This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer File: I1PVKkAkkfT5n-VHG90aXdb0K7w.cer (raw, json) Hash identifier: OJ2K8ArXFkH+iMtDMAQgNbR9Um9FB4b3gYdr/yDrVX0= Subject key identifier: 23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7C119668BB11CC80DC5B0550527F4A8F Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 00:18:06 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 39567 IP: 185.65.28.0/22 IP: 185.231.120.0/22 IP: 2a03:18e0::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:11:96:68:bb:11:cc:80:dc:5b:05:50:52:7f:4a:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 00:18:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:02:95:69:91:8a:b6:1c:fd:68:60:c3:62:12: c5:ac:43:a7:70:d9:6c:06:50:cc:5f:a7:f7:9b:bc: e0:f1:e2:3a:84:af:e4:91:12:53:7a:8e:29:e5:fc: e1:74:6c:3e:36:a2:9d:4f:29:68:37:d2:3f:35:a6: e7:65:41:5a:05:18:62:07:75:60:1a:18:17:71:2f: e5:4d:4d:72:b2:42:75:b3:62:ab:94:63:7f:b7:64: 37:97:0f:33:52:76:ff:d9:07:40:b7:42:6c:d6:be: 02:1c:2a:38:48:01:bb:dc:8d:ee:bb:4d:c6:85:e0: 0c:30:b0:a4:a4:ad:19:f8:ec:9f:95:21:90:3e:b2: 88:39:6b:47:34:6c:68:fe:f9:3a:9f:89:ea:e2:d6: 35:68:26:d3:e5:68:aa:89:5c:18:c1:26:86:cd:f5: 37:24:fe:d4:76:dc:5d:94:b1:50:5c:0b:22:7b:e2: 52:85:93:ec:c0:9d:6e:68:ba:7e:bd:e1:75:13:cc: d0:3a:ed:95:80:4d:a7:1c:10:7b:3c:79:00:76:25: 49:28:c5:ec:f1:4d:88:8e:fd:d7:00:a4:a0:f5:53: 00:cb:74:c9:af:ba:97:22:e6:3a:88:71:28:ac:2e: 87:da:89:7e:01:d4:e8:ee:a5:bc:34:bc:35:5c:a0: d1:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.65.28.0/22 185.231.120.0/22 IPv6: 2a03:18e0::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 39567 Signature Algorithm: sha256WithRSAEncryption 90:f7:1b:ba:2c:73:fa:c7:8d:ee:64:2d:35:af:74:62:78:a9: a3:29:70:96:03:b4:45:b1:e7:74:ac:35:8d:92:3f:42:af:b7: 9f:12:26:90:6d:0c:78:54:3d:e5:f8:17:85:c9:7b:9a:60:7e: 12:42:ab:74:46:47:f7:18:07:52:16:0d:2b:fa:d8:92:94:a4: de:50:db:58:bc:8e:66:0d:cc:ef:6f:b6:33:92:db:77:17:37: bc:f1:72:de:89:a9:6c:e9:b1:2a:22:b5:81:e6:2d:75:5f:b3: 36:5a:bb:72:8d:9c:28:97:1d:f8:73:df:31:ab:2b:ae:b7:12: 0e:eb:fc:ba:4a:0c:32:4a:fb:59:c6:30:c3:36:1c:a2:db:8c: c7:eb:e0:5c:c1:9d:db:0f:ed:61:d7:59:f0:bb:f7:03:44:51: 99:79:27:6d:97:81:a6:18:6d:03:72:5f:eb:ca:9c:b6:8d:a0: 0c:11:1a:d2:b6:c9:7f:d9:98:57:83:91:b0:65:70:fb:ce:af: 65:16:8a:1d:b6:4a:58:83:7e:30:a4:0b:c8:38:ea:ad:84:9b: 29:c9:57:01:f3:ec:35:3d:02:9a:17:e0:b4:22:f5:84:70:52: e2:84:d0:8f:43:df:3b:8a:f3:29:fe:26:fb:8c:5e:81:6b:c2: ce:cc:3a:ac -----BEGIN CERTIFICATE----- MIIFqTCCBJGgAwIBAgISAZt8EZZouxHMgNxbBVBSf0qPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDAxODA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMzUzZDUyYTQwMjQ5MWY0Zjk5ZmU1NDcxYmRkMWE1ZGQ2ZjQyYmJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQKVaZGKthz9aGDDYhLFrEOncNls BlDMX6f3m7zg8eI6hK/kkRJTeo4p5fzhdGw+NqKdTyloN9I/NabnZUFaBRhiB3Vg GhgXcS/lTU1yskJ1s2KrlGN/t2Q3lw8zUnb/2QdAt0Js1r4CHCo4SAG73I3uu03G heAMMLCkpK0Z+OyflSGQPrKIOWtHNGxo/vk6n4nq4tY1aCbT5WiqiVwYwSaGzfU3 JP7UdtxdlLFQXAsie+JShZPswJ1uaLp+veF1E8zQOu2VgE2nHBB7PHkAdiVJKMXs 8U2Ijv3XAKSg9VMAy3TJr7qXIuY6iHEorC6H2ol+AdTo7qW8NLw1XKDRbQIDAQAB o4ICtTCCArEwHQYDVR0OBBYEFCNT1SpAJJH0+Z/lRxvdGl3W9Cu8MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY0LzFmMWFm Ni1kZDFiLTQxMTctYWMxNy1kZWFiODU4NmYyY2UvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQvMWYxYWY2 LWRkMWItNDExNy1hYzE3LWRlYWI4NTg2ZjJjZS8xL0kxUFZLa0Fra2ZUNW4tVkhH OTBhWGRiMEs3dy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF BwEHAQH/BCUwIzASBAIAATAMAwQCuUEcAwQCued4MA0EAgACMAcDBQAqAxjgMBoG CCsGAQUFBwEIAQH/BAswCaAHMAUCAwCajzANBgkqhkiG9w0BAQsFAAOCAQEAkPcb uixz+seN7mQtNa90YnipoylwlgO0RbHndKw1jZI/Qq+3nxImkG0MeFQ95fgXhcl7 mmB+EkKrdEZH9xgHUhYNK/rYkpSk3lDbWLyOZg3M72+2M5Lbdxc3vPFy3ompbOmx KiK1geYtdV+zNlq7co2cKJcd+HPfMasrrrcSDuv8ukoMMkr7WcYwwzYcotuMx+vg XMGd2w/tYddZ8Lv3A0RRmXknbZeBphhtA3Jf68qcto2gDBEa0rbJf9mYV4ORsGVw +86vZRaKHbZKWIN+MKQLyDjqrYSbKclXAfPsNT0CmhfgtCL1hHBS4oTQj0PfO4rz Kf4m+4xegWvCzsw6rA== -----END CERTIFICATE-----Generated at Mon Feb 9 15:09:19 2026 by rpki-client