This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/I8Aq9PWPETIK8xlpRuH86dBQyQY.cer File: I8Aq9PWPETIK8xlpRuH86dBQyQY.cer (raw, json) Hash identifier: v4+Fuwe07Eb6WCnvDvbe+8d3+lidDXbhsy1UoJIe1oA= Subject key identifier: 23:C0:2A:F4:F5:8F:11:32:0A:F3:19:69:46:E1:FC:E9:D0:50:C9:06 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B77C7378BFC159EA9F6172925B963D496 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b3/81068c-aed7-4127-88e4-62cb8aca9618/1/I8Aq9PWPETIK8xlpRuH86dBQyQY.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b3/81068c-aed7-4127-88e4-62cb8aca9618/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 04:18:23 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 185.85.144.0/22 IP: 2a05:ae80::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:37:8b:fc:15:9e:a9:f6:17:29:25:b9:63:d4:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 04:18:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=23c02af4f58f11320af3196946e1fce9d050c906 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:e2:3b:94:ee:d2:d7:64:48:dc:7a:43:d4:c5: 6f:85:f4:d1:b5:be:d1:67:8d:b8:2a:83:04:88:6f: ca:0d:5a:ae:a7:87:5e:4a:ca:f8:82:20:eb:00:ce: 15:76:d0:89:4b:3e:11:6f:2c:8a:a6:b7:73:f9:92: 27:3b:ad:4d:16:0f:ad:fa:a7:32:85:ea:77:d6:df: 0f:38:67:9f:f4:0d:d5:3d:19:eb:c9:09:1a:db:dd: c8:33:48:ef:bd:96:e7:71:ec:18:3e:19:9c:34:55: 89:14:8d:5c:c4:0e:c5:41:a5:0a:5e:3a:35:8c:24: ab:eb:80:7d:01:ed:be:bc:65:e4:0d:40:ed:64:08: d6:19:d1:13:7a:9a:c4:72:c9:c7:fc:3f:ec:1c:3f: 4f:1e:24:18:5d:05:87:30:4f:fc:a9:ac:a3:b8:d2: 59:17:28:14:c7:78:34:03:99:41:11:f1:22:da:42: f4:1c:c9:cd:01:b6:80:13:7d:52:7e:c1:30:72:7a: 4c:73:3c:28:37:74:f2:e6:40:15:4c:4d:85:08:f1: 65:6a:b1:27:2d:b8:e8:52:95:17:39:3e:6c:69:ad: d5:18:57:d6:d0:90:33:7c:af:5f:96:2e:82:54:94: 97:af:7d:68:89:19:48:e5:ee:c4:81:38:98:3b:28: b2:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:C0:2A:F4:F5:8F:11:32:0A:F3:19:69:46:E1:FC:E9:D0:50:C9:06 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/81068c-aed7-4127-88e4-62cb8aca9618/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/81068c-aed7-4127-88e4-62cb8aca9618/1/I8Aq9PWPETIK8xlpRuH86dBQyQY.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.85.144.0/22 IPv6: 2a05:ae80::/29 Signature Algorithm: sha256WithRSAEncryption 79:6c:0b:80:e8:98:4f:75:15:c8:78:b0:25:51:05:77:1f:d2: 3a:2b:9c:ba:db:07:69:d0:8c:1e:1c:18:8f:65:81:73:54:85: 9d:15:69:b9:c7:a9:bf:b1:52:4f:14:b4:c7:b9:ae:d4:49:54: 01:c4:b2:9a:d1:fc:0c:4a:0e:16:25:f8:e0:c3:b2:9c:c7:e8: 37:be:7e:da:5b:60:9f:24:72:a3:7d:80:26:87:69:15:cb:c5: f3:22:61:0e:6b:16:85:3b:d7:b1:69:4b:02:f1:86:5a:50:42: bf:03:86:89:24:63:7c:b9:a0:d3:37:15:3f:ff:e7:1f:ca:a1: 77:1d:82:ef:d6:43:c5:9d:53:9b:33:aa:04:0e:e5:61:9a:a3: 8e:64:d7:cf:a4:63:90:f2:99:94:43:07:1a:38:e5:93:73:96: eb:01:93:a0:24:91:03:70:22:e5:aa:01:c6:d1:fa:d8:df:bb: 57:42:c0:40:7f:c7:95:ac:b1:90:b1:80:b6:e1:b1:93:5a:f7: 67:52:f6:ed:1c:e4:83:f5:18:e5:aa:2a:ab:68:9c:f6:1b:85: f9:f1:6c:64:b3:4a:ae:dc:3b:06:0b:5b:38:81:74:68:56:ad: a5:54:bb:03:08:78:43:a2:85:42:91:92:99:6b:00:6e:f6:c3: 4d:c0:b4:4c -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgISAZt3xzeL/BWeqfYXKSW5Y9SWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDQxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyM2MwMmFmNGY1OGYxMTMyMGFmMzE5Njk0NmUxZmNlOWQwNTBjOTA2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeI7lO7S12RI3HpD1MVvhfTRtb7R Z424KoMEiG/KDVqup4deSsr4giDrAM4VdtCJSz4RbyyKprdz+ZInO61NFg+t+qcy hep31t8POGef9A3VPRnryQka293IM0jvvZbncewYPhmcNFWJFI1cxA7FQaUKXjo1 jCSr64B9Ae2+vGXkDUDtZAjWGdETeprEcsnH/D/sHD9PHiQYXQWHME/8qayjuNJZ FygUx3g0A5lBEfEi2kL0HMnNAbaAE31SfsEwcnpMczwoN3Ty5kAVTE2FCPFlarEn LbjoUpUXOT5saa3VGFfW0JAzfK9fli6CVJSXr31oiRlI5e7EgTiYOyiyAQIDAQAB o4ICkzCCAo8wHQYDVR0OBBYEFCPAKvT1jxEyCvMZaUbh/OnQUMkGMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IzLzgxMDY4 Yy1hZWQ3LTQxMjctODhlNC02MmNiOGFjYTk2MTgvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMvODEwNjhj LWFlZDctNDEyNy04OGU0LTYyY2I4YWNhOTYxOC8xL0k4QXE5UFdQRVRJSzh4bHBS dUg4NmRCUXlRWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCuVWQMA0EAgACMAcDBQMqBa6AMA0GCSqGSIb3 DQEBCwUAA4IBAQB5bAuA6JhPdRXIeLAlUQV3H9I6K5y62wdp0IweHBiPZYFzVIWd FWm5x6m/sVJPFLTHua7USVQBxLKa0fwMSg4WJfjgw7Kcx+g3vn7aW2CfJHKjfYAm h2kVy8XzImEOaxaFO9exaUsC8YZaUEK/A4aJJGN8uaDTNxU//+cfyqF3HYLv1kPF nVObM6oEDuVhmqOOZNfPpGOQ8pmUQwcaOOWTc5brAZOgJJEDcCLlqgHG0frY37tX QsBAf8eVrLGQsYC24bGTWvdnUvbtHOSD9RjlqiqraJz2G4X58Wxks0qu3DsGC1s4 gXRoVq2lVLsDCHhDooVCkZKZawBu9sNNwLRM -----END CERTIFICATE-----Generated at Mon Feb 9 18:26:10 2026 by rpki-client