c6:f8:a8:5b:00:16:d8:56:a7: 41:a8:a5:f0:c9:b9:29:b8:8e:2b:b4:8b:07:91:73: 2c:29:51:32:dc:bc:4b:8b:50:9f:89:aa:b0:5d:06: 3c:87:3d:73:66:3b:01:6a:e9:18:02:c1:1e:58:a1: 15:dc:c2:c6:20:01:8b:d3:76:f7:3c:c2:13:17:7b: d9:64:53:98:34:0d:ce:fa:b2:cc:a3:40:d6:75:a9: 53:c9:d9:0a:53:99:1c:2f:5a:57:63:33:cd:73:44: ea:8e:84:2e:08:7d:af:55:96:89:c0:5b:a0:88:11: 1b:e8:a1:70:20:00:19:c3:bd:d8:f7:ae:f2:1b:69: 15:e6:15:4f:cc:54:9b:54:15:3b:5d:36:94:a9:1f: 98:1c:9e:e7:05:a2:73:5e:ea:a6:6b:a6:be:d9:df: a1:6e:92:fa:8d:33:3f:dc:06:6a:f6:89:db:51:33: eb:d4:5c:91:a6:4e:f0:e2:df:c0:bd:ee:b1:1e:33: 73:91:ad:c2:61:b5:f1:d7:47:81:c5:7a:c8:85:36: 0c:b2:ef:4d:4a:87:2c:b6:58:ab:e3:16:d3:e0:33: 91:41:3e:74:71:96:57:3a:d7:17:e8:0c:60:8b:47: c5:06:6e:99:7d:c2:2d:4f:a8:9c:e3:64:dd:40:07: da:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:E8:15:0E:95:95:DB:E9:A7:4A:28:9B:FD:0E:8D:2B:1C:E6:B3:8D X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://repo.rpki.space/repo/Pfcloud/2/ RPKI Manifest - URI:rsync://repo.rpki.space/repo/Pfcloud/2/CAE8150E9595DBE9A74A289BFD0E8D2B1CE6B38D.mft RPKI Notify - URI:https://repo.rpki.space/rrdp/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:8000::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 51396 215310 Signature Algorithm: sha256WithRSAEncryption 09:8d:ff:ec:30:2d:37:4e:40:1c:22:4b:0e:85:e2:45:c8:b0: fc:0e:d1:01:9f:fc:0a:b4:64:50:33:4f:85:c8:9c:be:50:cc: db:3b:56:2b:fd:10:0a:f3:57:8a:a7:06:ec:16:81:a9:23:ca: e5:bf:aa:ac:d7:6e:1d:3a:d9:a2:3c:a2:76:28:66:60:9f:9f: 4b:74:f7:80:cd:1f:9e:e3:ad:2d:e4:b4:0a:c8:ea:0e:5a:fa: c3:65:0f:a6:2f:18:20:05:21:d3:16:f1:df:10:b6:42:6d:1f: 60:bd:23:d5:91:47:f4:f0:a1:69:ae:48:6c:55:6b:e2:48:46: 98:8d:90:b9:41:9f:75:f7:8c:63:77:48:21:61:5a:65:bf:65: 7e:03:24:22:66:6a:32:c8:cb:9a:20:04:32:18:28:2d:bd:6d: 64:b7:55:3f:ca:ea:df:6c:8b:d7:bd:05:fa:3c:6b:4c:ad:f2: b3:c4:82:a6:06:b3:39:5f:64:d3:e4:1e:2d:17:ae:e7:5e:81: e4:6a:6d:ec:30:db:b3:02:3b:c4:8a:3a:8c:91:96:91:73:c4: da:01:ae:17:ef:7e:74:26:85:49:eb:d0:b9:c8:2f:56:6e:1a: 7f:53:ea:a1:ae:b5:95:30:42:e1:eb:17:75:8f:06:e2:d1:bc: 9c:9e:5c:d1 -----BEGIN CERTIFICATE----- MIIFVzCCBD+gAwIBAgISAZsw5nZlVNjf1l2LqaddVsEiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjUxMjE4MDk1OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYWU4MTUwZTk1OTVkYmU5YTc0YTI4OWJmZDBlOGQyYjFjZTZiMzhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0pehhLG+KhbABbYVqdBqKXwybkp uI4rtIsHkXMsKVEy3LxLi1CfiaqwXQY8hz1zZjsBaukYAsEeWKEV3MLGIAGL03b3 PMITF3vZZFOYNA3O+rLMo0DWdalTydkKU5kcL1pXYzPNc0TqjoQuCH2vVZaJwFug iBEb6KFwIAAZw73Y967yG2kV5hVPzFSbVBU7XTaUqR+YHJ7nBaJzXuqma6a+2d+h bpL6jTM/3AZq9onbUTPr1FyRpk7w4t/Ave6xHjNzka3CYbXx10eBxXrIhTYMsu9N Socstlir4xbT4DORQT50cZZXOtcX6Axgi0fFBm6ZfcItT6ic42TdQAfaWwIDAQAB o4ICYzCCAl8wHQYDVR0OBBYEFMroFQ6Vldvpp0oom/0OjSsc5rONMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwgeEGCCsGAQUFBwELBIHUMIHRMDMGCCsGAQUFBzAFhidyc3lu YzovL3JlcG8ucnBraS5zcGFjZS9yZXBvL1BmY2xvdWQvMi8wXwYIKwYBBQUHMAqG U3JzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vUGZjbG91ZC8yL0NBRTgxNTBF OTU5NURCRTlBNzRBMjg5QkZEMEU4RDJCMUNFNkIzOEQubWZ0MDkGCCsGAQUFBzAN hi1odHRwczovL3JlcG8ucnBraS5zcGFjZS9ycmRwL25vdGlmaWNhdGlvbi54bWww WQYDVR0fBFIwUDBOoEygSoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9LcFNvM1ZWSzV3RUhJSm5IQzJRSFZWM2Q1bWsuY3JsMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD BQMqFIAAMB8GCCsGAQUFBwEIAQH/BBAwDqAMMAoCAwDIxAIDA0kOMA0GCSqGSIb3 DQEBCwUAA4IBAQAJjf/sMC03TkAcIksOheJFyLD8DtEBn/wKtGRQM0+FyJy+UMzb O1Yr/RAK81eKpwbsFoGpI8rlv6qs124dOtmiPKJ2KGZgn59LdPeAzR+e460t5LQK yOoOWvrDZQ+mLxggBSHTFvHfELZCbR9gvSPVkUf08KFprkhsVWviSEaYjZC5QZ91 94xjd0ghYVplv2V+AyQiZmoyyMuaIAQyGCgtvW1kt1U/yurfbIvXvQX6PGtMrfKz xIKmBrM5X2TT5B4tF67nXoHkam3sMNuzAjvEijqMkZaRc8TaAa4X7350JoVJ69C5 yC9Wbhp/U+qhrrWVMELh6xd1jwbi0bycnlzR -----END CERTIFICATE-----Generated at Sat Dec 20 07:42:57 2025 by rpki-client