This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1-hHJVg-pEF5r3EtJLvq2QatQgB0.cer File: 1-hHJVg-pEF5r3EtJLvq2QatQgB0.cer (raw, json) Hash identifier: YEbHFl782Hs2O/cVDq0XRV227bYAUvZSx43erj3iN3A= Subject key identifier: FA:11:C9:56:0F:A9:10:5E:6B:DC:4B:49:2E:FA:B6:41:AB:50:80:1D Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7DCA685B5A6D1E441C58475D79FBCAE0 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b8/00ee6a-5e95-4e10-8ee6-7e222bfecc90/1/1-hHJVg-pEF5r3EtJLvq2QatQgB0.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b8/00ee6a-5e95-4e10-8ee6-7e222bfecc90/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 08:19:35 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 45.143.120.0/22 IP: 2a0e:e340::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:68:5b:5a:6d:1e:44:1c:58:47:5d:79:fb:ca:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 08:19:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fa11c9560fa9105e6bdc4b492efab641ab50801d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:09:0d:48:26:34:23:83:f2:c8:0b:92:29:87: 9b:bb:3e:f6:e0:f9:4b:a3:52:03:3e:62:0c:2b:5e: 1c:1c:e7:69:55:04:b0:22:e2:ad:1b:fa:d6:da:03: 91:dd:04:0d:8b:2e:ce:d4:62:a9:c5:38:c3:cb:f4: 85:c1:d2:89:c8:30:2b:af:28:f2:b1:7c:bd:6c:84: e7:35:9e:36:4c:80:77:de:67:6e:74:96:11:e0:c1: 2b:30:d4:da:b2:5c:26:38:58:67:5e:a5:24:30:56: 9d:50:ba:be:38:52:65:2c:fd:4d:41:94:ff:eb:94: 8e:bf:73:85:dc:91:22:8b:8c:48:71:90:ba:3b:05: 85:a0:4a:15:76:c7:5e:55:43:1f:b6:9f:a6:f9:82: a5:b7:3f:bc:a7:ea:40:14:c6:94:f5:d4:ef:38:ab: f0:6f:d1:11:66:cb:12:87:b4:0f:ba:ea:53:58:e7: 85:6f:c3:ca:ee:71:d0:77:27:db:42:17:0b:b1:7b: 44:ed:f6:30:de:d1:a3:3d:f2:a7:97:35:09:78:f0: e4:3f:49:17:59:8b:e3:65:f8:06:28:57:eb:04:15: d4:5f:2f:4a:ab:a6:d1:64:01:cd:f0:f4:1b:bd:94: d8:e0:0f:5e:0c:1c:e0:af:45:14:d9:a8:51:03:3b: 42:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:11:C9:56:0F:A9:10:5E:6B:DC:4B:49:2E:FA:B6:41:AB:50:80:1D X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/00ee6a-5e95-4e10-8ee6-7e222bfecc90/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/00ee6a-5e95-4e10-8ee6-7e222bfecc90/1/1-hHJVg-pEF5r3EtJLvq2QatQgB0.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.143.120.0/22 IPv6: 2a0e:e340::/29 Signature Algorithm: sha256WithRSAEncryption a5:6e:16:61:1d:d7:c0:68:64:76:ea:c5:03:0c:70:73:fc:71: 80:31:f1:d1:1b:0b:a1:1d:87:73:b0:d1:93:da:fa:ea:33:ec: ca:23:77:cc:98:56:85:51:cc:b1:70:b8:32:59:ab:27:14:b3: 52:16:24:fb:61:f5:82:46:53:5d:3f:cc:8c:4d:97:ef:fe:21: 39:c0:08:1e:01:eb:dc:f7:df:3c:2f:2f:ce:a3:95:17:7d:ee: 7c:06:af:81:ae:56:48:90:c6:90:72:d1:43:dc:5d:cb:10:14: aa:82:dc:5d:1b:79:15:bb:07:1f:6b:28:aa:07:6d:2e:b8:c0: 3c:29:43:00:c4:3a:24:fc:c0:e4:17:2f:f8:3a:08:02:03:11: a2:b1:d2:a4:10:be:36:cf:0e:a1:08:8b:45:c3:6c:14:34:43: dd:d0:21:88:d7:bf:c4:0d:9d:67:74:8f:c4:98:92:2c:52:61: e6:52:4a:49:95:36:48:5c:0e:f8:e8:73:02:73:4a:27:04:70: 0f:39:cb:37:ce:39:3e:66:2d:5c:cb:6d:44:9d:06:a9:f6:bb: 20:b6:57:3d:0e:9f:a1:fb:21:15:7f:c4:39:27:a0:97:5a:f0: e2:b0:98:44:3c:91:8a:4b:bc:ab:47:82:ef:16:81:85:10:94: 1f:32:a2:25 -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgISAZt9ymhbWm0eRBxYR115+8rgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDgxOTM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmYTExYzk1NjBmYTkxMDVlNmJkYzRiNDkyZWZhYjY0MWFiNTA4MDFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1AkNSCY0I4PyyAuSKYebuz724PlL o1IDPmIMK14cHOdpVQSwIuKtG/rW2gOR3QQNiy7O1GKpxTjDy/SFwdKJyDArryjy sXy9bITnNZ42TIB33mdudJYR4MErMNTaslwmOFhnXqUkMFadULq+OFJlLP1NQZT/ 65SOv3OF3JEii4xIcZC6OwWFoEoVdsdeVUMftp+m+YKltz+8p+pAFMaU9dTvOKvw b9ERZssSh7QPuupTWOeFb8PK7nHQdyfbQhcLsXtE7fYw3tGjPfKnlzUJePDkP0kX WYvjZfgGKFfrBBXUXy9Kq6bRZAHN8PQbvZTY4A9eDBzgr0UU2ahRAztCAQIDAQAB o4IClDCCApAwHQYDVR0OBBYEFPoRyVYPqRBea9xLSS76tkGrUIAdMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEkBggrBgEFBQcBCwSCARYwggESMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I4LzAwZWU2 YS01ZTk1LTRlMTAtOGVlNi03ZTIyMmJmZWNjOTAvMS8wfQYIKwYBBQUHMAqGcXJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgvMDBlZTZh LTVlOTUtNGUxMC04ZWU2LTdlMjIyYmZlY2M5MC8xLzEtaEhKVmctcEVGNXIzRXRK THZxMlFhdFFnQjAubWZ0MDIGCCsGAQUFBzANhiZodHRwczovL3JyZHAucmlwZS5u ZXQvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jw a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhD MlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEF BQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2PeDANBAIAAjAHAwUDKg7jQDANBgkqhkiG 9w0BAQsFAAOCAQEApW4WYR3XwGhkdurFAwxwc/xxgDHx0RsLoR2Hc7DRk9r66jPs yiN3zJhWhVHMsXC4MlmrJxSzUhYk+2H1gkZTXT/MjE2X7/4hOcAIHgHr3PffPC8v zqOVF33ufAavga5WSJDGkHLRQ9xdyxAUqoLcXRt5FbsHH2soqgdtLrjAPClDAMQ6 JPzA5Bcv+DoIAgMRorHSpBC+Ns8OoQiLRcNsFDRD3dAhiNe/xA2dZ3SPxJiSLFJh 5lJKSZU2SFwO+OhzAnNKJwRwDznLN845PmYtXMttRJ0Gqfa7ILZXPQ6fofshFX/E OSegl1rw4rCYRDyRiku8q0eC7xaBhRCUHzKiJQ== -----END CERTIFICATE-----Generated at Mon Feb 9 15:14:38 2026 by rpki-client