This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer File: 4tDEmg6X4NXzztO3trn3LKDLU9Y.cer (raw, json) Hash identifier: Mdmutg7j2OpOGnbZiXsWv7etXXNo1b3AATNuWR/fbR8= Subject key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7910EB2082D459478676D9397BB1712A Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 10:18:30 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 50495 AS: 199438 AS: 204646 IP: 2.56.20.0/22 IP: 2.58.12.0/22 IP: 5.180.220.0/22 IP: 5.183.92.0/22 IP: 5.253.240.0/22 IP: 45.10.232.0/22 IP: 45.13.92.0/22 IP: 45.80.164.0/22 IP: 45.82.220.0/22 IP: 45.86.160.0/22 IP: 45.89.208.0/22 IP: 45.93.96.0/22 IP: 45.135.16.0/22 IP: 45.137.244.0/22 IP: 45.142.80.0/22 IP: 45.146.204.0/22 IP: 45.153.40.0/22 IP: 46.30.188.0/22 IP: 62.192.180.0/22 IP: 77.83.232.0/22 IP: 83.136.221.0/24 IP: 84.39.200.0/22 IP: 85.208.32.0/22 IP: 91.204.48.0/22 IP: 91.223.99.0/24 IP: 91.223.102.0/24 IP: 91.223.126.0/24 IP: 91.223.163.0/24 IP: 91.239.64.0/24 IP: 92.118.12.0/22 IP: 92.246.68.0/22 IP: 96.125.144.0/20 IP: 147.78.112.0/22 IP: 171.22.4.0/22 IP: 171.22.248.0/22 IP: 176.119.202.0/24 IP: 185.134.220.0/22 IP: 185.166.253.0/24 IP: 185.244.8.0/22 IP: 185.247.188.0/22 IP: 185.253.196.0/22 IP: 193.31.32.0/22 IP: 193.42.224.0/22 IP: 194.5.224.0/22 IP: 194.39.32.0/22 IP: 194.93.52.0/22 IP: 194.116.248.0/22 IP: 195.38.0.0/22 IP: 195.234.99.0/24 IP: 212.103.40.0/22 IP: 2a06:ef40::/29 IP: 2a09:2c00::/29 IP: 2a09:6440::/29 IP: 2a0c:4440::/29 IP: 2a0d:2080::/29 IP: 2a0d:8440::/29 IP: 2a0e:e100::/29 IP: 2a0e:e400::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:eb:20:82:d4:59:47:86:76:d9:39:7b:b1:71:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 10:18:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:e5:dc:80:7b:94:ba:26:5e:a1:af:fa:82:0b: 7c:28:5c:c7:22:b2:ee:08:e3:55:a9:f8:a6:df:9e: 7b:3f:c8:fa:b3:ef:ae:f6:7d:49:8b:d2:05:25:f7: cd:6b:eb:85:93:99:6e:98:b9:93:2c:37:53:3c:30: 43:f1:3d:67:97:91:46:d2:b8:0c:d1:8a:8f:5b:47: 3c:7b:95:3c:8a:13:47:e7:de:95:a5:00:0f:6e:4f: 63:8c:c2:00:2e:b4:d0:0a:62:5c:9e:87:b1:73:22: 91:89:c5:8a:cb:80:af:96:85:a2:c0:57:09:3e:5a: 5e:c6:6f:6f:eb:13:90:9d:a1:c6:59:9b:63:0a:73: bd:23:cb:8a:d4:40:ad:7e:2f:7a:a2:7f:c6:66:23: 6f:da:24:10:97:57:cf:61:af:69:fb:65:f3:c9:3c: 42:3d:78:f9:54:80:da:6c:97:52:06:a8:4f:9a:aa: 87:43:6c:5a:1a:f1:5e:11:3b:09:c4:1d:68:63:1c: 4a:f3:0d:4c:4e:aa:74:93:36:ce:45:4a:fe:b9:1a: 7c:87:c9:c6:ca:d4:09:68:ee:c9:54:59:8d:e4:56: f4:c3:ef:57:fd:70:6c:42:de:4d:53:a0:79:f6:a4: 23:70:02:3e:b6:dc:e1:03:af:f4:8c:d8:be:42:9f: 1d:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.56.20.0/22 2.58.12.0/22 5.180.220.0/22 5.183.92.0/22 5.253.240.0/22 45.10.232.0/22 45.13.92.0/22 45.80.164.0/22 45.82.220.0/22 45.86.160.0/22 45.89.208.0/22 45.93.96.0/22 45.135.16.0/22 45.137.244.0/22 45.142.80.0/22 45.146.204.0/22 45.153.40.0/22 46.30.188.0/22 62.192.180.0/22 77.83.232.0/22 83.136.221.0/24 84.39.200.0/22 85.208.32.0/22 91.204.48.0/22 91.223.99.0/24 91.223.102.0/24 91.223.126.0/24 91.223.163.0/24 91.239.64.0/24 92.118.12.0/22 92.246.68.0/22 96.125.144.0/20 147.78.112.0/22 171.22.4.0/22 171.22.248.0/22 176.119.202.0/24 185.134.220.0/22 185.166.253.0/24 185.244.8.0/22 185.247.188.0/22 185.253.196.0/22 193.31.32.0/22 193.42.224.0/22 194.5.224.0/22 194.39.32.0/22 194.93.52.0/22 194.116.248.0/22 195.38.0.0/22 195.234.99.0/24 212.103.40.0/22 IPv6: 2a06:ef40::/29 2a09:2c00::/29 2a09:6440::/29 2a0c:4440::/29 2a0d:2080::/29 2a0d:8440::/29 2a0e:e100::/29 2a0e:e400::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 50495 199438 204646 Signature Algorithm: sha256WithRSAEncryption 6b:09:4a:93:3d:c9:47:61:ce:ca:c6:21:87:11:3f:74:7b:c8: 1f:87:07:45:48:27:63:54:bc:ab:34:04:e4:d9:00:d6:3b:16: 5a:a9:75:17:96:2c:9e:7e:75:34:5d:ec:c5:50:95:a3:19:06: 8d:c9:88:37:b9:d1:2c:48:d9:99:c7:6e:d7:4a:e3:d9:ca:b4: 6c:34:f9:dd:3a:d4:bc:c4:9f:58:4d:79:0b:7b:64:4a:cb:8f: 43:fc:49:ab:d5:7e:14:de:ac:92:20:6c:5b:4e:5e:f3:c9:e2: cd:20:dc:22:1a:79:39:e9:6f:63:59:fa:12:7d:da:bc:62:e3: ab:13:6c:99:a1:b9:70:69:b1:78:68:b8:eb:14:b6:6a:eb:87: 48:3a:2d:79:43:71:83:87:5a:57:2d:fe:cb:7d:39:52:d6:e2: e2:a1:ea:58:03:af:7e:bc:a7:3e:27:2a:82:57:ce:cf:d4:f7: b2:da:e6:64:2f:38:0f:db:c5:2c:54:a6:d1:63:ac:fb:ee:de: d6:57:3b:47:03:73:74:94:6b:2d:57:c4:36:8c:10:92:e2:86: 98:d7:42:ab:3d:7c:e8:cf:3a:09:fb:e5:70:d6:21:3f:ae:f3: 21:fd:1b:54:6e:de:4c:08:0c:19:76:15:bc:be:0e:b2:2d:d0: 57:d5:f4:9b -----BEGIN CERTIFICATE----- MIIHDjCCBfagAwIBAgISAZt5EOsggtRZR4Z22Tl7sXEqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTAxODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMmQwYzQ5YTBlOTdlMGQ1ZjNjZWQzYjdiNmI5ZjcyY2EwY2I1M2Q2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OXcgHuUuiZeoa/6ggt8KFzHIrLu CONVqfim3557P8j6s++u9n1Ji9IFJffNa+uFk5lumLmTLDdTPDBD8T1nl5FG0rgM 0YqPW0c8e5U8ihNH596VpQAPbk9jjMIALrTQCmJcnoexcyKRicWKy4CvloWiwFcJ Plpexm9v6xOQnaHGWZtjCnO9I8uK1ECtfi96on/GZiNv2iQQl1fPYa9p+2XzyTxC PXj5VIDabJdSBqhPmqqHQ2xaGvFeETsJxB1oYxxK8w1MTqp0kzbORUr+uRp8h8nG ytQJaO7JVFmN5Fb0w+9X/XBsQt5NU6B59qQjcAI+ttzhA6/0jNi+Qp8dFwIDAQAB o4IEGjCCBBYwHQYDVR0OBBYEFOLQxJoOl+DV887Tt7a59yygy1PWMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2QwLzlmMGY3 YS0xMWViLTQzODMtYmM2YS00NjkwYTAwNzE0MWYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAvOWYwZjdh LTExZWItNDM4My1iYzZhLTQ2OTBhMDA3MTQxZi8xLzR0REVtZzZYNE5Yenp0TzN0 cm4zTEtETFU5WS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBjQYIKwYB BQUHAQcBAf8EggF8MIIBeDCCATQEAgABMIIBLAMEAgI4FAMEAgI6DAMEAgW03AME AgW3XAMEAgX98AMEAi0K6AMEAi0NXAMEAi1QpAMEAi1S3AMEAi1WoAMEAi1Z0AME Ai1dYAMEAi2HEAMEAi2J9AMEAi2OUAMEAi2SzAMEAi2ZKAMEAi4evAMEAj7AtAME Ak1T6AMEAFOI3QMEAlQnyAMEAlXQIAMEAlvMMAMEAFvfYwMEAFvfZgMEAFvffgME AFvfowMEAFvvQAMEAlx2DAMEAlz2RAMEBGB9kAMEApNOcAMEAqsWBAMEAqsW+AME ALB3ygMEArmG3AMEALmm/QMEArn0CAMEArn3vAMEArn9xAMEAsEfIAMEAsEq4AME AsIF4AMEAsInIAMEAsJdNAMEAsJ0+AMEAsMmAAMEAMPqYwMEAtRnKDA+BAIAAjA4 AwUDKgbvQAMFAyoJLAADBQMqCWRAAwUDKgxEQAMFAyoNIIADBQMqDYRAAwUDKg7h AAMFAyoO5AAwJAYIKwYBBQUHAQgBAf8EFTAToBEwDwIDAMU/AgMDCw4CAwMfZjAN BgkqhkiG9w0BAQsFAAOCAQEAawlKkz3JR2HOysYhhxE/dHvIH4cHRUgnY1S8qzQE 5NkA1jsWWql1F5Ysnn51NF3sxVCVoxkGjcmIN7nRLEjZmcdu10rj2cq0bDT53TrU vMSfWE15C3tkSsuPQ/xJq9V+FN6skiBsW05e88nizSDcIhp5OelvY1n6En3avGLj qxNsmaG5cGmxeGi46xS2auuHSDoteUNxg4daVy3+y305Utbi4qHqWAOvfrynPicq glfOz9T3strmZC84D9vFLFSm0WOs++7e1lc7RwNzdJRrLVfENowQkuKGmNdCqz18 6M86CfvlcNYhP67zIf0bVG7eTAgMGXYVvL4Osi3QV9X0mw== -----END CERTIFICATE-----Generated at Sun Jan 25 01:50:28 2026 by rpki-client