This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Qs3jZdfStYUG5NSr8MLvfNXjtGI.cer File: Qs3jZdfStYUG5NSr8MLvfNXjtGI.cer (raw, json) Hash identifier: Ykbp8ygTUHkVDnR82Q6bPvThUNNb7dcqLp1FaaQy5fg= Subject key identifier: 42:CD:E3:65:D7:D2:B5:85:06:E4:D4:AB:F0:C2:EF:7C:D5:E3:B4:62 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B77C66DF146DCB1CF33A31DA706CAEF8E Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/Qs3jZdfStYUG5NSr8MLvfNXjtGI.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 04:17:31 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 30848 IP: 5.8.96.0/19 IP: 5.63.168.0/21 IP: 37.148.224.0/21 IP: 45.33.224.0/20 IP: 77.239.128.0/19 IP: 80.210.96.0/19 IP: 81.21.16.0/20 IP: 82.97.224.0/20 IP: 82.113.192.0/19 IP: 82.134.192.0/18 IP: 82.180.32.0/19 IP: 83.217.176.0/20 IP: 95.142.176.0/20 IP: 150.252.224.0/20 IP: 176.57.112.0/20 IP: 178.236.160.0/20 IP: 185.3.108.0/22 IP: 185.25.72.0/22 IP: 217.61.160.0/20 IP: 2a00:7ca0::/32 IP: 2a02:1630::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 09:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:6d:f1:46:dc:b1:cf:33:a3:1d:a7:06:ca:ef:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 04:17:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=42cde365d7d2b58506e4d4abf0c2ef7cd5e3b462 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:d5:62:9b:9a:a8:39:b6:2d:f2:2c:26:3a:c7: 1c:9e:38:60:77:5e:05:32:c7:47:1d:e5:f5:b5:a9: 05:6d:9a:5b:8f:ac:30:14:ac:bf:29:5e:e4:4d:97: 6a:23:a5:74:fe:de:6d:35:27:cf:f4:b2:01:30:c7: 97:b5:0d:cb:22:cf:ef:dc:9b:0d:1a:d3:0e:22:2c: e0:a9:b9:32:c7:53:36:51:c8:9d:1c:33:cc:a6:e4: 3f:29:93:6f:7a:ea:b2:b5:c4:c1:f4:c8:d2:f6:3c: c0:87:f1:5c:27:5c:a0:ee:fc:2d:df:e1:a5:32:d9: a4:24:3b:be:7d:ff:ec:93:b7:2b:93:84:96:5d:02: 7f:66:06:4a:eb:0f:6d:4b:58:f3:96:ef:1b:11:e9: 06:c1:a6:16:c1:55:d4:28:a0:ea:9f:e2:42:d1:8e: cc:23:34:c9:6b:da:f7:a1:47:e4:e9:32:c9:fc:97: 40:20:bf:6a:89:ac:58:f7:dd:d7:3e:61:97:95:d6: 0a:41:45:da:ba:3e:91:c0:39:74:5d:ee:41:5e:9a: 82:8b:bc:0e:05:bc:2d:33:8b:dc:6b:5f:14:8f:6a: e4:33:f8:61:3b:f2:be:af:85:27:e7:7c:5c:0e:07: 32:3f:3d:72:03:26:37:f1:38:b3:a4:f6:ce:62:bb: e7:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:CD:E3:65:D7:D2:B5:85:06:E4:D4:AB:F0:C2:EF:7C:D5:E3:B4:62 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/Qs3jZdfStYUG5NSr8MLvfNXjtGI.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.8.96.0/19 5.63.168.0/21 37.148.224.0/21 45.33.224.0/20 77.239.128.0/19 80.210.96.0/19 81.21.16.0/20 82.97.224.0/20 82.113.192.0/19 82.134.192.0/18 82.180.32.0/19 83.217.176.0/20 95.142.176.0/20 150.252.224.0/20 176.57.112.0/20 178.236.160.0/20 185.3.108.0/22 185.25.72.0/22 217.61.160.0/20 IPv6: 2a00:7ca0::/32 2a02:1630::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 30848 Signature Algorithm: sha256WithRSAEncryption 71:af:78:78:db:35:46:c0:15:29:ed:b5:b4:d2:48:25:7a:c4: 72:88:6e:81:91:63:5d:e9:55:87:51:ed:44:48:c4:cf:94:56: 6a:36:40:e9:6b:6c:eb:ac:0f:e3:42:c0:58:5e:d7:db:ae:64: e0:d9:29:df:19:6d:ac:18:db:60:7a:8c:af:e1:9e:79:11:ab: 91:81:11:72:ac:9f:b9:50:ee:13:18:6a:f1:a1:32:c6:03:c8: 84:8a:b1:67:bb:be:f8:cb:5c:db:66:a4:cc:ae:44:dc:76:32: 7e:8d:25:a0:8f:e4:90:71:ea:26:93:5e:93:51:a8:ce:29:80: e4:e1:80:10:9c:76:45:ef:2f:61:3a:42:ea:ce:0e:14:cf:7d: 96:68:d3:63:91:b8:0e:1c:f9:6b:61:a8:09:b4:0f:a6:d5:5d: 34:29:e1:d8:e4:ea:14:c8:20:7d:bb:0f:5a:dc:01:ee:43:72: 7d:b9:5f:82:bc:09:14:48:d1:dd:db:60:c2:b5:a3:07:66:c5: 8e:d4:fb:39:25:71:0a:30:5a:10:a5:ea:d3:3f:de:42:d7:8c: f8:04:0e:6b:f2:6b:71:f7:19:51:75:82:2d:0e:30:a1:2c:96: 39:88:68:c5:cb:88:50:c3:55:6f:55:58:38:42:93:bc:e7:46: 36:12:8f:65 -----BEGIN CERTIFICATE----- MIIGGDCCBQCgAwIBAgISAZt3xm3xRtyxzzOjHacGyu+OMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDQxNzMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MmNkZTM2NWQ3ZDJiNTg1MDZlNGQ0YWJmMGMyZWY3Y2Q1ZTNiNDYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNVim5qoObYt8iwmOsccnjhgd14F MsdHHeX1takFbZpbj6wwFKy/KV7kTZdqI6V0/t5tNSfP9LIBMMeXtQ3LIs/v3JsN GtMOIizgqbkyx1M2UcidHDPMpuQ/KZNveuqytcTB9MjS9jzAh/FcJ1yg7vwt3+Gl MtmkJDu+ff/sk7crk4SWXQJ/ZgZK6w9tS1jzlu8bEekGwaYWwVXUKKDqn+JC0Y7M IzTJa9r3oUfk6TLJ/JdAIL9qiaxY993XPmGXldYKQUXauj6RwDl0Xe5BXpqCi7wO BbwtM4vca18Uj2rkM/hhO/K+r4Un53xcDgcyPz1yAyY38TizpPbOYrvnowIDAQAB o4IDJDCCAyAwHQYDVR0OBBYEFELN42XX0rWFBuTUq/DC73zV47RiMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAwLzU0MDE4 Yy0wMWU4LTQxN2YtODU2YS0wMmUxYmQ2MDUwZTUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAvNTQwMThj LTAxZTgtNDE3Zi04NTZhLTAyZTFiZDYwNTBlNS8xL1FzM2paZGZTdFlVRzVOU3I4 TUx2Zk5YanRHSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGjBggrBgEF BQcBBwEB/wSBkzCBkDB4BAIAATByAwQFBQhgAwQDBT+oAwQDJZTgAwQELSHgAwQF Te+AAwQFUNJgAwQEURUQAwQEUmHgAwQFUnHAAwQGUobAAwQFUrQgAwQEU9mwAwQE X46wAwQElvzgAwQEsDlwAwQEsuygAwQCuQNsAwQCuRlIAwQE2T2gMBQEAgACMA4D BQAqAHygAwUAKgIWMDAZBggrBgEFBQcBCAEB/wQKMAigBjAEAgJ4gDANBgkqhkiG 9w0BAQsFAAOCAQEAca94eNs1RsAVKe21tNJIJXrEcohugZFjXelVh1HtREjEz5RW ajZA6Wts66wP40LAWF7X265k4Nkp3xltrBjbYHqMr+GeeRGrkYERcqyfuVDuExhq 8aEyxgPIhIqxZ7u++Mtc22akzK5E3HYyfo0loI/kkHHqJpNek1GozimA5OGAEJx2 Re8vYTpC6s4OFM99lmjTY5G4Dhz5a2GoCbQPptVdNCnh2OTqFMggfbsPWtwB7kNy fblfgrwJFEjR3dtgwrWjB2bFjtT7OSVxCjBaEKXq0z/eQteM+AQOa/JrcfcZUXWC LQ4woSyWOYhoxcuIUMNVb1VYOEKTvOdGNhKPZQ== -----END CERTIFICATE-----Generated at Tue Jan 27 11:34:20 2026 by rpki-client