This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8tQRaXXT6HvYoo5kPGmjCB3gAZ8.cer File: 8tQRaXXT6HvYoo5kPGmjCB3gAZ8.cer (raw, json) Hash identifier: 13g1LgX+sh2sWnd4TY/IEDXLnCsqrLRw6xF1lTGblJ8= Subject key identifier: F2:D4:11:69:75:D3:E8:7B:D8:A2:8E:64:3C:69:A3:08:1D:E0:01:9F Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B77593788B9E95CFDDC0361945F661B6A Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/7f/5996e1-2ff0-4bb7-a880-faab9cae1e81/1/8tQRaXXT6HvYoo5kPGmjCB3gAZ8.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/7f/5996e1-2ff0-4bb7-a880-faab9cae1e81/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 02:18:14 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 25297 IP: 195.234.167.0/24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:37:88:b9:e9:5c:fd:dc:03:61:94:5f:66:1b:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 02:18:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f2d4116975d3e87bd8a28e643c69a3081de0019f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:08:5b:24:8b:ce:d3:7c:4f:8e:f6:7d:e5:85: d6:49:6c:9e:2f:5a:f0:90:f8:53:b0:02:a1:20:17: f7:98:13:0b:13:7a:0f:2f:1c:35:ec:ae:66:1c:e3: 51:fd:89:ef:0c:81:ff:53:86:40:4a:93:38:09:8d: 16:23:f5:dc:96:e9:3d:6b:f0:4e:4d:1d:da:63:46: 6f:aa:15:73:94:ef:86:78:ce:ff:fd:41:30:d6:e0: a7:df:02:5d:99:f2:c6:b3:a1:a7:e0:02:c2:4f:f8: ff:ea:10:70:bc:f1:b5:45:43:a4:69:9a:2f:e6:62: 50:e9:6a:50:32:c4:25:8d:05:bf:88:b4:d0:6d:61: 87:66:06:c0:7d:c7:72:54:d6:d3:1b:74:2f:db:69: 23:50:52:b6:6a:90:7a:20:d1:d8:b8:64:31:06:d7: 1f:ca:12:eb:d8:29:6a:b7:91:7c:15:4f:a8:cd:2f: 02:37:f9:66:3b:4a:e9:b6:e2:8d:ab:89:ac:06:ef: e7:e2:10:31:f1:45:ba:c1:39:e9:78:84:62:ed:a5: ea:75:d4:6c:0b:29:66:3d:a7:7a:e7:97:64:b0:ca: 54:76:23:6e:5a:06:0a:44:75:d5:25:db:83:99:5f: 21:21:86:a5:0a:57:03:23:36:1c:63:12:55:bf:d4: b2:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:D4:11:69:75:D3:E8:7B:D8:A2:8E:64:3C:69:A3:08:1D:E0:01:9F X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/5996e1-2ff0-4bb7-a880-faab9cae1e81/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/5996e1-2ff0-4bb7-a880-faab9cae1e81/1/8tQRaXXT6HvYoo5kPGmjCB3gAZ8.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.234.167.0/24 sbgp-autonomousSysNum: critical Autonomous System Numbers: 25297 Signature Algorithm: sha256WithRSAEncryption a6:84:9f:77:e6:0d:dc:f8:a9:1c:30:1a:ba:86:35:c6:a8:e9: e0:5b:53:10:bf:fb:55:16:5a:79:81:02:55:0b:d8:c6:74:b0: ea:d3:18:3b:40:34:9a:90:e2:8a:3b:2c:2b:c9:08:8f:3e:07: 92:40:d3:2c:36:a6:ab:d1:51:be:35:de:4c:71:8e:eb:7c:0a: ea:13:d7:3d:4b:9c:77:c5:44:54:7b:6e:ea:d6:61:67:ab:de: 63:2b:50:d2:2b:4e:1b:b2:4c:cc:0f:41:bb:39:53:94:67:2a: a3:d1:f1:ca:bb:51:71:92:e1:0b:52:4f:ed:69:ee:10:21:ea: 46:f8:24:ff:49:1a:12:e7:c6:13:48:66:a9:45:e9:5c:c7:d0: f1:9d:c2:c5:f8:cb:37:dd:26:6f:a0:2f:2f:bd:a3:fa:9a:9e: 0e:26:13:42:10:e4:1c:45:29:2a:a3:ce:45:5f:49:a4:26:81: 01:dd:21:90:15:e0:5a:2f:0b:5f:7b:58:62:5d:52:cb:0a:78: 7a:3b:2f:21:df:ec:8d:e7:aa:03:92:3f:c8:20:12:87:41:ff: 9d:22:48:84:7a:e8:02:c2:d5:47:86:05:f2:fe:48:fd:81:ba: 8e:01:b2:ae:e7:f6:12:72:5e:38:5e:d4:8f:cb:f9:43:d2:c4: 23:af:c2:d4 -----BEGIN CERTIFICATE----- MIIFkzCCBHugAwIBAgISAZt3WTeIuelc/dwDYZRfZhtqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDIxODE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMmQ0MTE2OTc1ZDNlODdiZDhhMjhlNjQzYzY5YTMwODFkZTAwMTlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQhbJIvO03xPjvZ95YXWSWyeL1rw kPhTsAKhIBf3mBMLE3oPLxw17K5mHONR/YnvDIH/U4ZASpM4CY0WI/Xcluk9a/BO TR3aY0ZvqhVzlO+GeM7//UEw1uCn3wJdmfLGs6Gn4ALCT/j/6hBwvPG1RUOkaZov 5mJQ6WpQMsQljQW/iLTQbWGHZgbAfcdyVNbTG3Qv22kjUFK2apB6INHYuGQxBtcf yhLr2Clqt5F8FU+ozS8CN/lmO0rptuKNq4msBu/n4hAx8UW6wTnpeIRi7aXqddRs CylmPad655dksMpUdiNuWgYKRHXVJduDmV8hIYalClcDIzYcYxJVv9Sy/wIDAQAB o4ICnzCCApswHQYDVR0OBBYEFPLUEWl10+h72KKOZDxpowgd4AGfMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdmLzU5OTZl MS0yZmYwLTRiYjctYTg4MC1mYWFiOWNhZTFlODEvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2YvNTk5NmUx LTJmZjAtNGJiNy1hODgwLWZhYWI5Y2FlMWU4MS8xLzh0UVJhWFhUNkh2WW9vNWtQ R21qQ0IzZ0FaOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQAw+qnMBkGCCsGAQUFBwEIAQH/BAowCKAGMAQC AmLRMA0GCSqGSIb3DQEBCwUAA4IBAQCmhJ935g3c+KkcMBq6hjXGqOngW1MQv/tV Flp5gQJVC9jGdLDq0xg7QDSakOKKOywryQiPPgeSQNMsNqar0VG+Nd5McY7rfArq E9c9S5x3xURUe27q1mFnq95jK1DSK04bskzMD0G7OVOUZyqj0fHKu1FxkuELUk/t ae4QIepG+CT/SRoS58YTSGapRelcx9DxncLF+Ms33SZvoC8vvaP6mp4OJhNCEOQc RSkqo85FX0mkJoEB3SGQFeBaLwtfe1hiXVLLCnh6Oy8h3+yN56oDkj/IIBKHQf+d IkiEeugCwtVHhgXy/kj9gbqOAbKu5/YScl44XtSPy/lD0sQjr8LU -----END CERTIFICATE-----Generated at Mon Feb 9 15:10:56 2026 by rpki-client