This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/K5didVR7dd8rBMT5spHAcQxQd0A.cer File: K5didVR7dd8rBMT5spHAcQxQd0A.cer (raw, json) Hash identifier: QPAjqP+Y8MOubPHb8c1c6641kz9fRThx+80g/okHoxo= Subject key identifier: 2B:97:62:75:54:7B:75:DF:2B:04:C4:F9:B2:91:C0:71:0C:50:77:40 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B78A299CA27215E4525B6B2038372F990 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/K5didVR7dd8rBMT5spHAcQxQd0A.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 08:18:00 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 202975 IP: 85.116.128.0/21 IP: 89.105.88.0/21 IP: 185.89.220.0/22 IP: 185.135.100.0/22 IP: 2a06:f2c0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:99:ca:27:21:5e:45:25:b6:b2:03:83:72:f9:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 08:18:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2b976275547b75df2b04c4f9b291c0710c507740 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:f7:82:2e:7b:92:80:e6:e9:0c:20:35:04:a0: e3:73:77:32:0d:73:ea:f2:a8:c5:68:0c:fd:85:6b: f4:40:f0:32:cc:fd:fd:9d:13:9f:68:dd:48:0e:ae: ec:24:1d:1c:ea:99:94:1d:92:36:d2:3d:bc:ad:96: 31:76:db:59:8b:0e:1d:d3:ad:c2:62:2f:0f:49:b4: 54:df:0b:e2:f4:e1:d5:f2:89:f8:ff:1c:af:d3:6a: ab:a7:fa:56:ea:8b:08:bd:30:4b:e3:cb:94:4e:ef: 0e:73:20:1e:bc:a8:d0:35:1c:8b:99:d0:a8:9b:59: ca:c5:aa:19:af:f5:03:4f:02:5b:59:63:30:56:00: c4:0d:c4:bc:71:7c:f0:61:03:54:fa:dd:e4:ea:11: 5c:c9:5f:ff:b8:e4:5d:1a:67:06:c8:72:83:7c:12: a5:fd:c6:ec:5f:e1:e2:9a:00:4f:c5:fc:9e:f0:c4: 93:de:e8:41:56:b5:67:2c:8f:21:8b:64:fb:f2:c3: de:ca:85:ed:45:89:9b:0c:e5:9e:ee:b3:42:16:01: 83:52:f4:7e:9c:f7:d3:6e:7d:85:f7:90:95:c7:4b: 93:15:5a:d7:1c:e8:23:de:19:20:b4:c2:b4:f8:9e: 12:16:ad:46:35:e9:5e:1f:27:7b:5d:9b:55:bb:39: 2c:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:97:62:75:54:7B:75:DF:2B:04:C4:F9:B2:91:C0:71:0C:50:77:40 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/K5didVR7dd8rBMT5spHAcQxQd0A.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.116.128.0/21 89.105.88.0/21 185.89.220.0/22 185.135.100.0/22 IPv6: 2a06:f2c0::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 202975 Signature Algorithm: sha256WithRSAEncryption 1c:c3:f5:bd:d2:8b:80:1c:73:a8:f3:cf:dc:f0:aa:ae:bc:b7: 38:2d:bb:10:c1:86:74:fd:6e:1d:cd:cf:e5:35:c4:35:39:ea: 40:14:b3:dc:a5:80:5c:f6:68:ee:f2:3f:a0:a3:5b:57:3a:be: 38:61:2e:f6:cb:15:ca:c7:6c:58:62:d4:da:2f:54:d8:31:13: d0:02:47:54:9d:c6:a7:e6:3a:d7:86:95:fb:f2:f0:17:de:65: ae:10:ef:cf:c3:3c:a4:c3:e1:e1:9a:1e:e1:93:3f:df:e2:fd: b8:ba:8a:de:51:f0:90:5a:35:4c:c0:82:5c:64:ab:8e:57:ea: a5:c6:ec:bb:8f:00:f5:46:6c:03:e5:83:be:35:cb:84:ed:4a: 45:b8:33:6d:7c:87:af:bc:65:08:de:8b:92:74:e1:c5:53:e8: ca:66:e0:78:ff:58:1d:ec:2d:9f:75:6e:e0:1b:ab:c2:f5:85: 52:b5:d1:20:e2:0c:57:55:83:1a:cb:17:34:a5:8b:78:f9:54: 26:e2:c2:a6:2a:14:73:82:cf:08:99:5e:aa:71:ce:b0:1d:af: 53:41:fb:3d:1e:74:e4:b1:3f:af:d8:7e:49:cb:05:ff:a8:2d: 50:7b:52:4f:63:31:c7:4c:9b:6f:b9:d5:70:16:08:00:3f:65: 88:32:77:94 -----BEGIN CERTIFICATE----- MIIFtTCCBJ2gAwIBAgISAZt4opnKJyFeRSW2sgODcvmQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDgxODAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYjk3NjI3NTU0N2I3NWRmMmIwNGM0ZjliMjkxYzA3MTBjNTA3NzQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqveCLnuSgObpDCA1BKDjc3cyDXPq 8qjFaAz9hWv0QPAyzP39nROfaN1IDq7sJB0c6pmUHZI20j28rZYxdttZiw4d063C Yi8PSbRU3wvi9OHV8on4/xyv02qrp/pW6osIvTBL48uUTu8OcyAevKjQNRyLmdCo m1nKxaoZr/UDTwJbWWMwVgDEDcS8cXzwYQNU+t3k6hFcyV//uORdGmcGyHKDfBKl /cbsX+HimgBPxfye8MST3uhBVrVnLI8hi2T78sPeyoXtRYmbDOWe7rNCFgGDUvR+ nPfTbn2F95CVx0uTFVrXHOgj3hkgtMK0+J4SFq1GNeleHyd7XZtVuzksHQIDAQAB o4ICwTCCAr0wHQYDVR0OBBYEFCuXYnVUe3XfKwTE+bKRwHEMUHdAMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQyLzU4ZjQ1 Zi04YjA3LTRlNmEtOTU0OC1kNWIwZjkxZDk3YzIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDIvNThmNDVm LThiMDctNGU2YS05NTQ4LWQ1YjBmOTFkOTdjMi8xL0s1ZGlkVlI3ZGQ4ckJNVDVz cEhBY1F4UWQwQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUF BwEHAQH/BDEwLzAeBAIAATAYAwQDVXSAAwQDWWlYAwQCuVncAwQCuYdkMA0EAgAC MAcDBQMqBvLAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMY3zANBgkqhkiG9w0B AQsFAAOCAQEAHMP1vdKLgBxzqPPP3PCqrry3OC27EMGGdP1uHc3P5TXENTnqQBSz 3KWAXPZo7vI/oKNbVzq+OGEu9ssVysdsWGLU2i9U2DET0AJHVJ3Gp+Y614aV+/Lw F95lrhDvz8M8pMPh4Zoe4ZM/3+L9uLqK3lHwkFo1TMCCXGSrjlfqpcbsu48A9UZs A+WDvjXLhO1KRbgzbXyHr7xlCN6LknThxVPoymbgeP9YHewtn3Vu4BurwvWFUrXR IOIMV1WDGssXNKWLePlUJuLCpioUc4LPCJleqnHOsB2vU0H7PR505LE/r9h+ScsF /6gtUHtST2Mxx0ybb7nVcBYIAD9liDJ3lA== -----END CERTIFICATE-----Generated at Tue Jan 27 10:00:33 2026 by rpki-client