This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9PZ6QM9ehcLStlWLQJmvEl0QUO4.cer File: 9PZ6QM9ehcLStlWLQJmvEl0QUO4.cer (raw, json) Hash identifier: F5kx1FL2LgsjeFZZeNYtjs+hn3hE020KW5ueifdQvhE= Subject key identifier: F4:F6:7A:40:CF:5E:85:C2:D2:B6:55:8B:40:99:AF:12:5D:10:50:EE Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7C1287A273B3DF0DBAF116BBD3687696 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/22/707b4f-6cd6-488a-8def-3a5c71f86821/1/9PZ6QM9ehcLStlWLQJmvEl0QUO4.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/22/707b4f-6cd6-488a-8def-3a5c71f86821/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 00:19:07 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 43467 IP: 45.9.80.0/22 IP: 2a0e:de00::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:87:a2:73:b3:df:0d:ba:f1:16:bb:d3:68:76:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 00:19:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f4f67a40cf5e85c2d2b6558b4099af125d1050ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:fa:a6:b6:38:a1:8e:bb:cf:ed:ed:ab:17:c8: b2:d7:0e:5c:d9:5e:90:7a:7b:f9:96:57:ad:25:9a: 50:c8:47:8a:f9:97:f6:57:a8:f5:4f:b9:f1:c5:68: 23:25:b9:6e:b4:77:ce:2b:4d:08:7b:b4:cb:dd:6f: ae:9a:6f:2b:d3:df:64:43:07:1d:02:5b:ea:43:0f: fa:08:da:7a:78:ee:f7:81:82:83:d2:33:91:ab:d4: 37:68:71:35:a2:b3:63:fc:e8:23:3b:5a:56:c0:ce: 94:52:d2:08:17:64:65:4c:31:f9:e3:a5:e8:7c:48: ce:16:b9:3c:21:38:3a:e0:3e:23:eb:ac:86:18:86: 3b:50:59:38:22:82:f5:f9:f8:5b:ac:f7:8a:06:22: e4:89:7d:56:79:59:52:01:72:18:72:cc:58:c8:26: 3a:69:c5:82:4c:f0:0a:39:3a:cd:38:8b:75:04:43: 00:2a:66:23:45:cc:e5:f0:9f:6d:86:69:18:29:50: 76:25:11:e1:16:9c:d3:f1:b4:77:24:85:0a:a7:d9: 1c:9c:6d:74:60:d9:0e:19:7c:5c:93:b1:9e:d4:92: e3:d1:6a:12:83:f6:ff:2d:9c:e8:78:ed:54:f8:79: 79:dd:53:ce:36:6f:ef:92:89:2c:84:de:83:d8:79: 12:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:F6:7A:40:CF:5E:85:C2:D2:B6:55:8B:40:99:AF:12:5D:10:50:EE X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/707b4f-6cd6-488a-8def-3a5c71f86821/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/707b4f-6cd6-488a-8def-3a5c71f86821/1/9PZ6QM9ehcLStlWLQJmvEl0QUO4.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.9.80.0/22 IPv6: 2a0e:de00::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 43467 Signature Algorithm: sha256WithRSAEncryption 22:f5:af:e7:8a:f2:e9:66:9d:4b:6e:12:78:02:5a:49:2e:f1: 53:32:59:bf:3c:81:d2:87:6f:19:d9:12:c0:48:25:1b:fb:80: 4a:5b:45:12:4b:83:5c:eb:7a:11:9b:46:64:94:58:8f:91:74: 3e:0e:d4:0a:97:6e:54:fc:3b:0c:f5:9e:59:dd:be:00:b4:69: a0:d0:ff:47:a3:63:cd:71:31:61:05:91:a7:71:da:d9:78:0b: 00:d8:83:16:05:03:45:b7:6a:32:09:c6:f5:b9:af:99:52:74: 89:ab:ec:b1:a3:dc:bc:5a:c5:d3:34:1f:80:24:eb:bb:2e:b8: 87:91:c8:cb:5a:a2:67:3e:1c:bf:9e:cf:a7:b7:11:af:71:ee: e0:16:de:87:d9:e9:ee:09:00:ed:28:8a:6a:c3:18:98:70:11: 3f:2a:07:4a:9c:83:91:b2:9d:e4:56:87:58:48:f2:22:54:56: 8d:dd:9f:7b:ae:dd:5f:ad:6e:73:eb:61:56:86:32:97:79:40: ad:9b:8e:8b:c1:3b:fe:93:84:f1:90:97:d6:4e:85:35:46:23: dd:00:9b:27:cf:62:ec:c6:29:b7:f5:22:9b:f4:74:3d:66:97: f5:e1:42:5a:3f:40:e2:b8:c2:84:ad:ba:47:cf:00:42:ea:f1: 98:90:d9:af -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt8Eoeic7PfDbrxFrvTaHaWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDAxOTA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNGY2N2E0MGNmNWU4NWMyZDJiNjU1OGI0MDk5YWYxMjVkMTA1MGVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPqmtjihjrvP7e2rF8iy1w5c2V6Q env5lletJZpQyEeK+Zf2V6j1T7nxxWgjJblutHfOK00Ie7TL3W+umm8r099kQwcd AlvqQw/6CNp6eO73gYKD0jORq9Q3aHE1orNj/OgjO1pWwM6UUtIIF2RlTDH546Xo fEjOFrk8ITg64D4j66yGGIY7UFk4IoL1+fhbrPeKBiLkiX1WeVlSAXIYcsxYyCY6 acWCTPAKOTrNOIt1BEMAKmYjRczl8J9thmkYKVB2JRHhFpzT8bR3JIUKp9kcnG10 YNkOGXxck7Ge1JLj0WoSg/b/LZzoeO1U+Hl53VPONm/vkokshN6D2HkSGQIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFPT2ekDPXoXC0rZVi0CZrxJdEFDuMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIyLzcwN2I0 Zi02Y2Q2LTQ4OGEtOGRlZi0zYTVjNzFmODY4MjEvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIvNzA3YjRm LTZjZDYtNDg4YS04ZGVmLTNhNWM3MWY4NjgyMS8xLzlQWjZRTTllaGNMU3RsV0xR Sm12RWwwUVVPNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCLQlQMA0EAgACMAcDBQMqDt4AMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwCpyzANBgkqhkiG9w0BAQsFAAOCAQEAIvWv54ry6Wad S24SeAJaSS7xUzJZvzyB0odvGdkSwEglG/uASltFEkuDXOt6EZtGZJRYj5F0Pg7U CpduVPw7DPWeWd2+ALRpoND/R6NjzXExYQWRp3Ha2XgLANiDFgUDRbdqMgnG9bmv mVJ0iavssaPcvFrF0zQfgCTruy64h5HIy1qiZz4cv57Pp7cRr3Hu4Bbeh9np7gkA 7SiKasMYmHARPyoHSpyDkbKd5FaHWEjyIlRWjd2fe67dX61uc+thVoYyl3lArZuO i8E7/pOE8ZCX1k6FNUYj3QCbJ89i7MYpt/Uim/R0PWaX9eFCWj9A4rjChK26R88A QurxmJDZrw== -----END CERTIFICATE-----Generated at Mon Feb 9 20:55:15 2026 by rpki-client