This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2fkESVCev547D0LBzcIuPvQAdCY.cer File: 2fkESVCev547D0LBzcIuPvQAdCY.cer (raw, json) Hash identifier: DIU3Dg0oE71BTpPyt34P6mYGmyRQj0N0n/jNYLNJi/U= Subject key identifier: D9:F9:04:49:50:9E:BF:9E:3B:0F:42:C1:CD:C2:2E:3E:F4:00:74:26 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7910416E5376BE1A6D20C7B63AFF322A Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/83/9c5cef-d4e4-44e1-abf5-bb48828c9f05/1/2fkESVCev547D0LBzcIuPvQAdCY.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/83/9c5cef-d4e4-44e1-abf5-bb48828c9f05/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 10:17:47 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 206102 IP: 152.89.136.0/22 IP: 185.195.96.0/22 IP: 2a09:39c0::/29 IP: 2a0a:5740::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:41:6e:53:76:be:1a:6d:20:c7:b6:3a:ff:32:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 10:17:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d9f90449509ebf9e3b0f42c1cdc22e3ef4007426 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:d4:f3:13:15:71:9b:51:d3:5b:67:9f:63:89: b4:8b:9e:a9:c2:72:83:54:53:b8:fb:7b:aa:c7:bf: e3:f1:0a:c1:65:9a:ca:8c:df:65:48:96:69:dd:e5: a7:ed:60:5d:a1:6b:1c:5e:8d:ff:43:bb:25:4e:bb: 32:2c:55:ac:d8:b5:96:1c:ee:13:a9:f5:04:5c:11: 22:b1:ad:63:d4:9e:58:8c:20:ae:57:e9:93:a1:85: a9:b0:be:13:b3:d2:f2:4b:c2:a1:9e:62:27:e5:80: 68:ea:11:0d:60:3f:ec:66:52:96:5a:2b:bb:61:ad: de:3a:bf:d0:f6:23:a2:5c:63:c9:25:3a:7e:31:92: 7e:5f:38:08:f2:3d:41:87:e1:e3:22:0c:05:63:fa: 8e:e3:cc:a9:43:e1:20:cf:d2:b7:d9:35:b4:93:b4: 63:de:b9:a5:94:64:c1:2b:3d:dd:0f:20:43:8e:88: 91:3a:66:ce:d8:79:c3:70:70:10:4a:81:2e:2c:00: 15:85:2c:76:d5:d5:83:17:6c:74:a6:b9:b7:fe:30: 1a:ba:ab:05:be:29:fe:2a:ab:02:5a:96:14:1a:df: 8a:5a:4f:d4:8d:28:ea:9c:01:a7:72:4b:92:79:56: b5:26:69:cf:86:1d:34:0f:15:21:c7:63:67:25:14: 9c:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:F9:04:49:50:9E:BF:9E:3B:0F:42:C1:CD:C2:2E:3E:F4:00:74:26 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/9c5cef-d4e4-44e1-abf5-bb48828c9f05/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/9c5cef-d4e4-44e1-abf5-bb48828c9f05/1/2fkESVCev547D0LBzcIuPvQAdCY.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 152.89.136.0/22 185.195.96.0/22 IPv6: 2a09:39c0::/29 2a0a:5740::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 206102 Signature Algorithm: sha256WithRSAEncryption 83:1d:8b:1f:b1:bf:27:c6:78:65:9c:3d:57:5e:29:a9:2c:7a: c5:87:54:bb:d5:a2:82:ff:91:ee:22:e9:e8:b9:4a:fb:40:1d: 31:43:8f:d6:de:8b:18:a2:72:5a:07:87:c8:87:2b:bb:fd:6a: ff:f5:cc:af:3a:9d:58:41:37:db:e2:60:4f:2e:8d:d9:7c:9c: fa:ce:11:62:69:8c:2e:21:cf:c2:fa:69:20:d6:a6:27:7c:7e: 20:56:6c:74:9d:53:cd:7e:37:63:84:71:4c:bd:f5:f9:97:2d: c2:6a:2e:8e:79:7d:69:6f:4a:1d:18:02:e9:66:44:db:b1:0b: 07:d6:58:b6:d9:7f:dd:21:e6:7d:c7:7a:31:f2:d7:f6:48:90: 44:9f:ac:33:6f:73:31:1d:78:a9:b5:09:29:a2:18:11:b9:3f: d9:7b:56:dd:20:3a:25:d1:80:13:b5:d6:09:ad:0d:f1:fc:13: 1b:03:09:17:6d:16:88:70:ca:5d:0d:e5:06:fb:e6:fc:c9:53: 1a:62:bc:c3:71:cf:8f:c3:75:25:58:d1:75:4f:63:21:5a:e7: 34:f6:f6:68:80:d0:4a:d4:5e:18:84:c2:e3:e7:7d:e1:e4:b8: 05:88:6e:45:5c:70:02:e6:30:7c:5d:fb:f0:87:3c:63:0c:c1: 00:50:52:d1 -----BEGIN CERTIFICATE----- MIIFsDCCBJigAwIBAgISAZt5EEFuU3a+Gm0gx7Y6/zIqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTAxNzQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOWY5MDQ0OTUwOWViZjllM2IwZjQyYzFjZGMyMmUzZWY0MDA3NDI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutTzExVxm1HTW2efY4m0i56pwnKD VFO4+3uqx7/j8QrBZZrKjN9lSJZp3eWn7WBdoWscXo3/Q7slTrsyLFWs2LWWHO4T qfUEXBEisa1j1J5YjCCuV+mToYWpsL4Ts9LyS8KhnmIn5YBo6hENYD/sZlKWWiu7 Ya3eOr/Q9iOiXGPJJTp+MZJ+XzgI8j1Bh+HjIgwFY/qO48ypQ+Egz9K32TW0k7Rj 3rmllGTBKz3dDyBDjoiROmbO2HnDcHAQSoEuLAAVhSx21dWDF2x0prm3/jAauqsF vin+KqsCWpYUGt+KWk/UjSjqnAGnckuSeVa1JmnPhh00DxUhx2NnJRScZwIDAQAB o4ICvDCCArgwHQYDVR0OBBYEFNn5BElQnr+eOw9Cwc3CLj70AHQmMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgzLzljNWNl Zi1kNGU0LTQ0ZTEtYWJmNS1iYjQ4ODI4YzlmMDUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMvOWM1Y2Vm LWQ0ZTQtNDRlMS1hYmY1LWJiNDg4MjhjOWYwNS8xLzJma0VTVkNldjU0N0QwTEJ6 Y0l1UHZRQWRDWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDsGCCsGAQUF BwEHAQH/BCwwKjASBAIAATAMAwQCmFmIAwQCucNgMBQEAgACMA4DBQMqCTnAAwUD KgpXQDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDJRYwDQYJKoZIhvcNAQELBQAD ggEBAIMdix+xvyfGeGWcPVdeKaksesWHVLvVooL/ke4i6ei5SvtAHTFDj9beixii cloHh8iHK7v9av/1zK86nVhBN9viYE8ujdl8nPrOEWJpjC4hz8L6aSDWpid8fiBW bHSdU81+N2OEcUy99fmXLcJqLo55fWlvSh0YAulmRNuxCwfWWLbZf90h5n3HejHy 1/ZIkESfrDNvczEdeKm1CSmiGBG5P9l7Vt0gOiXRgBO11gmtDfH8ExsDCRdtFohw yl0N5Qb75vzJUxpivMNxz4/DdSVY0XVPYyFa5zT29miA0ErUXhiEwuPnfeHkuAWI bkVccALmMHxd+/CHPGMMwQBQUtE= -----END CERTIFICATE-----Generated at Tue Jan 27 01:17:24 2026 by rpki-client