This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3fHfWY9KjzotB0zLb20WtU0dERw.cer File: 3fHfWY9KjzotB0zLb20WtU0dERw.cer (raw, json) Hash identifier: +fkuz7P/OIfDb2O2ySGAMmiM01bzDJ6BKDXWR3V9+qg= Subject key identifier: DD:F1:DF:59:8F:4A:8F:3A:2D:07:4C:CB:6F:6D:16:B5:4D:1D:11:1C Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7AC85229B2E1C414509ECADC4727B18F Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b3/6b8bce-584c-492c-bd7e-d0f31bc93079/1/3fHfWY9KjzotB0zLb20WtU0dERw.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b3/6b8bce-584c-492c-bd7e-d0f31bc93079/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 18:18:27 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 5435 AS: 15393 IP: 185.0.38.0/24 IP: 185.178.224.0/22 IP: 192.160.15.0/24 IP: 212.93.224.0/19 IP: 2001:7f8:151::/48 IP: 2a02:23d0::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:52:29:b2:e1:c4:14:50:9e:ca:dc:47:27:b1:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 18:18:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ddf1df598f4a8f3a2d074ccb6f6d16b54d1d111c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:af:27:fb:6b:5f:59:29:29:b4:ef:65:ad:93: 2a:98:b8:54:5a:4d:4d:c2:07:52:82:a1:76:90:a0: a1:e1:78:da:7c:89:ec:58:2c:0d:49:4c:13:a2:5c: cd:80:81:c0:2a:7c:4c:b6:52:19:0c:82:7d:34:8d: 27:30:4f:68:ec:54:8b:90:78:a5:55:71:ed:e6:b7: a2:cb:96:f0:d7:92:1e:1c:45:69:4c:40:23:ad:6f: 4a:44:ce:e5:e0:60:8f:4e:3c:bb:4b:de:0b:3b:54: 7f:8c:3b:9f:af:f9:65:c9:37:c5:a9:50:16:af:22: 45:c6:07:18:ac:17:1b:55:34:e9:a6:28:3b:34:4c: f4:dc:50:b8:96:2c:01:f9:94:18:8f:e7:7b:2a:54: ec:cf:7f:00:fc:3b:41:a9:52:a7:6b:d0:ac:e9:0d: 9f:84:e6:a9:7b:20:02:69:fc:3c:7a:bc:b8:ca:b7: 45:25:6e:39:f0:8e:07:2c:2c:cd:bb:67:80:6d:98: 4a:5b:43:5e:74:1e:3e:74:c6:a5:fe:9c:2b:80:d3: eb:72:2c:3c:cc:ad:32:0e:45:fb:55:7e:d1:0b:54: b0:ef:e7:ee:14:fa:e8:0e:dd:e6:4d:f3:01:ea:3f: 9f:82:3c:b4:f3:51:8a:ed:a0:6e:20:2f:a1:ad:07: ff:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:F1:DF:59:8F:4A:8F:3A:2D:07:4C:CB:6F:6D:16:B5:4D:1D:11:1C X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6b8bce-584c-492c-bd7e-d0f31bc93079/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6b8bce-584c-492c-bd7e-d0f31bc93079/1/3fHfWY9KjzotB0zLb20WtU0dERw.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.0.38.0/24 185.178.224.0/22 192.160.15.0/24 212.93.224.0/19 IPv6: 2001:7f8:151::/48 2a02:23d0::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 5435 15393 Signature Algorithm: sha256WithRSAEncryption 31:4c:57:06:1e:18:9a:16:12:bf:e6:5a:b8:09:af:9c:de:07: b1:3d:6f:28:de:e6:d6:73:0e:92:44:b1:31:bb:c4:9a:06:d3: b5:42:33:8e:da:cf:ca:d1:cb:de:d7:8a:91:64:f5:29:c6:fb: 88:27:b7:c6:65:6a:48:8c:c4:ab:ca:6f:bf:24:97:e3:74:46: 93:06:95:50:42:40:c2:3f:24:7a:21:7c:04:60:a5:97:b2:8e: be:e1:6b:e7:b0:be:43:2b:3e:f2:45:7d:30:90:8c:a6:84:ab: 32:a6:aa:2e:be:b7:0a:7e:b6:c1:ff:ee:6f:0f:34:f7:f5:29: 67:66:45:79:6b:7f:e4:6b:e2:c1:6d:f4:9a:b7:34:71:b4:ef: 5c:ee:b5:29:a1:55:57:2d:b9:82:84:51:af:13:50:9a:73:a1: 0e:77:f3:ab:69:b1:d2:aa:4e:6d:f8:4a:3c:aa:bc:0d:8a:4f: fb:0d:eb:cb:d2:64:33:75:da:d1:7c:4c:7c:e7:b5:eb:82:fd: bf:84:ed:96:76:fa:dc:77:54:d4:65:1d:8a:96:5a:0f:19:02: a5:20:e7:a5:a9:d3:cc:0c:e2:b9:d1:f0:4f:74:3a:71:00:85: 92:9f:38:b4:08:e9:c2:8e:5a:63:2d:20:09:da:48:19:26:16: 5f:ce:d6:70 -----BEGIN CERTIFICATE----- MIIFwTCCBKmgAwIBAgISAZt6yFIpsuHEFFCeytxHJ7GPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTgxODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZGYxZGY1OThmNGE4ZjNhMmQwNzRjY2I2ZjZkMTZiNTRkMWQxMTFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAua8n+2tfWSkptO9lrZMqmLhUWk1N wgdSgqF2kKCh4XjafInsWCwNSUwTolzNgIHAKnxMtlIZDIJ9NI0nME9o7FSLkHil VXHt5reiy5bw15IeHEVpTEAjrW9KRM7l4GCPTjy7S94LO1R/jDufr/llyTfFqVAW ryJFxgcYrBcbVTTppig7NEz03FC4liwB+ZQYj+d7KlTsz38A/DtBqVKna9Cs6Q2f hOapeyACafw8ery4yrdFJW458I4HLCzNu2eAbZhKW0NedB4+dMal/pwrgNPrciw8 zK0yDkX7VX7RC1Sw7+fuFProDt3mTfMB6j+fgjy081GK7aBuIC+hrQf/0wIDAQAB o4ICzTCCAskwHQYDVR0OBBYEFN3x31mPSo86LQdMy29tFrVNHREcMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IzLzZiOGJj ZS01ODRjLTQ5MmMtYmQ3ZS1kMGYzMWJjOTMwNzkvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMvNmI4YmNl LTU4NGMtNDkyYy1iZDdlLWQwZjMxYmM5MzA3OS8xLzNmSGZXWTlLanpvdEIwekxi MjBXdFUwZEVSdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUF BwEHAQH/BDowODAeBAIAATAYAwQAuQAmAwQCubLgAwQAwKAPAwQF1F3gMBYEAgAC MBADBwAgAQf4AVEDBQAqAiPQMB0GCCsGAQUFBwEIAQH/BA4wDKAKMAgCAhU7AgI8 ITANBgkqhkiG9w0BAQsFAAOCAQEAMUxXBh4YmhYSv+ZauAmvnN4HsT1vKN7m1nMO kkSxMbvEmgbTtUIzjtrPytHL3teKkWT1Kcb7iCe3xmVqSIzEq8pvvySX43RGkwaV UEJAwj8keiF8BGCll7KOvuFr57C+Qys+8kV9MJCMpoSrMqaqLr63Cn62wf/ubw80 9/UpZ2ZFeWt/5GviwW30mrc0cbTvXO61KaFVVy25goRRrxNQmnOhDnfzq2mx0qpO bfhKPKq8DYpP+w3ry9JkM3Xa0XxMfOe164L9v4Ttlnb63HdU1GUdipZaDxkCpSDn panTzAziudHwT3Q6cQCFkp84tAjpwo5aYy0gCdpIGSYWX87WcA== -----END CERTIFICATE-----Generated at Mon Feb 9 15:09:46 2026 by rpki-client