This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4MKGY5gUKldLpHsZfXF5G14jr3w.cer File: 4MKGY5gUKldLpHsZfXF5G14jr3w.cer (raw, json) Hash identifier: On2DV5gcJwffheFjvafJjy0IBloTs3PvaTmJUCdbyeo= Subject key identifier: E0:C2:86:63:98:14:2A:57:4B:A4:7B:19:7D:71:79:1B:5E:23:AF:7C Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7DCA6CE6B110EA33247BE6AC78A501D1 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9c/3cd961-2dcd-4518-bfb8-a16cf7ac7dd8/1/4MKGY5gUKldLpHsZfXF5G14jr3w.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9c/3cd961-2dcd-4518-bfb8-a16cf7ac7dd8/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 08:19:36 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 21336 IP: 80.243.192.0/20 IP: 212.27.128.0/19 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:6c:e6:b1:10:ea:33:24:7b:e6:ac:78:a5:01:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 08:19:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e0c2866398142a574ba47b197d71791b5e23af7c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:35:39:73:fa:a6:ac:e8:56:d8:b8:d9:1e:cd: e0:e5:f0:b3:57:c4:3a:31:13:bb:02:37:17:60:97: f7:d3:ea:fb:9b:a9:c5:ad:16:7c:63:77:f3:ec:c8: 17:67:39:ab:fd:be:bb:3a:5c:7f:07:40:e8:92:e5: a4:68:bf:df:c9:5b:8d:4a:6b:75:d1:fa:24:00:c7: 45:7c:5e:61:00:f0:b4:bf:7a:bc:36:76:f1:28:4a: d1:d7:a8:d4:46:63:a8:ac:19:6a:08:de:dc:52:c7: 20:02:a4:e4:df:14:e8:80:b2:5d:5d:16:c5:0e:74: 2d:4f:c1:06:fb:ac:c4:fb:65:81:33:ba:a9:c0:2f: e0:c6:83:78:c7:9c:74:53:b6:15:83:1d:d2:91:10: 84:75:3f:f9:0c:cc:07:04:38:be:b9:48:24:41:84: 57:fb:85:b7:61:e3:bb:97:42:49:10:39:84:bf:bb: a9:5c:e0:2a:18:85:45:2e:2c:13:93:8d:44:9f:29: 25:fb:50:de:21:02:cb:bc:ee:7b:7e:7d:a9:5e:83: fe:35:91:a9:c1:c8:7d:31:e6:41:d0:cc:c4:fb:87: 72:93:eb:a6:cf:62:b2:8a:d7:dc:29:3c:03:81:1d: 69:ad:87:7d:f9:e0:b7:80:ad:09:5f:5d:98:ca:24: 18:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:C2:86:63:98:14:2A:57:4B:A4:7B:19:7D:71:79:1B:5E:23:AF:7C X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/3cd961-2dcd-4518-bfb8-a16cf7ac7dd8/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/3cd961-2dcd-4518-bfb8-a16cf7ac7dd8/1/4MKGY5gUKldLpHsZfXF5G14jr3w.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.243.192.0/20 212.27.128.0/19 sbgp-autonomousSysNum: critical Autonomous System Numbers: 21336 Signature Algorithm: sha256WithRSAEncryption 84:4f:83:b0:80:a1:88:dc:0f:a1:ed:e0:0f:42:8d:24:60:19: 36:0d:49:e1:57:9e:90:a3:05:88:b7:49:ab:b7:ed:a9:8d:e0: 8b:37:fb:dc:f1:5c:34:d4:3f:b1:ab:cc:17:96:25:e8:ef:8c: 40:b6:46:9b:80:4b:ea:95:d2:2e:dc:cc:ef:05:d2:d9:5e:1b: cd:a8:84:01:1f:f0:ec:94:20:3a:3e:93:c5:b3:6b:b6:d0:fd: f9:6b:2a:03:ac:ef:77:b3:24:1d:72:11:4d:93:ee:61:cc:eb: 44:c2:2a:6b:96:32:83:7a:e6:67:f1:64:53:d4:ae:ca:9a:04: c9:fa:e9:cc:a0:14:ae:a9:60:c5:a1:4c:14:85:bb:84:0a:27: c6:6d:77:2a:f9:f5:ce:1b:39:71:31:b7:49:bd:51:a4:67:11: a1:ee:ef:51:25:b8:ec:39:75:91:1e:ec:91:95:3e:f2:93:8b: 93:74:c2:98:18:1f:9e:15:73:52:cc:27:2e:74:e2:d0:c0:a1: 5b:c9:93:3d:6c:96:28:4a:8d:eb:84:a4:b8:b3:d6:f2:39:fd: e4:63:86:08:98:1a:16:8e:58:82:ad:df:fd:97:59:d0:2b:c6: 61:43:5f:17:08:26:e7:65:cb:0a:c9:72:ce:26:e5:47:5b:23: be:85:a1:70 -----BEGIN CERTIFICATE----- MIIFmTCCBIGgAwIBAgISAZt9ymzmsRDqMyR75qx4pQHRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDgxOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMGMyODY2Mzk4MTQyYTU3NGJhNDdiMTk3ZDcxNzkxYjVlMjNhZjdjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDU5c/qmrOhW2LjZHs3g5fCzV8Q6 MRO7AjcXYJf30+r7m6nFrRZ8Y3fz7MgXZzmr/b67Olx/B0DokuWkaL/fyVuNSmt1 0fokAMdFfF5hAPC0v3q8NnbxKErR16jURmOorBlqCN7cUscgAqTk3xTogLJdXRbF DnQtT8EG+6zE+2WBM7qpwC/gxoN4x5x0U7YVgx3SkRCEdT/5DMwHBDi+uUgkQYRX +4W3YeO7l0JJEDmEv7upXOAqGIVFLiwTk41Enykl+1DeIQLLvO57fn2pXoP+NZGp wch9MeZB0MzE+4dyk+umz2KyitfcKTwDgR1prYd9+eC3gK0JX12YyiQY1wIDAQAB o4ICpTCCAqEwHQYDVR0OBBYEFODChmOYFCpXS6R7GX1xeRteI698MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzljLzNjZDk2 MS0yZGNkLTQ1MTgtYmZiOC1hMTZjZjdhYzdkZDgvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMvM2NkOTYx LTJkY2QtNDUxOC1iZmI4LWExNmNmN2FjN2RkOC8xLzRNS0dZNWdVS2xkTHBIc1pm WEY1RzE0anIzdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF BwEHAQH/BBYwFDASBAIAATAMAwQEUPPAAwQF1BuAMBkGCCsGAQUFBwEIAQH/BAow CKAGMAQCAlNYMA0GCSqGSIb3DQEBCwUAA4IBAQCET4OwgKGI3A+h7eAPQo0kYBk2 DUnhV56QowWIt0mrt+2pjeCLN/vc8Vw01D+xq8wXliXo74xAtkabgEvqldIu3Mzv BdLZXhvNqIQBH/DslCA6PpPFs2u20P35ayoDrO93syQdchFNk+5hzOtEwiprljKD euZn8WRT1K7KmgTJ+unMoBSuqWDFoUwUhbuECifGbXcq+fXOGzlxMbdJvVGkZxGh 7u9RJbjsOXWRHuyRlT7yk4uTdMKYGB+eFXNSzCcudOLQwKFbyZM9bJYoSo3rhKS4 s9byOf3kY4YImBoWjliCrd/9l1nQK8ZhQ18XCCbnZcsKyXLOJuVHWyO+haFw -----END CERTIFICATE-----Generated at Mon Feb 9 15:13:39 2026 by rpki-client