This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8WsoQW3b85-ySwmWaGrPrOdsmNU.cer File: 8WsoQW3b85-ySwmWaGrPrOdsmNU.cer (raw, json) Hash identifier: UgNdZ2b1nIKek+rvkO8TWalxKz11c80WzzoV87VQPXI= Subject key identifier: F1:6B:28:41:6D:DB:F3:9F:B2:4B:09:96:68:6A:CF:AC:E7:6C:98:D5 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7E37880E14CD14A6C994B352820EAC4F Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b9/b165ca-2f33-4e8e-a896-cdaa581518f3/1/8WsoQW3b85-ySwmWaGrPrOdsmNU.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b9/b165ca-2f33-4e8e-a896-cdaa581518f3/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 10:18:47 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 85.119.104.0/21 IP: 185.85.112.0/22 IP: 2a01:9780::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:88:0e:14:cd:14:a6:c9:94:b3:52:82:0e:ac:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 10:18:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f16b28416ddbf39fb24b0996686acface76c98d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:59:69:55:1d:8e:6d:9d:88:b2:f1:84:31:d6: d4:18:93:70:1b:27:82:f8:ff:91:96:99:3d:33:78: 2d:c7:ec:dc:ff:6d:9a:c4:0d:78:6a:97:a5:a2:17: 35:15:01:3f:c3:0d:ff:51:29:4d:a8:af:c6:31:87: f2:84:d7:fe:bb:2b:8b:e7:0c:b5:20:bc:e7:45:57: ab:97:15:07:a5:69:dd:52:f3:f0:ab:01:66:64:83: b6:cd:26:a3:2a:c5:55:af:74:f7:9f:47:f9:e3:50: 56:6f:3c:ef:b5:ad:54:8d:51:82:4b:8b:c2:5f:9b: 30:0c:46:9d:04:23:b9:d2:24:8c:ec:b0:d5:03:24: b7:a0:f8:f6:f3:c7:71:f4:a1:92:85:2e:78:7d:12: da:d6:b7:41:91:fd:c2:75:6f:66:47:8f:cb:4a:38: a5:89:8f:27:92:fc:52:d4:3c:8f:74:81:cb:8a:5d: cb:4a:da:08:74:d9:d2:dc:68:db:0b:07:85:d6:92: 69:1e:62:bc:5a:e1:fa:e2:ad:b5:19:1a:11:ca:c2: 70:0f:03:af:8c:59:e5:43:6d:4c:32:d0:91:80:85: fc:f2:37:5f:42:9c:72:b8:f3:ad:90:24:35:00:96: 5b:ce:c9:f0:04:9d:ae:cc:01:0e:95:6f:c3:3f:51: 05:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:6B:28:41:6D:DB:F3:9F:B2:4B:09:96:68:6A:CF:AC:E7:6C:98:D5 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/b165ca-2f33-4e8e-a896-cdaa581518f3/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/b165ca-2f33-4e8e-a896-cdaa581518f3/1/8WsoQW3b85-ySwmWaGrPrOdsmNU.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.119.104.0/21 185.85.112.0/22 IPv6: 2a01:9780::/32 Signature Algorithm: sha256WithRSAEncryption 50:d8:0c:1c:b1:6d:77:4e:12:52:82:26:94:fc:a2:f1:36:fd: e2:11:c2:00:6b:a7:e6:0a:0b:28:43:4c:dd:e0:1d:78:1a:c4: c5:45:10:b6:a3:d1:53:d4:5c:b2:a2:c2:25:77:4c:8e:e2:3c: 2c:c2:24:15:a6:d1:81:94:05:c3:be:09:ae:55:0d:2c:dc:19: eb:5b:53:98:f9:dd:1a:50:52:db:ed:d0:a0:d1:7f:9f:54:64: 40:f7:91:c8:a2:a3:72:70:df:95:85:ba:98:b2:27:bc:bc:c8: 5a:28:27:b5:a6:19:91:ae:5d:43:bd:a6:f0:fa:70:72:3e:7c: 7d:b4:12:5a:a9:1c:40:dc:bf:14:79:dd:a9:cc:14:c4:2f:a6: 62:7c:b7:40:ba:90:92:9a:dc:a0:61:c2:31:95:b1:a9:ea:4a: 52:13:8c:a0:2c:04:c0:b6:1c:bc:19:d9:6e:c6:c3:a9:4d:2b: 3c:32:1b:39:f0:25:7e:89:0b:0c:f0:8c:4f:09:a8:a7:6c:c6: 7c:41:2d:39:e7:63:4c:60:ca:f5:3b:66:48:0f:65:f4:cd:18: 86:df:e1:fe:0c:a9:17:70:ee:c2:ae:1b:0b:4d:1c:50:4c:43: ce:94:bb:f5:89:07:60:5a:e7:e2:60:ac:98:62:1a:b5:e6:62: e1:84:e3:d7 -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgISAZt+N4gOFM0UpsmUs1KCDqxPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTAxODQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMTZiMjg0MTZkZGJmMzlmYjI0YjA5OTY2ODZhY2ZhY2U3NmM5OGQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzllpVR2ObZ2IsvGEMdbUGJNwGyeC +P+Rlpk9M3gtx+zc/22axA14apelohc1FQE/ww3/USlNqK/GMYfyhNf+uyuL5wy1 ILznRVerlxUHpWndUvPwqwFmZIO2zSajKsVVr3T3n0f541BWbzzvta1UjVGCS4vC X5swDEadBCO50iSM7LDVAyS3oPj288dx9KGShS54fRLa1rdBkf3CdW9mR4/LSjil iY8nkvxS1DyPdIHLil3LStoIdNnS3GjbCweF1pJpHmK8WuH64q21GRoRysJwDwOv jFnlQ21MMtCRgIX88jdfQpxyuPOtkCQ1AJZbzsnwBJ2uzAEOlW/DP1EFmQIDAQAB o4ICmTCCApUwHQYDVR0OBBYEFPFrKEFt2/OfsksJlmhqz6znbJjVMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I5L2IxNjVj YS0yZjMzLTRlOGUtYTg5Ni1jZGFhNTgxNTE4ZjMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkvYjE2NWNh LTJmMzMtNGU4ZS1hODk2LWNkYWE1ODE1MThmMy8xLzhXc29RVzNiODUteVN3bVdh R3JQck9kc21OVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF BwEHAQH/BCUwIzASBAIAATAMAwQDVXdoAwQCuVVwMA0EAgACMAcDBQAqAZeAMA0G CSqGSIb3DQEBCwUAA4IBAQBQ2AwcsW13ThJSgiaU/KLxNv3iEcIAa6fmCgsoQ0zd 4B14GsTFRRC2o9FT1FyyosIld0yO4jwswiQVptGBlAXDvgmuVQ0s3BnrW1OY+d0a UFLb7dCg0X+fVGRA95HIoqNycN+VhbqYsie8vMhaKCe1phmRrl1Dvabw+nByPnx9 tBJaqRxA3L8Ued2pzBTEL6ZifLdAupCSmtygYcIxlbGp6kpSE4ygLATAthy8Gdlu xsOpTSs8Mhs58CV+iQsM8IxPCainbMZ8QS0552NMYMr1O2ZID2X0zRiG3+H+DKkX cO7CrhsLTRxQTEPOlLv1iQdgWufiYKyYYhq15mLhhOPX -----END CERTIFICATE-----Generated at Mon Feb 9 15:08:00 2026 by rpki-client