This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/PySkMi6IMSyB9Gmsn_pzDfFLM4Q.cer File: PySkMi6IMSyB9Gmsn_pzDfFLM4Q.cer (raw, json) Hash identifier: NlrRsHJaZWXf+rscLIwiEu8p8Eod4/rKtBtDRXZkYZU= Subject key identifier: 3F:24:A4:32:2E:88:31:2C:81:F4:69:AC:9F:FA:73:0D:F1:4B:33:84 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7F153154E19BAE1806383027E557DAEC Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/af/d0fa99-c110-4609-8b09-892b5b82d664/1/PySkMi6IMSyB9Gmsn_pzDfFLM4Q.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/af/d0fa99-c110-4609-8b09-892b5b82d664/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 14:20:53 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 5.10.64.0/18 IP: 5.153.0.0/18 IP: 37.58.64.0/18 IP: 46.16.184.0/21 IP: 81.95.144.0/20 IP: 159.253.128.0/19 IP: 185.10.228.0/22 IP: 2a00:1668::/32 IP: 2a03:8180::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:10:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:31:54:e1:9b:ae:18:06:38:30:27:e5:57:da:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 14:20:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3f24a4322e88312c81f469ac9ffa730df14b3384 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:16:18:32:67:81:93:51:86:07:4d:1a:49:85: 8b:22:00:c1:7c:4a:07:e1:ca:9f:59:9d:41:fc:66: 9a:b5:c3:09:cd:f6:b7:f0:fb:d7:53:7b:00:c3:23: fd:a4:23:a2:73:bb:20:32:77:02:5d:4a:a9:d6:59: 29:d0:2c:94:ce:98:90:2e:2e:68:60:a0:86:d2:36: 8d:9d:a5:17:02:d7:da:e8:8f:1b:fe:5c:7d:52:68: 7f:95:a5:bb:40:d4:ed:34:48:49:b5:4a:40:6f:e9: 61:51:9d:85:61:0a:da:a6:0d:46:01:c4:54:e3:e5: 17:dc:d5:e2:78:ee:69:1a:e3:05:2e:9e:d7:cc:f0: c7:09:41:b1:d4:d4:33:09:a0:1a:63:b9:c2:18:cb: 69:dd:28:0c:af:2b:76:b1:d8:63:81:24:eb:9f:b4: 71:00:99:6d:fb:2c:4f:c6:aa:98:9f:15:c8:0c:10: fb:8b:b7:34:a6:38:2c:e0:5d:ab:81:61:e9:ec:c0: d3:eb:56:84:59:53:2d:43:85:41:06:89:2c:34:83: 5a:fd:36:ca:e4:1f:0e:d5:7c:e2:d0:6d:81:50:7f: 41:ff:85:02:04:52:47:6d:fc:e4:33:c9:67:90:8c: 69:07:8d:a2:c7:98:a0:f5:2d:6e:ae:52:d5:d5:72: a4:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:24:A4:32:2E:88:31:2C:81:F4:69:AC:9F:FA:73:0D:F1:4B:33:84 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d0fa99-c110-4609-8b09-892b5b82d664/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d0fa99-c110-4609-8b09-892b5b82d664/1/PySkMi6IMSyB9Gmsn_pzDfFLM4Q.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.10.64.0/18 5.153.0.0/18 37.58.64.0/18 46.16.184.0/21 81.95.144.0/20 159.253.128.0/19 185.10.228.0/22 IPv6: 2a00:1668::/32 2a03:8180::/32 Signature Algorithm: sha256WithRSAEncryption 1e:34:c6:b9:4b:82:f1:f4:80:96:c2:84:e1:b6:58:1e:a7:05: f8:1c:50:7d:e0:67:37:c5:a1:0a:c7:74:f8:20:27:ae:d9:57: eb:aa:99:78:03:40:73:cc:4a:7e:a2:d6:fa:b9:30:59:8f:10: 59:97:25:75:fc:53:44:3a:ea:7d:e9:79:b2:e5:86:b3:79:f3: 8b:59:cf:99:45:46:86:61:1a:20:46:b9:66:41:0d:6e:1a:c1: 2a:e0:14:1e:d5:97:73:b2:e7:5f:02:56:b5:9c:aa:4f:7b:4f: da:6b:67:df:3f:e9:c9:64:68:f3:e7:0d:93:5e:2a:4d:8e:27: 7a:42:3c:67:fe:51:0f:d2:7f:66:c0:88:2d:c8:7e:d2:3e:de: 72:e3:00:e4:b6:ec:d4:d2:c5:24:8e:80:21:a6:9c:1b:b7:23: 7e:b1:b2:6a:da:cc:60:7c:09:52:aa:c2:d1:2b:e2:04:f9:30: c5:08:e3:2a:08:7d:13:53:fe:a1:15:37:ac:59:3d:d5:c5:c4: 2c:ec:db:7f:c2:83:7f:75:99:4f:47:7b:ae:4b:c4:48:02:9e: e6:3e:b2:25:12:e4:1e:7b:f1:4e:d5:17:73:15:12:20:43:25: e2:d0:9e:c5:cb:36:6b:42:48:8d:f0:eb:79:d7:c5:f1:b3:f5: fc:f8:94:51 -----BEGIN CERTIFICATE----- MIIFsjCCBJqgAwIBAgISAZt/FTFU4ZuuGAY4MCflV9rsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTQyMDUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZjI0YTQzMjJlODgzMTJjODFmNDY5YWM5ZmZhNzMwZGYxNGIzMzg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxYYMmeBk1GGB00aSYWLIgDBfEoH 4cqfWZ1B/GaatcMJzfa38PvXU3sAwyP9pCOic7sgMncCXUqp1lkp0CyUzpiQLi5o YKCG0jaNnaUXAtfa6I8b/lx9Umh/laW7QNTtNEhJtUpAb+lhUZ2FYQrapg1GAcRU 4+UX3NXieO5pGuMFLp7XzPDHCUGx1NQzCaAaY7nCGMtp3SgMryt2sdhjgSTrn7Rx AJlt+yxPxqqYnxXIDBD7i7c0pjgs4F2rgWHp7MDT61aEWVMtQ4VBBoksNINa/TbK 5B8O1Xzi0G2BUH9B/4UCBFJHbfzkM8lnkIxpB42ix5ig9S1urlLV1XKk0wIDAQAB o4ICvjCCArowHQYDVR0OBBYEFD8kpDIuiDEsgfRprJ/6cw3xSzOEMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FmL2QwZmE5 OS1jMTEwLTQ2MDktOGIwOS04OTJiNWI4MmQ2NjQvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYvZDBmYTk5 LWMxMTAtNDYwOS04YjA5LTg5MmI1YjgyZDY2NC8xL1B5U2tNaTZJTVN5QjlHbXNu X3B6RGZGTE00US5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFkGCCsGAQUF BwEHAQH/BEowSDAwBAIAATAqAwQGBQpAAwQGBZkAAwQGJTpAAwQDLhC4AwQEUV+Q AwQFn/2AAwQCuQrkMBQEAgACMA4DBQAqABZoAwUAKgOBgDANBgkqhkiG9w0BAQsF AAOCAQEAHjTGuUuC8fSAlsKE4bZYHqcF+BxQfeBnN8WhCsd0+CAnrtlX66qZeANA c8xKfqLW+rkwWY8QWZcldfxTRDrqfel5suWGs3nzi1nPmUVGhmEaIEa5ZkENbhrB KuAUHtWXc7LnXwJWtZyqT3tP2mtn3z/pyWRo8+cNk14qTY4nekI8Z/5RD9J/ZsCI Lch+0j7ecuMA5Lbs1NLFJI6AIaacG7cjfrGyatrMYHwJUqrC0SviBPkwxQjjKgh9 E1P+oRU3rFk91cXELOzbf8KDf3WZT0d7rkvESAKe5j6yJRLkHnvxTtUXcxUSIEMl 4tCexcs2a0JIjfDredfF8bP1/PiUUQ== -----END CERTIFICATE-----Generated at Mon Feb 9 16:49:17 2026 by rpki-client