This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7FraDckAoTyDtwrD9Yf7jC4d8DA.cer File: 7FraDckAoTyDtwrD9Yf7jC4d8DA.cer (raw, json) Hash identifier: onkqRHBwE3WF3OVODx4AbnOcnyqBvTzEX2OZ5uJ+Rik= Subject key identifier: EC:5A:DA:0D:C9:00:A1:3C:83:B7:0A:C3:F5:87:FB:8C:2E:1D:F0:30 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7A5AAE3D981C2687B53D7C797EFBF392 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ea/ca734b-5a0b-4a03-8131-cfefeaee865e/1/7FraDckAoTyDtwrD9Yf7jC4d8DA.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ea/ca734b-5a0b-4a03-8131-cfefeaee865e/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 16:18:41 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 31611 AS: 51580 IP: 5.172.100.0 -- 5.172.127.255 IP: 31.193.16.0/20 IP: 46.17.152.0/21 IP: 80.66.208.0/20 IP: 81.173.100.0/22 IP: 89.105.72.0 -- 89.105.87.255 IP: 109.238.16.0/20 IP: 141.105.152.0/21 IP: 145.14.160.0/19 IP: 178.218.148.0/22 IP: 178.250.64.0/21 IP: 185.5.180.0/22 IP: 185.55.88.0/22 IP: 185.121.148.0/22 IP: 185.139.28.0/22 IP: 185.180.180.0/23 IP: 194.110.56.0/22 IP: 2a01:8440::/32 IP: 2a02:4860::/32 IP: 2a03:5300::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:ae:3d:98:1c:26:87:b5:3d:7c:79:7e:fb:f3:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 16:18:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ec5ada0dc900a13c83b70ac3f587fb8c2e1df030 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:a5:1c:db:39:85:cb:23:6e:da:f2:26:c1:2f: c2:f5:ee:02:1d:8c:96:f7:7e:73:9d:fe:fa:33:c9: db:c9:a9:39:53:89:78:81:c8:2e:55:d4:48:ad:cd: 23:34:b6:37:a3:6b:d4:0c:bd:e0:6a:f7:28:74:b0: 98:d0:6b:71:6a:ea:e1:8b:1d:7c:3f:cb:67:63:fa: 6f:2e:55:a3:95:09:85:76:8a:de:a3:4f:fb:7b:fd: 13:68:fd:a2:ed:da:15:d2:3e:a8:85:51:48:e1:e6: a6:aa:db:88:55:02:c9:a3:ae:bb:44:15:d9:ef:12: 1b:9c:0a:9a:a4:41:06:22:1e:56:3f:c1:70:79:bf: 11:e2:75:bf:92:a6:20:03:e3:f7:1e:39:56:d2:62: 9a:a5:93:fe:b2:ea:cb:09:03:65:ca:86:0f:df:e8: 77:88:d9:ea:35:d3:3c:2b:c2:a9:e1:d7:36:76:ce: 12:ea:24:65:ad:3c:6f:6b:5c:c2:33:97:ec:cd:f2: 10:d7:0e:f1:0f:ee:31:b7:de:26:b8:d1:cc:43:9b: ce:91:bb:77:dd:73:c7:c3:2d:b9:a8:cb:8f:8b:0e: 1d:08:4a:a0:4a:ee:bf:1e:9e:e9:d7:70:22:84:c9: 7d:9d:39:73:d6:0a:3c:4a:19:20:9b:e2:34:cb:12: 0b:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:5A:DA:0D:C9:00:A1:3C:83:B7:0A:C3:F5:87:FB:8C:2E:1D:F0:30 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ca734b-5a0b-4a03-8131-cfefeaee865e/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ca734b-5a0b-4a03-8131-cfefeaee865e/1/7FraDckAoTyDtwrD9Yf7jC4d8DA.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.172.100.0-5.172.127.255 31.193.16.0/20 46.17.152.0/21 80.66.208.0/20 81.173.100.0/22 89.105.72.0-89.105.87.255 109.238.16.0/20 141.105.152.0/21 145.14.160.0/19 178.218.148.0/22 178.250.64.0/21 185.5.180.0/22 185.55.88.0/22 185.121.148.0/22 185.139.28.0/22 185.180.180.0/23 194.110.56.0/22 IPv6: 2a01:8440::/32 2a02:4860::/32 2a03:5300::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 31611 51580 Signature Algorithm: sha256WithRSAEncryption 24:27:71:c4:96:aa:04:54:d8:8e:62:26:37:75:59:17:a2:ee: 7c:7d:e0:d2:29:68:d5:d5:5c:f9:f3:27:26:7e:cb:94:83:25: 17:c2:ac:73:e2:a4:49:82:32:5b:ca:f6:fd:43:f2:ed:77:36: 79:4d:b1:3a:91:27:e3:54:db:cb:e6:31:e5:33:6e:70:ce:84: 12:90:ec:48:e6:bd:ca:3b:d2:0e:31:61:bd:0d:03:5e:18:90: 15:9e:de:04:6c:17:77:a4:b4:67:24:e0:e6:5e:03:5d:a5:f6: 4b:33:c9:8a:f9:e1:f9:6f:0c:67:3c:2b:fc:78:0f:98:ec:6e: c2:01:79:e7:24:8c:95:04:49:3c:eb:bc:f9:3d:1c:88:9e:d0: 3b:9c:86:77:c8:8b:ca:72:74:d8:3f:2f:43:bb:1f:16:df:43: 85:dc:8f:25:76:e9:f4:1c:c2:1e:6f:f9:f8:d3:e7:6d:5d:09: 1d:38:d2:9d:39:c6:89:49:86:54:ee:94:69:a9:e5:46:8b:31: 34:bf:55:11:ae:81:aa:7e:e5:d7:5f:f2:89:16:95:e1:92:9f: 8f:5e:a1:98:04:59:13:4e:b5:dd:cd:bd:7f:96:33:07:5c:86: 06:89:5c:05:14:b0:4b:a5:56:7d:44:84:d8:3e:33:2b:b0:50: 70:56:ed:1e -----BEGIN CERTIFICATE----- MIIGKDCCBRCgAwIBAgISAZt6Wq49mBwmh7U9fHl++/OSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTYxODQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlYzVhZGEwZGM5MDBhMTNjODNiNzBhYzNmNTg3ZmI4YzJlMWRmMDMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqUc2zmFyyNu2vImwS/C9e4CHYyW 935znf76M8nbyak5U4l4gcguVdRIrc0jNLY3o2vUDL3gavcodLCY0Gtxaurhix18 P8tnY/pvLlWjlQmFdoreo0/7e/0TaP2i7doV0j6ohVFI4eamqtuIVQLJo667RBXZ 7xIbnAqapEEGIh5WP8Fweb8R4nW/kqYgA+P3HjlW0mKapZP+surLCQNlyoYP3+h3 iNnqNdM8K8Kp4dc2ds4S6iRlrTxva1zCM5fszfIQ1w7xD+4xt94muNHMQ5vOkbt3 3XPHwy25qMuPiw4dCEqgSu6/Hp7p13AihMl9nTlz1go8Shkgm+I0yxILOQIDAQAB o4IDNDCCAzAwHQYDVR0OBBYEFOxa2g3JAKE8g7cKw/WH+4wuHfAwMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VhL2NhNzM0 Yi01YTBiLTRhMDMtODEzMS1jZmVmZWFlZTg2NWUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEvY2E3MzRi LTVhMGItNGEwMy04MTMxLWNmZWZlYWVlODY1ZS8xLzdGcmFEY2tBb1R5RHR3ckQ5 WWY3akM0ZDhEQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGuBggrBgEF BQcBBwEB/wSBnjCBmzB8BAIAATB2MAwDBAIFrGQDBAcFrAADBAQfwRADBAMuEZgD BARQQtADBAJRrWQwDAMEA1lpSAMEA1lpUAMEBG3uEAMEA41pmAMEBZEOoAMEArLa lAMEA7L6QAMEArkFtAMEArk3WAMEArl5lAMEArmLHAMEAbm0tAMEAsJuODAbBAIA AjAVAwUAKgGEQAMFACoCSGADBQMqA1MAMB4GCCsGAQUFBwEIAQH/BA8wDaALMAkC Ant7AgMAyXwwDQYJKoZIhvcNAQELBQADggEBACQnccSWqgRU2I5iJjd1WRei7nx9 4NIpaNXVXPnzJyZ+y5SDJRfCrHPipEmCMlvK9v1D8u13NnlNsTqRJ+NU28vmMeUz bnDOhBKQ7Ejmvco70g4xYb0NA14YkBWe3gRsF3ektGck4OZeA12l9kszyYr54flv DGc8K/x4D5jsbsIBeeckjJUESTzrvPk9HIie0DuchnfIi8pydNg/L0O7HxbfQ4Xc jyV26fQcwh5v+fjT521dCR040p05xolJhlTulGmp5UaLMTS/VRGugap+5ddf8okW leGSn49eoZgEWRNOtd3NvX+WMwdchgaJXAUUsEulVn1EhNg+MyuwUHBW7R4= -----END CERTIFICATE-----Generated at Mon Feb 9 15:03:57 2026 by rpki-client