This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5JWsuv5G7y9NbFH88jvXL2Oc_Qs.cer File: 5JWsuv5G7y9NbFH88jvXL2Oc_Qs.cer (raw, json) Hash identifier: Q7wKDUjrKL9keZFczjGXnomd8VkEK3iqfeUCmuCBu0U= Subject key identifier: E4:95:AC:BA:FE:46:EF:2F:4D:6C:51:FC:F2:3B:D7:2F:63:9C:FD:0B Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7C80D5422BA724DC4E760A05E3903432 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b3/440877-319d-4630-a691-7991b4e4bfa2/1/5JWsuv5G7y9NbFH88jvXL2Oc_Qs.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b3/440877-319d-4630-a691-7991b4e4bfa2/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 02:19:36 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 12453 IP: 2.56.160.0/22 IP: 91.223.248.0/24 IP: 185.31.52.0/22 IP: 185.85.32.0/22 IP: 185.155.124.0/22 IP: 185.224.24.0/22 IP: 194.32.208.0/24 IP: 194.59.177.0/24 IP: 195.93.174.0/23 IP: 2a0d:5dc0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:d5:42:2b:a7:24:dc:4e:76:0a:05:e3:90:34:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 02:19:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e495acbafe46ef2f4d6c51fcf23bd72f639cfd0b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:b5:9b:73:fa:3a:dc:cd:77:fc:ab:3b:30:c6: 76:2b:4f:7d:34:f5:28:fa:4e:9f:bf:ff:a5:62:b6: 39:ba:7b:80:c1:6d:1d:fb:14:e6:0a:66:1f:48:1c: 5d:e7:38:bf:8e:87:18:df:e9:20:fb:04:cf:a9:e9: a5:88:8c:92:77:4b:45:45:7e:52:73:63:e9:e6:3a: 59:13:78:7f:96:f2:d3:c7:39:e4:2d:3d:b1:33:44: e0:7f:0a:0f:1d:5e:3f:fb:ce:92:5d:f6:4a:6a:97: 3e:dd:41:19:36:90:24:6c:75:6e:8d:93:b8:2b:c1: 2e:a8:96:97:63:10:8c:08:b1:a0:87:fb:4a:c9:dc: 05:6b:6f:0f:4e:2a:66:aa:a3:96:c7:6a:d1:d9:6e: b0:ec:47:88:e7:fa:41:2d:c8:72:5f:ee:05:16:c3: c9:37:08:8f:ab:c4:7c:57:a9:9e:5f:73:5e:87:a5: e1:72:f3:83:3d:4d:22:d8:a6:16:37:f8:65:6d:f1: 09:77:88:ff:d7:d2:b1:c9:90:56:7f:80:1e:c6:bd: 51:e7:a3:92:5c:55:11:8a:cd:13:6c:9d:6d:9f:d4: fa:c1:4d:c1:17:3e:86:30:51:1c:4d:40:cd:ae:36: de:e3:6a:3c:a2:16:15:e3:01:a5:8c:39:73:8a:3f: 66:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:95:AC:BA:FE:46:EF:2F:4D:6C:51:FC:F2:3B:D7:2F:63:9C:FD:0B X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/440877-319d-4630-a691-7991b4e4bfa2/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/440877-319d-4630-a691-7991b4e4bfa2/1/5JWsuv5G7y9NbFH88jvXL2Oc_Qs.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.56.160.0/22 91.223.248.0/24 185.31.52.0/22 185.85.32.0/22 185.155.124.0/22 185.224.24.0/22 194.32.208.0/24 194.59.177.0/24 195.93.174.0/23 IPv6: 2a0d:5dc0::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 12453 Signature Algorithm: sha256WithRSAEncryption 3c:6a:1c:c7:a0:62:45:b7:04:61:a0:83:57:ed:e2:f6:91:80: 92:f2:dc:78:24:a7:ff:75:eb:8b:e4:51:fa:cf:07:95:2c:88: 95:9a:19:6d:89:ef:e2:0a:6a:62:33:57:b2:2c:ac:1a:f5:b6: 35:27:65:dd:88:24:bc:8a:b3:ac:ea:27:15:a1:e6:34:51:6e: 4a:ee:94:c1:05:c0:c8:15:14:78:63:83:1d:ed:46:3b:ad:59: 60:fa:de:48:af:e2:58:fc:6a:1b:c9:3a:0f:e2:c9:f9:6f:00: d0:8a:d4:72:c7:dc:9b:35:d6:96:39:8b:66:e9:92:c4:2b:55: 85:18:8e:81:ac:de:d8:40:95:b4:91:38:5a:42:80:92:ce:86: cd:20:98:23:96:95:92:b6:4e:3f:8a:09:fa:55:ef:dd:e5:bd: 8d:b8:d6:9e:d9:75:37:6d:94:6a:07:2e:48:f7:c5:6d:6c:d9: 89:1f:1c:a4:97:a7:c2:12:e9:c2:35:e0:90:51:c1:cc:80:4f: 01:33:57:c5:1b:11:50:12:71:3d:c8:d7:5d:f6:28:c1:1e:19: 31:46:80:d3:ea:c0:8d:90:cb:c4:bc:10:64:fb:6b:c3:8d:8f: ef:47:8f:5f:71:62:fa:2f:b1:c1:08:28:b5:50:b2:46:06:c1: 5b:61:a3:31 -----BEGIN CERTIFICATE----- MIIF0jCCBLqgAwIBAgISAZt8gNVCK6ck3E52CgXjkDQyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDIxOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlNDk1YWNiYWZlNDZlZjJmNGQ2YzUxZmNmMjNiZDcyZjYzOWNmZDBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrWbc/o63M13/Ks7MMZ2K099NPUo +k6fv/+lYrY5unuAwW0d+xTmCmYfSBxd5zi/jocY3+kg+wTPqemliIySd0tFRX5S c2Pp5jpZE3h/lvLTxznkLT2xM0TgfwoPHV4/+86SXfZKapc+3UEZNpAkbHVujZO4 K8EuqJaXYxCMCLGgh/tKydwFa28PTipmqqOWx2rR2W6w7EeI5/pBLchyX+4FFsPJ NwiPq8R8V6meX3Neh6XhcvODPU0i2KYWN/hlbfEJd4j/19KxyZBWf4Aexr1R56OS XFURis0TbJ1tn9T6wU3BFz6GMFEcTUDNrjbe42o8ohYV4wGljDlzij9mswIDAQAB o4IC3jCCAtowHQYDVR0OBBYEFOSVrLr+Ru8vTWxR/PI71y9jnP0LMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IzLzQ0MDg3 Ny0zMTlkLTQ2MzAtYTY5MS03OTkxYjRlNGJmYTIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMvNDQwODc3 LTMxOWQtNDYzMC1hNjkxLTc5OTFiNGU0YmZhMi8xLzVKV3N1djVHN3k5TmJGSDg4 anZYTDJPY19Rcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF4GCCsGAQUF BwEHAQH/BE8wTTA8BAIAATA2AwQCAjigAwQAW9/4AwQCuR80AwQCuVUgAwQCuZt8 AwQCueAYAwQAwiDQAwQAwjuxAwQBw12uMA0EAgACMAcDBQMqDV3AMBkGCCsGAQUF BwEIAQH/BAowCKAGMAQCAjClMA0GCSqGSIb3DQEBCwUAA4IBAQA8ahzHoGJFtwRh oINX7eL2kYCS8tx4JKf/deuL5FH6zweVLIiVmhltie/iCmpiM1eyLKwa9bY1J2Xd iCS8irOs6icVoeY0UW5K7pTBBcDIFRR4Y4Md7UY7rVlg+t5Ir+JY/GobyToP4sn5 bwDQitRyx9ybNdaWOYtm6ZLEK1WFGI6BrN7YQJW0kThaQoCSzobNIJgjlpWStk4/ ign6Ve/d5b2NuNae2XU3bZRqBy5I98VtbNmJHxykl6fCEunCNeCQUcHMgE8BM1fF GxFQEnE9yNdd9ijBHhkxRoDT6sCNkMvEvBBk+2vDjY/vR49fcWL6L7HBCCi1ULJG BsFbYaMx -----END CERTIFICATE-----Generated at Mon Feb 9 15:09:30 2026 by rpki-client