This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KRCdpmL50wL_8sXEtK-4-Uf-wcA.cer File: KRCdpmL50wL_8sXEtK-4-Uf-wcA.cer (raw, json) Hash identifier: GsfmItm6O9tQGkvewrJFcqeqDxmAxWPamCSFv35mVGk= Subject key identifier: 29:10:9D:A6:62:F9:D3:02:FF:F2:C5:C4:B4:AF:B8:F9:47:FE:C1:C0 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7D5D29479058B25D5879148DD79A746F Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/KRCdpmL50wL_8sXEtK-4-Uf-wcA.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 06:20:16 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 6881 AS: 47200 AS: 47627 AS: 59747 IP: 91.207.230.0/23 IP: 91.207.234.0/23 IP: 91.210.16.0/22 IP: 93.190.128.0/21 IP: 185.1.34.0/24 IP: 194.30.187.0/24 IP: 194.50.100.0/24 IP: 195.47.235.0/24 IP: 2001:7f8:14::/48 IP: 2001:7f8:91::/48 IP: 2a02:38::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:29:47:90:58:b2:5d:58:79:14:8d:d7:9a:74:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 06:20:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=29109da662f9d302fff2c5c4b4afb8f947fec1c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:07:45:5a:83:60:e2:6d:50:3c:1b:13:f9:1d: a4:77:ba:69:c1:da:06:23:83:bb:bd:c1:5e:4f:57: 3c:f5:c4:4a:be:6c:7d:b8:06:2f:9f:28:7a:1a:14: 11:a7:4b:b7:f8:65:ce:e9:18:8a:ce:3b:4e:62:36: c2:3b:24:62:5d:45:b2:2b:6e:73:43:68:17:ad:45: d0:0c:db:1b:44:1d:69:e3:ed:56:93:a9:90:d6:20: e7:46:61:13:45:73:61:ac:f6:43:f8:9e:92:35:75: 68:fc:1b:20:54:ab:3e:95:1f:0c:30:b1:a6:73:93: 56:e8:d1:b8:9c:04:c8:c2:71:06:ef:a4:a1:8c:89: 44:48:35:ac:45:bb:e3:f6:e1:03:49:f4:61:f5:5e: fd:e7:3d:fd:73:4f:0a:f5:47:4d:f0:22:b5:2b:21: 59:b1:3e:22:d3:37:e6:30:08:f7:f2:60:4a:84:25: 1f:9c:a5:b9:64:55:4c:b3:b8:fb:53:a1:b6:85:e0: 53:0d:1b:01:b9:a2:6f:80:7e:12:1d:af:cf:4f:6d: 73:16:b9:00:19:1d:76:ef:34:fa:01:52:0e:de:39: 35:02:4f:22:6d:88:63:cb:25:6f:c5:67:fc:8c:5e: 5d:76:67:ad:06:37:17:3c:8c:25:f6:e4:75:ab:84: 71:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:10:9D:A6:62:F9:D3:02:FF:F2:C5:C4:B4:AF:B8:F9:47:FE:C1:C0 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/KRCdpmL50wL_8sXEtK-4-Uf-wcA.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.207.230.0/23 91.207.234.0/23 91.210.16.0/22 93.190.128.0/21 185.1.34.0/24 194.30.187.0/24 194.50.100.0/24 195.47.235.0/24 IPv6: 2001:7f8:14::/48 2001:7f8:91::/48 2a02:38::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 6881 47200 47627 59747 Signature Algorithm: sha256WithRSAEncryption 2e:c1:39:a5:92:df:8c:28:5d:d7:23:0c:f9:83:ba:e3:22:14: 6f:78:1f:8d:95:b1:06:bf:cc:e8:0d:b6:f9:21:4b:09:f0:3f: 69:dc:a6:d7:fc:80:33:f5:23:fc:c2:3a:cc:ec:61:07:cf:31: 59:1d:2b:b0:f8:6e:3c:3d:1c:5d:af:d7:20:c3:fa:f4:02:e9: 2e:be:c9:f3:dd:46:24:68:2a:e3:1c:f2:87:c8:5c:c6:e9:b1: f8:16:43:10:f0:fb:f3:65:c3:65:cd:04:dd:db:6f:04:b9:e6: cd:7d:67:92:2d:9a:ce:a2:55:95:a0:ca:9f:ae:41:38:9a:ce: de:ce:cc:5c:ce:15:ce:55:39:ed:3d:39:fd:89:58:a4:31:5b: 30:5f:06:dc:d1:be:df:43:fa:23:bc:54:9c:f2:07:64:a7:bf: 21:bd:83:1d:80:97:02:4d:d5:7a:76:ab:59:f0:d0:b7:68:37: 0d:ab:dd:cb:d8:97:21:da:86:fe:be:09:b1:1b:2d:06:bd:c6: 2b:04:48:af:11:80:85:29:f4:16:3f:4c:63:69:f9:cb:20:3c: 02:0d:0a:f7:74:1f:35:e9:82:60:ee:b7:ce:2b:00:9d:f6:c9: b1:7a:0d:2c:be:3c:7d:26:e6:a5:7a:19:11:7f:35:60:2c:49: 7b:7a:a5:b8 -----BEGIN CERTIFICATE----- MIIF7TCCBNWgAwIBAgISAZt9XSlHkFiyXVh5FI3XmnRvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDYyMDE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOTEwOWRhNjYyZjlkMzAyZmZmMmM1YzRiNGFmYjhmOTQ3ZmVjMWMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgdFWoNg4m1QPBsT+R2kd7ppwdoG I4O7vcFeT1c89cRKvmx9uAYvnyh6GhQRp0u3+GXO6RiKzjtOYjbCOyRiXUWyK25z Q2gXrUXQDNsbRB1p4+1Wk6mQ1iDnRmETRXNhrPZD+J6SNXVo/BsgVKs+lR8MMLGm c5NW6NG4nATIwnEG76ShjIlESDWsRbvj9uEDSfRh9V795z39c08K9UdN8CK1KyFZ sT4i0zfmMAj38mBKhCUfnKW5ZFVMs7j7U6G2heBTDRsBuaJvgH4SHa/PT21zFrkA GR127zT6AVIO3jk1Ak8ibYhjyyVvxWf8jF5ddmetBjcXPIwl9uR1q4Rx4wIDAQAB o4IC+TCCAvUwHQYDVR0OBBYEFCkQnaZi+dMC//LFxLSvuPlH/sHAMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M5LzkzMDI3 OS0zMTg3LTQ3YTUtODEzNy1mNGZiNWM4ODA1MDkvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzkvOTMwMjc5 LTMxODctNDdhNS04MTM3LWY0ZmI1Yzg4MDUwOS8xL0tSQ2RwbUw1MHdMXzhzWEV0 Sy00LVVmLXdjQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGoGCCsGAQUF BwEHAQH/BFswWTA2BAIAATAwAwQBW8/mAwQBW8/qAwQCW9IQAwQDXb6AAwQAuQEi AwQAwh67AwQAwjJkAwQAwy/rMB8EAgACMBkDBwAgAQf4ABQDBwAgAQf4AJEDBQMq AgA4MCgGCCsGAQUFBwEIAQH/BBkwF6AVMBMCAhrhAgMAuGACAwC6CwIDAOljMA0G CSqGSIb3DQEBCwUAA4IBAQAuwTmlkt+MKF3XIwz5g7rjIhRveB+NlbEGv8zoDbb5 IUsJ8D9p3KbX/IAz9SP8wjrM7GEHzzFZHSuw+G48PRxdr9cgw/r0Aukuvsnz3UYk aCrjHPKHyFzG6bH4FkMQ8PvzZcNlzQTd228EuebNfWeSLZrOolWVoMqfrkE4ms7e zsxczhXOVTntPTn9iVikMVswXwbc0b7fQ/ojvFSc8gdkp78hvYMdgJcCTdV6dqtZ 8NC3aDcNq93L2Jch2ob+vgmxGy0GvcYrBEivEYCFKfQWP0xjafnLIDwCDQr3dB81 6YJg7rfOKwCd9smxeg0svjx9JualehkRfzVgLEl7eqW4 -----END CERTIFICATE-----Generated at Mon Feb 9 19:46:53 2026 by rpki-client