This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.cer File: QVwQ-E3CKTfvbRXrcbu0pTCBYr8.cer (raw, json) Hash identifier: 9I47YcvM+CouHw6EWP2EQDppy7Oyn69i7S6PWyKHSN0= Subject key identifier: 41:5C:10:F8:4D:C2:29:37:EF:6D:15:EB:71:BB:B4:A5:30:81:62:BF Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B1262BFFA16DD969722104653AA56A16D Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 12 Dec 2025 11:47:00 +0000 Certificate not after: Wed 01 Jul 2026 00:00:00 +0000 Subordinate resources: AS: 197524 IP: 5.22.240.0/21 IP: 88.133.0.0 -- 88.133.143.255 IP: 88.133.156.0/22 IP: 91.235.8.0/22 IP: 109.199.160.0/19 IP: 185.9.64.0/22 IP: 185.18.36.0/22 IP: 185.46.128.0/22 IP: 185.93.200.0/22 IP: 185.95.32.0/22 IP: 2a01:a980::/29 IP: 2a05:8240::/29 IP: 2a05:fa40::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:12:62:bf:fa:16:dd:96:97:22:10:46:53:aa:56:a1:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Dec 12 11:47:00 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=415c10f84dc22937ef6d15eb71bbb4a5308162bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:5d:eb:ef:6c:70:f4:bd:46:48:9e:3f:41:9f: be:c8:77:41:b1:2f:f0:77:70:0c:25:cb:43:08:1f: 98:69:f0:85:8b:84:d0:09:48:ee:d8:6b:89:7a:be: 77:b0:01:04:cb:89:56:90:08:9e:db:86:d4:f8:ca: b4:be:86:31:20:3c:7f:78:fc:40:16:fe:ed:b2:15: 0c:80:ed:ec:36:75:3e:39:39:56:3c:e2:e5:34:a1: 66:8e:58:42:7b:4e:e6:af:54:8b:48:3e:a2:ae:fc: 30:df:f3:f3:ce:e8:cf:77:a4:f0:88:0d:c7:96:d2: 7e:7f:ca:0f:f7:ae:e6:df:c7:a2:e7:6a:68:ca:dd: 7d:39:6e:ae:73:bc:ba:fa:ab:f2:ce:ed:c4:b6:6c: bb:13:8b:8e:33:22:51:49:b1:b0:35:fb:39:c8:84: 86:47:1e:94:40:4d:de:03:d3:ca:47:cb:e5:f1:c4: ea:60:58:92:07:f4:46:a1:3a:a6:c4:6e:01:82:55: 10:7a:ff:7e:7a:e6:f4:90:26:d2:71:43:2e:50:87: 8f:13:5c:d9:d2:20:16:a0:69:1f:10:44:9e:1d:ab: 9a:13:5a:a2:84:c2:af:13:6e:64:f2:8b:cb:ea:6e: 5f:42:0e:a7:c1:fa:b7:3c:15:0b:82:a8:39:45:85: 98:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:5C:10:F8:4D:C2:29:37:EF:6D:15:EB:71:BB:B4:A5:30:81:62:BF X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.22.240.0/21 88.133.0.0-88.133.143.255 88.133.156.0/22 91.235.8.0/22 109.199.160.0/19 185.9.64.0/22 185.18.36.0/22 185.46.128.0/22 185.93.200.0/22 185.95.32.0/22 IPv6: 2a01:a980::/29 2a05:8240::/29 2a05:fa40::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 197524 Signature Algorithm: sha256WithRSAEncryption a4:80:4b:4f:c6:92:96:58:9a:66:3f:f9:46:35:9e:52:a8:46: bc:d9:d1:01:61:db:81:91:cc:77:ca:8e:0f:70:37:b4:cf:c5: eb:d8:0e:4f:d0:7e:27:ec:db:5b:84:c8:f1:18:c0:f5:25:5f: d5:d0:09:ce:62:90:bc:e8:05:30:25:7c:83:26:c8:f4:20:75: a9:72:c5:ad:83:a9:06:b8:45:3b:85:39:fc:86:99:fe:a2:b7: c2:97:73:8f:b8:75:4a:43:ad:8d:b7:7c:f7:4d:4c:41:d5:a1: ae:e9:79:da:6e:33:6e:31:80:9a:7c:ae:62:17:b0:ba:57:4a: 6f:91:05:e1:0b:cc:88:aa:e3:ce:61:c6:88:fd:3e:cf:2b:58: a6:73:73:06:db:f9:16:1d:46:d4:d7:60:81:e3:3e:70:29:f5: f7:cb:b6:20:af:c9:f8:18:33:39:30:d9:ad:a2:42:5e:76:b5: 39:e0:5c:62:9b:10:85:2c:1a:ee:4b:47:13:1b:82:4b:23:50: 65:0d:b3:56:ab:d6:1c:ae:da:98:86:a7:44:70:7b:ca:be:0e: 79:fd:0f:75:ef:62:03:5a:ef:6a:62:ec:b6:95:4c:c5:b2:61: 91:6f:1e:9e:a0:1c:2b:ac:63:9a:94:a9:90:ce:b6:98:46:e3: b8:8a:b5:a8 -----BEGIN CERTIFICATE----- MIIF7jCCBNagAwIBAgISAZsSYr/6Ft2WlyIQRlOqVqFtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjUxMjEyMTE0NzAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MTVjMTBmODRkYzIyOTM3ZWY2ZDE1ZWI3MWJiYjRhNTMwODE2MmJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp13r72xw9L1GSJ4/QZ++yHdBsS/w d3AMJctDCB+YafCFi4TQCUju2GuJer53sAEEy4lWkAie24bU+Mq0voYxIDx/ePxA Fv7tshUMgO3sNnU+OTlWPOLlNKFmjlhCe07mr1SLSD6irvww3/PzzujPd6TwiA3H ltJ+f8oP967m38ei52poyt19OW6uc7y6+qvyzu3Etmy7E4uOMyJRSbGwNfs5yISG Rx6UQE3eA9PKR8vl8cTqYFiSB/RGoTqmxG4BglUQev9+eub0kCbScUMuUIePE1zZ 0iAWoGkfEESeHauaE1qihMKvE25k8ovL6m5fQg6nwfq3PBULgqg5RYWYDwIDAQAB o4IC+jCCAvYwHQYDVR0OBBYEFEFcEPhNwik3720V63G7tKUwgWK/MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA2LzVjNTdl Ny03YmE4LTRhNjItOGQxNS1jNmI2ZmQxMmNlMjcvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYvNWM1N2U3 LTdiYTgtNGE2Mi04ZDE1LWM2YjZmZDEyY2UyNy8xL1FWd1EtRTNDS1RmdmJSWHJj YnUwcFRDQllyOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHkGCCsGAQUF BwEHAQH/BGowaDBJBAIAATBDAwQDBRbwMAsDAwBYhQMEBFiFgAMEAliFnAMEAlvr CAMEBW3HoAMEArkJQAMEArkSJAMEArkugAMEArldyAMEArlfIDAbBAIAAjAVAwUD KgGpgAMFAyoFgkADBQMqBfpAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMDlDAN BgkqhkiG9w0BAQsFAAOCAQEApIBLT8aSlliaZj/5RjWeUqhGvNnRAWHbgZHMd8qO D3A3tM/F69gOT9B+J+zbW4TI8RjA9SVf1dAJzmKQvOgFMCV8gybI9CB1qXLFrYOp BrhFO4U5/IaZ/qK3wpdzj7h1SkOtjbd8901MQdWhrul52m4zbjGAmnyuYhewuldK b5EF4QvMiKrjzmHGiP0+zytYpnNzBtv5Fh1G1NdggeM+cCn198u2IK/J+BgzOTDZ raJCXna1OeBcYpsQhSwa7ktHExuCSyNQZQ2zVqvWHK7amIanRHB7yr4Oef0Pde9i A1rvamLstpVMxbJhkW8enqAcK6xjmpSpkM62mEbjuIq1qA== -----END CERTIFICATE-----Generated at Mon Dec 22 06:50:17 2025 by rpki-client