This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer File: JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer (raw, json) Hash identifier: UnHscDCZV4zNsolZbDNN4QJ2riKfsV8cl56uZvQa17s= Subject key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7F835CEFE71A1E7A4DA62BF89A021E03 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 16:21:14 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 34388 AS: 51559 IP: 31.12.74.0/24 IP: 31.192.208.0/21 IP: 37.1.144.0/21 IP: 89.43.28.0/22 IP: 89.43.64.0/22 IP: 89.252.128.0 -- 89.252.177.255 IP: 93.113.60.0/22 IP: 93.115.76.0/22 IP: 94.102.0.0/20 IP: 95.173.160.0/19 IP: 159.253.32.0/20 IP: 185.21.5.0/24 IP: 185.88.133.0 -- 185.88.135.255 IP: 185.95.84.0/22 IP: 185.172.48.0/22 IP: 2a02:f80::/32 IP: 2a03:2100::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 15:22:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:5c:ef:e7:1a:1e:7a:4d:a6:2b:f8:9a:02:1e:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 16:21:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=25e4aed3ef72bee3141660d1149e16d079205f3c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:2a:9a:9f:02:bd:5f:7b:b7:62:b7:5f:f3:18: 41:b4:aa:4a:d5:2d:3f:f5:94:af:be:46:d0:c1:36: 07:11:13:a8:ee:2d:bf:74:12:69:1f:cd:bd:6c:30: c1:d4:de:46:5c:1c:01:f2:a8:2c:6d:09:44:ad:f6: 6c:2a:29:08:74:10:c2:fe:70:ae:b3:8b:20:30:b2: 07:ce:48:1c:77:87:4f:65:ed:7d:ac:08:1b:6d:d1: ad:fd:19:c5:70:b6:21:11:cd:d6:f0:27:03:c6:86: 54:07:1f:57:06:2c:e7:19:16:b1:2e:c0:c4:59:6f: 37:d4:9b:3e:35:6a:e3:cd:37:5e:33:1e:63:3b:1c: 5f:70:c4:ac:8e:1b:94:f7:07:91:0f:85:ca:48:00: 7d:12:cb:5d:5d:9c:ea:f9:7b:43:fb:bc:8f:02:b7: 9a:3e:62:a9:b3:aa:85:a2:01:4d:2f:85:ae:f9:d0: 01:1f:d1:87:04:c4:cd:d0:4b:85:96:9e:30:1f:ba: 76:95:a9:1a:00:bb:91:a1:18:ff:00:65:1a:80:dd: 3e:1f:cc:82:8b:d1:cf:e0:ea:ea:c0:56:51:6e:b7: 31:96:4b:bc:e7:aa:62:73:25:88:f5:c4:d9:69:ea: 7f:c3:76:71:0c:eb:00:da:01:9e:6f:a0:3c:8f:c0: ff:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.12.74.0/24 31.192.208.0/21 37.1.144.0/21 89.43.28.0/22 89.43.64.0/22 89.252.128.0-89.252.177.255 93.113.60.0/22 93.115.76.0/22 94.102.0.0/20 95.173.160.0/19 159.253.32.0/20 185.21.5.0/24 185.88.133.0-185.88.135.255 185.95.84.0/22 185.172.48.0/22 IPv6: 2a02:f80::/32 2a03:2100::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 34388 51559 Signature Algorithm: sha256WithRSAEncryption 39:86:0e:59:7f:6c:79:19:be:2a:2b:29:ab:0e:31:88:9c:84: 0f:bb:4a:ab:96:83:27:f2:ce:1b:7f:76:93:23:a4:d1:c8:5d: 85:1b:49:ef:80:ec:0c:2e:75:6e:6d:ed:a1:69:e5:29:64:e6: 0c:57:4a:38:bc:6d:48:e9:81:a1:d4:21:9d:b5:4f:31:39:e3: a0:45:5d:7d:40:9d:dc:11:96:d4:61:d8:ab:a8:e7:79:5a:24: 5f:cd:b2:17:6a:c0:89:ab:10:09:7a:ea:2c:97:77:d7:97:2f: 34:04:a5:ef:dd:7a:3f:70:22:aa:75:71:2a:ac:98:cc:30:19: 38:3a:e8:2d:f6:30:e5:00:6f:ed:af:7d:f7:f6:c7:c7:23:74: ab:86:d1:f3:f8:7a:65:99:71:da:38:5f:b5:37:65:52:e5:25: 5e:b0:ba:2b:39:85:ee:00:e3:d5:3f:df:f9:68:ea:bf:99:ec: 7b:1b:64:fd:d4:f2:64:eb:7c:91:d0:99:82:4c:3a:1a:1f:37: 8c:09:9e:78:07:2e:8d:d8:bc:fb:dc:67:5a:78:d3:85:8f:12: ee:8f:f1:b4:c2:55:0f:30:71:21:cb:21:c1:aa:cc:e8:01:88: a5:0d:06:72:87:de:a8:64:b3:dc:82:c7:90:29:48:b1:ae:cd: 7a:8d:d5:cd -----BEGIN CERTIFICATE----- MIIGFjCCBP6gAwIBAgISAZt/g1zv5xoeek2mK/iaAh4DMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTYyMTE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyNWU0YWVkM2VmNzJiZWUzMTQxNjYwZDExNDllMTZkMDc5MjA1ZjNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCqanwK9X3u3Yrdf8xhBtKpK1S0/ 9ZSvvkbQwTYHEROo7i2/dBJpH829bDDB1N5GXBwB8qgsbQlErfZsKikIdBDC/nCu s4sgMLIHzkgcd4dPZe19rAgbbdGt/RnFcLYhEc3W8CcDxoZUBx9XBiznGRaxLsDE WW831Js+NWrjzTdeMx5jOxxfcMSsjhuU9weRD4XKSAB9EstdXZzq+XtD+7yPArea PmKps6qFogFNL4Wu+dABH9GHBMTN0EuFlp4wH7p2lakaALuRoRj/AGUagN0+H8yC i9HP4OrqwFZRbrcxlku856picyWI9cTZaep/w3ZxDOsA2gGeb6A8j8D/TwIDAQAB o4IDIjCCAx4wHQYDVR0OBBYEFCXkrtPvcr7jFBZg0RSeFtB5IF88MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q5LzYzMzZk MC05NDk0LTQ2ZDMtOTg2MS1lZDNlMzhmOTU3N2YvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkvNjMzNmQw LTk0OTQtNDZkMy05ODYxLWVkM2UzOGY5NTc3Zi8xL0plU3UwLTl5dnVNVUZtRFJG SjRXMEhrZ1h6dy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGbBggrBgEF BQcBBwEB/wSBizCBiDBwBAIAATBqAwQAHwxKAwQDH8DQAwQDJQGQAwQCWSscAwQC WStAMAwDBAdZ/IADBAFZ/LADBAJdcTwDBAJdc0wDBAReZgADBAVfraADBASf/SAD BAC5FQUwDAMEALlYhQMEA7lYgAMEArlfVAMEArmsMDAUBAIAAjAOAwUAKgIPgAMF AyoDIQAwHwYIKwYBBQUHAQgBAf8EEDAOoAwwCgIDAIZUAgMAyWcwDQYJKoZIhvcN AQELBQADggEBADmGDll/bHkZviorKasOMYichA+7SquWgyfyzht/dpMjpNHIXYUb Se+A7AwudW5t7aFp5Slk5gxXSji8bUjpgaHUIZ21TzE546BFXX1AndwRltRh2Kuo 53laJF/NshdqwImrEAl66iyXd9eXLzQEpe/dej9wIqp1cSqsmMwwGTg66C32MOUA b+2vfff2x8cjdKuG0fP4emWZcdo4X7U3ZVLlJV6wuis5he4A49U/3/lo6r+Z7Hsb ZP3U8mTrfJHQmYJMOhofN4wJnngHLo3YvPvcZ1p404WPEu6P8bTCVQ8wcSHLIcGq zOgBiKUNBnKH3qhks9yCx5ApSLGuzXqN1c0= -----END CERTIFICATE-----Generated at Wed Jan 21 18:47:38 2026 by rpki-client