This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5tF7E2U_8ePngi6x5eChf01PeIE.cer File: 5tF7E2U_8ePngi6x5eChf01PeIE.cer (raw, json) Hash identifier: D3Cnkw+vZVGcMOOrUleXg7flMQVWx+YpCbK+IyhXVeA= Subject key identifier: E6:D1:7B:13:65:3F:F1:E3:E7:82:2E:B1:E5:E0:A1:7F:4D:4F:78:81 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B79ECF40C150059EC733BF64168BD1286 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ba/884e3e-7b53-475c-861f-6acd581d4b0f/1/5tF7E2U_8ePngi6x5eChf01PeIE.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ba/884e3e-7b53-475c-861f-6acd581d4b0f/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 14:18:50 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 57031 IP: 89.22.0.0/21 IP: 2001:67c:7c0::/46 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:f4:0c:15:00:59:ec:73:3b:f6:41:68:bd:12:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 14:18:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e6d17b13653ff1e3e7822eb1e5e0a17f4d4f7881 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:ca:c7:69:2d:16:c2:cb:ff:42:a6:c6:b1:b9: eb:48:69:bc:1d:ce:e0:91:10:11:e4:ec:64:32:6d: a9:7d:74:8d:94:6d:24:8c:25:7f:d8:ab:2b:03:84: 3f:6e:33:5f:07:ab:22:0f:f8:aa:68:1c:b0:a7:36: 77:d5:40:27:19:b3:d2:16:a2:da:73:cd:e9:79:49: a4:b7:15:9f:dc:69:f8:b4:1e:33:79:eb:eb:b5:b3: 39:42:14:f7:4f:b2:3a:39:5c:88:d1:d5:48:18:e2: 1f:37:88:b5:ab:51:c5:2d:7c:28:76:f4:ea:4c:2a: 63:d5:b7:ef:b9:cd:bc:47:21:11:ce:1d:ff:1b:c4: d3:b0:99:b2:f5:49:8d:0b:2b:16:e4:2e:ee:95:ac: fd:11:b2:7a:27:99:d2:18:9e:83:f1:6b:09:70:7a: f6:2c:54:ab:82:19:94:3f:89:96:6d:60:08:7b:d9: bb:2b:af:00:d3:2b:02:fb:90:44:ad:1c:7f:d6:90: a5:3d:71:3c:b3:d6:be:34:bd:d0:5b:82:51:dd:fe: 88:61:c2:8a:66:61:53:47:6a:56:6e:4c:7a:9f:4a: 73:38:53:70:5e:c2:06:79:a2:72:ff:d0:8d:cf:03: b7:29:90:0a:fa:d5:f6:3a:5a:75:4d:f2:ea:0a:c6: fc:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:D1:7B:13:65:3F:F1:E3:E7:82:2E:B1:E5:E0:A1:7F:4D:4F:78:81 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/884e3e-7b53-475c-861f-6acd581d4b0f/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/884e3e-7b53-475c-861f-6acd581d4b0f/1/5tF7E2U_8ePngi6x5eChf01PeIE.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.22.0.0/21 IPv6: 2001:67c:7c0::/46 sbgp-autonomousSysNum: critical Autonomous System Numbers: 57031 Signature Algorithm: sha256WithRSAEncryption 56:39:b1:11:c0:87:38:5e:3c:3a:44:0c:a9:a1:2c:aa:88:54: 74:fc:d0:f4:44:67:54:4b:a6:1d:d6:5c:98:96:9b:a7:82:72: a0:46:a0:24:46:96:44:ed:ec:12:7a:b3:06:ac:b2:a2:e1:c7: c8:d5:08:45:00:ce:ab:d2:a2:59:7a:a4:16:1d:37:42:7b:70: 93:4c:ec:20:e3:f0:02:45:18:1e:0b:74:be:1c:49:ac:f5:c6: 75:f0:dd:1b:c0:15:e5:d7:27:fd:bb:06:49:ec:02:21:0a:bd: 7c:2c:5d:ef:80:0a:2a:3a:9d:43:62:60:f0:7c:e1:ac:d1:7b: 56:0f:65:21:33:03:c8:9a:ab:13:15:60:03:71:6d:87:f1:1f: 5c:b0:1a:ea:e3:4d:36:47:69:d3:c5:0a:5c:82:72:57:aa:01: eb:b9:a5:37:f7:49:4f:cf:31:98:96:df:84:1c:fb:6d:79:72: 0b:f0:eb:ed:ee:f0:e5:66:ba:67:84:52:97:b6:b6:5e:74:01: 02:7a:6d:5b:29:60:9e:6d:93:b0:06:d8:5c:a2:c1:7d:be:5a: 77:68:25:93:e9:a2:46:37:16:6b:8c:6e:7f:9a:05:da:8f:b8: 52:9a:ca:84:6f:7d:f5:28:44:42:8f:a5:91:74:f2:87:c3:fe: 75:ed:6a:5c -----BEGIN CERTIFICATE----- MIIFpTCCBI2gAwIBAgISAZt57PQMFQBZ7HM79kFovRKGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTQxODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlNmQxN2IxMzY1M2ZmMWUzZTc4MjJlYjFlNWUwYTE3ZjRkNGY3ODgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycrHaS0Wwsv/QqbGsbnrSGm8Hc7g kRAR5OxkMm2pfXSNlG0kjCV/2KsrA4Q/bjNfB6siD/iqaBywpzZ31UAnGbPSFqLa c83peUmktxWf3Gn4tB4zeevrtbM5QhT3T7I6OVyI0dVIGOIfN4i1q1HFLXwodvTq TCpj1bfvuc28RyERzh3/G8TTsJmy9UmNCysW5C7ulaz9EbJ6J5nSGJ6D8WsJcHr2 LFSrghmUP4mWbWAIe9m7K68A0ysC+5BErRx/1pClPXE8s9a+NL3QW4JR3f6IYcKK ZmFTR2pWbkx6n0pzOFNwXsIGeaJy/9CNzwO3KZAK+tX2Olp1TfLqCsb86wIDAQAB o4ICsTCCAq0wHQYDVR0OBBYEFObRexNlP/Hj54IuseXgoX9NT3iBMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JhLzg4NGUz ZS03YjUzLTQ3NWMtODYxZi02YWNkNTgxZDRiMGYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEvODg0ZTNl LTdiNTMtNDc1Yy04NjFmLTZhY2Q1ODFkNGIwZi8xLzV0RjdFMlVfOGVQbmdpNng1 ZUNoZjAxUGVJRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUF BwEHAQH/BCEwHzAMBAIAATAGAwQDWRYAMA8EAgACMAkDBwIgAQZ8B8AwGgYIKwYB BQUHAQgBAf8ECzAJoAcwBQIDAN7HMA0GCSqGSIb3DQEBCwUAA4IBAQBWObERwIc4 Xjw6RAypoSyqiFR0/ND0RGdUS6Yd1lyYlpungnKgRqAkRpZE7ewSerMGrLKi4cfI 1QhFAM6r0qJZeqQWHTdCe3CTTOwg4/ACRRgeC3S+HEms9cZ18N0bwBXl1yf9uwZJ 7AIhCr18LF3vgAoqOp1DYmDwfOGs0XtWD2UhMwPImqsTFWADcW2H8R9csBrq4002 R2nTxQpcgnJXqgHruaU390lPzzGYlt+EHPtteXIL8Ovt7vDlZrpnhFKXtrZedAEC em1bKWCebZOwBthcosF9vlp3aCWT6aJGNxZrjG5/mgXaj7hSmsqEb331KERCj6WR dPKHw/517Wpc -----END CERTIFICATE-----Generated at Mon Feb 9 15:05:29 2026 by rpki-client