This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/JaVTeUIj5rTGMnebUTcdxOfXBwU.cer File: JaVTeUIj5rTGMnebUTcdxOfXBwU.cer (raw, json) Hash identifier: VxWoI/VvzM6VRIsHegcZ7nqufp/zDa1SeGD+RdGith8= Subject key identifier: 25:A5:53:79:42:23:E6:B4:C6:32:77:9B:51:37:1D:C4:E7:D7:07:05 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7EA5229330E3FC67F590997C18DE6E25 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/JaVTeUIj5rTGMnebUTcdxOfXBwU.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 12:18:30 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 46.102.248.0/24 IP: 84.40.0.0 -- 84.40.39.255 IP: 84.40.48.0/21 IP: 89.33.207.0/24 IP: 89.36.24.0/21 IP: 89.36.255.0/24 IP: 89.41.60.0/23 IP: 89.42.155.0/24 IP: 89.47.247.0/24 IP: 176.223.192.0/18 IP: 188.215.38.0/24 IP: 2001:67c:4dc::/48 IP: 2a06:6b80::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a5:22:93:30:e3:fc:67:f5:90:99:7c:18:de:6e:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 12:18:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=25a553794223e6b4c632779b51371dc4e7d70705 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:bd:b0:79:e1:72:a6:29:9f:7a:da:b3:2e:8a: ea:65:60:b2:b9:ff:7d:2e:e1:83:22:5f:b8:e1:4b: 70:f2:a8:c6:54:37:bf:de:bd:96:6c:a6:eb:d1:11: b5:5c:b9:c1:5a:30:4e:5a:c2:a3:28:f0:d9:9b:a2: 2d:b7:19:00:e0:9b:8a:43:81:45:42:0c:32:0d:e9: cd:ad:7f:19:20:f5:97:8c:b9:0f:9c:96:50:f1:60: a2:0d:67:df:3d:22:5b:e6:95:e9:e9:1d:44:38:48: 9b:ec:60:30:f8:6b:e8:ed:ca:7b:f1:94:0b:6b:91: e3:0e:eb:34:5c:e4:a4:af:b3:4f:42:11:74:01:1f: 9d:f6:d5:18:85:b3:02:d6:81:98:be:c4:42:ec:b8: d0:d6:68:31:57:92:7b:a8:5b:1a:94:9c:b9:6b:8e: 07:c7:54:59:6a:8b:87:3f:68:75:09:d6:2b:cb:9a: b6:5a:31:b2:78:12:04:10:42:89:86:e0:ac:51:f9: fb:37:ec:67:91:fb:f4:c6:d5:16:90:df:29:b7:a2: 80:e3:76:5e:56:d0:77:8c:cf:82:2b:fb:f0:52:22: cd:76:1d:55:f7:78:06:77:2f:b6:20:df:b5:16:02: 52:67:aa:45:1f:b0:1c:31:00:13:02:aa:e7:e0:ec: 55:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:A5:53:79:42:23:E6:B4:C6:32:77:9B:51:37:1D:C4:E7:D7:07:05 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/JaVTeUIj5rTGMnebUTcdxOfXBwU.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.102.248.0/24 84.40.0.0-84.40.39.255 84.40.48.0/21 89.33.207.0/24 89.36.24.0/21 89.36.255.0/24 89.41.60.0/23 89.42.155.0/24 89.47.247.0/24 176.223.192.0/18 188.215.38.0/24 IPv6: 2001:67c:4dc::/48 2a06:6b80::/29 Signature Algorithm: sha256WithRSAEncryption 9f:2d:d5:39:fb:4f:cf:29:0b:a5:af:f8:51:21:96:a7:c1:16: 3c:95:74:4f:82:66:e3:9b:90:6f:c2:83:d7:b7:ce:1d:e6:a7: 89:44:9b:e8:ad:4a:10:3a:05:c2:2e:58:ee:83:5d:b3:d1:ea: cc:85:ca:44:a0:ec:5c:54:78:b3:5e:39:60:c2:60:67:d3:72: f9:ed:00:7c:8e:36:57:e8:5c:3b:d2:66:5b:42:d0:94:f1:59: 9b:34:5b:f9:74:d7:00:dd:55:d2:fd:9f:79:aa:d7:26:2d:d2: 3a:2f:5a:99:64:c8:85:58:da:a0:1e:e7:37:59:eb:4e:bf:59: d4:f1:ea:03:4c:81:bb:17:8f:22:ae:c0:de:4f:a0:97:49:71: a9:9c:bc:24:b6:09:b1:ab:2d:42:f4:9d:57:e4:a9:b5:28:ac: e2:0d:82:f9:44:b8:ea:50:be:c3:85:70:a0:34:81:72:88:d8: 93:e8:aa:25:94:9c:28:13:0c:99:01:ed:4b:11:c8:fa:aa:0f: 93:52:3b:4f:bf:fa:8d:9f:bb:d5:46:5c:62:48:12:e7:02:40: 69:ca:1f:9b:a1:77:5f:e2:e7:55:66:bd:9c:45:c5:76:5a:04: 67:db:94:8d:ca:f5:30:82:97:45:b8:54:7b:4f:74:c9:77:85: 08:fd:60:cd -----BEGIN CERTIFICATE----- MIIF0zCCBLugAwIBAgISAZt+pSKTMOP8Z/WQmXwY3m4lMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTIxODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyNWE1NTM3OTQyMjNlNmI0YzYzMjc3OWI1MTM3MWRjNGU3ZDcwNzA1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqr2weeFypimfetqzLorqZWCyuf99 LuGDIl+44Utw8qjGVDe/3r2WbKbr0RG1XLnBWjBOWsKjKPDZm6IttxkA4JuKQ4FF QgwyDenNrX8ZIPWXjLkPnJZQ8WCiDWffPSJb5pXp6R1EOEib7GAw+Gvo7cp78ZQL a5HjDus0XOSkr7NPQhF0AR+d9tUYhbMC1oGYvsRC7LjQ1mgxV5J7qFsalJy5a44H x1RZaouHP2h1CdYry5q2WjGyeBIEEEKJhuCsUfn7N+xnkfv0xtUWkN8pt6KA43Ze VtB3jM+CK/vwUiLNdh1V93gGdy+2IN+1FgJSZ6pFH7AcMQATAqrn4OxVwwIDAQAB o4IC3zCCAtswHQYDVR0OBBYEFCWlU3lCI+a0xjJ3m1E3HcTn1wcFMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUzLzFmOTZj Yy01ZWE2LTQ5ZTMtOGY1Zi0zMGU5MjllZDEwNjMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvMWY5NmNj LTVlYTYtNDllMy04ZjVmLTMwZTkyOWVkMTA2My8xL0phVlRlVUlqNXJUR01uZWJV VGNkeE9mWEJ3VS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHoGCCsGAQUF BwEHAQH/BGswaTBPBAIAATBJAwQALmb4MAsDAwNUKAMEA1QoIAMEA1QoMAMEAFkh zwMEA1kkGAMEAFkk/wMEAVkpPAMEAFkqmwMEAFkv9wMEBrDfwAMEALzXJjAWBAIA AjAQAwcAIAEGfATcAwUDKgZrgDANBgkqhkiG9w0BAQsFAAOCAQEAny3VOftPzykL pa/4USGWp8EWPJV0T4Jm45uQb8KD17fOHeaniUSb6K1KEDoFwi5Y7oNds9HqzIXK RKDsXFR4s145YMJgZ9Ny+e0AfI42V+hcO9JmW0LQlPFZmzRb+XTXAN1V0v2fearX Ji3SOi9amWTIhVjaoB7nN1nrTr9Z1PHqA0yBuxePIq7A3k+gl0lxqZy8JLYJsast QvSdV+SptSis4g2C+US46lC+w4VwoDSBcojYk+iqJZScKBMMmQHtSxHI+qoPk1I7 T7/6jZ+71UZcYkgS5wJAacofm6F3X+LnVWa9nEXFdloEZ9uUjcr1MIKXRbhUe090 yXeFCP1gzQ== -----END CERTIFICATE-----Generated at Mon Feb 9 18:26:38 2026 by rpki-client