This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1NF5zknld2uSyGwmwgsLQ_0KbLY.cer File: 1NF5zknld2uSyGwmwgsLQ_0KbLY.cer (raw, json) Hash identifier: q528aLGricqfKc2LUueUFd0o5pCwyRyEh/rlumJj328= Subject key identifier: D4:D1:79:CE:49:E5:77:6B:92:C8:6C:26:C2:0B:0B:43:FD:0A:6C:B6 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B78A35815EF7AFEE06008C50DBE461FDA Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/cb/8b16cc-4db5-4198-924e-4032e190edc3/1/1NF5zknld2uSyGwmwgsLQ_0KbLY.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/cb/8b16cc-4db5-4198-924e-4032e190edc3/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 08:18:49 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 5485 IP: 185.124.76.0/22 IP: 2a06:b0c0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:58:15:ef:7a:fe:e0:60:08:c5:0d:be:46:1f:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 08:18:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d4d179ce49e5776b92c86c26c20b0b43fd0a6cb6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:74:1d:fb:db:22:fa:ec:83:49:60:2d:31:71: 95:ee:d9:48:f7:6e:4e:b7:29:d0:4d:b7:64:7d:a8: 8c:b7:e0:b0:34:97:9f:a2:89:7e:a3:e9:d8:8b:6c: 4b:5c:73:61:5a:d5:0f:5d:74:50:e2:97:4f:25:93: cf:9e:23:e5:d8:b3:07:24:17:bc:14:43:df:bf:36: d6:0d:a4:8c:19:d8:63:b5:cd:1f:c7:35:5b:78:b2: 73:10:8f:48:82:29:55:38:65:a5:65:f9:51:a4:3e: 10:a8:15:60:9f:5b:40:5d:5d:f1:2b:b4:b3:84:78: 2b:97:9e:e9:b3:2c:55:15:72:53:ea:e1:8c:31:b0: f7:92:dc:0f:90:f6:57:04:e1:9c:d7:4d:65:c6:c2: 10:3e:81:7a:d3:ad:2e:92:cc:6c:69:b2:bb:85:13: 90:fe:22:13:22:02:e0:2c:93:95:60:c6:55:64:3a: f9:80:a2:97:6f:e6:69:c2:8c:c1:66:33:8d:fa:d9: ef:64:3b:5b:8d:61:1d:3f:52:3d:50:14:82:96:f0: 82:68:15:1e:21:4e:d4:d6:19:7a:4b:12:5e:68:57: 3a:68:56:65:9c:bf:aa:bc:4b:b9:3b:85:a2:9e:4b: 19:20:29:11:55:4c:38:5b:49:07:a4:a7:42:74:1a: f4:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:D1:79:CE:49:E5:77:6B:92:C8:6C:26:C2:0B:0B:43:FD:0A:6C:B6 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/8b16cc-4db5-4198-924e-4032e190edc3/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/8b16cc-4db5-4198-924e-4032e190edc3/1/1NF5zknld2uSyGwmwgsLQ_0KbLY.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.124.76.0/22 IPv6: 2a06:b0c0::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 5485 Signature Algorithm: sha256WithRSAEncryption 5b:52:11:44:c6:18:dc:ea:18:fe:7c:bf:73:18:a7:93:23:32: ed:83:80:49:fe:84:e3:a8:f8:12:73:76:db:05:5a:58:58:a0: af:6f:15:7e:94:d0:cf:f0:fd:da:be:0c:4d:16:c6:f8:8f:9a: 37:23:1d:fa:27:55:cc:62:01:14:8b:f6:25:13:98:ef:8b:d6: 9e:3f:ab:ba:f3:f3:f4:60:a7:86:1e:de:30:11:ca:93:8a:3c: 77:76:1c:f3:69:75:f7:af:7b:d8:3c:33:e0:6e:1e:23:88:b2: 7f:ad:cf:4a:69:63:18:85:51:a4:ce:2f:05:74:51:6d:e4:2f: 8d:18:56:1b:0f:c6:24:79:19:72:02:a1:91:72:61:3d:01:64: f2:46:f6:3d:fd:07:ff:4a:2e:a5:62:5a:57:6c:76:fd:aa:44: f2:25:4d:10:1e:48:f7:4f:1e:24:9c:0b:d1:ba:b5:a1:c7:72: 33:32:ff:cc:2a:6d:c2:e1:43:76:5e:cb:85:ba:4f:56:c4:89: 4e:1f:4b:7c:99:6b:5e:a0:48:3a:e7:b0:53:64:b8:0c:1b:60: 46:ab:f4:11:42:87:8c:00:42:6a:af:56:5a:8b:75:1f:dc:38: 26:51:2e:09:9d:e5:52:50:48:4b:21:71:6c:6a:01:16:3b:ef: 43:b1:1e:b8 -----BEGIN CERTIFICATE----- MIIFojCCBIqgAwIBAgISAZt4o1gV73r+4GAIxQ2+Rh/aMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDgxODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNGQxNzljZTQ5ZTU3NzZiOTJjODZjMjZjMjBiMGI0M2ZkMGE2Y2I2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3Qd+9si+uyDSWAtMXGV7tlI925O tynQTbdkfaiMt+CwNJefool+o+nYi2xLXHNhWtUPXXRQ4pdPJZPPniPl2LMHJBe8 FEPfvzbWDaSMGdhjtc0fxzVbeLJzEI9IgilVOGWlZflRpD4QqBVgn1tAXV3xK7Sz hHgrl57psyxVFXJT6uGMMbD3ktwPkPZXBOGc101lxsIQPoF6060uksxsabK7hROQ /iITIgLgLJOVYMZVZDr5gKKXb+ZpwozBZjON+tnvZDtbjWEdP1I9UBSClvCCaBUe IU7U1hl6SxJeaFc6aFZlnL+qvEu5O4WinksZICkRVUw4W0kHpKdCdBr0zwIDAQAB o4ICrjCCAqowHQYDVR0OBBYEFNTRec5J5XdrkshsJsILC0P9Cmy2MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NiLzhiMTZj Yy00ZGI1LTQxOTgtOTI0ZS00MDMyZTE5MGVkYzMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2IvOGIxNmNj LTRkYjUtNDE5OC05MjRlLTQwMzJlMTkwZWRjMy8xLzFORjV6a25sZDJ1U3lHd213 Z3NMUV8wS2JMWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCuXxMMA0EAgACMAcDBQMqBrDAMBkGCCsGAQUF BwEIAQH/BAowCKAGMAQCAhVtMA0GCSqGSIb3DQEBCwUAA4IBAQBbUhFExhjc6hj+ fL9zGKeTIzLtg4BJ/oTjqPgSc3bbBVpYWKCvbxV+lNDP8P3avgxNFsb4j5o3Ix36 J1XMYgEUi/YlE5jvi9aeP6u68/P0YKeGHt4wEcqTijx3dhzzaXX3r3vYPDPgbh4j iLJ/rc9KaWMYhVGkzi8FdFFt5C+NGFYbD8YkeRlyAqGRcmE9AWTyRvY9/Qf/Si6l YlpXbHb9qkTyJU0QHkj3Tx4knAvRurWhx3IzMv/MKm3C4UN2XsuFuk9WxIlOH0t8 mWteoEg657BTZLgMG2BGq/QRQoeMAEJqr1Zai3Uf3DgmUS4JneVSUEhLIXFsagEW O+9DsR64 -----END CERTIFICATE-----Generated at Mon Feb 9 18:26:29 2026 by rpki-client