This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.cer File: Qk_Ro6Aljcymf8nd2_TjYVfmpxY.cer (raw, json) Hash identifier: 2dxI0ByAzZAGg76WFEBsnr0b8ia88w0efuekAvhGSYg= Subject key identifier: 42:4F:D1:A3:A0:25:8D:CC:A6:7F:C9:DD:DB:F4:E3:61:57:E6:A7:16 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B797DFE253B444CBFE7EEA6693A4B2C22 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 12:17:38 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 41289 IP: 141.38.0.0/16 IP: 2001:67c:1364::/48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 30 Jan 2026 12:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7d:fe:25:3b:44:4c:bf:e7:ee:a6:69:3a:4b:2c:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 12:17:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=424fd1a3a0258dcca67fc9dddbf4e36157e6a716 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:57:a2:48:17:14:be:d5:2b:8b:bb:c1:3b:0d: 4b:91:39:32:bb:66:05:8e:5a:73:0f:59:c0:21:63: 58:fd:51:9f:58:72:a8:9e:8b:05:d2:39:22:d8:6d: 51:69:0e:e3:60:24:24:bb:bc:4f:31:00:4c:71:f4: 70:8f:2c:79:43:6b:d7:68:ab:ae:51:b5:55:7a:f4: 17:89:5e:a6:b7:3d:a5:3f:94:57:82:58:cd:e6:f9: fb:59:ad:62:09:49:2d:f0:f3:46:8e:61:fc:13:0a: 82:8d:eb:f3:ae:fe:43:fb:60:4a:97:31:3b:e7:29: 2b:ac:d8:e8:c9:ec:ce:bb:7a:4d:da:c4:c1:6a:a9: 99:f0:53:a2:fc:16:43:4c:88:53:da:80:84:d3:27: 27:09:a6:21:8f:0b:96:0d:b5:ce:36:9a:d2:36:84: 2f:7f:b3:ea:a0:dd:91:88:98:f1:05:13:72:6b:88: 7b:ad:d4:ac:e7:71:0c:67:7e:36:8b:45:f1:ce:8c: 84:44:5c:de:b6:f0:3c:72:7f:d5:c9:5a:2a:41:b0: cf:24:56:7a:35:ec:5a:25:e6:c1:c4:da:d7:c9:86: 1f:c7:a8:1f:9f:dd:f4:c5:05:18:0f:6d:51:7a:f1: 2e:fe:9a:ba:68:c0:b2:98:71:9c:f0:29:bb:c4:35: 56:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:4F:D1:A3:A0:25:8D:CC:A6:7F:C9:DD:DB:F4:E3:61:57:E6:A7:16 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 141.38.0.0/16 IPv6: 2001:67c:1364::/48 sbgp-autonomousSysNum: critical Autonomous System Numbers: 41289 Signature Algorithm: sha256WithRSAEncryption 0f:ab:21:f5:0c:fb:f2:05:db:f6:1c:60:84:0f:6a:08:82:91: 38:5d:9e:47:ad:11:d8:02:f1:90:bc:3a:48:fa:83:fc:3a:f7: 90:1b:d4:5d:4e:7f:8b:3d:f1:e7:04:06:2d:93:82:53:b2:96: c0:06:56:4d:03:12:0d:80:33:df:6f:90:e6:21:3e:54:34:62: 33:8a:48:d5:5b:e3:af:a6:d0:45:60:81:aa:c1:b5:d3:bf:9f: c7:05:fc:52:a3:86:85:3f:2b:4d:ba:97:56:35:4a:bf:b7:45: 8e:6c:bc:24:0b:c0:fb:29:f2:80:85:09:59:a3:4a:05:65:01: af:15:d3:60:69:91:e6:e6:6c:92:3b:cc:4c:68:cf:f0:e9:ec: 64:53:a0:43:65:b1:b5:c3:5d:e5:4d:fb:ef:20:80:2c:38:ef: e7:01:d0:4f:53:c2:fe:99:b0:b4:e6:ce:e0:4c:62:10:40:cc: 0d:ca:33:78:05:68:b7:84:75:04:d1:86:72:88:68:e5:b1:3f: 62:31:80:10:af:fd:eb:a0:eb:a2:4b:29:28:07:3f:1e:f8:55: bd:25:be:57:f8:e4:61:c6:0c:45:f4:f9:e6:8f:1c:b1:af:8b: fa:7b:a1:13:1e:b1:12:4c:5f:93:c3:78:d7:e8:15:15:b6:2e: 34:88:f2:8f -----BEGIN CERTIFICATE----- MIIFpDCCBIygAwIBAgISAZt5ff4lO0RMv+fupmk6SywiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTIxNzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MjRmZDFhM2EwMjU4ZGNjYTY3ZmM5ZGRkYmY0ZTM2MTU3ZTZhNzE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsleiSBcUvtUri7vBOw1LkTkyu2YF jlpzD1nAIWNY/VGfWHKonosF0jki2G1RaQ7jYCQku7xPMQBMcfRwjyx5Q2vXaKuu UbVVevQXiV6mtz2lP5RXgljN5vn7Wa1iCUkt8PNGjmH8EwqCjevzrv5D+2BKlzE7 5ykrrNjoyezOu3pN2sTBaqmZ8FOi/BZDTIhT2oCE0ycnCaYhjwuWDbXONprSNoQv f7PqoN2RiJjxBRNya4h7rdSs53EMZ342i0XxzoyERFzetvA8cn/VyVoqQbDPJFZ6 NexaJebBxNrXyYYfx6gfn930xQUYD21RevEu/pq6aMCymHGc8Cm7xDVWvwIDAQAB o4ICsDCCAqwwHQYDVR0OBBYEFEJP0aOgJY3Mpn/J3dv042FX5qcWMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU5LzkxMzc1 Mi1iOGRjLTRkZmYtODY2Ny03NDdiMGU1N2FiNWUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkvOTEzNzUy LWI4ZGMtNGRmZi04NjY3LTc0N2IwZTU3YWI1ZS8xL1FrX1JvNkFsamN5bWY4bmQy X1RqWVZmbXB4WS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC8GCCsGAQUF BwEHAQH/BCAwHjALBAIAATAFAwMAjSYwDwQCAAIwCQMHACABBnwTZDAaBggrBgEF BQcBCAEB/wQLMAmgBzAFAgMAoUkwDQYJKoZIhvcNAQELBQADggEBAA+rIfUM+/IF 2/YcYIQPagiCkThdnketEdgC8ZC8Okj6g/w695Ab1F1Of4s98ecEBi2TglOylsAG Vk0DEg2AM99vkOYhPlQ0YjOKSNVb46+m0EVggarBtdO/n8cF/FKjhoU/K026l1Y1 Sr+3RY5svCQLwPsp8oCFCVmjSgVlAa8V02BpkebmbJI7zExoz/Dp7GRToENlsbXD XeVN++8ggCw47+cB0E9Twv6ZsLTmzuBMYhBAzA3KM3gFaLeEdQTRhnKIaOWxP2Ix gBCv/eug66JLKSgHPx74Vb0lvlf45GHGDEX0+eaPHLGvi/p7oRMesRJMX5PDeNfo FRW2LjSI8o8= -----END CERTIFICATE-----Generated at Thu Jan 29 16:09:52 2026 by rpki-client