This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KXGU9LUrn_Qz8r8NFrWMEcfPETE.cer File: KXGU9LUrn_Qz8r8NFrWMEcfPETE.cer (raw, json) Hash identifier: 1gyG1pgENuBz0mHMj4hY6wdhWSSqeX9RV2P9btNwazc= Subject key identifier: 29:71:94:F4:B5:2B:9F:F4:33:F2:BF:0D:16:B5:8C:11:C7:CF:11:31 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7758E01FD59F21E820E4549BE51F40F5 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/85/80b4c0-06cb-4424-9dd5-5a988931ea33/1/KXGU9LUrn_Qz8r8NFrWMEcfPETE.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/85/80b4c0-06cb-4424-9dd5-5a988931ea33/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 02:17:51 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 205940 IP: 185.201.140.0/22 IP: 2a0a:c540::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:e0:1f:d5:9f:21:e8:20:e4:54:9b:e5:1f:40:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 02:17:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=297194f4b52b9ff433f2bf0d16b58c11c7cf1131 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:75:ce:0e:d8:5c:0e:ad:5d:95:b6:15:a4:88: 2c:2c:ee:97:40:c2:10:87:03:42:a2:b8:bb:da:9e: 92:34:a2:be:4d:01:9c:56:81:f2:80:71:a6:6b:ce: eb:37:36:63:0f:f4:96:4f:50:75:84:d0:8b:c1:f8: ea:d7:1c:60:98:b9:3d:41:e0:40:24:e5:64:1b:7d: f9:27:d2:9d:32:65:79:a6:ef:18:8f:9d:97:9b:2a: 95:6e:ae:97:ee:ac:d8:0a:3d:c1:1a:27:72:3b:53: 3b:6a:02:e7:57:c2:e9:72:6b:8e:4a:10:d2:ce:d7: 75:0e:83:99:b4:5d:c2:d4:35:55:9c:ae:cb:04:54: 05:8c:2e:35:7a:83:fa:75:59:ac:f5:76:43:e8:e3: 39:5b:b6:27:d1:9b:19:87:26:56:b4:9a:e5:3b:40: 34:4c:23:c9:9e:3a:b5:44:93:0e:b0:28:91:66:f1: 04:21:55:ce:b2:f9:98:33:a1:09:a9:2d:c1:3b:6b: c0:2a:4a:65:4e:6c:21:55:4b:08:d1:7c:8b:83:69: c2:7f:4e:ac:40:64:f1:d1:73:04:84:ee:0a:43:de: 1b:24:18:2f:46:d4:0e:fe:ff:eb:9a:90:bd:1d:cc: 20:15:36:43:7f:43:61:74:5f:a4:ae:da:d8:4f:e5: 0f:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:71:94:F4:B5:2B:9F:F4:33:F2:BF:0D:16:B5:8C:11:C7:CF:11:31 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/80b4c0-06cb-4424-9dd5-5a988931ea33/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/80b4c0-06cb-4424-9dd5-5a988931ea33/1/KXGU9LUrn_Qz8r8NFrWMEcfPETE.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.201.140.0/22 IPv6: 2a0a:c540::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 205940 Signature Algorithm: sha256WithRSAEncryption 7a:aa:cd:d0:24:72:3b:c5:8d:e6:e0:1f:2b:cd:2b:b4:33:8e: db:c2:d6:81:ab:0a:a6:93:f5:8f:8e:4c:28:67:a0:4f:01:b7: d1:6e:f6:81:c4:db:2c:bd:f1:3b:dd:45:dc:ec:ea:e8:9b:8c: e0:6c:8b:07:b4:2c:5d:32:4c:e1:d2:60:fa:7e:40:9a:47:0f: d0:ec:5e:03:16:bb:98:28:89:d0:a8:69:7e:8a:30:23:ca:80: f7:27:c0:20:89:42:1d:09:46:dd:0d:d4:c9:40:fe:4b:80:20: a3:68:d7:41:87:5d:f5:1c:1f:69:7f:5a:ed:79:4f:bc:35:1c: f1:d1:c0:ae:d8:b2:ee:70:dd:2e:20:1c:11:75:82:7f:aa:83: ea:12:e9:04:0f:67:d0:1c:13:46:30:1c:2d:9f:d9:2c:41:48: 67:ec:76:44:3c:9e:e0:e3:0e:ea:14:a3:f2:6c:74:e3:d5:e2: ee:8d:cd:ec:41:5b:8e:5e:37:49:92:f6:7d:a9:f1:3e:54:66: 60:9a:cc:a3:5b:56:6e:f4:bb:b4:73:50:73:ee:b5:fe:55:83: 92:26:a1:09:5b:d3:37:fd:67:e8:aa:b8:80:14:55:6d:60:b9: b9:7e:75:5e:3a:e1:51:ab:03:fc:f4:5b:bc:88:95:b2:31:d1: 59:d0:26:e4 -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt3WOAf1Z8h6CDkVJvlH0D1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDIxNzUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOTcxOTRmNGI1MmI5ZmY0MzNmMmJmMGQxNmI1OGMxMWM3Y2YxMTMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3XODthcDq1dlbYVpIgsLO6XQMIQ hwNCori72p6SNKK+TQGcVoHygHGma87rNzZjD/SWT1B1hNCLwfjq1xxgmLk9QeBA JOVkG335J9KdMmV5pu8Yj52XmyqVbq6X7qzYCj3BGidyO1M7agLnV8LpcmuOShDS ztd1DoOZtF3C1DVVnK7LBFQFjC41eoP6dVms9XZD6OM5W7Yn0ZsZhyZWtJrlO0A0 TCPJnjq1RJMOsCiRZvEEIVXOsvmYM6EJqS3BO2vAKkplTmwhVUsI0XyLg2nCf06s QGTx0XMEhO4KQ94bJBgvRtQO/v/rmpC9HcwgFTZDf0NhdF+krtrYT+UPfwIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFClxlPS1K5/0M/K/DRa1jBHHzxExMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg1LzgwYjRj MC0wNmNiLTQ0MjQtOWRkNS01YTk4ODkzMWVhMzMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODUvODBiNGMw LTA2Y2ItNDQyNC05ZGQ1LTVhOTg4OTMxZWEzMy8xL0tYR1U5TFVybl9RejhyOE5G cldNRWNmUEVURS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCucmMMA0EAgACMAcDBQMqCsVAMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwMkdDANBgkqhkiG9w0BAQsFAAOCAQEAeqrN0CRyO8WN 5uAfK80rtDOO28LWgasKppP1j45MKGegTwG30W72gcTbLL3xO91F3Ozq6JuM4GyL B7QsXTJM4dJg+n5AmkcP0OxeAxa7mCiJ0KhpfoowI8qA9yfAIIlCHQlG3Q3UyUD+ S4Ago2jXQYdd9RwfaX9a7XlPvDUc8dHArtiy7nDdLiAcEXWCf6qD6hLpBA9n0BwT RjAcLZ/ZLEFIZ+x2RDye4OMO6hSj8mx049Xi7o3N7EFbjl43SZL2fanxPlRmYJrM o1tWbvS7tHNQc+61/lWDkiahCVvTN/1n6Kq4gBRVbWC5uX51XjrhUasD/PRbvIiV sjHRWdAm5A== -----END CERTIFICATE-----Generated at Mon Feb 9 19:42:21 2026 by rpki-client