This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/K6HP11f1Hy_rdFCenDm-RoBr5kI.cer File: K6HP11f1Hy_rdFCenDm-RoBr5kI.cer (raw, json) Hash identifier: HhhJiagCOHDE8ACNWzL+fZ2BkogXu866el0iiy01Zjc= Subject key identifier: 2B:A1:CF:D7:57:F5:1F:2F:EB:74:50:9E:9C:39:BE:46:80:6B:E6:42 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7F15D40043161C4FB854CA13D583EB2F Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/K6HP11f1Hy_rdFCenDm-RoBr5kI.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 14:21:35 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 25441 IP: 62.231.32.0/19 IP: 78.135.128.0/17 IP: 83.141.64.0/18 IP: 85.134.128.0/17 IP: 87.192.0.0 -- 87.192.79.255 IP: 87.192.81.0 -- 87.192.87.255 IP: 87.192.192.0/20 IP: 87.192.216.0/22 IP: 87.192.222.0/23 IP: 87.232.0.0/19 IP: 87.232.192.0/24 IP: 87.232.194.0 -- 87.232.199.255 IP: 87.232.225.0/24 IP: 87.232.228.0/22 IP: 89.124.0.0/21 IP: 89.124.16.0/20 IP: 89.124.224.0 -- 89.124.241.255 IP: 89.124.245.0/24 IP: 89.124.248.0/23 IP: 89.124.251.0 -- 89.124.252.255 IP: 89.124.254.0/23 IP: 89.126.0.0 -- 89.126.207.255 IP: 89.126.224.0 -- 89.127.235.255 IP: 89.127.248.0/22 IP: 89.127.254.0/23 IP: 185.247.52.0/22 IP: 2001:4d68::/32 IP: 2a01:268::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 14:41:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:d4:00:43:16:1c:4f:b8:54:ca:13:d5:83:eb:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 14:21:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2ba1cfd757f51f2feb74509e9c39be46806be642 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:61:ab:69:02:05:84:5c:f5:8f:aa:36:f7:35: 00:ed:dd:2f:28:72:fb:34:3b:3e:2c:47:71:78:12: cf:08:2d:d9:37:c1:d5:bd:50:2a:14:ed:4d:b5:17: e1:bc:e6:0d:db:8b:62:df:19:c4:85:43:d9:d0:34: 61:8d:ea:e4:2f:d4:64:f4:b3:3e:98:b6:51:10:08: 44:74:f1:06:1f:bd:f0:de:86:9f:ff:44:f4:10:78: 35:5b:ce:79:de:b4:0b:48:0f:7b:cf:ef:f0:be:64: 98:62:bc:18:7e:6a:1e:f4:6a:ee:96:c4:a4:f3:66: d7:65:4e:8d:3d:53:8f:bc:9f:41:26:7e:d9:b3:39: 2c:32:e0:f3:5e:d1:0f:7a:34:c2:fe:02:9d:cc:80: 04:1a:5a:5b:b5:12:03:f3:83:c1:e2:44:55:3a:ca: b5:d0:2d:d5:38:ad:68:d1:8b:bf:09:b5:35:5d:28: ba:af:e5:79:a9:02:60:03:bf:64:cf:3c:00:00:87: 3e:40:ec:ea:a1:70:9a:6f:c5:71:04:6a:8f:50:55: be:68:34:45:f4:b8:99:1e:5c:93:ab:0f:d7:9c:06: 8d:84:0e:72:1a:a3:5b:d9:6c:9c:d2:af:85:ed:80: c1:45:63:e0:99:90:60:c1:a5:48:40:8f:38:d4:9b: f1:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:A1:CF:D7:57:F5:1F:2F:EB:74:50:9E:9C:39:BE:46:80:6B:E6:42 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/K6HP11f1Hy_rdFCenDm-RoBr5kI.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 62.231.32.0/19 78.135.128.0/17 83.141.64.0/18 85.134.128.0/17 87.192.0.0-87.192.79.255 87.192.81.0-87.192.87.255 87.192.192.0/20 87.192.216.0/22 87.192.222.0/23 87.232.0.0/19 87.232.192.0/24 87.232.194.0-87.232.199.255 87.232.225.0/24 87.232.228.0/22 89.124.0.0/21 89.124.16.0/20 89.124.224.0-89.124.241.255 89.124.245.0/24 89.124.248.0/23 89.124.251.0-89.124.252.255 89.124.254.0/23 89.126.0.0-89.126.207.255 89.126.224.0-89.127.235.255 89.127.248.0/22 89.127.254.0/23 185.247.52.0/22 IPv6: 2001:4d68::/32 2a01:268::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 25441 Signature Algorithm: sha256WithRSAEncryption 5c:0d:6c:39:93:08:25:81:ba:a3:c9:da:0a:31:c8:b3:39:df: c8:b9:e8:a2:e6:d0:34:1c:54:95:df:4d:f0:d0:7d:36:87:ef: 6e:f7:25:c5:39:28:c0:d8:30:b3:08:72:b4:b7:3a:28:38:e7: b6:6a:5b:18:ae:4c:0d:e5:54:1c:ef:bc:ea:c9:be:b3:8d:05: fa:49:1c:09:e5:7a:84:c5:5c:e7:f0:d1:48:e7:8d:c3:d0:b6: b4:c6:28:06:75:47:54:6f:47:66:82:e1:8d:56:db:3e:4b:51: d0:34:72:c9:2d:b0:48:9f:27:d8:c8:cb:ec:ff:8f:74:8e:c8: 8b:5e:50:b0:7a:75:09:a6:8b:70:70:f0:b5:4c:95:9d:87:18: 8b:50:18:9c:0a:90:c7:b7:89:3b:33:fd:8c:09:bc:90:41:e1: b8:eb:58:47:8b:0c:58:c3:1d:1e:77:a2:d7:e9:df:83:13:57: 3e:41:32:35:d7:9b:43:53:58:60:84:76:20:09:d3:25:9e:e7: 17:0c:60:b1:e1:9a:52:07:51:86:fb:c7:22:25:fe:11:5b:ea: 02:28:6b:a4:b4:e3:3b:c2:78:06:a7:5f:b8:84:b0:86:17:df: dd:ab:d7:8a:8b:d4:2d:07:63:1f:5c:dc:b8:56:29:5c:45:2e: a8:fd:ed:6f -----BEGIN CERTIFICATE----- MIIGezCCBWOgAwIBAgISAZt/FdQAQxYcT7hUyhPVg+svMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTQyMTM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYmExY2ZkNzU3ZjUxZjJmZWI3NDUwOWU5YzM5YmU0NjgwNmJlNjQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWGraQIFhFz1j6o29zUA7d0vKHL7 NDs+LEdxeBLPCC3ZN8HVvVAqFO1NtRfhvOYN24ti3xnEhUPZ0DRhjerkL9Rk9LM+ mLZREAhEdPEGH73w3oaf/0T0EHg1W8553rQLSA97z+/wvmSYYrwYfmoe9GrulsSk 82bXZU6NPVOPvJ9BJn7ZszksMuDzXtEPejTC/gKdzIAEGlpbtRID84PB4kRVOsq1 0C3VOK1o0Yu/CbU1XSi6r+V5qQJgA79kzzwAAIc+QOzqoXCab8VxBGqPUFW+aDRF 9LiZHlyTqw/XnAaNhA5yGqNb2Wyc0q+F7YDBRWPgmZBgwaVIQI841JvxqwIDAQAB o4IDhzCCA4MwHQYDVR0OBBYEFCuhz9dX9R8v63RQnpw5vkaAa+ZCMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E5Lzc0NTkx MC04NmM2LTQzZDEtOTc2NS01Nzg5ZGU0MjRhNDIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkvNzQ1OTEw LTg2YzYtNDNkMS05NzY1LTU3ODlkZTQyNGE0Mi8xL0s2SFAxMWYxSHlfcmRGQ2Vu RG0tUm9CcjVrSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBBQYIKwYB BQUHAQcBAf8EgfUwgfIwgdkEAgABMIHSAwQFPucgAwQHToeAAwQGU41AAwQHVYaA MAsDAwZXwAMEBFfAQDAMAwQAV8BRAwQDV8BQAwQEV8DAAwQCV8DYAwQBV8DeAwQF V+gAAwQAV+jAMAwDBAFX6MIDBANX6MADBABX6OEDBAJX6OQDBANZfAADBARZfBAw DAMEBVl84AMEAVl88AMEAFl89QMEAVl8+DAMAwQAWXz7AwQAWXz8AwQBWXz+MAsD AwFZfgMEBFl+wDAMAwQFWX7gAwQCWX/oAwQCWX/4AwQBWX/+AwQCufc0MBQEAgAC MA4DBQAgAU1oAwUAKgECaDAZBggrBgEFBQcBCAEB/wQKMAigBjAEAgJjYTANBgkq hkiG9w0BAQsFAAOCAQEAXA1sOZMIJYG6o8naCjHIsznfyLnooubQNBxUld9N8NB9 NofvbvclxTkowNgwswhytLc6KDjntmpbGK5MDeVUHO+86sm+s40F+kkcCeV6hMVc 5/DRSOeNw9C2tMYoBnVHVG9HZoLhjVbbPktR0DRyyS2wSJ8n2MjL7P+PdI7Ii15Q sHp1CaaLcHDwtUyVnYcYi1AYnAqQx7eJOzP9jAm8kEHhuOtYR4sMWMMdHnei1+nf gxNXPkEyNdebQ1NYYIR2IAnTJZ7nFwxgseGaUgdRhvvHIiX+EVvqAihrpLTjO8J4 BqdfuISwhhff3avXiovULQdjH1zcuFYpXEUuqP3tbw== -----END CERTIFICATE-----Generated at Sun Jan 18 16:41:09 2026 by rpki-client