This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer File: LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer (raw, json) Hash identifier: 5iDNRhk36bHE2Kg8usYLvoof9v+7a5yZ+vo33/7tQ3U= Subject key identifier: 2E:11:64:A9:B5:01:3D:62:F0:51:34:4F:6D:F9:1F:13:BC:7E:CB:0F Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B79ECCDA1798C45AA1B9136C1737287C7 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/LhFkqbUBPWLwUTRPbfkfE7x-yw8.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 14:18:40 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 9098 AS: 30788 IP: 5.181.14.0/23 IP: 45.82.80.0/22 IP: 45.145.52.0/22 IP: 45.150.48.0/22 IP: 45.159.180.0/24 IP: 45.159.182.0/23 IP: 94.199.7.0/24 IP: 194.34.244.0/22 IP: 2a06:7840::/29 IP: 2a07:5340::/29 IP: 2a07:d940::/29 IP: 2a07:f600::/29 IP: 2a09:3900::/29 IP: 2a09:3c80::/29 IP: 2a09:cb00::/29 IP: 2a0a:f8c0::/29 IP: 2a0b:2a80::/29 IP: 2a0b:2d80::/29 IP: 2a0c:7b80::/29 IP: 2a0c:c180::/29 IP: 2a0d:4440::/29 IP: 2a0d:fb40::/29 IP: 2a0f:f00::/29 IP: 2a0f:4bc0::/29 IP: 2a0f:5080::/29 IP: 2a0f:59c0::/29 IP: 2a0f:8440::/29 IP: 2a0f:a380::/29 IP: 2a0f:e100::/29 IP: 2a0f:ff80::/29 IP: 2a11:1780::/29 IP: 2a11:2540::/29 IP: 2a11:3840::/29 IP: 2a11:3e40::/29 IP: 2a11:4100::/29 IP: 2a11:52c0::/29 IP: 2a11:5480::/29 IP: 2a11:6640::/29 IP: 2a11:7780::/29 IP: 2a11:78c0::/29 IP: 2a11:8d80::/29 IP: 2a11:8ec0::/29 IP: 2a11:fe00::/29 IP: 2a12:c0::/29 IP: 2a12:19c0::/29 IP: 2a12:23c0::/29 IP: 2a12:2940::/29 IP: 2a12:2bc0::/29 IP: 2a12:3400::/29 IP: 2a12:3540::/29 IP: 2a12:3940::/29 IP: 2a12:4340::/29 IP: 2a12:5640::/29 IP: 2a12:b580::/29 IP: 2a12:e580::/29 IP: 2a13:5200::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 30 Jan 2026 01:25:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:cd:a1:79:8c:45:aa:1b:91:36:c1:73:72:87:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 14:18:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2e1164a9b5013d62f051344f6df91f13bc7ecb0f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:27:7d:94:c5:a9:4a:ea:0d:5f:b9:2c:db:85: 12:91:e6:f9:4f:73:e0:e4:97:7e:ce:e1:e5:a3:6c: d0:44:5d:41:06:d7:3c:22:af:e8:dc:93:e1:6c:00: 7e:50:dd:f8:89:df:db:5d:1d:c9:ff:de:bf:ea:83: 6a:48:cd:18:f5:ec:0e:5d:bd:40:9d:01:5e:36:0c: db:97:ee:3e:75:d4:37:1d:a3:2e:7e:ad:82:4f:c5: 55:5c:80:c4:1b:26:d5:c2:1a:3f:67:b2:7a:8b:1a: 7b:ad:13:b3:c7:9c:0d:a7:61:57:c7:9c:8f:62:16: 87:9f:c5:1b:20:e7:5a:ea:ab:1d:bd:3f:e3:79:a7: e6:e6:18:1c:8f:39:80:25:23:68:5b:18:7a:03:96: 7b:85:cb:68:2e:d5:e4:fe:fd:9c:75:b0:f4:62:04: 00:c4:4a:58:06:b4:87:52:36:5f:85:4f:d1:64:db: 95:7d:c1:ef:42:48:44:d0:c7:84:0e:9f:99:24:ec: 32:ab:e9:f3:7f:07:1e:bd:a8:6f:9b:5a:91:cc:7d: 73:79:90:97:03:07:b5:64:9e:ee:94:0e:7c:10:2b: ad:5a:b6:ee:12:a5:f6:b4:2d:14:aa:96:fd:1b:51: d7:c1:09:ca:fa:ef:8f:c3:10:ec:7f:7b:75:99:96: c4:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:11:64:A9:B5:01:3D:62:F0:51:34:4F:6D:F9:1F:13:BC:7E:CB:0F X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/LhFkqbUBPWLwUTRPbfkfE7x-yw8.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.181.14.0/23 45.82.80.0/22 45.145.52.0/22 45.150.48.0/22 45.159.180.0/24 45.159.182.0/23 94.199.7.0/24 194.34.244.0/22 IPv6: 2a06:7840::/29 2a07:5340::/29 2a07:d940::/29 2a07:f600::/29 2a09:3900::/29 2a09:3c80::/29 2a09:cb00::/29 2a0a:f8c0::/29 2a0b:2a80::/29 2a0b:2d80::/29 2a0c:7b80::/29 2a0c:c180::/29 2a0d:4440::/29 2a0d:fb40::/29 2a0f:f00::/29 2a0f:4bc0::/29 2a0f:5080::/29 2a0f:59c0::/29 2a0f:8440::/29 2a0f:a380::/29 2a0f:e100::/29 2a0f:ff80::/29 2a11:1780::/29 2a11:2540::/29 2a11:3840::/29 2a11:3e40::/29 2a11:4100::/29 2a11:52c0::/29 2a11:5480::/29 2a11:6640::/29 2a11:7780::/29 2a11:78c0::/29 2a11:8d80::/29 2a11:8ec0::/29 2a11:fe00::/29 2a12:c0::/29 2a12:19c0::/29 2a12:23c0::/29 2a12:2940::/29 2a12:2bc0::/29 2a12:3400::/29 2a12:3540::/29 2a12:3940::/29 2a12:4340::/29 2a12:5640::/29 2a12:b580::/29 2a12:e580::/29 2a13:5200::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 9098 30788 Signature Algorithm: sha256WithRSAEncryption 60:13:af:33:8e:7c:b9:dc:47:1f:8a:61:0d:1b:9c:f5:75:77: c0:eb:57:19:71:89:21:5f:98:ae:bf:75:ea:42:97:f6:9d:61: 6c:5e:50:a8:56:fe:ed:df:4a:89:51:39:8b:30:1f:de:39:7c: fa:c3:85:41:3b:6e:96:c3:78:2e:a4:15:5f:01:14:40:93:8d: c4:8f:3c:08:24:9e:ae:65:27:9c:47:50:aa:21:d6:62:77:15: 27:1e:97:55:2b:23:42:a3:93:55:bb:83:6a:03:98:ad:5b:2f: 6b:63:e4:af:ff:44:44:c6:59:88:bb:d8:7f:aa:ae:13:9f:0b: 78:d5:83:d5:14:9d:7b:fe:59:65:5d:7e:df:21:44:42:e2:a6: 87:ee:d2:c8:a6:45:51:32:0f:e0:02:45:70:f5:ba:50:2a:ab: 9e:d7:64:51:aa:25:d0:49:1d:ef:90:1e:df:d8:5d:64:5a:49: 1e:14:f7:43:ff:e6:cc:fe:21:f4:46:ca:8b:a5:86:d6:4f:33: 7e:42:1a:3b:1e:10:ff:d4:88:9f:53:14:cb:7c:16:14:65:73: a1:9a:cf:8e:21:33:fb:f8:c8:3b:9e:74:5c:23:75:4f:3e:8a: c1:23:34:b4:83:cf:36:fe:ae:73:9c:94:33:83:92:3b:af:3a: 31:a7:3e:25 -----BEGIN CERTIFICATE----- MIIHIzCCBgugAwIBAgISAZt57M2heYxFqhuRNsFzcofHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTQxODQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZTExNjRhOWI1MDEzZDYyZjA1MTM0NGY2ZGY5MWYxM2JjN2VjYjBmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSd9lMWpSuoNX7ks24USkeb5T3Pg 5Jd+zuHlo2zQRF1BBtc8Iq/o3JPhbAB+UN34id/bXR3J/96/6oNqSM0Y9ewOXb1A nQFeNgzbl+4+ddQ3HaMufq2CT8VVXIDEGybVwho/Z7J6ixp7rROzx5wNp2FXx5yP YhaHn8UbIOda6qsdvT/jeafm5hgcjzmAJSNoWxh6A5Z7hctoLtXk/v2cdbD0YgQA xEpYBrSHUjZfhU/RZNuVfcHvQkhE0MeEDp+ZJOwyq+nzfwcevahvm1qRzH1zeZCX Awe1ZJ7ulA58ECutWrbuEqX2tC0Uqpb9G1HXwQnK+u+PwxDsf3t1mZbEJQIDAQAB o4IELzCCBCswHQYDVR0OBBYEFC4RZKm1AT1i8FE0T235HxO8fssPMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU0L2ZiNDY5 Ni02NzhmLTRkNDUtYTA5MS1mZDdmMTdiYjFhNWMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQvZmI0Njk2 LTY3OGYtNGQ0NS1hMDkxLWZkN2YxN2JiMWE1Yy8xL0xoRmtxYlVCUFdMd1VUUlBi ZmtmRTd4LXl3OC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBqQYIKwYB BQUHAQcBAf8EggGYMIIBlDA2BAIAATAwAwQBBbUOAwQCLVJQAwQCLZE0AwQCLZYw AwQALZ+0AwQBLZ+2AwQAXscHAwQCwiL0MIIBWAQCAAIwggFQAwUDKgZ4QAMFAyoH U0ADBQMqB9lAAwUDKgf2AAMFAyoJOQADBQMqCTyAAwUDKgnLAAMFAyoK+MADBQMq CyqAAwUDKgstgAMFAyoMe4ADBQMqDMGAAwUDKg1EQAMFAyoN+0ADBQMqDw8AAwUD Kg9LwAMFAyoPUIADBQMqD1nAAwUDKg+EQAMFAyoPo4ADBQMqD+EAAwUDKg//gAMF AyoRF4ADBQMqESVAAwUDKhE4QAMFAyoRPkADBQMqEUEAAwUDKhFSwAMFAyoRVIAD BQMqEWZAAwUDKhF3gAMFAyoReMADBQMqEY2AAwUDKhGOwAMFAyoR/gADBQMqEgDA AwUDKhIZwAMFAyoSI8ADBQMqEilAAwUDKhIrwAMFAyoSNAADBQMqEjVAAwUDKhI5 QAMFAyoSQ0ADBQMqElZAAwUDKhK1gAMFAyoS5YADBQMqE1IAMB0GCCsGAQUFBwEI AQH/BA4wDKAKMAgCAiOKAgJ4RDANBgkqhkiG9w0BAQsFAAOCAQEAYBOvM458udxH H4phDRuc9XV3wOtXGXGJIV+Yrr916kKX9p1hbF5QqFb+7d9KiVE5izAf3jl8+sOF QTtulsN4LqQVXwEUQJONxI88CCSermUnnEdQqiHWYncVJx6XVSsjQqOTVbuDagOY rVsva2Pkr/9ERMZZiLvYf6quE58LeNWD1RSde/5ZZV1+3yFEQuKmh+7SyKZFUTIP 4AJFcPW6UCqrntdkUaol0Ekd75Ae39hdZFpJHhT3Q//mzP4h9EbKi6WG1k8zfkIa Ox4Q/9SIn1MUy3wWFGVzoZrPjiEz+/jIO550XCN1Tz6KwSM0tIPPNv6uc5yUM4OS O686Mac+JQ== -----END CERTIFICATE-----Generated at Thu Jan 29 05:22:47 2026 by rpki-client