This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/LjC09SIqRoXFTNJcTLjW-TIzrHs.cer File: LjC09SIqRoXFTNJcTLjW-TIzrHs.cer (raw, json) Hash identifier: 640K90r04bbulIH+9V13gSY7O/hs4IoZa2FQOkQV4c8= Subject key identifier: 2E:30:B4:F5:22:2A:46:85:C5:4C:D2:5C:4C:B8:D6:F9:32:33:AC:7B Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7E3820AA81E9FAF49F587990CBFAC625 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/eb/ee4c8a-1eb2-4518-8b5b-8616a310e803/1/LjC09SIqRoXFTNJcTLjW-TIzrHs.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/eb/ee4c8a-1eb2-4518-8b5b-8616a310e803/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 10:19:26 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 45.87.64.0/22 IP: 2a0e:f480::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:20:aa:81:e9:fa:f4:9f:58:79:90:cb:fa:c6:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 10:19:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2e30b4f5222a4685c54cd25c4cb8d6f93233ac7b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:b8:6e:d2:60:59:6b:fd:a9:ae:10:f4:4b:99: c1:fb:94:06:49:47:91:e8:6d:b6:c7:bd:fe:f1:a8: 5b:a9:94:e9:4e:b5:43:7f:6a:bb:d4:e5:90:b6:b3: 09:e5:6a:66:21:36:a1:c6:30:c8:6e:6f:d9:06:27: 44:10:b0:9a:ff:56:fa:bd:91:51:7b:12:d2:62:7b: 4d:57:fb:a8:ef:b3:b4:e9:36:29:6c:22:cc:cd:94: b6:27:c3:5e:7b:5b:a4:f6:6c:88:b3:9f:1b:57:93: 95:1c:47:90:c4:31:0a:01:39:27:a4:03:af:88:b7: 9e:da:c6:c0:0e:44:17:0b:1e:73:75:96:13:24:e1: 3b:5b:ac:6b:e1:de:35:85:8b:d2:39:b9:dd:d9:be: 98:15:c1:11:51:20:75:fb:5d:d1:2c:cb:6f:b3:c1: 65:9c:95:7d:d9:e3:e8:02:3f:d1:65:1f:10:c0:4a: 32:31:eb:63:c7:de:ca:e6:ce:fb:5b:a1:f9:b8:83: 47:14:73:c9:22:f2:f3:cd:07:41:fc:8b:da:5c:24: be:a1:a5:5f:1f:86:e7:cf:0a:99:c2:1d:ce:cc:b2: 43:a3:df:a6:26:8b:ec:28:75:33:b2:de:8b:64:5e: 77:af:57:81:62:af:44:dd:a1:8d:d6:89:02:6d:b5: 91:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:30:B4:F5:22:2A:46:85:C5:4C:D2:5C:4C:B8:D6:F9:32:33:AC:7B X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ee4c8a-1eb2-4518-8b5b-8616a310e803/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ee4c8a-1eb2-4518-8b5b-8616a310e803/1/LjC09SIqRoXFTNJcTLjW-TIzrHs.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.87.64.0/22 IPv6: 2a0e:f480::/29 Signature Algorithm: sha256WithRSAEncryption 03:fc:d8:0d:1f:c8:4c:f4:b6:fc:33:f9:40:c9:36:35:21:3c: 34:c6:59:94:8a:e3:da:17:a2:ef:7b:8a:6e:fc:e1:bf:67:d8: ae:76:14:d8:ed:9e:93:37:dd:eb:18:98:11:dc:db:cd:eb:d3: 95:95:1f:5d:ad:49:91:41:57:4e:5d:48:b6:d9:72:d3:a7:64: 4f:8d:6f:b3:49:b2:f6:d6:5a:fe:86:c8:ca:9d:c4:76:79:90: b6:71:43:a6:70:92:6d:2b:36:a6:d9:32:1e:2a:77:49:6c:ce: 13:cc:27:6c:7d:4f:dc:f9:37:88:20:eb:50:ba:4c:7c:b6:27: c4:07:62:bc:33:d6:16:e9:11:a4:f9:15:c3:71:1e:1d:ce:79: 1c:d2:58:4f:2b:f9:91:04:dd:0e:ce:30:76:40:30:78:64:b5: c7:35:90:0f:3e:b2:ae:92:29:e7:52:1f:87:43:75:89:e9:22: 6f:c3:f2:db:9c:40:e6:e4:0d:3b:20:d5:ef:41:21:a2:e5:f7: e0:7c:f2:b5:50:c5:87:9f:6b:63:09:0a:20:e7:fc:8b:70:cb: 8f:11:9a:b0:14:0c:2a:7e:8b:f3:9b:a3:ef:86:ef:2b:65:09: 7d:6b:eb:89:4b:3d:f9:bb:ce:84:40:a0:85:29:3a:7f:38:16: 39:66:5b:28 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgISAZt+OCCqgen69J9YeZDL+sYlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTAxOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZTMwYjRmNTIyMmE0Njg1YzU0Y2QyNWM0Y2I4ZDZmOTMyMzNhYzdiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbhu0mBZa/2prhD0S5nB+5QGSUeR 6G22x73+8ahbqZTpTrVDf2q71OWQtrMJ5WpmITahxjDIbm/ZBidEELCa/1b6vZFR exLSYntNV/uo77O06TYpbCLMzZS2J8Nee1uk9myIs58bV5OVHEeQxDEKATknpAOv iLee2sbADkQXCx5zdZYTJOE7W6xr4d41hYvSObnd2b6YFcERUSB1+13RLMtvs8Fl nJV92ePoAj/RZR8QwEoyMetjx97K5s77W6H5uINHFHPJIvLzzQdB/IvaXCS+oaVf H4bnzwqZwh3OzLJDo9+mJovsKHUzst6LZF53r1eBYq9E3aGN1okCbbWREwIDAQAB o4ICkzCCAo8wHQYDVR0OBBYEFC4wtPUiKkaFxUzSXEy41vkyM6x7MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ViL2VlNGM4 YS0xZWIyLTQ1MTgtOGI1Yi04NjE2YTMxMGU4MDMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIvZWU0Yzhh LTFlYjItNDUxOC04YjViLTg2MTZhMzEwZTgwMy8xL0xqQzA5U0lxUm9YRlROSmNU TGpXLVRJenJIcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCLVdAMA0EAgACMAcDBQMqDvSAMA0GCSqGSIb3 DQEBCwUAA4IBAQAD/NgNH8hM9Lb8M/lAyTY1ITw0xlmUiuPaF6Lve4pu/OG/Z9iu dhTY7Z6TN93rGJgR3NvN69OVlR9drUmRQVdOXUi22XLTp2RPjW+zSbL21lr+hsjK ncR2eZC2cUOmcJJtKzam2TIeKndJbM4TzCdsfU/c+TeIIOtQukx8tifEB2K8M9YW 6RGk+RXDcR4dznkc0lhPK/mRBN0OzjB2QDB4ZLXHNZAPPrKukinnUh+HQ3WJ6SJv w/LbnEDm5A07INXvQSGi5ffgfPK1UMWHn2tjCQog5/yLcMuPEZqwFAwqfovzm6Pv hu8rZQl9a+uJSz35u86EQKCFKTp/OBY5Zlso -----END CERTIFICATE-----Generated at Tue Feb 10 01:45:25 2026 by rpki-client