This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/QbA1V5NRFBbxRwW15pV14JEgMcE.cer File: QbA1V5NRFBbxRwW15pV14JEgMcE.cer (raw, json) Hash identifier: 0umVxsP+G57VmcMnFzCjmUpQhW2r6PX1FwrfN4YDxk8= Subject key identifier: 41:B0:35:57:93:51:14:16:F1:47:05:B5:E6:95:75:E0:91:20:31:C1 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B0DA0574E83647D21A84F0BAB5BEC2146 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/53/a8bda7-2450-4ea5-827c-0f7589bc0ce0/1/QbA1V5NRFBbxRwW15pV14JEgMcE.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/53/a8bda7-2450-4ea5-827c-0f7589bc0ce0/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 11 Dec 2025 13:36:10 +0000 Certificate not after: Wed 01 Jul 2026 00:00:00 +0000 Subordinate resources: AS: 48660 IP: 109.104.120.0/24 IP: 178.251.238.0/24 IP: 2a04:c000::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 08:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0d:a0:57:4e:83:64:7d:21:a8:4f:0b:ab:5b:ec:21:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Dec 11 13:36:10 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=41b0355793511416f14705b5e69575e0912031c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:54:79:a5:12:8e:9e:7c:73:90:02:53:78:55: 15:46:fc:dc:d0:a6:bd:d5:bf:74:0d:94:bd:2a:84: f4:8b:6f:06:7d:db:38:fc:3b:cb:be:f8:ab:eb:2b: 76:44:33:7a:95:f5:32:92:73:b3:13:43:59:51:f5: 99:0a:bc:9e:c6:91:2d:6e:10:a4:93:7b:da:42:4a: c8:f8:ce:3b:2d:03:9a:19:d4:c6:08:f1:8a:d9:9f: e8:eb:10:25:57:64:15:77:8c:86:35:1a:66:22:10: 85:4b:3c:b2:93:a0:a1:89:ee:4e:4b:82:01:55:51: d6:05:f2:43:57:8a:8b:8f:39:dd:47:7b:b7:b6:3b: 53:e4:cc:01:68:cd:03:27:f6:68:b6:04:ed:0e:19: 9a:eb:0a:97:c5:43:f9:eb:c5:f7:49:fc:1f:a9:c2: 2c:34:85:79:7a:43:eb:3c:e9:86:b2:fc:03:7b:85: 2c:c7:d1:1b:b4:d0:aa:82:19:70:f5:49:12:d7:09: ae:97:1d:2b:3d:a2:e9:aa:d5:a0:38:b7:d3:93:7e: 11:c2:ba:c9:da:1d:f3:c8:ad:ab:14:59:87:4e:7b: 39:4b:08:c0:08:e1:7e:a6:bc:ae:4d:ed:ca:f1:34: 21:7c:30:ee:dd:c9:fe:82:19:aa:f3:bd:23:7e:34: 8b:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:B0:35:57:93:51:14:16:F1:47:05:B5:E6:95:75:E0:91:20:31:C1 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a8bda7-2450-4ea5-827c-0f7589bc0ce0/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a8bda7-2450-4ea5-827c-0f7589bc0ce0/1/QbA1V5NRFBbxRwW15pV14JEgMcE.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.104.120.0/24 178.251.238.0/24 IPv6: 2a04:c000::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 48660 Signature Algorithm: sha256WithRSAEncryption ae:31:83:ab:84:36:c7:20:84:1e:19:d7:f5:30:81:22:05:9c: fc:a7:ab:53:63:d8:bb:a0:98:0f:01:c2:41:dd:16:80:0c:42: 95:e7:5d:34:68:6e:b0:ef:a2:3c:73:2b:85:9f:71:2b:f7:99: 23:0e:2d:8d:06:6d:f0:b6:0c:83:df:fa:2f:3e:0f:11:bb:b0: eb:cc:d8:b1:93:e9:d6:b0:6c:7f:4d:64:c2:04:a5:86:1e:c9: c0:13:55:83:15:b6:56:91:9b:25:a1:91:4a:dc:56:22:ca:7d: a1:37:8b:34:f5:5f:4a:d3:ee:b4:ee:9a:b3:08:23:a4:0e:55: 15:b8:0c:c5:8e:ae:8b:d9:4a:81:58:bd:4f:6b:08:7d:e9:40: 46:77:e8:56:3a:72:8e:cd:5a:76:29:60:5f:5e:c7:8f:34:8d: c2:98:3c:68:df:05:19:a3:f0:32:c4:83:d9:20:84:9c:10:0f: 20:c1:79:9a:54:69:37:dc:60:42:68:e4:56:37:ad:ac:b4:d5: ed:cc:68:58:bf:26:be:a0:f7:09:bf:e4:cd:fa:88:f7:16:ac: 3e:1e:a9:55:26:fc:d1:5f:33:85:71:09:1f:48:66:02:75:45: c5:93:32:18:a2:0c:3c:e2:a8:31:80:27:71:a0:01:ce:74:e8: 90:3b:1f:d9 -----BEGIN CERTIFICATE----- MIIFqTCCBJGgAwIBAgISAZsNoFdOg2R9IahPC6tb7CFGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjUxMjExMTMzNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MWIwMzU1NzkzNTExNDE2ZjE0NzA1YjVlNjk1NzVlMDkxMjAzMWMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlR5pRKOnnxzkAJTeFUVRvzc0Ka9 1b90DZS9KoT0i28Gfds4/DvLvvir6yt2RDN6lfUyknOzE0NZUfWZCryexpEtbhCk k3vaQkrI+M47LQOaGdTGCPGK2Z/o6xAlV2QVd4yGNRpmIhCFSzyyk6Chie5OS4IB VVHWBfJDV4qLjzndR3u3tjtT5MwBaM0DJ/ZotgTtDhma6wqXxUP568X3SfwfqcIs NIV5ekPrPOmGsvwDe4Usx9EbtNCqghlw9UkS1wmulx0rPaLpqtWgOLfTk34RwrrJ 2h3zyK2rFFmHTns5SwjACOF+pryuTe3K8TQhfDDu3cn+ghmq870jfjSLKwIDAQAB o4ICtTCCArEwHQYDVR0OBBYEFEGwNVeTURQW8UcFteaVdeCRIDHBMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUzL2E4YmRh Ny0yNDUwLTRlYTUtODI3Yy0wZjc1ODliYzBjZTAvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvYThiZGE3 LTI0NTAtNGVhNS04MjdjLTBmNzU4OWJjMGNlMC8xL1FiQTFWNU5SRkJieFJ3VzE1 cFYxNEpFZ01jRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF BwEHAQH/BCUwIzASBAIAATAMAwQAbWh4AwQAsvvuMA0EAgACMAcDBQMqBMAAMBoG CCsGAQUFBwEIAQH/BAswCaAHMAUCAwC+FDANBgkqhkiG9w0BAQsFAAOCAQEArjGD q4Q2xyCEHhnX9TCBIgWc/KerU2PYu6CYDwHCQd0WgAxCleddNGhusO+iPHMrhZ9x K/eZIw4tjQZt8LYMg9/6Lz4PEbuw68zYsZPp1rBsf01kwgSlhh7JwBNVgxW2VpGb JaGRStxWIsp9oTeLNPVfStPutO6aswgjpA5VFbgMxY6ui9lKgVi9T2sIfelARnfo Vjpyjs1adilgX17HjzSNwpg8aN8FGaPwMsSD2SCEnBAPIMF5mlRpN9xgQmjkVjet rLTV7cxoWL8mvqD3Cb/kzfqI9xasPh6pVSb80V8zhXEJH0hmAnVFxZMyGKIMPOKo MYAncaABznTokDsf2Q== -----END CERTIFICATE-----Generated at Fri Dec 12 11:29:43 2025 by rpki-client