This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/BfIh9fBM-dlt3qRCUbK4I_cRRmM.cer File: BfIh9fBM-dlt3qRCUbK4I_cRRmM.cer (raw, json) Hash identifier: fxnlIY51Pw0El2ua7/8azR6kZEb+AO6ZhGjY2bb+cNE= Subject key identifier: 05:F2:21:F5:F0:4C:F9:D9:6D:DE:A4:42:51:B2:B8:23:F7:11:46:63 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B77C6EA5B5F0F009ED525FEBF5BD931DE Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/63/b7d1b5-7cb8-46aa-ad58-cbf2a3b6a284/1/BfIh9fBM-dlt3qRCUbK4I_cRRmM.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/63/b7d1b5-7cb8-46aa-ad58-cbf2a3b6a284/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 04:18:03 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 192.54.122.0/24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:ea:5b:5f:0f:00:9e:d5:25:fe:bf:5b:d9:31:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 04:18:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=05f221f5f04cf9d96ddea44251b2b823f7114663 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:18:eb:0a:7a:42:54:aa:ad:58:1e:18:cf:e6: cd:bf:45:79:c5:55:78:84:ea:64:28:10:22:dd:58: 59:b5:5c:85:ed:47:1b:e1:d4:8b:54:5f:c8:af:f6: 77:03:52:2f:02:07:1e:6d:95:c0:cb:7b:5c:01:54: 73:99:dd:28:91:29:9c:f9:94:43:d4:85:0c:d6:ac: b9:09:d2:16:09:79:f6:03:96:e3:9f:10:e8:cb:d8: 88:76:cd:93:76:52:41:5e:11:fd:f4:47:d5:11:d0: 18:10:4b:9a:7e:3f:9c:7c:32:73:28:a1:5b:28:b4: 26:3e:9f:87:47:f7:8a:6a:de:6e:e7:5f:91:28:4f: 8e:e3:57:f8:4f:23:72:3e:33:94:fd:e5:33:61:0c: d6:d9:d5:47:12:43:ce:9d:de:7e:ee:ef:54:24:85: 1b:b1:72:06:15:4e:79:69:2f:58:e3:22:ff:e9:b0: c2:04:fb:50:02:0b:3d:45:24:18:1b:93:87:d7:27: 7c:28:36:ee:fc:ac:5d:78:2a:96:70:2c:9f:0e:2e: 75:a0:ef:14:e4:f7:7a:5c:7c:6e:b5:fc:e5:0d:3d: 85:c7:85:13:cd:e1:f7:43:64:7d:08:83:19:99:c4: 1d:73:79:56:53:6f:99:9b:1c:02:a3:2e:c5:4e:0d: ed:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:F2:21:F5:F0:4C:F9:D9:6D:DE:A4:42:51:B2:B8:23:F7:11:46:63 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b7d1b5-7cb8-46aa-ad58-cbf2a3b6a284/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b7d1b5-7cb8-46aa-ad58-cbf2a3b6a284/1/BfIh9fBM-dlt3qRCUbK4I_cRRmM.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.54.122.0/24 Signature Algorithm: sha256WithRSAEncryption 9f:9a:9a:b3:bf:a8:76:36:20:7a:8e:1a:87:a7:ef:96:ea:ea: 89:47:7c:ab:47:d5:b2:ab:13:bb:37:2c:3c:c6:fa:1a:ae:4f: d7:a8:24:9b:38:5e:82:64:85:37:24:ab:85:74:63:b4:d9:23: cd:6c:5e:40:b8:d9:02:ed:cf:58:bd:79:a3:80:dc:3a:79:25: 8c:7d:5e:be:45:6c:d6:d3:92:f5:e4:53:56:8a:8c:d1:74:30: 47:53:59:52:e0:4f:c0:78:96:f5:c9:e3:9f:99:12:a5:8c:4a: c1:ff:bd:fd:90:be:bb:cf:b4:4c:27:be:d5:f5:80:0e:d3:e9: 85:78:dc:5d:bc:65:7f:e8:44:ed:84:cd:e3:d7:bd:44:e3:24: a2:77:d4:28:bd:5a:df:b4:25:ff:79:64:a5:4b:87:47:f8:f9: af:e8:03:ac:e1:8f:26:3e:12:ca:6d:6d:8c:a3:6d:46:ac:5b: a8:ce:82:0e:95:d8:ac:d1:5d:29:30:d1:b5:b8:92:a7:7e:8c: 13:35:95:32:08:61:c2:45:75:0e:8d:b4:0c:86:bc:0a:47:26: cf:6b:4c:97:51:74:7c:4a:07:fd:a0:be:16:ac:6d:05:be:1a: a3:d9:e6:dd:a6:48:4e:5e:a1:28:ad:ca:4f:e0:bb:6b:dd:5c: e7:ef:92:b8 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgISAZt3xupbXw8AntUl/r9b2THeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDQxODAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNWYyMjFmNWYwNGNmOWQ5NmRkZWE0NDI1MWIyYjgyM2Y3MTE0NjYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hjrCnpCVKqtWB4Yz+bNv0V5xVV4 hOpkKBAi3VhZtVyF7Ucb4dSLVF/Ir/Z3A1IvAgcebZXAy3tcAVRzmd0okSmc+ZRD 1IUM1qy5CdIWCXn2A5bjnxDoy9iIds2TdlJBXhH99EfVEdAYEEuafj+cfDJzKKFb KLQmPp+HR/eKat5u51+RKE+O41f4TyNyPjOU/eUzYQzW2dVHEkPOnd5+7u9UJIUb sXIGFU55aS9Y4yL/6bDCBPtQAgs9RSQYG5OH1yd8KDbu/KxdeCqWcCyfDi51oO8U 5Pd6XHxutfzlDT2Fx4UTzeH3Q2R9CIMZmcQdc3lWU2+ZmxwCoy7FTg3tCwIDAQAB o4IChDCCAoAwHQYDVR0OBBYEFAXyIfXwTPnZbd6kQlGyuCP3EUZjMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYzL2I3ZDFi NS03Y2I4LTQ2YWEtYWQ1OC1jYmYyYTNiNmEyODQvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjMvYjdkMWI1 LTdjYjgtNDZhYS1hZDU4LWNiZjJhM2I2YTI4NC8xL0JmSWg5ZkJNLWRsdDNxUkNV Yks0SV9jUlJtTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQAwDZ6MA0GCSqGSIb3DQEBCwUAA4IBAQCfmpqz v6h2NiB6jhqHp++W6uqJR3yrR9WyqxO7Nyw8xvoark/XqCSbOF6CZIU3JKuFdGO0 2SPNbF5AuNkC7c9YvXmjgNw6eSWMfV6+RWzW05L15FNWiozRdDBHU1lS4E/AeJb1 yeOfmRKljErB/739kL67z7RMJ77V9YAO0+mFeNxdvGV/6ETthM3j171E4ySid9Qo vVrftCX/eWSlS4dH+Pmv6AOs4Y8mPhLKbW2Mo21GrFuozoIOldis0V0pMNG1uJKn fowTNZUyCGHCRXUOjbQMhrwKRybPa0yXUXR8Sgf9oL4WrG0Fvhqj2ebdpkhOXqEo rcpP4Ltr3Vzn75K4 -----END CERTIFICATE-----Generated at Mon Feb 9 18:25:38 2026 by rpki-client