This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1lAD4kzs-_jowV_2N90V201_rpI.cer File: 1lAD4kzs-_jowV_2N90V201_rpI.cer (raw, json) Hash identifier: JWp3KzylOnBwOJ90hvESWiuUg+ZrMRpiS9ZlZGkercA= Subject key identifier: D6:50:03:E2:4C:EC:FB:F8:E8:C1:5F:F6:37:DD:15:DB:4D:7F:AE:92 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7F844FF92C3A746EDCFB0856FA7EA14D Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/24/54910b-9a13-4ace-abf2-a2351f4e8915/1/1lAD4kzs-_jowV_2N90V201_rpI.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/24/54910b-9a13-4ace-abf2-a2351f4e8915/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 16:22:16 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 193.36.240.0/20 IP: 193.37.112.0/20 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 09:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:4f:f9:2c:3a:74:6e:dc:fb:08:56:fa:7e:a1:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 16:22:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d65003e24cecfbf8e8c15ff637dd15db4d7fae92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:84:20:84:42:ae:c4:8e:06:16:73:06:6e:63: 47:4b:2c:36:b5:74:09:99:ea:f5:6f:7b:d9:e1:09: e6:3b:49:bb:f5:46:60:ec:20:80:a4:0e:e5:e1:d1: 0f:48:72:71:3c:c4:92:ed:d0:50:25:3f:d5:e6:cf: 88:f7:9f:60:63:9e:8f:de:cf:ad:b1:2b:a6:7e:5a: 10:d0:23:cc:0a:02:82:12:bb:f2:45:da:bb:1e:7a: 24:05:6b:78:94:36:7d:46:93:e5:2e:bc:10:f9:7a: aa:d7:7d:0f:f8:51:7f:a5:c9:f2:5e:b6:82:ec:74: 38:f8:ab:f6:a2:35:37:9b:9e:3f:1c:21:c8:18:31: 72:e2:d1:8f:71:fc:69:c3:63:13:e5:bb:ad:21:db: 73:90:dc:5f:57:6a:39:d5:a3:57:85:bf:22:06:4b: b0:5d:df:c3:da:f4:00:22:f7:2b:01:d7:d6:8b:c0: d4:0f:1f:b1:bc:c2:db:7c:19:ea:58:77:5e:21:3a: 52:30:72:d7:cb:35:55:c6:ac:53:96:9a:e1:66:3b: b7:9a:c3:9e:2e:46:f1:ef:78:9a:92:46:a6:2a:af: b8:f1:01:3e:77:87:3c:01:a4:30:a3:40:9a:27:b5: 26:11:18:d0:cc:28:77:23:65:27:5d:0e:df:47:85: f3:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:50:03:E2:4C:EC:FB:F8:E8:C1:5F:F6:37:DD:15:DB:4D:7F:AE:92 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/54910b-9a13-4ace-abf2-a2351f4e8915/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/54910b-9a13-4ace-abf2-a2351f4e8915/1/1lAD4kzs-_jowV_2N90V201_rpI.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.36.240.0/20 193.37.112.0/20 Signature Algorithm: sha256WithRSAEncryption 29:65:3f:b4:e8:a2:9c:53:be:e9:19:e5:98:e4:75:9b:9f:9d: 49:f1:b5:b3:97:23:84:2f:c3:f9:60:15:74:4c:38:69:57:d8: ee:b1:de:f2:b1:ec:28:e1:dd:6a:0a:c7:9d:29:c2:56:a7:11: 33:3e:86:24:00:bd:88:29:d4:31:1e:5c:d8:87:b5:7d:82:84: 97:36:df:52:c6:0a:61:a7:62:24:12:0a:de:d3:ef:70:e0:a5: 9e:e5:f4:07:dc:1e:28:57:55:28:76:ce:b6:de:65:a0:3d:92: a1:e7:05:eb:43:2e:15:bc:6d:32:78:f9:9d:73:7e:d1:e3:7a: 9f:7d:5f:95:84:46:e0:ec:9b:82:6b:aa:12:d7:26:81:e2:6a: 3b:4a:75:84:f3:f6:71:64:02:d3:00:14:03:6c:c5:f7:c0:71: 3f:a5:c0:59:20:28:5c:13:9e:e4:97:29:64:18:47:ea:99:a5: 0a:ee:30:31:28:f0:64:0e:58:bd:5c:89:0d:d3:36:5c:2d:8c: 1a:f6:b6:ce:31:17:e9:8b:8b:92:03:81:f9:45:59:3f:50:e0: 86:24:6f:63:05:63:ef:75:c4:17:bf:ea:44:0a:17:97:1b:ea: 0d:0a:4c:9c:37:83:15:66:b9:5d:7a:1e:6b:8c:09:46:08:8e: e7:e2:17:b3 -----BEGIN CERTIFICATE----- MIIFfjCCBGagAwIBAgISAZt/hE/5LDp0btz7CFb6fqFNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTYyMjE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNjUwMDNlMjRjZWNmYmY4ZThjMTVmZjYzN2RkMTVkYjRkN2ZhZTkyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9oQghEKuxI4GFnMGbmNHSyw2tXQJ mer1b3vZ4QnmO0m79UZg7CCApA7l4dEPSHJxPMSS7dBQJT/V5s+I959gY56P3s+t sSumfloQ0CPMCgKCErvyRdq7HnokBWt4lDZ9RpPlLrwQ+Xqq130P+FF/pcnyXraC 7HQ4+Kv2ojU3m54/HCHIGDFy4tGPcfxpw2MT5butIdtzkNxfV2o51aNXhb8iBkuw Xd/D2vQAIvcrAdfWi8DUDx+xvMLbfBnqWHdeITpSMHLXyzVVxqxTlprhZju3msOe Lkbx73iakkamKq+48QE+d4c8AaQwo0CaJ7UmERjQzCh3I2UnXQ7fR4Xz4wIDAQAB o4ICijCCAoYwHQYDVR0OBBYEFNZQA+JM7Pv46MFf9jfdFdtNf66SMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI0LzU0OTEw Yi05YTEzLTRhY2UtYWJmMi1hMjM1MWY0ZTg5MTUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQvNTQ5MTBi LTlhMTMtNGFjZS1hYmYyLWEyMzUxZjRlODkxNS8xLzFsQUQ0a3pzLV9qb3dWXzJO OTBWMjAxX3JwSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF BwEHAQH/BBYwFDASBAIAATAMAwQEwSTwAwQEwSVwMA0GCSqGSIb3DQEBCwUAA4IB AQApZT+06KKcU77pGeWY5HWbn51J8bWzlyOEL8P5YBV0TDhpV9jusd7ysewo4d1q CsedKcJWpxEzPoYkAL2IKdQxHlzYh7V9goSXNt9Sxgphp2IkEgre0+9w4KWe5fQH 3B4oV1Uods623mWgPZKh5wXrQy4VvG0yePmdc37R43qffV+VhEbg7JuCa6oS1yaB 4mo7SnWE8/ZxZALTABQDbMX3wHE/pcBZIChcE57klylkGEfqmaUK7jAxKPBkDli9 XIkN0zZcLYwa9rbOMRfpi4uSA4H5RVk/UOCGJG9jBWPvdcQXv+pECheXG+oNCkyc N4MVZrldeh5rjAlGCI7n4hez -----END CERTIFICATE-----Generated at Wed Jan 21 14:44:16 2026 by rpki-client