This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer File: GAIUWTANFfrFUHBc9uJYmZ09hro.cer (raw, json) Hash identifier: 32VbvAoMDbAt9/lO3hLos44g0Zu0+SUG5iI7pfl9fkk= Subject key identifier: 18:02:14:59:30:0D:15:FA:C5:50:70:5C:F6:E2:58:99:9D:3D:86:BA Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7758D565003A66A6B6CDDAC4B09D8A8F Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 02:17:49 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 195.137.178.0/24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:d5:65:00:3a:66:a6:b6:cd:da:c4:b0:9d:8a:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 02:17:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=18021459300d15fac550705cf6e258999d3d86ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:86:61:d7:38:f6:20:e6:7c:3d:f1:94:4f:a3: db:ec:2f:0b:5e:2e:41:04:1a:40:f3:7b:7f:49:70: 65:d8:4d:62:8d:ea:0b:55:34:15:e9:eb:24:bb:9e: 22:e8:70:4d:3c:48:a7:2c:d4:fd:40:2a:18:92:c4: 7c:0a:e5:09:e8:5b:09:bd:4a:07:e5:ed:de:74:1b: 89:8d:b5:80:5d:c6:aa:5d:74:37:2c:0e:30:4d:1b: 3a:19:fe:87:e0:ad:bc:88:91:be:5c:d9:8e:02:d6: 77:2f:d9:26:fc:52:31:6a:01:da:09:2c:12:09:b0: f2:f0:b7:bb:fe:be:99:34:87:02:4c:fb:8e:1c:f3: 2e:aa:5e:39:fe:94:81:78:c5:7a:7c:bf:7e:38:6d: 71:94:7e:2f:81:80:ac:c7:14:3a:8f:52:ea:98:54: de:28:93:41:fe:ce:ea:10:77:c7:aa:40:34:35:f5: fa:44:bb:c8:56:1d:4c:d6:d0:53:a3:80:d6:e2:60: 0d:c3:0b:5d:11:34:b4:91:aa:6e:d5:ba:c9:80:94: 17:55:61:78:e3:c9:50:08:e1:e5:c9:d4:4e:04:4a: c3:77:e0:b3:56:f0:c0:e8:e9:70:3b:7f:7a:70:82: c0:2f:87:c9:25:71:ba:21:0b:e2:48:70:6c:e2:f5: fb:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:02:14:59:30:0D:15:FA:C5:50:70:5C:F6:E2:58:99:9D:3D:86:BA X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.137.178.0/24 Signature Algorithm: sha256WithRSAEncryption 0f:6a:c0:08:fc:87:1a:8e:4b:66:b3:bc:f4:93:2a:7c:f1:f5: a0:7b:de:61:2f:90:c3:d6:07:84:d5:bb:4d:17:af:4a:cb:a3: b6:c8:fe:03:10:20:ea:ae:a5:f2:af:1e:fa:63:8a:8d:e1:6a: 2c:4f:a2:c6:c0:b3:f7:cd:89:78:a5:6b:9e:16:e8:bb:be:ba: c9:d5:bd:00:0c:6a:9d:53:8b:96:af:57:a0:2d:ac:97:66:cb: 5e:91:80:28:90:59:24:49:f2:b3:4a:2c:78:b8:7a:cb:7a:fd: 2c:d7:1d:00:5e:32:63:cf:99:4f:e1:2a:fd:d3:c8:0e:4b:9b: 78:ce:50:a6:a6:9a:31:43:55:1f:e4:18:aa:41:84:66:34:86: 7b:f9:df:65:b6:fc:2b:b3:a4:a0:65:41:f6:9d:54:43:63:33: 25:2c:b5:f7:1a:93:9b:ad:5f:c0:e8:6d:ee:e7:9e:6f:93:d5: d3:0e:98:4d:64:e4:e7:cc:12:26:e2:82:67:0e:e4:cb:b9:cc: 11:b7:54:c7:51:29:b3:7a:ee:31:48:c7:80:cf:82:40:b4:54: 40:26:26:5b:db:68:88:2d:ed:aa:36:ae:16:3c:87:da:a2:2a: 50:63:d8:ee:6f:67:f4:49:77:2e:13:0b:a5:2b:5a:b7:86:6c: 46:92:f9:89 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgISAZt3WNVlADpmprbN2sSwnYqPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDIxNzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxODAyMTQ1OTMwMGQxNWZhYzU1MDcwNWNmNmUyNTg5OTlkM2Q4NmJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoZh1zj2IOZ8PfGUT6Pb7C8LXi5B BBpA83t/SXBl2E1ijeoLVTQV6esku54i6HBNPEinLNT9QCoYksR8CuUJ6FsJvUoH 5e3edBuJjbWAXcaqXXQ3LA4wTRs6Gf6H4K28iJG+XNmOAtZ3L9km/FIxagHaCSwS CbDy8Le7/r6ZNIcCTPuOHPMuql45/pSBeMV6fL9+OG1xlH4vgYCsxxQ6j1LqmFTe KJNB/s7qEHfHqkA0NfX6RLvIVh1M1tBTo4DW4mANwwtdETS0kapu1brJgJQXVWF4 48lQCOHlydROBErDd+CzVvDA6OlwO396cILAL4fJJXG6IQviSHBs4vX7LQIDAQAB o4IChDCCAoAwHQYDVR0OBBYEFBgCFFkwDRX6xVBwXPbiWJmdPYa6MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA5LzdkMzMy Ny03MDg0LTRjZWQtOTk2Ny05MjI0Y2UyZTk2NWEvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkvN2QzMzI3 LTcwODQtNGNlZC05OTY3LTkyMjRjZTJlOTY1YS8xL0dBSVVXVEFORmZyRlVIQmM5 dUpZbVowOWhyby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQAw4myMA0GCSqGSIb3DQEBCwUAA4IBAQAPasAI /Icajktms7z0kyp88fWge95hL5DD1geE1btNF69Ky6O2yP4DECDqrqXyrx76Y4qN 4WosT6LGwLP3zYl4pWueFui7vrrJ1b0ADGqdU4uWr1egLayXZstekYAokFkkSfKz Six4uHrLev0s1x0AXjJjz5lP4Sr908gOS5t4zlCmppoxQ1Uf5BiqQYRmNIZ7+d9l tvwrs6SgZUH2nVRDYzMlLLX3GpObrV/A6G3u555vk9XTDphNZOTnzBIm4oJnDuTL ucwRt1THUSmzeu4xSMeAz4JAtFRAJiZb22iILe2qNq4WPIfaoipQY9jub2f0SXcu EwulK1q3hmxGkvmJ -----END CERTIFICATE-----Generated at Mon Feb 9 15:07:18 2026 by rpki-client