This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.cer File: MbD2TGnTMLZuvNA6m_D9wZ8xR9g.cer (raw, json) Hash identifier: t6VmnWLcf7YYY7GJFCQF13QIbcs/xAuYkQo4e0lmhqM= Subject key identifier: 31:B0:F6:4C:69:D3:30:B6:6E:BC:D0:3A:9B:F0:FD:C1:9F:31:47:D8 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B77C73D18908FE1B65B2670A680F15795 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 04:18:24 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 12481 AS: 199837 IP: 5.100.232.0/21 IP: 94.142.144.0/21 IP: 185.44.212.0/22 IP: 185.128.148.0/22 IP: 212.103.192.0/19 IP: 2a04:9f00::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:3d:18:90:8f:e1:b6:5b:26:70:a6:80:f1:57:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 04:18:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=31b0f64c69d330b66ebcd03a9bf0fdc19f3147d8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:e6:03:84:ac:2e:4c:28:de:cc:ee:22:4e:e0: 72:26:cb:27:71:62:eb:e8:ae:2f:50:0c:18:ec:ca: 0e:ac:0c:91:11:4c:f4:18:d5:50:27:98:9a:c4:99: 1b:42:61:09:00:51:0e:f6:00:f5:e2:b9:b9:76:89: e6:a5:5f:21:ae:44:00:50:e2:68:4b:bd:ce:74:fe: 9f:68:8c:76:c1:15:f9:dd:b6:a2:cf:a8:fd:28:44: 26:76:4a:9a:4e:06:7f:7b:99:27:5d:65:f3:fe:f4: 65:48:22:11:89:1b:2a:1f:9c:78:e0:02:47:9d:19: 6a:ed:6b:1a:a7:e9:30:bb:df:02:89:7d:b3:18:89: 48:08:03:33:d9:cf:27:1b:36:83:c5:d1:63:8f:d1: 32:11:5d:b9:ec:5d:7c:82:01:48:f6:9a:c3:e6:b3: 79:2f:13:9f:0d:77:74:fc:f8:ba:50:44:b2:61:b5: b9:1a:9c:26:07:61:cb:19:a6:b8:6b:c5:85:0b:60: 42:bc:25:20:7c:95:17:ea:f7:31:1a:f5:ae:e8:1b: 11:5d:be:b5:c3:77:ff:c8:d0:3c:87:87:c3:b0:4d: d1:62:fd:fa:2d:76:b4:ce:e0:1e:53:e9:d4:cd:7f: b9:37:53:00:d0:f4:7d:b4:56:96:cd:ca:bc:67:d2: 2c:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:B0:F6:4C:69:D3:30:B6:6E:BC:D0:3A:9B:F0:FD:C1:9F:31:47:D8 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.100.232.0/21 94.142.144.0/21 185.44.212.0/22 185.128.148.0/22 212.103.192.0/19 IPv6: 2a04:9f00::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 12481 199837 Signature Algorithm: sha256WithRSAEncryption 84:d7:35:6e:de:e9:5d:fe:25:fb:fe:5b:8f:41:2f:83:ba:2b: 68:5a:e2:f2:96:d9:39:3a:e8:03:9c:4b:5b:4e:68:b4:34:e4: d6:e9:a1:e1:81:cb:59:34:66:34:8e:6b:9e:7c:db:65:68:d7: 44:3c:35:00:c7:b7:c7:80:b4:ea:a2:02:b8:92:25:3f:ce:ac: 39:5d:37:c4:6e:dc:6e:c6:f2:c1:21:b1:b4:e3:9f:57:22:dd: 60:4b:eb:38:da:c3:ba:f9:e3:e9:56:04:4d:07:91:04:05:60: c5:66:4b:d8:d7:10:4b:91:ae:81:76:fb:8a:b9:ae:90:2c:3f: 05:03:63:99:3c:3e:83:7d:b3:2c:c3:3f:17:62:b3:0c:37:7a: 5c:a4:28:51:98:e0:4d:9b:60:ed:0b:66:b3:b6:d9:a4:e3:e8: 61:62:ce:64:8d:e1:2b:e1:30:ae:af:b4:81:ff:2e:b0:4a:35: de:c3:dc:9d:f8:c0:73:f3:d6:1b:9f:9e:57:ed:bc:ef:f9:46: b4:54:74:35:62:20:02:02:08:a6:12:94:4e:4c:50:c0:5c:d0: 72:ea:fa:ac:b4:c1:ed:fb:11:ae:c7:64:68:5f:b2:60:90:80: b1:58:37:5c:2f:67:14:4a:97:86:ec:47:9d:2a:1d:98:b9:72: e7:fd:e8:8e -----BEGIN CERTIFICATE----- MIIFvzCCBKegAwIBAgISAZt3xz0YkI/htlsmcKaA8VeVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDQxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMWIwZjY0YzY5ZDMzMGI2NmViY2QwM2E5YmYwZmRjMTlmMzE0N2Q4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquYDhKwuTCjezO4iTuByJssncWLr 6K4vUAwY7MoOrAyREUz0GNVQJ5iaxJkbQmEJAFEO9gD14rm5donmpV8hrkQAUOJo S73OdP6faIx2wRX53baiz6j9KEQmdkqaTgZ/e5knXWXz/vRlSCIRiRsqH5x44AJH nRlq7Wsap+kwu98CiX2zGIlICAMz2c8nGzaDxdFjj9EyEV257F18ggFI9prD5rN5 LxOfDXd0/Pi6UESyYbW5GpwmB2HLGaa4a8WFC2BCvCUgfJUX6vcxGvWu6BsRXb61 w3f/yNA8h4fDsE3RYv36LXa0zuAeU+nUzX+5N1MA0PR9tFaWzcq8Z9Is6QIDAQAB o4ICyzCCAscwHQYDVR0OBBYEFDGw9kxp0zC2brzQOpvw/cGfMUfYMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBmLzJmYjQ3 My04ZTZiLTRmMGQtYWQzMC1kNDkzNDQ5M2E2NzkvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYvMmZiNDcz LThlNmItNGYwZC1hZDMwLWQ0OTM0NDkzYTY3OS8xL01iRDJUR25UTUxadXZOQTZt X0Q5d1o4eFI5Zy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEYGCCsGAQUF BwEHAQH/BDcwNTAkBAIAATAeAwQDBWToAwQDXo6QAwQCuSzUAwQCuYCUAwQF1GfA MA0EAgACMAcDBQMqBJ8AMB4GCCsGAQUFBwEIAQH/BA8wDaALMAkCAjDBAgMDDJ0w DQYJKoZIhvcNAQELBQADggEBAITXNW7e6V3+Jfv+W49BL4O6K2ha4vKW2Tk66AOc S1tOaLQ05NbpoeGBy1k0ZjSOa55822Vo10Q8NQDHt8eAtOqiAriSJT/OrDldN8Ru 3G7G8sEhsbTjn1ci3WBL6zjaw7r54+lWBE0HkQQFYMVmS9jXEEuRroF2+4q5rpAs PwUDY5k8PoN9syzDPxdisww3elykKFGY4E2bYO0LZrO22aTj6GFizmSN4SvhMK6v tIH/LrBKNd7D3J34wHPz1hufnlftvO/5RrRUdDViIAICCKYSlE5MUMBc0HLq+qy0 we37Ea7HZGhfsmCQgLFYN1wvZxRKl4bsR50qHZi5cuf96I4= -----END CERTIFICATE-----Generated at Mon Feb 9 22:59:56 2026 by rpki-client