This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer File: 474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer (raw, json) Hash identifier: 6p5RW42/IFWECwRIM4RDNkayXUVG9g0mvqbjATpg7lc= Subject key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7AC8BADBE271B1DE8837A18B86CEFA62 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 18:18:54 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 5518 AS: 6747 AS: 6906 AS: 12578 AS: 47570 IP: 46.109.0.0/16 IP: 62.63.128.0/18 IP: 62.85.0.0/17 IP: 78.28.192.0/18 IP: 78.84.0.0/16 IP: 78.154.128.0/19 IP: 80.232.128.0/17 IP: 80.233.128.0/17 IP: 81.198.0.0/16 IP: 84.237.128.0/17 IP: 87.110.0.0/16 IP: 87.246.144.0 -- 87.246.191.255 IP: 91.105.0.0/17 IP: 94.100.0.0/20 IP: 95.68.0.0/17 IP: 185.38.56.0/22 IP: 185.87.204.0/22 IP: 194.8.9.0/24 IP: 194.8.16.0 -- 194.8.27.255 IP: 194.19.224.0/19 IP: 195.2.96.0/19 IP: 195.13.128.0/17 IP: 195.114.32.0/19 IP: 195.122.0.0/19 IP: 213.175.64.0/18 IP: 2a02:16d8::/32 IP: 2a02:2330::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:ba:db:e2:71:b1:de:88:37:a1:8b:86:ce:fa:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 18:18:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:50:ff:a8:93:20:30:15:3e:17:b5:f5:bf:38: 7b:a2:39:5a:e8:3f:24:9a:72:0c:25:4a:9b:a1:5d: 5d:49:3c:4a:fe:8b:ec:bf:93:c8:55:b2:9f:8b:21: db:53:cf:4e:91:42:19:a4:0e:ea:b0:ab:b5:ac:8d: 8a:7f:fa:9e:f9:4b:5e:1f:4e:09:5a:3b:70:60:d7: b5:29:9f:e3:ca:7c:6d:eb:1b:c2:12:60:37:83:87: df:77:73:5b:cc:df:22:4b:c1:27:80:8f:a8:53:9c: b2:fd:39:8a:53:91:9b:b4:43:9e:a4:b7:d6:8a:50: 4b:a8:28:32:09:a7:2c:87:43:96:67:73:e0:21:bc: 0b:42:b8:3d:28:89:61:1b:f3:cd:e8:7f:91:69:37: dc:45:74:36:50:8f:51:61:47:e1:e2:1b:77:dd:35: 25:61:44:12:b5:84:93:a3:ef:2f:c5:d4:44:0f:04: 11:8f:6d:e1:61:92:e6:2b:64:52:68:c5:32:38:d1: 4d:59:bb:32:4d:ea:ad:57:e4:c3:e9:fd:75:d0:83: 4d:c8:7a:1b:1b:a7:76:92:6f:94:f6:9d:fb:bd:15: e9:0f:b4:83:54:5f:6b:b1:b2:1e:09:a1:e8:dc:a6: d0:ed:eb:dc:9d:dd:45:f0:a4:9a:9d:ae:40:c8:54: 5f:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.109.0.0/16 62.63.128.0/18 62.85.0.0/17 78.28.192.0/18 78.84.0.0/16 78.154.128.0/19 80.232.128.0/17 80.233.128.0/17 81.198.0.0/16 84.237.128.0/17 87.110.0.0/16 87.246.144.0-87.246.191.255 91.105.0.0/17 94.100.0.0/20 95.68.0.0/17 185.38.56.0/22 185.87.204.0/22 194.8.9.0/24 194.8.16.0-194.8.27.255 194.19.224.0/19 195.2.96.0/19 195.13.128.0/17 195.114.32.0/19 195.122.0.0/19 213.175.64.0/18 IPv6: 2a02:16d8::/32 2a02:2330::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 5518 6747 6906 12578 47570 Signature Algorithm: sha256WithRSAEncryption 20:08:18:1f:59:54:e0:ec:95:a2:b8:b8:1b:66:3f:49:b4:31: 07:0d:60:68:4a:c3:37:5c:18:3d:18:61:21:20:b7:00:55:84: 85:f4:8f:3b:5c:f6:a4:10:ed:12:57:a7:fe:2a:94:52:e8:50: 3b:6e:d6:47:5a:9f:ab:02:b1:83:6c:2c:aa:27:a3:ee:d2:89: 16:25:54:92:3a:5b:c4:6e:98:cb:48:db:1c:c1:50:3d:29:8e: 58:28:ff:02:55:13:70:32:2e:48:a8:48:82:42:33:d9:df:50: 29:5d:8e:c3:8e:b2:01:a1:dd:ca:f0:f7:30:c3:32:bf:d4:47: 46:71:77:80:3b:fa:13:48:0e:69:d0:27:e9:0d:cb:d3:b9:ae: 67:d5:9a:bc:c4:7e:d9:6f:7a:56:b4:87:98:12:a3:9a:ea:46: d0:d7:20:80:47:d9:54:d3:3c:a5:11:d2:dc:55:9f:26:61:f9: 09:b6:4e:dd:23:97:aa:5d:bb:b4:f7:59:51:04:e9:3f:53:2d: 75:75:72:37:57:2e:2a:ac:1d:38:62:62:24:52:05:7d:04:17: 29:b7:e9:6d:a7:96:1e:d0:d1:2d:88:70:db:1d:91:e5:9f:94: 48:b2:c8:00:53:d9:45:fb:91:1f:65:5b:a8:ba:0f:3f:da:f1: d2:3c:eb:88 -----BEGIN CERTIFICATE----- MIIGWzCCBUOgAwIBAgISAZt6yLrb4nGx3og3oYuGzvpiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTgxODU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlM2JlMDdjYjFmZDRmMWUzYzkyMjMwM2I2NzBhODgxYjgyZTYxNDkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFD/qJMgMBU+F7X1vzh7ojla6D8k mnIMJUqboV1dSTxK/ovsv5PIVbKfiyHbU89OkUIZpA7qsKu1rI2Kf/qe+UteH04J WjtwYNe1KZ/jynxt6xvCEmA3g4ffd3NbzN8iS8EngI+oU5yy/TmKU5GbtEOepLfW ilBLqCgyCacsh0OWZ3PgIbwLQrg9KIlhG/PN6H+RaTfcRXQ2UI9RYUfh4ht33TUl YUQStYSTo+8vxdREDwQRj23hYZLmK2RSaMUyONFNWbsyTeqtV+TD6f110INNyHob G6d2km+U9p37vRXpD7SDVF9rsbIeCaHo3KbQ7evcnd1F8KSana5AyFRfNwIDAQAB o4IDZzCCA2MwHQYDVR0OBBYEFOO+B8sf1PHjySIwO2cKiBuC5hSRMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JhLzhmNWZh ZS1kYTkwLTQzMTQtYmZmYy1kNGVlMWQzODllMGQvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEvOGY1ZmFl LWRhOTAtNDMxNC1iZmZjLWQ0ZWUxZDM4OWUwZC8xLzQ3NEh5eF9VOGVQSklqQTda d3FJRzRMbUZKRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHVBggrBgEF BQcBBwEB/wSBxTCBwjCBqQQCAAEwgaIDAwAubQMEBj4/gAMEBz5VAAMEBk4cwAMD AE5UAwQFTpqAAwQHUOiAAwQHUOmAAwMAUcYDBAdU7YADAwBXbjAMAwQEV/aQAwQG V/aAAwQHW2kAAwQEXmQAAwQHX0QAAwQCuSY4AwQCuVfMAwQAwggJMAwDBATCCBAD BALCCBgDBAXCE+ADBAXDAmADBAfDDYADBAXDciADBAXDegADBAbVr0AwFAQCAAIw DgMFACoCFtgDBQMqAiMwMCoGCCsGAQUFBwEIAQH/BBswGaAXMBUCAhWOAgIaWwIC GvoCAjEiAgMAudIwDQYJKoZIhvcNAQELBQADggEBACAIGB9ZVODslaK4uBtmP0m0 MQcNYGhKwzdcGD0YYSEgtwBVhIX0jztc9qQQ7RJXp/4qlFLoUDtu1kdan6sCsYNs LKono+7SiRYlVJI6W8RumMtI2xzBUD0pjlgo/wJVE3AyLkioSIJCM9nfUCldjsOO sgGh3crw9zDDMr/UR0Zxd4A7+hNIDmnQJ+kNy9O5rmfVmrzEftlvela0h5gSo5rq RtDXIIBH2VTTPKUR0txVnyZh+Qm2Tt0jl6pdu7T3WVEE6T9TLXV1cjdXLiqsHThi YiRSBX0EFym36W2nlh7Q0S2IcNsdkeWflEiyyABT2UX7kR9lW6i6Dz/a8dI864g= -----END CERTIFICATE-----Generated at Tue Jan 20 01:00:17 2026 by rpki-client