This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/IlS8wDKT460OGaej_Rsc-9NMCZA.cer File: IlS8wDKT460OGaej_Rsc-9NMCZA.cer (raw, json) Hash identifier: N5+yUTunmkqjZoAYJ8wjx8qLEsinJHYbRcG7HESht2I= Subject key identifier: 22:54:BC:C0:32:93:E3:AD:0E:19:A7:A3:FD:1B:1C:FB:D3:4C:09:90 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7BA398BC8D3E8DE96E232D785897E901 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/46/a3a530-25aa-4023-9a80-4e347d551c3f/1/IlS8wDKT460OGaej_Rsc-9NMCZA.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/46/a3a530-25aa-4023-9a80-4e347d551c3f/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 22:17:57 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 209886 IP: 85.235.88.0/22 IP: 2a10:1ac0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:10:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:98:bc:8d:3e:8d:e9:6e:23:2d:78:58:97:e9:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 22:17:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2254bcc03293e3ad0e19a7a3fd1b1cfbd34c0990 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:a7:ee:be:66:e9:21:d9:65:1e:80:41:78:31: 76:c5:ca:40:d7:ec:10:dd:65:c5:eb:27:12:e3:03: 0f:9b:d6:6f:ad:e7:65:08:a2:7e:98:71:90:62:7e: 39:9f:30:59:f4:c5:6a:84:87:14:67:3c:ef:72:e5: 5d:64:84:ce:39:e6:a9:12:81:1b:24:92:3f:56:6b: f3:27:3f:38:2e:d1:e2:9f:4d:4a:3b:88:09:f9:f7: b3:3a:f2:81:2e:5a:67:cc:58:53:f2:b8:7d:c8:f4: d2:7c:9b:45:bd:a1:2f:d9:10:cf:66:e9:07:09:8d: 0f:ec:34:f5:3b:13:b7:27:a4:d3:b7:ed:91:66:ae: 1c:da:03:dd:7e:51:f1:24:45:84:38:16:f0:8e:89: 43:01:7e:cc:7a:5d:e0:e9:75:14:6e:ff:bf:5e:97: 13:3a:b4:b7:d7:84:7f:d1:63:35:21:46:7b:96:86: f4:62:e6:a9:7a:38:f9:12:83:89:4d:39:37:2f:5f: 09:1d:d3:19:f2:6f:3f:04:7e:64:09:fc:ac:c8:17: 08:23:d4:28:e2:46:ac:e0:a9:ce:a7:87:b6:59:bb: 36:43:98:43:06:08:e8:90:7e:1c:d1:f8:2b:2b:69: 7d:c2:32:7a:fa:0e:d1:0d:18:2c:7b:d7:78:00:0a: 48:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:54:BC:C0:32:93:E3:AD:0E:19:A7:A3:FD:1B:1C:FB:D3:4C:09:90 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a3a530-25aa-4023-9a80-4e347d551c3f/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a3a530-25aa-4023-9a80-4e347d551c3f/1/IlS8wDKT460OGaej_Rsc-9NMCZA.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.235.88.0/22 IPv6: 2a10:1ac0::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 209886 Signature Algorithm: sha256WithRSAEncryption 74:ce:f1:41:73:04:b1:9a:2b:7e:12:f3:10:1e:51:a3:97:ed: 44:0a:2e:26:9e:b7:aa:0d:8d:9c:b9:37:5e:4a:c6:15:76:f8: 05:51:1c:fb:f3:86:36:bd:3c:19:15:b7:ea:b4:4e:d9:35:d7: 88:4b:90:7d:58:d3:21:c2:29:88:86:0f:b9:a8:5d:c3:5b:18: 07:3f:18:ff:3e:da:a4:fb:25:e5:d7:24:74:df:77:48:a4:00: 6f:da:ec:12:2d:cf:0a:10:10:2a:c7:7d:1b:b8:39:b9:ad:2f: 18:e3:e5:50:59:3b:64:df:4e:08:57:de:4f:da:1c:98:db:fa: 78:ae:fd:46:48:27:a2:4f:29:de:42:c8:ef:2a:4e:46:06:db: 70:a6:f0:7d:0b:9e:c6:b9:47:f3:67:b4:91:ac:b5:2a:5c:56: 03:ca:41:da:a8:50:99:0e:99:79:43:68:45:36:67:9c:9a:e9: 05:ae:8f:78:46:3b:93:7c:18:a4:6c:bb:26:b9:3d:30:90:88: 9c:bb:aa:72:5f:b7:e6:b3:a8:e0:00:d8:34:f5:db:5f:19:9b: 2a:da:5c:b4:4a:dd:c4:f1:9a:9b:80:2c:bc:a5:c2:e2:24:40: 27:04:58:a7:f6:8e:2c:55:28:1b:93:99:64:4b:68:9b:0b:d1: 4f:04:d9:a2 -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt7o5i8jT6N6W4jLXhYl+kBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjIxNzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMjU0YmNjMDMyOTNlM2FkMGUxOWE3YTNmZDFiMWNmYmQzNGMwOTkwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyafuvmbpIdllHoBBeDF2xcpA1+wQ 3WXF6ycS4wMPm9ZvredlCKJ+mHGQYn45nzBZ9MVqhIcUZzzvcuVdZITOOeapEoEb JJI/VmvzJz84LtHin01KO4gJ+fezOvKBLlpnzFhT8rh9yPTSfJtFvaEv2RDPZukH CY0P7DT1OxO3J6TTt+2RZq4c2gPdflHxJEWEOBbwjolDAX7Mel3g6XUUbv+/XpcT OrS314R/0WM1IUZ7lob0Yuapejj5EoOJTTk3L18JHdMZ8m8/BH5kCfysyBcII9Qo 4kas4KnOp4e2Wbs2Q5hDBgjokH4c0fgrK2l9wjJ6+g7RDRgse9d4AApICwIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFCJUvMAyk+OtDhmno/0bHPvTTAmQMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ2L2EzYTUz MC0yNWFhLTQwMjMtOWE4MC00ZTM0N2Q1NTFjM2YvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYvYTNhNTMw LTI1YWEtNDAyMy05YTgwLTRlMzQ3ZDU1MWMzZi8xL0lsUzh3REtUNDYwT0dhZWpf UnNjLTlOTUNaQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCVetYMA0EAgACMAcDBQMqEBrAMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwMz3jANBgkqhkiG9w0BAQsFAAOCAQEAdM7xQXMEsZor fhLzEB5Ro5ftRAouJp63qg2NnLk3XkrGFXb4BVEc+/OGNr08GRW36rRO2TXXiEuQ fVjTIcIpiIYPuahdw1sYBz8Y/z7apPsl5dckdN93SKQAb9rsEi3PChAQKsd9G7g5 ua0vGOPlUFk7ZN9OCFfeT9ocmNv6eK79Rkgnok8p3kLI7ypORgbbcKbwfQuexrlH 82e0kay1KlxWA8pB2qhQmQ6ZeUNoRTZnnJrpBa6PeEY7k3wYpGy7Jrk9MJCInLuq cl+35rOo4ADYNPXbXxmbKtpctErdxPGam4AsvKXC4iRAJwRYp/aOLFUoG5OZZEto mwvRTwTZog== -----END CERTIFICATE-----Generated at Mon Feb 9 16:50:43 2026 by rpki-client