This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KS-wn35or-lfI5ExFObApqpyb90.cer File: KS-wn35or-lfI5ExFObApqpyb90.cer (raw, json) Hash identifier: xjiUqPY9NrGw1UkFnm2nUfQpTmGvwrYLYxRXOBuzcqc= Subject key identifier: 29:2F:B0:9F:7E:68:AF:E9:5F:23:91:31:14:E6:C0:A6:AA:72:6F:DD Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B79ED4018C7C838D579B5C5C65E120C96 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9e/e13112-5758-4552-b2ad-ed1b9b8e6470/1/KS-wn35or-lfI5ExFObApqpyb90.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9e/e13112-5758-4552-b2ad-ed1b9b8e6470/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 14:19:10 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 43967 IP: 91.200.180.0/22 IP: 178.159.224.0/20 IP: 193.160.97.0/24 IP: 194.31.44.0/22 IP: 195.211.136.0 -- 195.211.147.255 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:40:18:c7:c8:38:d5:79:b5:c5:c6:5e:12:0c:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 14:19:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=292fb09f7e68afe95f23913114e6c0a6aa726fdd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:90:e1:0d:fb:6a:1b:33:94:25:94:a7:e7:87: c9:68:1a:a7:1b:af:ac:ed:d7:e9:fb:2f:8b:70:9d: 70:d3:c7:bf:01:62:19:53:e4:2d:fe:ae:ff:75:f8: a3:f1:20:a7:4c:34:f7:e1:b3:60:a1:98:a1:90:f0: e0:f0:e2:fc:31:ce:88:e5:cc:c4:53:61:8b:35:03: 8f:31:31:17:38:0e:3c:46:a5:66:47:d5:f7:2b:ec: 54:bb:aa:f5:78:21:64:11:6d:7c:86:e4:33:54:51: b4:83:61:1b:52:f4:9c:40:ea:d3:2d:c5:10:4c:ac: 79:bd:38:b5:f3:61:9f:2f:e5:fd:f4:02:6a:f8:a8: 88:df:b0:8b:c5:c6:36:9f:a6:1e:5b:9d:b8:d1:09: 88:0f:c4:60:12:4b:cd:1b:3e:7d:70:f0:6f:2f:54: d2:74:73:9e:91:be:db:89:55:2c:51:bd:28:e2:db: 08:c6:3c:30:db:d3:67:08:c3:f4:59:7c:3e:b9:8b: 3f:5c:64:e5:1d:77:47:3a:1b:eb:1c:8e:1e:f0:3b: 9a:e9:e8:ba:6f:7c:3b:46:32:e1:7e:59:93:bb:47: f1:4a:42:a3:01:3c:e2:6b:41:3e:c5:e4:25:e9:6e: db:4e:50:78:51:51:b8:ed:ca:c3:34:b0:c6:39:4d: 8e:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:2F:B0:9F:7E:68:AF:E9:5F:23:91:31:14:E6:C0:A6:AA:72:6F:DD X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/e13112-5758-4552-b2ad-ed1b9b8e6470/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/e13112-5758-4552-b2ad-ed1b9b8e6470/1/KS-wn35or-lfI5ExFObApqpyb90.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.200.180.0/22 178.159.224.0/20 193.160.97.0/24 194.31.44.0/22 195.211.136.0-195.211.147.255 sbgp-autonomousSysNum: critical Autonomous System Numbers: 43967 Signature Algorithm: sha256WithRSAEncryption 17:af:70:95:c8:36:8c:81:16:c2:95:d4:75:22:57:fe:f0:ed: 8c:6f:1c:2d:f5:ab:0f:de:20:05:0d:84:41:e8:d1:67:4c:c6: a1:40:bd:08:d0:7b:58:3c:38:61:ec:f6:a5:0f:b2:cc:43:7c: a3:86:96:c0:90:41:01:e5:33:2b:c5:39:62:3c:5f:77:4b:d8: b6:c3:db:d0:89:e0:c0:7a:91:6c:36:18:f5:12:20:03:e9:88: 7c:0c:ba:f9:00:71:63:8f:64:56:e9:4b:12:43:f1:bb:de:af: ea:c4:5d:79:93:96:a0:52:0d:e3:11:b6:19:cf:9a:e2:46:de: f2:a8:3d:85:38:9e:e1:84:14:45:df:9c:68:31:96:5d:1a:2b: 67:4d:d2:d9:aa:30:d1:26:79:7f:6b:49:43:65:ed:3e:38:e3: 1d:af:97:5e:9b:06:01:e3:f2:ac:08:79:5e:b7:28:f8:18:63: ed:70:1f:b4:47:d2:e1:21:45:63:05:41:f0:57:30:4c:59:af: fb:f8:a2:37:53:7c:4b:52:2e:71:45:23:c1:4a:0f:10:a6:bc: fa:ec:5d:b4:5e:ca:27:43:d1:f1:92:c9:f2:24:61:5e:58:dc: 0f:85:28:b7:e6:69:95:76:dc:58:cb:f2:62:d2:1d:b4:ed:1a: 92:04:5a:37 -----BEGIN CERTIFICATE----- MIIFtDCCBJygAwIBAgISAZt57UAYx8g41Xm1xcZeEgyWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTQxOTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOTJmYjA5ZjdlNjhhZmU5NWYyMzkxMzExNGU2YzBhNmFhNzI2ZmRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZDhDftqGzOUJZSn54fJaBqnG6+s 7dfp+y+LcJ1w08e/AWIZU+Qt/q7/dfij8SCnTDT34bNgoZihkPDg8OL8Mc6I5czE U2GLNQOPMTEXOA48RqVmR9X3K+xUu6r1eCFkEW18huQzVFG0g2EbUvScQOrTLcUQ TKx5vTi182GfL+X99AJq+KiI37CLxcY2n6YeW5240QmID8RgEkvNGz59cPBvL1TS dHOekb7biVUsUb0o4tsIxjww29NnCMP0WXw+uYs/XGTlHXdHOhvrHI4e8Dua6ei6 b3w7RjLhflmTu0fxSkKjATzia0E+xeQl6W7bTlB4UVG47crDNLDGOU2OyQIDAQAB o4ICwDCCArwwHQYDVR0OBBYEFCkvsJ9+aK/pXyORMRTmwKaqcm/dMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzllL2UxMzEx Mi01NzU4LTQ1NTItYjJhZC1lZDFiOWI4ZTY0NzAvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUvZTEzMTEy LTU3NTgtNDU1Mi1iMmFkLWVkMWI5YjhlNjQ3MC8xL0tTLXduMzVvci1sZkk1RXhG T2JBcHFweWI5MC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMD8GCCsGAQUF BwEHAQH/BDAwLjAsBAIAATAmAwQCW8i0AwQEsp/gAwQAwaBhAwQCwh8sMAwDBAPD 04gDBALD05AwGgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAKu/MA0GCSqGSIb3DQEB CwUAA4IBAQAXr3CVyDaMgRbCldR1Ilf+8O2Mbxwt9asP3iAFDYRB6NFnTMahQL0I 0HtYPDhh7PalD7LMQ3yjhpbAkEEB5TMrxTliPF93S9i2w9vQieDAepFsNhj1EiAD 6Yh8DLr5AHFjj2RW6UsSQ/G73q/qxF15k5agUg3jEbYZz5riRt7yqD2FOJ7hhBRF 35xoMZZdGitnTdLZqjDRJnl/a0lDZe0+OOMdr5demwYB4/KsCHletyj4GGPtcB+0 R9LhIUVjBUHwVzBMWa/7+KI3U3xLUi5xRSPBSg8Qprz67F20XsonQ9HxksnyJGFe WNwPhSi35mmVdtxYy/Ji0h207RqSBFo3 -----END CERTIFICATE-----Generated at Mon Jan 26 11:08:48 2026 by rpki-client