This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4OkqeIpBBX0ndk8W87HSo-9jRdY.cer File: 4OkqeIpBBX0ndk8W87HSo-9jRdY.cer (raw, json) Hash identifier: 3Jy0PJ42ZimabfKjPSD00uKdOxUnBn5Jj2KzBBFp8qY= Subject key identifier: E0:E9:2A:78:8A:41:05:7D:27:76:4F:16:F3:B1:D2:A3:EF:63:45:D6 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7C12603251D793E921E59933313F24FD Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/10/d46487-43ff-45ee-8228-ba59fb2c4610/1/4OkqeIpBBX0ndk8W87HSo-9jRdY.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/10/d46487-43ff-45ee-8228-ba59fb2c4610/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 00:18:57 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 35157 IP: 85.119.136.0/21 IP: 185.59.236.0/22 IP: 2a01:8d80::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:60:32:51:d7:93:e9:21:e5:99:33:31:3f:24:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 00:18:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e0e92a788a41057d27764f16f3b1d2a3ef6345d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:ff:d4:a6:08:ae:b5:de:09:9a:eb:de:c6:60: 87:27:b4:40:30:e6:f9:06:fa:68:ae:4b:a5:1c:e0: ae:9a:50:a3:96:f3:cb:c1:c5:fc:5f:2f:1f:53:17: 7b:20:ee:c2:96:5d:01:b7:ab:cf:3a:b9:2c:da:21: ad:94:b0:2b:7f:a4:1a:59:eb:ce:ce:7f:23:a0:bc: 89:4e:18:ca:a7:4e:64:37:d2:f3:28:17:c0:5b:5c: 5b:fa:fb:97:5e:10:35:22:22:c9:22:c3:c4:03:3c: 37:15:2b:e9:ac:77:2b:20:e0:4c:0b:87:37:6b:dc: 38:b5:34:ef:1b:71:ae:8d:ee:3b:d9:bc:92:22:cc: 2b:8d:0c:46:37:57:83:2a:b3:72:60:fb:43:08:6d: 8d:8d:48:63:7c:8d:9a:67:a9:c8:c4:b5:f0:7a:3b: 50:71:3d:06:de:a7:9d:b5:e7:2c:f6:57:52:0a:4d: 54:59:3c:b0:a2:90:ff:46:43:21:7d:19:41:ef:92: bc:49:61:e6:00:f4:2d:98:57:67:b7:2d:37:b6:79: 83:5e:85:ae:21:26:fc:eb:a0:af:a4:d5:aa:d5:e1: b6:1d:a6:02:4e:23:8f:e1:6e:a4:9b:1f:54:ce:dc: 32:a2:da:5b:7f:ad:21:08:b9:64:61:b5:54:54:f2: 27:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:E9:2A:78:8A:41:05:7D:27:76:4F:16:F3:B1:D2:A3:EF:63:45:D6 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d46487-43ff-45ee-8228-ba59fb2c4610/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d46487-43ff-45ee-8228-ba59fb2c4610/1/4OkqeIpBBX0ndk8W87HSo-9jRdY.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.119.136.0/21 185.59.236.0/22 IPv6: 2a01:8d80::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 35157 Signature Algorithm: sha256WithRSAEncryption 20:2a:ca:3a:f3:0d:8b:d1:9a:83:b9:2c:8a:9f:06:db:71:36: ee:95:ea:39:45:24:8d:2a:0b:81:57:ee:f1:47:fe:30:34:8c: a1:48:1c:6a:f8:e3:e3:42:be:68:37:e2:f0:33:85:fb:75:e6: c1:6a:d6:13:b0:ae:d1:fd:84:42:ae:37:c0:5a:40:fa:68:d8: c5:42:86:99:a0:f7:d3:91:e5:51:5c:22:3e:3c:32:51:b0:88: ac:19:13:22:9d:de:e7:d9:fa:d0:4a:b9:f9:9a:ee:00:39:ad: c3:f7:ed:7d:2c:ab:48:ff:6b:d3:c2:85:95:9c:61:53:d4:ef: d3:c7:f5:f9:7d:98:ca:ee:f2:54:df:42:4b:11:fc:6a:69:d5: 10:7e:e1:c2:0e:96:a2:d5:42:ba:c5:2a:d4:35:82:33:4f:71: 20:43:cc:d4:d2:e0:12:53:37:20:5b:5e:f7:64:19:b9:bd:4c: 26:3e:9e:53:15:31:6a:31:40:9f:71:a8:eb:89:7f:69:4d:7f: f7:9c:f3:82:24:7f:bf:2a:79:9b:7d:5b:9f:18:ca:fd:37:0a: 96:d1:25:13:9b:d4:17:dc:e3:f4:71:2e:a4:4a:a4:bc:d6:3b: 2c:d6:3e:6e:2c:80:15:aa:22:e0:33:ed:83:78:82:13:14:bf: 3c:30:7b:97 -----BEGIN CERTIFICATE----- MIIFqTCCBJGgAwIBAgISAZt8EmAyUdeT6SHlmTMxPyT9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDAxODU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMGU5MmE3ODhhNDEwNTdkMjc3NjRmMTZmM2IxZDJhM2VmNjM0NWQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApf/Upgiutd4JmuvexmCHJ7RAMOb5 BvporkulHOCumlCjlvPLwcX8Xy8fUxd7IO7Cll0Bt6vPOrks2iGtlLArf6QaWevO zn8joLyJThjKp05kN9LzKBfAW1xb+vuXXhA1IiLJIsPEAzw3FSvprHcrIOBMC4c3 a9w4tTTvG3Guje472bySIswrjQxGN1eDKrNyYPtDCG2NjUhjfI2aZ6nIxLXwejtQ cT0G3qedtecs9ldSCk1UWTywopD/RkMhfRlB75K8SWHmAPQtmFdnty03tnmDXoWu ISb866CvpNWq1eG2HaYCTiOP4W6kmx9Uztwyotpbf60hCLlkYbVUVPInHQIDAQAB o4ICtTCCArEwHQYDVR0OBBYEFODpKniKQQV9J3ZPFvOx0qPvY0XWMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEwL2Q0NjQ4 Ny00M2ZmLTQ1ZWUtODIyOC1iYTU5ZmIyYzQ2MTAvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAvZDQ2NDg3 LTQzZmYtNDVlZS04MjI4LWJhNTlmYjJjNDYxMC8xLzRPa3FlSXBCQlgwbmRrOFc4 N0hTby05alJkWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF BwEHAQH/BCUwIzASBAIAATAMAwQDVXeIAwQCuTvsMA0EAgACMAcDBQAqAY2AMBoG CCsGAQUFBwEIAQH/BAswCaAHMAUCAwCJVTANBgkqhkiG9w0BAQsFAAOCAQEAICrK OvMNi9Gag7ksip8G23E27pXqOUUkjSoLgVfu8Uf+MDSMoUgcavjj40K+aDfi8DOF +3XmwWrWE7Cu0f2EQq43wFpA+mjYxUKGmaD305HlUVwiPjwyUbCIrBkTIp3e59n6 0Eq5+ZruADmtw/ftfSyrSP9r08KFlZxhU9Tv08f1+X2Yyu7yVN9CSxH8amnVEH7h wg6WotVCusUq1DWCM09xIEPM1NLgElM3IFte92QZub1MJj6eUxUxajFAn3Go64l/ aU1/95zzgiR/vyp5m31bnxjK/TcKltElE5vUF9zj9HEupEqkvNY7LNY+biyAFaoi 4DPtg3iCExS/PDB7lw== -----END CERTIFICATE-----Generated at Mon Feb 9 18:27:43 2026 by rpki-client