This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ArmAwQ1xEPkf_54OzrY52edbNeI.cer File: ArmAwQ1xEPkf_54OzrY52edbNeI.cer (raw, json) Hash identifier: etAi3ek30GO5XLX+MvaJ3Mwu++WYFj6I8Qk4P07esIM= Subject key identifier: 02:B9:80:C1:0D:71:10:F9:1F:FF:9E:0E:CE:B6:39:D9:E7:5B:35:E2 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7A59A1C147E6546B61FCC857B0CB969F Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/ArmAwQ1xEPkf_54OzrY52edbNeI.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 16:17:33 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 29676 IP: 79.135.96.0/22 IP: 109.224.192.0/20 IP: 109.224.220.0 -- 109.224.222.255 IP: 109.224.233.0/24 IP: 109.236.161.0 -- 109.236.167.255 IP: 185.98.188.0/22 IP: 193.111.200.0/24 IP: 195.74.60.0/23 IP: 212.11.65.0 -- 212.11.66.255 IP: 212.11.77.0 -- 212.11.78.255 IP: 2a02:5b8::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 21:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:59:a1:c1:47:e6:54:6b:61:fc:c8:57:b0:cb:96:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 16:17:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=02b980c10d7110f91fff9e0eceb639d9e75b35e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:0e:54:ea:e5:73:88:4b:cb:df:b8:5a:3e:b6: cb:ce:26:e8:a3:1e:9a:a4:87:73:0b:bf:c0:d9:e4: 80:e4:d2:c1:5b:06:76:18:bf:2a:41:be:b3:19:36: 4e:e4:3f:de:a3:43:b5:c9:77:9e:db:21:d4:e9:a2: bc:69:75:83:7a:40:0d:d3:00:60:f0:02:b3:a2:2f: 49:9d:41:87:8d:82:bc:6c:73:5a:1c:63:d7:71:0b: 99:c6:f8:1b:86:cd:3c:5c:b3:0f:c2:b4:b4:10:d6: b6:a7:52:f4:16:ae:05:bb:97:a6:82:84:b8:30:64: 60:a0:a5:bb:bf:ad:b1:25:d0:af:03:dc:c2:b1:00: eb:a2:c8:fb:c0:95:2b:cf:ef:5a:ab:a9:44:7f:f0: 29:97:4f:07:1a:b5:36:b3:f1:e8:a7:13:05:60:cb: 90:da:6e:8d:f8:4d:2c:29:bd:9b:ac:ee:77:5a:01: 5d:48:a2:30:bf:c6:d0:0c:0a:59:9e:18:84:0c:af: 10:49:c8:c4:90:a6:cd:3f:f6:30:01:95:38:be:a6: 6d:7e:a7:ee:af:7c:61:3a:f5:33:e6:cd:f3:d4:a7: 88:6e:3f:28:be:4e:94:26:cd:61:fe:78:53:77:f3: a5:9b:cd:e1:32:aa:92:50:f2:a4:64:4c:dd:2b:81: c5:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:B9:80:C1:0D:71:10:F9:1F:FF:9E:0E:CE:B6:39:D9:E7:5B:35:E2 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/ArmAwQ1xEPkf_54OzrY52edbNeI.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 79.135.96.0/22 109.224.192.0/20 109.224.220.0-109.224.222.255 109.224.233.0/24 109.236.161.0-109.236.167.255 185.98.188.0/22 193.111.200.0/24 195.74.60.0/23 212.11.65.0-212.11.66.255 212.11.77.0-212.11.78.255 IPv6: 2a02:5b8::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 29676 Signature Algorithm: sha256WithRSAEncryption 29:2e:99:d6:6a:25:48:1c:41:bb:b2:a3:64:93:7a:68:d9:1a: 3c:cf:af:de:3f:ba:74:b9:9d:ed:7c:9e:ae:cd:d3:13:f3:08: ec:77:cb:03:4e:a3:c2:5d:5a:9d:90:b7:3f:4c:14:14:b4:ae: 9d:47:63:09:a6:49:41:bf:95:6e:c1:03:7b:77:82:d5:32:99: d4:0c:99:0b:cb:18:4b:de:11:fd:1d:e8:ce:5d:cd:12:3b:62: 61:e1:e7:14:83:7a:a1:70:10:d3:77:d9:7c:c6:53:00:3f:c4: 51:ea:a9:1d:e4:14:7b:a6:d3:7b:f1:29:69:93:8c:41:34:08: 63:8e:95:05:dd:c2:8d:9c:b1:8e:56:94:96:50:b8:ce:39:9a: 52:b3:84:b0:ff:11:6e:d8:4d:1b:0b:04:97:fb:ff:06:35:1e: df:9c:08:0e:b1:f2:e4:a2:55:fb:cc:28:14:a3:61:63:00:a7: 45:f5:0c:fe:68:e4:25:4e:2c:88:af:4d:db:9d:89:f7:be:0f: 89:05:15:61:8f:fe:f7:d1:47:61:7d:2a:fb:c4:18:6f:32:66: fa:b3:da:9b:8c:d1:5f:4a:52:e3:d6:d2:8d:49:e5:91:40:c4: cb:17:b0:1a:e4:cc:85:53:02:ab:01:25:e1:2f:4b:cf:4d:f7: c5:11:51:87 -----BEGIN CERTIFICATE----- MIIF+TCCBOGgAwIBAgISAZt6WaHBR+ZUa2H8yFewy5afMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTYxNzMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMmI5ODBjMTBkNzExMGY5MWZmZjllMGVjZWI2MzlkOWU3NWIzNWUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5g5U6uVziEvL37haPrbLziboox6a pIdzC7/A2eSA5NLBWwZ2GL8qQb6zGTZO5D/eo0O1yXee2yHU6aK8aXWDekAN0wBg 8AKzoi9JnUGHjYK8bHNaHGPXcQuZxvgbhs08XLMPwrS0ENa2p1L0Fq4Fu5emgoS4 MGRgoKW7v62xJdCvA9zCsQDrosj7wJUrz+9aq6lEf/Apl08HGrU2s/HopxMFYMuQ 2m6N+E0sKb2brO53WgFdSKIwv8bQDApZnhiEDK8QScjEkKbNP/YwAZU4vqZtfqfu r3xhOvUz5s3z1KeIbj8ovk6UJs1h/nhTd/Olm83hMqqSUPKkZEzdK4HFewIDAQAB o4IDBTCCAwEwHQYDVR0OBBYEFAK5gMENcRD5H/+eDs62OdnnWzXiMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NmL2E4OTQ3 Zi1lNTJjLTRkZTEtYmFkZS03MGMwYTUwNmQ3OTcvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2YvYTg5NDdm LWU1MmMtNGRlMS1iYWRlLTcwYzBhNTA2ZDc5Ny8xL0FybUF3UTF4RVBrZl81NE96 clk1MmVkYk5lSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGEBggrBgEF BQcBBwEB/wR1MHMwYgQCAAEwXAMEAk+HYAMEBG3gwDAMAwQCbeDcAwQAbeDeAwQA beDpMAwDBABt7KEDBANt7KADBAK5YrwDBADBb8gDBAHDSjwwDAMEANQLQQMEANQL QjAMAwQA1AtNAwQA1AtOMA0EAgACMAcDBQMqAgW4MBkGCCsGAQUFBwEIAQH/BAow CKAGMAQCAnPsMA0GCSqGSIb3DQEBCwUAA4IBAQApLpnWaiVIHEG7sqNkk3po2Ro8 z6/eP7p0uZ3tfJ6uzdMT8wjsd8sDTqPCXVqdkLc/TBQUtK6dR2MJpklBv5VuwQN7 d4LVMpnUDJkLyxhL3hH9HejOXc0SO2Jh4ecUg3qhcBDTd9l8xlMAP8RR6qkd5BR7 ptN78Slpk4xBNAhjjpUF3cKNnLGOVpSWULjOOZpSs4Sw/xFu2E0bCwSX+/8GNR7f nAgOsfLkolX7zCgUo2FjAKdF9Qz+aOQlTiyIr03bnYn3vg+JBRVhj/730UdhfSr7 xBhvMmb6s9qbjNFfSlLj1tKNSeWRQMTLF7Aa5MyFUwKrASXhL0vPTffFEVGH -----END CERTIFICATE-----Generated at Sat Jan 10 06:51:44 2026 by rpki-client