This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/LubVYKCKAT8_4OZtra9v0Cvq9D8.cer File: LubVYKCKAT8_4OZtra9v0Cvq9D8.cer (raw, json) Hash identifier: yVu8Ht8Som8qO+zZ0vtLzDnTi/VsWBLXCVoa3Op5cws= Subject key identifier: 2E:E6:D5:60:A0:8A:01:3F:3F:E0:E6:6D:AD:AF:6F:D0:2B:EA:F4:3F Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7D5BD2048F22E82247639EF91CFAF8F1 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/34/c00a5b-6a59-41dd-b13b-73495fc08fc4/1/LubVYKCKAT8_4OZtra9v0Cvq9D8.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/34/c00a5b-6a59-41dd-b13b-73495fc08fc4/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 06:18:48 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 56448 AS: 199610 IP: 5.62.64.0/21 IP: 5.62.96.0/19 IP: 5.83.160.0/20 IP: 5.101.160.0/21 IP: 31.214.128.0/24 IP: 31.214.130.0/23 IP: 31.214.134.0 -- 31.214.136.255 IP: 31.214.142.0/23 IP: 31.214.148.0/24 IP: 31.214.158.0 -- 31.214.167.255 IP: 31.214.192.0/21 IP: 31.214.202.0 -- 31.214.211.255 IP: 31.214.216.0 -- 31.214.221.255 IP: 31.214.224.0/22 IP: 31.214.232.0/21 IP: 37.10.96.0 -- 37.10.107.255 IP: 37.10.115.0/24 IP: 37.10.118.0 -- 37.10.127.255 IP: 45.140.128.0/22 IP: 45.159.4.0/22 IP: 46.251.228.0 -- 46.251.236.255 IP: 46.251.238.0/24 IP: 46.251.240.0 -- 46.251.248.255 IP: 85.190.128.0 -- 85.190.175.255 IP: 95.156.193.0 -- 95.156.194.255 IP: 95.156.198.0/24 IP: 95.156.209.0 -- 95.156.211.255 IP: 95.156.213.0/24 IP: 95.156.220.0/23 IP: 95.156.224.0/24 IP: 95.156.238.0/23 IP: 95.156.250.0/24 IP: 109.230.197.0/24 IP: 109.230.208.0/24 IP: 109.230.211.0/24 IP: 109.230.214.0/24 IP: 109.230.240.0/23 IP: 109.230.243.0/24 IP: 109.230.248.0/23 IP: 128.0.112.0/22 IP: 134.255.198.0/24 IP: 134.255.208.0/23 IP: 134.255.212.0 -- 134.255.214.255 IP: 134.255.240.0/24 IP: 134.255.251.0/24 IP: 185.9.104.0/22 IP: 194.169.211.0/24 IP: 195.82.158.0/23 IP: 217.114.192.0/21 IP: 2a03:4d40::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:d2:04:8f:22:e8:22:47:63:9e:f9:1c:fa:f8:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 06:18:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2ee6d560a08a013f3fe0e66dadaf6fd02beaf43f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:a0:fd:9f:c7:ef:4d:b0:12:e6:2e:63:82:af: bc:6b:bd:a6:d7:b2:31:19:4c:b1:d8:61:fe:89:e8: bf:53:10:f0:b4:b1:bc:b9:db:79:ad:6f:04:81:70: 04:48:95:e5:a1:41:2a:70:39:81:c7:31:73:05:87: 2a:78:2e:b5:00:02:64:15:ea:70:79:d7:fa:91:ac: 99:72:66:6a:68:47:26:3c:3d:79:cf:27:26:8e:64: a3:ab:76:36:f9:4f:ee:69:e5:02:4d:d2:f6:e7:72: 09:b8:22:ce:96:be:df:d9:de:fc:ec:dd:90:9a:66: af:fa:a3:b7:21:69:0d:3f:d0:75:80:00:f8:ac:51: 90:5f:30:63:da:95:00:1c:88:b6:72:98:70:7c:3e: 50:89:e7:a7:23:8d:76:ca:1a:61:3f:6d:f9:06:c4: 06:12:5b:51:c8:b0:a6:33:aa:98:7d:53:62:3d:56: 9e:09:f3:70:54:b7:c7:22:bc:54:3f:67:1b:13:b2: 69:5f:e7:ac:13:18:d7:6b:65:4a:6f:14:88:02:31: 38:01:9d:b4:0d:2a:b9:75:da:e3:4b:c2:76:8e:5b: ff:81:bc:8c:63:9d:c5:79:3c:d9:ed:ee:40:5c:95: f4:c1:91:c3:42:ac:6c:cc:b9:71:8c:42:a7:13:e5: 04:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:E6:D5:60:A0:8A:01:3F:3F:E0:E6:6D:AD:AF:6F:D0:2B:EA:F4:3F X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/c00a5b-6a59-41dd-b13b-73495fc08fc4/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/c00a5b-6a59-41dd-b13b-73495fc08fc4/1/LubVYKCKAT8_4OZtra9v0Cvq9D8.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.62.64.0/21 5.62.96.0/19 5.83.160.0/20 5.101.160.0/21 31.214.128.0/24 31.214.130.0/23 31.214.134.0-31.214.136.255 31.214.142.0/23 31.214.148.0/24 31.214.158.0-31.214.167.255 31.214.192.0/21 31.214.202.0-31.214.211.255 31.214.216.0-31.214.221.255 31.214.224.0/22 31.214.232.0/21 37.10.96.0-37.10.107.255 37.10.115.0/24 37.10.118.0-37.10.127.255 45.140.128.0/22 45.159.4.0/22 46.251.228.0-46.251.236.255 46.251.238.0/24 46.251.240.0-46.251.248.255 85.190.128.0-85.190.175.255 95.156.193.0-95.156.194.255 95.156.198.0/24 95.156.209.0-95.156.211.255 95.156.213.0/24 95.156.220.0/23 95.156.224.0/24 95.156.238.0/23 95.156.250.0/24 109.230.197.0/24 109.230.208.0/24 109.230.211.0/24 109.230.214.0/24 109.230.240.0/23 109.230.243.0/24 109.230.248.0/23 128.0.112.0/22 134.255.198.0/24 134.255.208.0/23 134.255.212.0-134.255.214.255 134.255.240.0/24 134.255.251.0/24 185.9.104.0/22 194.169.211.0/24 195.82.158.0/23 217.114.192.0/21 IPv6: 2a03:4d40::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 56448 199610 Signature Algorithm: sha256WithRSAEncryption ab:13:2b:bf:80:60:74:8f:db:3a:c3:df:81:6f:1f:6e:51:c7: 61:fa:f6:8f:35:27:34:43:ea:c4:cf:10:45:f5:d6:43:05:5f: a7:78:75:80:f4:45:f6:2e:cc:cb:96:f8:db:22:29:05:5a:60: 53:79:15:5d:bf:81:ff:8b:5b:de:90:c4:9e:fa:53:2b:cf:d0: 78:80:fb:d1:a2:5c:3b:33:67:a2:c2:ec:93:7f:c9:e3:f3:90: c1:bd:ba:ea:87:07:03:ae:bf:bc:5b:8f:df:04:00:bf:1f:1d: 42:b1:b8:56:d1:d2:05:05:5a:96:9d:27:4a:a2:44:bd:dd:a2: 70:cf:15:43:9e:50:9b:9e:4b:b0:3c:a4:39:e8:e1:6e:d5:ff: 34:70:fd:a9:15:49:b0:82:85:9d:a7:3b:8f:8d:4a:8f:4c:4d: 28:3d:70:75:3f:d8:f9:40:75:5d:04:6f:27:69:d1:89:78:77: 21:8e:10:dc:c6:19:05:fa:9e:f8:dc:d9:ca:27:64:67:6e:7b: 5f:53:7e:a6:02:50:db:47:ef:f3:79:fb:75:15:cc:67:43:92: 57:40:d1:7a:6e:83:42:98:45:49:ae:5b:09:cb:14:91:e8:d5: 8f:3a:85:6b:ff:47:bd:eb:b7:74:aa:e0:2f:f9:84:16:77:31: 22:f4:59:74 -----BEGIN CERTIFICATE----- MIIHMjCCBhqgAwIBAgISAZt9W9IEjyLoIkdjnvkc+vjxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDYxODQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZWU2ZDU2MGEwOGEwMTNmM2ZlMGU2NmRhZGFmNmZkMDJiZWFmNDNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKD9n8fvTbAS5i5jgq+8a72m17Ix GUyx2GH+iei/UxDwtLG8udt5rW8EgXAESJXloUEqcDmBxzFzBYcqeC61AAJkFepw edf6kayZcmZqaEcmPD15zycmjmSjq3Y2+U/uaeUCTdL253IJuCLOlr7f2d787N2Q mmav+qO3IWkNP9B1gAD4rFGQXzBj2pUAHIi2cphwfD5QieenI412yhphP235BsQG EltRyLCmM6qYfVNiPVaeCfNwVLfHIrxUP2cbE7JpX+esExjXa2VKbxSIAjE4AZ20 DSq5ddrjS8J2jlv/gbyMY53FeTzZ7e5AXJX0wZHDQqxszLlxjEKnE+UERwIDAQAB o4IEPjCCBDowHQYDVR0OBBYEFC7m1WCgigE/P+Dmba2vb9Ar6vQ/MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzM0L2MwMGE1 Yi02YTU5LTQxZGQtYjEzYi03MzQ5NWZjMDhmYzQvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQvYzAwYTVi LTZhNTktNDFkZC1iMTNiLTczNDk1ZmMwOGZjNC8xL0x1YlZZS0NLQVQ4XzRPWnRy YTl2MEN2cTlEOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBtgYIKwYB BQUHAQcBAf8EggGlMIIBoTCCAY4EAgABMIIBhgMEAwU+QAMEBQU+YAMEBAVToAME AwVloAMEAB/WgAMEAR/WgjAMAwQBH9aGAwQAH9aIAwQBH9aOAwQAH9aUMAwDBAEf 1p4DBAMf1qADBAMf1sAwDAMEAR/WygMEAh/W0DAMAwQDH9bYAwQBH9bcAwQCH9bg AwQDH9boMAwDBAUlCmADBAIlCmgDBAAlCnMwDAMEASUKdgMEByUKAAMEAi2MgAME Ai2fBDAMAwQCLvvkAwQALvvsAwQALvvuMAwDBAQu+/ADBAAu+/gwDAMEB1W+gAME BFW+oDAMAwQAX5zBAwQAX5zCAwQAX5zGMAwDBABfnNEDBAJfnNADBABfnNUDBAFf nNwDBABfnOADBAFfnO4DBABfnPoDBABt5sUDBABt5tADBABt5tMDBABt5tYDBAFt 5vADBABt5vMDBAFt5vgDBAKAAHADBACG/8YDBAGG/9AwDAMEAob/1AMEAIb/1gME AIb/8AMEAIb/+wMEArkJaAMEAMKp0wMEAcNSngMEA9lywDANBAIAAjAHAwUDKgNN QDAfBggrBgEFBQcBCAEB/wQQMA6gDDAKAgMA3IACAwMLujANBgkqhkiG9w0BAQsF AAOCAQEAqxMrv4BgdI/bOsPfgW8fblHHYfr2jzUnNEPqxM8QRfXWQwVfp3h1gPRF 9i7My5b42yIpBVpgU3kVXb+B/4tb3pDEnvpTK8/QeID70aJcOzNnosLsk3/J4/OQ wb266ocHA66/vFuP3wQAvx8dQrG4VtHSBQValp0nSqJEvd2icM8VQ55Qm55LsDyk OejhbtX/NHD9qRVJsIKFnac7j41Kj0xNKD1wdT/Y+UB1XQRvJ2nRiXh3IY4Q3MYZ Bfqe+NzZyidkZ257X1N+pgJQ20fv83n7dRXMZ0OSV0DRem6DQphFSa5bCcsUkejV jzqFa/9Hveu3dKrgL/mEFncxIvRZdA== -----END CERTIFICATE-----Generated at Mon Feb 9 22:34:57 2026 by rpki-client