This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1-PvIQVghSG6P4IYLW-w-koO4A4U.cer File: 1-PvIQVghSG6P4IYLW-w-koO4A4U.cer (raw, json) Hash identifier: vSWNq3ULBDxoDsNGc8cYkr4TPhEjnF32i+U/1xWnA1o= Subject key identifier: F8:FB:C8:41:58:21:48:6E:8F:E0:86:0B:5B:EC:3E:92:83:B8:03:85 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7E38F3AC33EC06BCBDE3F2928F53C821 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/0a/361c57-ea42-47e2-a68f-ec967b511d7f/1/1-PvIQVghSG6P4IYLW-w-koO4A4U.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/0a/361c57-ea42-47e2-a68f-ec967b511d7f/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 10:20:20 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 31169 IP: 37.18.48.0/21 IP: 45.134.208.0/22 IP: 45.144.76.0/22 IP: 79.170.80.0/21 IP: 84.247.63.0/24 IP: 89.34.22.0/23 IP: 89.45.165.0/24 IP: 91.126.0.0/20 IP: 92.114.96.0/23 IP: 185.28.128.0/22 IP: 193.247.181.0/24 IP: 193.247.183.0/24 IP: 193.247.192.0/24 IP: 193.247.202.0/24 IP: 194.104.97.0 -- 194.104.98.255 IP: 194.104.112.0/24 IP: 194.104.126.0/24 IP: 195.88.32.0/23 IP: 217.17.208.0/20 IP: 2a04:2740::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:f3:ac:33:ec:06:bc:bd:e3:f2:92:8f:53:c8:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 10:20:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f8fbc8415821486e8fe0860b5bec3e9283b80385 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:95:66:ee:1f:ca:5f:1a:ae:6b:48:b7:1a:85: e9:a0:7e:f2:c3:2d:b3:1a:9d:60:51:6a:b9:77:38: 42:d5:95:f1:31:c7:96:0a:ba:e4:7f:81:ae:b3:6f: c0:50:6f:4b:3c:ee:70:26:6f:36:d5:1d:aa:9d:ba: 23:96:42:44:1b:b4:18:c9:2e:9e:90:40:99:58:a5: 42:f9:31:a6:d1:53:09:54:9d:9f:26:b7:3f:e2:da: 48:b8:ca:f5:05:fb:26:23:24:ed:b6:a5:83:8e:e2: 36:26:76:10:26:af:8e:3d:bb:78:b9:74:ed:80:12: 62:eb:df:2f:87:17:8c:e5:68:cc:bf:13:2d:6f:62: f9:d3:7a:6f:c9:9b:d6:10:5e:82:c2:3f:70:aa:0a: 0b:60:db:82:5d:b7:61:a5:36:5b:e0:f5:55:f6:ee: 48:dd:9a:8f:05:f7:71:08:bb:5c:13:d1:fc:77:a8: cf:d3:c6:24:1f:73:fb:90:7b:80:3b:4f:5c:56:fa: 43:c4:c5:58:8c:17:f3:a3:fb:4b:cc:62:a6:bd:1f: 0c:46:9b:e0:65:97:04:21:c6:12:0b:fa:19:6d:9d: f2:ea:32:a2:07:d6:a7:75:12:bf:26:10:0f:56:8f: 3a:d2:90:06:b3:f3:24:48:ed:a9:50:fb:74:61:f9: 64:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:FB:C8:41:58:21:48:6E:8F:E0:86:0B:5B:EC:3E:92:83:B8:03:85 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/361c57-ea42-47e2-a68f-ec967b511d7f/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/361c57-ea42-47e2-a68f-ec967b511d7f/1/1-PvIQVghSG6P4IYLW-w-koO4A4U.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.18.48.0/21 45.134.208.0/22 45.144.76.0/22 79.170.80.0/21 84.247.63.0/24 89.34.22.0/23 89.45.165.0/24 91.126.0.0/20 92.114.96.0/23 185.28.128.0/22 193.247.181.0/24 193.247.183.0/24 193.247.192.0/24 193.247.202.0/24 194.104.97.0-194.104.98.255 194.104.112.0/24 194.104.126.0/24 195.88.32.0/23 217.17.208.0/20 IPv6: 2a04:2740::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 31169 Signature Algorithm: sha256WithRSAEncryption 59:45:a2:15:ed:da:b3:8c:70:40:e4:de:10:e3:b5:ff:41:9b: ef:6f:74:78:5b:23:da:df:5c:7d:74:d3:27:de:72:fc:4f:2a: 43:a9:63:6a:90:2a:69:ae:ce:29:04:6a:98:16:d7:ba:e7:66: 53:81:4e:ca:fa:9c:a2:a7:08:44:a2:7d:55:63:6d:1a:af:ee: a3:88:d0:66:dd:63:89:87:17:3b:09:21:c6:ca:47:80:04:16: 42:c0:93:3b:78:6e:44:ac:a0:23:a5:56:d0:13:d9:04:ce:2a: fb:d4:dc:27:a7:bb:d9:ce:ce:e5:14:a7:cc:01:09:97:5d:0d: 1e:22:80:53:32:ca:47:a5:fe:41:cf:76:e7:de:f6:aa:4b:4b: 88:20:02:6b:f6:06:1b:b0:b4:54:14:69:82:7d:7b:0b:97:42: 01:96:31:7e:fe:cd:1a:3f:f5:a5:cf:dc:2c:d8:b8:a7:a7:bc: 7f:cf:a2:c9:71:99:88:95:a4:6a:62:ef:fc:8d:f1:a1:5f:fa: 17:f0:e2:07:9b:24:d4:7e:4e:41:f2:68:23:b9:ac:5c:15:25: 2e:d2:41:62:a8:e6:85:c9:b5:ed:2d:6f:35:05:e3:be:9e:f1: a4:86:2f:f5:e5:db:0c:e3:07:fa:ac:e8:4f:dd:6c:7b:cb:29: c5:f9:77:f7 -----BEGIN CERTIFICATE----- MIIGGzCCBQOgAwIBAgISAZt+OPOsM+wGvL3j8pKPU8ghMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTAyMDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmOGZiYzg0MTU4MjE0ODZlOGZlMDg2MGI1YmVjM2U5MjgzYjgwMzg1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpVm7h/KXxqua0i3GoXpoH7ywy2z Gp1gUWq5dzhC1ZXxMceWCrrkf4Gus2/AUG9LPO5wJm821R2qnbojlkJEG7QYyS6e kECZWKVC+TGm0VMJVJ2fJrc/4tpIuMr1BfsmIyTttqWDjuI2JnYQJq+OPbt4uXTt gBJi698vhxeM5WjMvxMtb2L503pvyZvWEF6Cwj9wqgoLYNuCXbdhpTZb4PVV9u5I 3ZqPBfdxCLtcE9H8d6jP08YkH3P7kHuAO09cVvpDxMVYjBfzo/tLzGKmvR8MRpvg ZZcEIcYSC/oZbZ3y6jKiB9andRK/JhAPVo860pAGs/MkSO2pUPt0YflkhQIDAQAB o4IDJzCCAyMwHQYDVR0OBBYEFPj7yEFYIUhuj+CGC1vsPpKDuAOFMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEkBggrBgEFBQcBCwSCARYwggESMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBhLzM2MWM1 Ny1lYTQyLTQ3ZTItYTY4Zi1lYzk2N2I1MTFkN2YvMS8wfQYIKwYBBQUHMAqGcXJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEvMzYxYzU3 LWVhNDItNDdlMi1hNjhmLWVjOTY3YjUxMWQ3Zi8xLzEtUHZJUVZnaFNHNlA0SVlM Vy13LWtvTzRBNFUubWZ0MDIGCCsGAQUFBzANhiZodHRwczovL3JyZHAucmlwZS5u ZXQvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jw a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhD MlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBpQYIKwYB BQUHAQcBAf8EgZUwgZIwgYAEAgABMHoDBAMlEjADBAIthtADBAItkEwDBANPqlAD BABU9z8DBAFZIhYDBABZLaUDBARbfgADBAFccmADBAK5HIADBADB97UDBADB97cD BADB98ADBADB98owDAMEAMJoYQMEAMJoYgMEAMJocAMEAMJofgMEAcNYIAMEBNkR 0DANBAIAAjAHAwUDKgQnQDAZBggrBgEFBQcBCAEB/wQKMAigBjAEAgJ5wTANBgkq hkiG9w0BAQsFAAOCAQEAWUWiFe3as4xwQOTeEOO1/0Gb7290eFsj2t9cfXTTJ95y /E8qQ6ljapAqaa7OKQRqmBbXuudmU4FOyvqcoqcIRKJ9VWNtGq/uo4jQZt1jiYcX OwkhxspHgAQWQsCTO3huRKygI6VW0BPZBM4q+9TcJ6e72c7O5RSnzAEJl10NHiKA UzLKR6X+Qc925972qktLiCACa/YGG7C0VBRpgn17C5dCAZYxfv7NGj/1pc/cLNi4 p6e8f8+iyXGZiJWkamLv/I3xoV/6F/DiB5sk1H5OQfJoI7msXBUlLtJBYqjmhcm1 7S1vNQXjvp7xpIYv9eXbDOMH+qzoT91se8spxfl39w== -----END CERTIFICATE-----Generated at Tue Jan 27 04:44:08 2026 by rpki-client