This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1-CA6DAS4H-F2b6Qb0xtztYgYisc.cer File: 1-CA6DAS4H-F2b6Qb0xtztYgYisc.cer (raw, json) Hash identifier: RtMTKmPK+1ZQIp2Ny6xqamlOfla6Ef/LLw1+U2aUWgE= Subject key identifier: F8:20:3A:0C:04:B8:1F:E1:76:6F:A4:1B:D3:1B:73:B5:88:18:8A:C7 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7D5CE9B24A8C7485AEC5D032D306DF02 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/1-CA6DAS4H-F2b6Qb0xtztYgYisc.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 06:19:59 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 57621 AS: 60721 IP: 45.136.104.0/23 IP: 45.136.107.0/24 IP: 185.26.144.0/22 IP: 185.126.176.0/24 IP: 185.153.228.0/22 IP: 185.162.144.0/24 IP: 185.162.147.0/24 IP: 185.171.24.0/22 IP: 185.247.136.0/24 IP: 185.247.138.0/23 IP: 2a04:3880::/30 IP: 2a05:100::/29 IP: 2a06:c380::/29 IP: 2a0b:6000::/29 IP: 2a0d:a2c0::/29 IP: 2a0d:c480::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:e9:b2:4a:8c:74:85:ae:c5:d0:32:d3:06:df:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 06:19:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f8203a0c04b81fe1766fa41bd31b73b588188ac7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:c3:e3:50:a2:1e:29:37:44:91:75:76:7a:da: 5f:77:05:a1:b0:f6:78:ad:c8:18:a4:b9:bc:09:a9: 69:17:b9:a9:e1:86:a2:85:00:a1:52:af:95:2e:cd: 93:8c:0d:11:27:21:19:76:0e:56:e3:7a:34:9f:2e: 6c:1f:67:17:94:a9:46:2d:45:43:27:cb:df:ad:8e: fb:2a:ee:c0:e6:92:87:f4:53:47:0a:7d:b5:a8:a1: 49:94:2c:45:06:e5:ce:07:3c:b4:a6:6a:1e:ed:5a: 94:a1:43:bc:32:7e:e4:94:61:00:62:38:69:de:bc: 2f:5f:02:b4:3e:06:b9:0a:86:0f:b9:69:8b:aa:ad: cc:05:a0:4c:d6:81:cd:5a:f7:77:83:14:ca:c9:09: 1b:fd:38:2c:bd:b7:f5:ba:0b:84:a4:7c:0d:3e:56: fa:e0:18:ee:9c:3a:f8:ed:9b:92:42:ed:d8:a0:d5: 12:70:a3:4f:48:32:9e:3e:97:7f:c8:c6:54:ca:12: b1:c0:dc:10:6b:16:b2:56:0a:dc:c8:81:57:73:7b: 4c:45:8a:2d:47:3a:d2:31:89:fa:23:99:29:4e:88: 4e:57:e3:76:50:b4:80:dc:ce:76:84:76:73:11:af: c4:13:b1:a9:95:c3:4b:24:44:d7:c3:63:b3:ee:de: 65:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:20:3A:0C:04:B8:1F:E1:76:6F:A4:1B:D3:1B:73:B5:88:18:8A:C7 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/1-CA6DAS4H-F2b6Qb0xtztYgYisc.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.136.104.0/23 45.136.107.0/24 185.26.144.0/22 185.126.176.0/24 185.153.228.0/22 185.162.144.0/24 185.162.147.0/24 185.171.24.0/22 185.247.136.0/24 185.247.138.0/23 IPv6: 2a04:3880::/30 2a05:100::/29 2a06:c380::/29 2a0b:6000::/29 2a0d:a2c0::/29 2a0d:c480::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 57621 60721 Signature Algorithm: sha256WithRSAEncryption 5a:7b:d5:4b:30:6b:31:e2:fc:8d:56:fa:a8:11:06:24:08:bc: c6:7d:a8:18:9f:43:3b:f4:f6:ca:71:c4:54:c1:d2:36:cc:ba: 51:41:0b:2c:8b:8e:2c:7b:6e:83:1d:70:f5:91:09:31:9b:0f: 53:1e:c7:dc:2e:be:4c:73:01:fe:a9:59:8d:10:3c:69:01:00: c3:22:66:0a:00:42:a2:26:9a:b0:bd:d2:1b:65:4d:b7:82:84: e6:76:7e:cf:96:be:a7:91:27:c5:c9:c0:c5:89:98:82:29:b2: 38:c5:60:1e:02:0d:51:b8:07:e5:75:26:24:1b:a9:74:84:e1: f3:d6:b3:32:df:60:9a:c0:cf:0e:b9:73:22:8c:93:07:80:a2: 1b:81:d9:d0:26:cb:b9:bf:cc:f3:06:81:fe:66:51:15:fd:25: e8:63:b7:bd:d8:04:18:f2:a6:8f:e8:d1:9f:af:17:49:52:93: 0c:83:43:e4:30:6e:e5:a4:ce:1b:03:00:ee:2d:5a:56:1e:15: 53:42:53:21:b3:0b:ac:d6:49:bf:f8:92:f7:c1:32:2b:1d:50: 30:6c:a0:5c:18:1c:5d:09:81:e1:9f:7e:a3:08:47:34:6e:96: ce:49:0b:1f:2b:25:5f:5b:4b:74:45:10:90:6f:55:d2:f2:47: 56:fb:bc:0f -----BEGIN CERTIFICATE----- MIIGAzCCBOugAwIBAgISAZt9XOmySox0ha7F0DLTBt8CMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDYxOTU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmODIwM2EwYzA0YjgxZmUxNzY2ZmE0MWJkMzFiNzNiNTg4MTg4YWM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cPjUKIeKTdEkXV2etpfdwWhsPZ4 rcgYpLm8CalpF7mp4YaihQChUq+VLs2TjA0RJyEZdg5W43o0ny5sH2cXlKlGLUVD J8vfrY77Ku7A5pKH9FNHCn21qKFJlCxFBuXOBzy0pmoe7VqUoUO8Mn7klGEAYjhp 3rwvXwK0Pga5CoYPuWmLqq3MBaBM1oHNWvd3gxTKyQkb/Tgsvbf1uguEpHwNPlb6 4BjunDr47ZuSQu3YoNUScKNPSDKePpd/yMZUyhKxwNwQaxayVgrcyIFXc3tMRYot RzrSMYn6I5kpTohOV+N2ULSA3M52hHZzEa/EE7GplcNLJETXw2Oz7t5lGwIDAQAB o4IDDzCCAwswHQYDVR0OBBYEFPggOgwEuB/hdm+kG9Mbc7WIGIrHMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEkBggrBgEFBQcBCwSCARYwggESMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzViL2UxNGNh My1kYThlLTRiNTgtODYzYS0zMzg5NjIwYzFiZDcvMS8wfQYIKwYBBQUHMAqGcXJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIvZTE0Y2Ez LWRhOGUtNGI1OC04NjNhLTMzODk2MjBjMWJkNy8xLzEtQ0E2REFTNEgtRjJiNlFi MHh0enRZZ1lpc2MubWZ0MDIGCCsGAQUFBzANhiZodHRwczovL3JyZHAucmlwZS5u ZXQvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jw a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhD MlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBhwYIKwYB BQUHAQcBAf8EeDB2MEIEAgABMDwDBAEtiGgDBAAtiGsDBAK5GpADBAC5frADBAK5 meQDBAC5opADBAC5opMDBAK5qxgDBAC594gDBAG594owMAQCAAIwKgMFAioEOIAD BQMqBQEAAwUDKgbDgAMFAyoLYAADBQMqDaLAAwUDKg3EgDAfBggrBgEFBQcBCAEB /wQQMA6gDDAKAgMA4RUCAwDtMTANBgkqhkiG9w0BAQsFAAOCAQEAWnvVSzBrMeL8 jVb6qBEGJAi8xn2oGJ9DO/T2ynHEVMHSNsy6UUELLIuOLHtugx1w9ZEJMZsPUx7H 3C6+THMB/qlZjRA8aQEAwyJmCgBCoiaasL3SG2VNt4KE5nZ+z5a+p5EnxcnAxYmY gimyOMVgHgINUbgH5XUmJBupdITh89azMt9gmsDPDrlzIoyTB4CiG4HZ0CbLub/M 8waB/mZRFf0l6GO3vdgEGPKmj+jRn68XSVKTDIND5DBu5aTOGwMA7i1aVh4VU0JT IbMLrNZJv/iS98EyKx1QMGygXBgcXQmB4Z9+owhHNG6WzkkLHyslX1tLdEUQkG9V 0vJHVvu8Dw== -----END CERTIFICATE-----Generated at Mon Jan 19 18:29:15 2026 by rpki-client