This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5CAqP8Go6Fyd_S1l0xmoDdH7kX0.cer File: 5CAqP8Go6Fyd_S1l0xmoDdH7kX0.cer (raw, json) Hash identifier: HyOEvUTFxrB6I4Uj1k+u6F2V3eoFI52LMr6VBM6hi7E= Subject key identifier: E4:20:2A:3F:C1:A8:E8:5C:9D:FD:2D:65:D3:19:A8:0D:D1:FB:91:7D Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7CEE425EF76505657174589D6FE8CE6E Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/88/0cf7b9-938f-4c17-8ec7-d18d1ea568f5/1/5CAqP8Go6Fyd_S1l0xmoDdH7kX0.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/88/0cf7b9-938f-4c17-8ec7-d18d1ea568f5/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 04:19:07 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 208348 IP: 36.255.240.0/23 IP: 45.142.160.0/22 IP: 103.30.226.0/23 IP: 103.244.146.0/23 IP: 170.117.202.0/23 IP: 193.3.241.0/24 IP: 2a0e:f240::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ee:42:5e:f7:65:05:65:71:74:58:9d:6f:e8:ce:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 04:19:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e4202a3fc1a8e85c9dfd2d65d319a80dd1fb917d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:d7:d5:25:96:41:39:69:eb:77:e5:e0:9f:c8: c6:2a:86:5d:4f:c3:32:19:c6:fa:8d:48:ce:5b:8d: 0b:34:53:40:91:9a:29:63:5e:60:ad:ec:2e:2b:56: 38:48:1d:b7:02:0b:11:bd:7b:51:3f:e5:bb:d3:e7: fe:85:56:2a:7f:1f:e8:2d:0c:13:76:66:ca:68:d6: 6d:18:2b:12:9d:6b:10:7e:ff:fc:15:df:fc:9b:1c: 38:a4:4c:3b:45:e7:b8:d8:96:eb:b3:75:80:c6:8d: 6d:23:47:66:43:1b:15:6c:c0:3b:ef:5c:7b:67:98: da:3f:be:9f:5b:64:61:13:0c:c1:23:ae:0c:e8:57: e3:39:bc:a3:60:88:b9:dd:61:ff:81:4a:d3:38:4c: db:eb:17:b0:c7:f5:5f:13:e0:15:86:bd:62:17:58: 27:ed:05:ea:4d:fa:dc:24:00:a4:c3:79:4b:22:d8: e3:27:10:06:c1:70:6c:9c:28:1a:49:5a:c2:bd:eb: 31:db:79:d7:40:2e:80:3d:78:e9:0b:bf:ec:e0:15: e8:6b:8a:c2:92:c7:06:a9:6a:7f:59:2c:88:0a:c9: 36:f8:49:4c:cc:21:0f:dc:0b:1d:29:5b:7c:4e:61: 92:78:17:a9:be:af:8d:e2:ae:20:a8:cb:f1:17:32: 01:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:20:2A:3F:C1:A8:E8:5C:9D:FD:2D:65:D3:19:A8:0D:D1:FB:91:7D X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/0cf7b9-938f-4c17-8ec7-d18d1ea568f5/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/0cf7b9-938f-4c17-8ec7-d18d1ea568f5/1/5CAqP8Go6Fyd_S1l0xmoDdH7kX0.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 36.255.240.0/23 45.142.160.0/22 103.30.226.0/23 103.244.146.0/23 170.117.202.0/23 193.3.241.0/24 IPv6: 2a0e:f240::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 208348 Signature Algorithm: sha256WithRSAEncryption 33:56:9d:83:5e:93:6f:50:03:a1:33:9e:0b:41:75:32:12:c9: 7b:f4:96:c7:b2:77:50:fa:9e:89:a4:e7:bc:28:49:18:65:cf: a8:e2:75:18:b0:bd:80:80:16:fc:38:8e:83:d8:44:0a:09:ea: ad:3c:76:70:b3:22:c3:b2:54:a9:e2:39:47:8f:a7:62:3b:dd: d9:41:b8:c6:9b:da:3c:6c:0c:8d:d8:bc:0d:a0:52:fe:e9:b7: a4:db:37:8d:40:a2:95:b5:80:9e:27:c4:d6:6b:c8:4f:19:7b: 46:14:e9:c4:dc:5d:8d:2d:94:81:c3:33:36:f7:74:d6:5b:5f: 55:d2:ec:13:cd:a5:b3:96:0b:da:59:3d:db:59:10:c8:cb:51: 20:15:77:15:2d:a9:33:6d:dc:1a:f0:f8:cb:ea:a4:fe:8b:34: a4:26:d8:d8:e0:3c:89:27:ae:59:2e:4f:68:27:b2:e0:78:5a: 1e:51:83:09:6c:2b:f5:69:c8:59:9c:13:9c:dc:d9:77:7e:b7: 3b:9a:12:25:e3:3c:85:f5:5c:66:8e:1f:06:4d:61:41:53:d7: df:eb:06:ff:39:68:f6:33:8b:a2:07:95:f8:99:b6:7a:02:48: 02:89:58:aa:44:b4:12:64:74:87:92:d6:1b:5c:b9:f6:34:8b: 21:21:a4:de -----BEGIN CERTIFICATE----- MIIFwTCCBKmgAwIBAgISAZt87kJe92UFZXF0WJ1v6M5uMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDQxOTA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlNDIwMmEzZmMxYThlODVjOWRmZDJkNjVkMzE5YTgwZGQxZmI5MTdkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdfVJZZBOWnrd+Xgn8jGKoZdT8My Gcb6jUjOW40LNFNAkZopY15grewuK1Y4SB23AgsRvXtRP+W70+f+hVYqfx/oLQwT dmbKaNZtGCsSnWsQfv/8Fd/8mxw4pEw7Ree42Jbrs3WAxo1tI0dmQxsVbMA771x7 Z5jaP76fW2RhEwzBI64M6FfjObyjYIi53WH/gUrTOEzb6xewx/VfE+AVhr1iF1gn 7QXqTfrcJACkw3lLItjjJxAGwXBsnCgaSVrCvesx23nXQC6APXjpC7/s4BXoa4rC kscGqWp/WSyICsk2+ElMzCEP3AsdKVt8TmGSeBepvq+N4q4gqMvxFzIBRwIDAQAB o4ICzTCCAskwHQYDVR0OBBYEFOQgKj/BqOhcnf0tZdMZqA3R+5F9MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg4LzBjZjdi OS05MzhmLTRjMTctOGVjNy1kMThkMWVhNTY4ZjUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgvMGNmN2I5 LTkzOGYtNGMxNy04ZWM3LWQxOGQxZWE1NjhmNS8xLzVDQXFQOEdvNkZ5ZF9TMWww eG1vRGRIN2tYMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEwGCCsGAQUF BwEHAQH/BD0wOzAqBAIAATAkAwQBJP/wAwQCLY6gAwQBZx7iAwQBZ/SSAwQBqnXK AwQAwQPxMA0EAgACMAcDBQMqDvJAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMt 3DANBgkqhkiG9w0BAQsFAAOCAQEAM1adg16Tb1ADoTOeC0F1MhLJe/SWx7J3UPqe iaTnvChJGGXPqOJ1GLC9gIAW/DiOg9hECgnqrTx2cLMiw7JUqeI5R4+nYjvd2UG4 xpvaPGwMjdi8DaBS/um3pNs3jUCilbWAnifE1mvITxl7RhTpxNxdjS2UgcMzNvd0 1ltfVdLsE82ls5YL2lk921kQyMtRIBV3FS2pM23cGvD4y+qk/os0pCbY2OA8iSeu WS5PaCey4HhaHlGDCWwr9WnIWZwTnNzZd363O5oSJeM8hfVcZo4fBk1hQVPX3+sG /zlo9jOLogeV+Jm2egJIAolYqkS0EmR0h5LWG1y59jSLISGk3g== -----END CERTIFICATE-----Generated at Mon Feb 9 15:05:32 2026 by rpki-client