This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/JwafGIPczJOnhpxB7D6XL_X9SwE.cer File: JwafGIPczJOnhpxB7D6XL_X9SwE.cer (raw, json) Hash identifier: P2VSaB2k7Jy2rG93kdNuRZGmZbLpv5NMT9A+whcNnU0= Subject key identifier: 27:06:9F:18:83:DC:CC:93:A7:86:9C:41:EC:3E:97:2F:F5:FD:4B:01 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7EA75B22AB8B7BCC595D7816C3878E8B Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/7f/42e079-6f7c-468d-b028-0462b6484d60/1/JwafGIPczJOnhpxB7D6XL_X9SwE.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/7f/42e079-6f7c-468d-b028-0462b6484d60/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 12:20:55 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 21107 AS: 42571 AS: 198252 IP: 31.216.184.0/21 IP: 31.223.208.0/20 IP: 62.68.96.0/19 IP: 77.239.64.0/19 IP: 79.142.180.0/22 IP: 79.143.160.0/20 IP: 80.242.112.0/20 IP: 92.241.128.0/19 IP: 93.180.144.0/21 IP: 134.90.128.0/21 IP: 185.32.172.0/22 IP: 185.36.84.0/22 IP: 185.39.0.0/22 IP: 185.187.4.0/22 IP: 188.124.192.0/19 IP: 188.246.64.0/19 IP: 194.41.40.0/22 IP: 213.91.72.0 -- 213.91.95.255 IP: 217.23.192.0/20 IP: 217.71.49.0 -- 217.71.55.255 IP: 2a00:1a98::/32 IP: 2a02:2030::/32 IP: 2a03:f180::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:5b:22:ab:8b:7b:cc:59:5d:78:16:c3:87:8e:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 12:20:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=27069f1883dccc93a7869c41ec3e972ff5fd4b01 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:5b:2b:40:11:49:35:bc:4a:d5:07:ec:4b:74: 37:01:7c:0d:63:b2:b4:80:78:eb:02:af:e9:d4:04: 11:96:fb:10:22:bd:75:ea:f7:d0:cd:58:08:07:92: 51:73:bc:34:3e:a9:c7:b1:55:ab:34:bf:c5:74:d4: 9d:e9:58:e5:4b:f0:76:6b:f8:a4:a4:28:0b:ba:38: 08:43:1d:d7:f3:cd:62:4e:f1:95:bd:08:c7:0b:9e: 59:6b:9f:fb:23:e7:17:05:2b:79:b0:9a:0e:b7:e6: ae:3f:fa:5e:c3:b3:5b:e5:80:f1:72:f0:f7:8e:f6: d8:9a:e8:5d:22:bb:37:5a:4a:da:ab:8a:15:4e:fc: 81:44:dc:c7:fc:20:35:8c:e0:23:de:a9:29:30:42: 4c:5f:a2:e4:65:51:7f:cd:58:a1:75:08:13:82:bd: 72:b9:cf:50:3d:c0:92:16:f7:86:3b:c0:e8:cf:a7: d6:f2:a1:64:7a:47:10:fb:0f:d0:1d:27:67:9d:ac: b7:32:0f:c6:82:5b:a4:0b:35:15:32:10:ae:40:49: ba:77:df:45:e0:53:eb:3d:ee:c7:4a:f4:1b:d9:a9: f0:d4:bb:82:29:27:1d:9a:f3:0b:9c:b6:c1:b6:15: 2d:0a:e5:69:0c:34:04:f6:7e:6b:d5:6f:39:d9:b7: 55:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:06:9F:18:83:DC:CC:93:A7:86:9C:41:EC:3E:97:2F:F5:FD:4B:01 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/42e079-6f7c-468d-b028-0462b6484d60/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/42e079-6f7c-468d-b028-0462b6484d60/1/JwafGIPczJOnhpxB7D6XL_X9SwE.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.216.184.0/21 31.223.208.0/20 62.68.96.0/19 77.239.64.0/19 79.142.180.0/22 79.143.160.0/20 80.242.112.0/20 92.241.128.0/19 93.180.144.0/21 134.90.128.0/21 185.32.172.0/22 185.36.84.0/22 185.39.0.0/22 185.187.4.0/22 188.124.192.0/19 188.246.64.0/19 194.41.40.0/22 213.91.72.0-213.91.95.255 217.23.192.0/20 217.71.49.0-217.71.55.255 IPv6: 2a00:1a98::/32 2a02:2030::/32 2a03:f180::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 21107 42571 198252 Signature Algorithm: sha256WithRSAEncryption a9:ed:7b:5e:ee:7c:43:94:13:d0:d7:8b:73:90:8a:96:52:86: 80:aa:63:11:3d:c0:c7:ce:b8:41:79:53:45:06:6f:b4:99:e5: 23:85:45:96:1a:19:57:47:66:30:0e:29:b8:93:e0:d2:f1:19: 11:a6:83:2d:be:4c:96:fb:fe:af:05:57:75:b6:7a:1e:37:56: e3:e0:78:4b:c1:b9:75:ab:9e:fc:00:42:e6:d3:4e:a9:33:d4: 29:4d:f7:f8:fe:24:28:22:a6:f6:ce:83:5e:30:6b:36:ac:91: 8b:44:5b:7c:6d:97:7a:5e:ba:c2:8c:6c:c3:74:a6:f3:22:b9: fa:b9:99:e4:26:08:2c:1b:ef:c1:be:8b:b5:51:15:88:de:fe: fe:5a:85:a4:08:d4:d5:f6:b9:84:57:61:2a:bf:3d:48:e4:64: 77:19:1b:ca:50:90:5f:8e:3e:5a:d8:75:5d:6b:bc:b0:9d:18: a0:3e:ef:34:d1:32:ae:ec:45:de:e5:eb:f6:87:1d:65:b9:6e: c6:00:0c:2f:e6:19:b9:69:c3:84:2c:01:2f:79:ee:db:0d:f7: 7f:7c:11:81:22:f4:fd:2e:55:dd:b0:b5:6e:24:f1:1f:e0:64: cc:81:e3:79:f3:ba:10:87:0e:66:ec:75:8e:79:ae:6c:04:66: 9e:6e:e9:7c -----BEGIN CERTIFICATE----- MIIGQTCCBSmgAwIBAgISAZt+p1siq4t7zFldeBbDh46LMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTIyMDU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyNzA2OWYxODgzZGNjYzkzYTc4NjljNDFlYzNlOTcyZmY1ZmQ0YjAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVsrQBFJNbxK1QfsS3Q3AXwNY7K0 gHjrAq/p1AQRlvsQIr116vfQzVgIB5JRc7w0PqnHsVWrNL/FdNSd6VjlS/B2a/ik pCgLujgIQx3X881iTvGVvQjHC55Za5/7I+cXBSt5sJoOt+auP/pew7Nb5YDxcvD3 jvbYmuhdIrs3Wkraq4oVTvyBRNzH/CA1jOAj3qkpMEJMX6LkZVF/zVihdQgTgr1y uc9QPcCSFveGO8Doz6fW8qFkekcQ+w/QHSdnnay3Mg/GglukCzUVMhCuQEm6d99F 4FPrPe7HSvQb2anw1LuCKScdmvMLnLbBthUtCuVpDDQE9n5r1W852bdVLQIDAQAB o4IDTTCCA0kwHQYDVR0OBBYEFCcGnxiD3MyTp4acQew+ly/1/UsBMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdmLzQyZTA3 OS02ZjdjLTQ2OGQtYjAyOC0wNDYyYjY0ODRkNjAvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2YvNDJlMDc5 LTZmN2MtNDY4ZC1iMDI4LTA0NjJiNjQ4NGQ2MC8xL0p3YWZHSVBjekpPbmhweEI3 RDZYTF9YOVN3RS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHCBggrBgEF BQcBBwEB/wSBsjCBrzCBjwQCAAEwgYgDBAMf2LgDBAQf39ADBAU+RGADBAVN70AD BAJPjrQDBARPj6ADBARQ8nADBAVc8YADBANdtJADBAOGWoADBAK5IKwDBAK5JFQD BAK5JwADBAK5uwQDBAW8fMADBAW89kADBALCKSgwDAMEA9VbSAMEBdVbQAMEBNkX wDAMAwQA2UcxAwQD2UcwMBsEAgACMBUDBQAqABqYAwUAKgIgMAMFACoD8YAwIwYI KwYBBQUHAQgBAf8EFDASoBAwDgICUnMCAwCmSwIDAwZsMA0GCSqGSIb3DQEBCwUA A4IBAQCp7Xte7nxDlBPQ14tzkIqWUoaAqmMRPcDHzrhBeVNFBm+0meUjhUWWGhlX R2YwDim4k+DS8RkRpoMtvkyW+/6vBVd1tnoeN1bj4HhLwbl1q578AELm006pM9Qp Tff4/iQoIqb2zoNeMGs2rJGLRFt8bZd6XrrCjGzDdKbzIrn6uZnkJggsG+/Bvou1 URWI3v7+WoWkCNTV9rmEV2Eqvz1I5GR3GRvKUJBfjj5a2HVda7ywnRigPu800TKu 7EXe5ev2hx1luW7GAAwv5hm5acOELAEvee7bDfd/fBGBIvT9LlXdsLVuJPEf4GTM geN587oQhw5m7HWOea5sBGaebul8 -----END CERTIFICATE-----Generated at Mon Jan 26 21:07:43 2026 by rpki-client