This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/S-kZqE4aIp94nZOdGqpxKk08OZ0.cer File: S-kZqE4aIp94nZOdGqpxKk08OZ0.cer (raw, json) Hash identifier: wD4s8iITu+XyYEQ5KQSlWYg3nhMiRyk1JnZO+8Itqt0= Subject key identifier: 4B:E9:19:A8:4E:1A:22:9F:78:9D:93:9D:1A:AA:71:2A:4D:3C:39:9D Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7A5AD2B4A78606AF68B9B968AC6258B4 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d1/367748-885c-4621-b44c-1195fe050de1/1/S-kZqE4aIp94nZOdGqpxKk08OZ0.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d1/367748-885c-4621-b44c-1195fe050de1/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 16:18:51 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 198746 IP: 91.238.254.0/24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:d2:b4:a7:86:06:af:68:b9:b9:68:ac:62:58:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 16:18:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4be919a84e1a229f789d939d1aaa712a4d3c399d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:e4:0e:03:8b:ba:b8:06:71:41:b5:f2:87:40: d2:a9:7e:d9:94:f7:cc:1e:44:31:c4:94:14:9e:37: 94:6d:21:f7:ea:6c:92:1d:07:cc:ae:57:c1:7e:d9: 7f:4f:10:1e:2b:33:ea:b6:92:17:f8:d9:31:d5:43: 42:dc:d8:fe:b1:ae:8c:36:18:a6:a3:3b:84:19:5c: c7:00:2d:53:57:6c:a5:91:f7:fb:16:d6:e5:54:ed: b8:2b:64:dc:c6:3e:78:57:d1:5f:a1:cf:89:92:f1: 6d:59:60:bc:9a:4e:4a:74:c4:6b:c5:2d:79:b4:99: b3:54:36:b9:65:13:c8:84:38:39:ec:84:02:1f:ca: df:e1:9a:33:81:7e:5a:53:e3:d6:f0:cb:4a:62:d3: 31:28:37:80:6c:68:33:7e:53:94:cc:07:b8:6b:2a: 17:de:50:7e:76:32:fb:25:7a:fd:ea:ff:5d:27:d5: 91:2d:2d:92:7c:42:75:cc:e9:38:8d:cf:0f:fd:b7: dc:49:e6:ab:ed:2f:a5:83:02:d7:51:6c:ea:16:a5: ef:55:ed:45:8b:a9:34:95:f8:6c:6b:79:91:c0:4f: f3:df:7e:c0:a0:d6:25:8f:65:6c:26:04:5b:10:6b: 78:0b:2d:b9:91:b3:32:a8:e1:d6:33:bf:ee:85:7c: ae:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:E9:19:A8:4E:1A:22:9F:78:9D:93:9D:1A:AA:71:2A:4D:3C:39:9D X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/367748-885c-4621-b44c-1195fe050de1/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/367748-885c-4621-b44c-1195fe050de1/1/S-kZqE4aIp94nZOdGqpxKk08OZ0.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.238.254.0/24 sbgp-autonomousSysNum: critical Autonomous System Numbers: 198746 Signature Algorithm: sha256WithRSAEncryption 48:2d:f8:aa:21:da:17:25:22:e8:c3:8e:38:f7:58:9b:1b:73: 5c:93:b6:3d:4d:4a:24:06:fa:b6:3f:bb:02:b6:97:71:f8:00: 15:d7:ad:21:b7:4e:e8:a7:c6:be:66:03:83:91:12:93:d5:c4: 94:82:2f:97:8c:80:cc:02:54:83:78:99:0a:4e:01:f2:f1:5d: a8:48:2f:e0:0b:65:32:89:b6:34:65:02:9a:b4:30:0a:b5:b9: cd:40:85:2b:1b:c7:95:db:75:f3:fa:22:31:c0:72:6e:f4:84: 40:c5:13:49:cc:43:6f:38:d9:7b:5d:51:c7:57:d1:be:07:4d: c4:3a:44:08:a7:1b:5c:2c:2c:94:5c:52:21:84:f3:f6:90:ea: 17:86:88:ff:3b:5a:82:b4:d6:77:f0:74:7d:f6:14:7a:75:d2: e3:88:db:85:e0:9d:76:6f:cd:9c:16:fa:41:6e:d8:b0:ae:18: 5d:4a:6a:08:0a:75:fd:f1:b5:cd:f0:eb:2a:90:d9:db:45:8d: d9:38:6c:c3:21:c8:3e:ad:76:1a:ba:52:32:8f:35:86:5d:61: 81:a2:c4:5c:0e:04:77:99:16:1d:73:fd:93:21:e0:79:70:51: 43:33:5f:39:54:57:38:2f:10:0a:08:5c:86:5e:ba:61:42:c2: 4c:d1:4d:e7 -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgISAZt6WtK0p4YGr2i5uWisYli0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTYxODUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0YmU5MTlhODRlMWEyMjlmNzg5ZDkzOWQxYWFhNzEyYTRkM2MzOTlkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+QOA4u6uAZxQbXyh0DSqX7ZlPfM HkQxxJQUnjeUbSH36mySHQfMrlfBftl/TxAeKzPqtpIX+Nkx1UNC3Nj+sa6MNhim ozuEGVzHAC1TV2ylkff7FtblVO24K2Tcxj54V9Ffoc+JkvFtWWC8mk5KdMRrxS15 tJmzVDa5ZRPIhDg57IQCH8rf4ZozgX5aU+PW8MtKYtMxKDeAbGgzflOUzAe4ayoX 3lB+djL7JXr96v9dJ9WRLS2SfEJ1zOk4jc8P/bfcSear7S+lgwLXUWzqFqXvVe1F i6k0lfhsa3mRwE/z337AoNYlj2VsJgRbEGt4Cy25kbMyqOHWM7/uhXyuAwIDAQAB o4ICoDCCApwwHQYDVR0OBBYEFEvpGahOGiKfeJ2TnRqqcSpNPDmdMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2QxLzM2Nzc0 OC04ODVjLTQ2MjEtYjQ0Yy0xMTk1ZmUwNTBkZTEvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEvMzY3NzQ4 LTg4NWMtNDYyMS1iNDRjLTExOTVmZTA1MGRlMS8xL1Mta1pxRTRhSXA5NG5aT2RH cXB4S2swOE9aMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQAW+7+MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC AwMIWjANBgkqhkiG9w0BAQsFAAOCAQEASC34qiHaFyUi6MOOOPdYmxtzXJO2PU1K JAb6tj+7AraXcfgAFdetIbdO6KfGvmYDg5ESk9XElIIvl4yAzAJUg3iZCk4B8vFd qEgv4AtlMom2NGUCmrQwCrW5zUCFKxvHldt18/oiMcBybvSEQMUTScxDbzjZe11R x1fRvgdNxDpECKcbXCwslFxSIYTz9pDqF4aI/ztagrTWd/B0ffYUenXS44jbheCd dm/NnBb6QW7YsK4YXUpqCAp1/fG1zfDrKpDZ20WN2ThswyHIPq12GrpSMo81hl1h gaLEXA4Ed5kWHXP9kyHgeXBRQzNfOVRXOC8QCghchl66YULCTNFN5w== -----END CERTIFICATE-----Generated at Mon Feb 9 15:12:20 2026 by rpki-client