This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4aIfhfm_F8AgmH6hMg09Y8Va5Ik.cer File: 4aIfhfm_F8AgmH6hMg09Y8Va5Ik.cer (raw, json) Hash identifier: 4A6r9lgEZssYtcAr2vYqEzd06wA3P02WGt8o9Lm7LMg= Subject key identifier: E1:A2:1F:85:F9:BF:17:C0:20:98:7E:A1:32:0D:3D:63:C5:5A:E4:89 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019C04C627A844BB022FD6AABC8763027086 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/e2/53208d-6c31-4e12-aa25-862684eceb46/1/4aIfhfm_F8AgmH6hMg09Y8Va5Ik.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/e2/53208d-6c31-4e12-aa25-862684eceb46/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Wed 28 Jan 2026 13:23:41 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 202803 IP: 185.154.44.0/22 IP: 193.138.120.0/23 IP: 212.6.55.0/24 IP: 2a0b:5ac0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:10:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:04:c6:27:a8:44:bb:02:2f:d6:aa:bc:87:63:02:70:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 28 13:23:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e1a21f85f9bf17c020987ea1320d3d63c55ae489 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:d0:e3:13:04:8c:4b:47:56:d5:48:74:b7:35: b6:cb:11:ea:43:3c:5d:29:89:00:9f:0d:c8:13:09: 19:b1:2d:bc:3e:81:d8:ae:49:d0:94:c0:5f:c8:c3: c5:9d:df:8b:6b:eb:59:94:0c:b5:60:44:29:61:94: 51:b2:28:e4:e2:ff:aa:e3:81:d0:6e:32:e9:6a:47: 5c:ea:bb:41:59:dc:ff:04:c7:aa:e0:c8:fc:9c:b1: 0f:71:29:23:3e:57:37:c4:18:7c:58:92:05:22:71: 0b:17:75:6b:c2:3d:8c:da:1e:64:46:39:f0:97:38: 68:ee:94:50:99:74:e0:e4:a6:31:a0:bc:63:6b:5c: bb:a7:1a:93:76:c6:d5:f7:94:96:a4:fa:76:42:88: ec:a4:94:55:00:c3:f5:bb:04:0e:f7:2f:87:11:0a: fc:1b:fe:fe:5f:fb:b0:02:0c:85:a3:c5:d8:00:ec: a2:ea:d4:7e:d3:ea:8a:25:85:a3:b0:82:1a:4d:70: bb:33:e0:37:69:63:38:67:34:2f:19:98:ee:17:72: 2f:eb:c2:19:93:d7:45:45:83:75:2a:51:03:99:9e: ec:71:3f:f1:b2:6b:1b:73:d6:58:6c:4d:ae:85:b8: 99:12:97:ef:ae:bd:83:30:3d:d5:7c:e8:a9:76:0d: bf:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:A2:1F:85:F9:BF:17:C0:20:98:7E:A1:32:0D:3D:63:C5:5A:E4:89 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/53208d-6c31-4e12-aa25-862684eceb46/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/53208d-6c31-4e12-aa25-862684eceb46/1/4aIfhfm_F8AgmH6hMg09Y8Va5Ik.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.154.44.0/22 193.138.120.0/23 212.6.55.0/24 IPv6: 2a0b:5ac0::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 202803 Signature Algorithm: sha256WithRSAEncryption 75:c3:28:68:39:56:00:ab:55:df:d9:9b:74:42:c9:fe:9b:fc: 02:12:45:20:99:9b:8a:32:6b:07:43:9f:0d:71:84:5c:aa:aa: eb:a7:a7:b3:44:db:de:cd:82:4f:de:df:be:d5:17:22:86:c1: de:ef:66:44:39:ad:a5:d9:15:af:0b:6e:9c:c4:f2:07:95:f2: cd:0e:65:7f:1a:20:c9:75:97:a3:34:99:be:ed:e0:50:91:5c: 8c:25:f7:12:86:7f:75:93:7a:33:d1:47:6f:88:03:f4:42:38: 49:41:a5:51:73:c5:f0:98:67:88:bf:80:6a:3e:7d:f9:b0:20: 65:d4:44:ed:c8:38:4e:bf:4c:a4:d3:ad:8e:30:bb:58:64:94: df:04:8e:80:e3:9a:6a:d7:16:20:be:40:63:42:6a:97:8c:aa: 42:81:7f:a7:f8:6c:4e:0c:ff:46:5f:3d:3b:2d:45:4a:9a:93: 45:d9:3c:d6:37:df:1e:a2:52:54:24:57:52:c9:db:6e:92:da: 02:72:03:7f:42:64:80:ae:f9:dd:1f:8f:ea:54:6a:8a:f9:eb: ca:bd:d4:92:d9:8e:d2:5a:2d:ff:8c:99:a4:11:4f:17:78:5d: f2:d4:22:d1:43:73:58:f1:dc:5c:98:20:24:45:d2:17:95:4a: 2c:07:36:05 -----BEGIN CERTIFICATE----- MIIFrzCCBJegAwIBAgISAZwExieoRLsCL9aqvIdjAnCGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTI4MTMyMzQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMWEyMWY4NWY5YmYxN2MwMjA5ODdlYTEzMjBkM2Q2M2M1NWFlNDg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtDjEwSMS0dW1Uh0tzW2yxHqQzxd KYkAnw3IEwkZsS28PoHYrknQlMBfyMPFnd+La+tZlAy1YEQpYZRRsijk4v+q44HQ bjLpakdc6rtBWdz/BMeq4Mj8nLEPcSkjPlc3xBh8WJIFInELF3Vrwj2M2h5kRjnw lzho7pRQmXTg5KYxoLxja1y7pxqTdsbV95SWpPp2QojspJRVAMP1uwQO9y+HEQr8 G/7+X/uwAgyFo8XYAOyi6tR+0+qKJYWjsIIaTXC7M+A3aWM4ZzQvGZjuF3Iv68IZ k9dFRYN1KlEDmZ7scT/xsmsbc9ZYbE2uhbiZEpfvrr2DMD3VfOipdg2/fwIDAQAB o4ICuzCCArcwHQYDVR0OBBYEFOGiH4X5vxfAIJh+oTINPWPFWuSJMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2UyLzUzMjA4 ZC02YzMxLTRlMTItYWEyNS04NjI2ODRlY2ViNDYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvNTMyMDhk LTZjMzEtNGUxMi1hYTI1LTg2MjY4NGVjZWI0Ni8xLzRhSWZoZm1fRjhBZ21INmhN ZzA5WThWYTVJay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF BwEHAQH/BCswKTAYBAIAATASAwQCuZosAwQBwYp4AwQA1AY3MA0EAgACMAcDBQMq C1rAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMYMzANBgkqhkiG9w0BAQsFAAOC AQEAdcMoaDlWAKtV39mbdELJ/pv8AhJFIJmbijJrB0OfDXGEXKqq66ens0Tb3s2C T97fvtUXIobB3u9mRDmtpdkVrwtunMTyB5XyzQ5lfxogyXWXozSZvu3gUJFcjCX3 EoZ/dZN6M9FHb4gD9EI4SUGlUXPF8JhniL+Aaj59+bAgZdRE7cg4Tr9MpNOtjjC7 WGSU3wSOgOOaatcWIL5AY0Jql4yqQoF/p/hsTgz/Rl89Oy1FSpqTRdk81jffHqJS VCRXUsnbbpLaAnIDf0JkgK753R+P6lRqivnryr3UktmO0lot/4yZpBFPF3hd8tQi 0UNzWPHcXJggJEXSF5VKLAc2BQ== -----END CERTIFICATE-----Generated at Mon Feb 9 16:51:29 2026 by rpki-client