This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/S3IGbX5sqK0v-mKmmwZ5I6Qt-W8.cer File: S3IGbX5sqK0v-mKmmwZ5I6Qt-W8.cer (raw, json) Hash identifier: kzTbJQV98lqbbyLJOFLHOY7Vb97AKZUqPa/sfLgA9K8= Subject key identifier: 4B:72:06:6D:7E:6C:A8:AD:2F:FA:62:A6:9B:06:79:23:A4:2D:F9:6F Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7A5A73CD3A1CE5DC20249C9A4D0BBE28 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/S3IGbX5sqK0v-mKmmwZ5I6Qt-W8.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 16:18:26 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 212138 IP: 192.145.104.0/22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:73:cd:3a:1c:e5:dc:20:24:9c:9a:4d:0b:be:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 16:18:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4b72066d7e6ca8ad2ffa62a69b067923a42df96f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:d8:44:00:9d:26:c4:75:89:bc:13:a2:83:f7: 33:b0:ac:3c:6c:0e:00:a1:8d:99:b4:a4:7c:f6:b6: a4:17:3a:10:9e:38:8d:38:02:10:ca:1b:7c:bc:53: 94:6c:81:25:2a:35:81:66:4e:6d:a5:86:af:91:ec: c9:70:f9:d6:f1:fd:f3:93:9a:fd:51:7a:79:ba:5f: 85:8f:45:c0:b7:8f:62:cf:be:15:74:68:e2:2b:b9: 8c:4d:38:49:87:02:79:fa:be:6f:a5:83:93:35:e6: 4a:2b:3c:e0:2d:7f:f0:6d:08:ee:ad:80:6e:50:16: 68:33:bc:a5:73:60:9b:7d:e8:da:a8:fa:bb:b4:d1: 81:9d:91:54:c6:f9:20:a6:97:e8:da:da:16:4b:ef: 8e:53:d6:72:93:a6:82:58:1e:81:e4:9d:53:bc:07: d8:07:ec:2c:c8:13:d4:77:66:55:6f:e3:21:d7:8a: d1:b7:35:cb:3e:1f:9b:0c:52:7c:e1:b8:f7:0b:92: e4:8c:4d:45:b5:12:a6:97:3f:74:c5:25:46:04:e6: 9b:41:dc:a3:30:1e:cf:be:1e:91:04:1c:51:19:6a: 90:eb:49:51:cd:4c:7c:fe:78:5f:12:2d:d5:98:19: b6:75:3c:01:c9:49:ba:f3:37:71:65:2c:9a:78:4a: d4:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:72:06:6D:7E:6C:A8:AD:2F:FA:62:A6:9B:06:79:23:A4:2D:F9:6F X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/S3IGbX5sqK0v-mKmmwZ5I6Qt-W8.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.145.104.0/22 sbgp-autonomousSysNum: critical Autonomous System Numbers: 212138 Signature Algorithm: sha256WithRSAEncryption 25:9e:1b:f7:f2:33:bf:fe:5d:af:57:f7:47:97:4b:94:35:95: 70:5b:dd:d8:f0:93:6d:67:6a:38:d3:f9:2d:a9:a9:04:00:08: 2f:cc:2f:01:f9:45:53:50:e1:bf:52:07:bd:64:d8:32:25:6e: 1d:c1:cd:17:49:de:a2:d5:1a:3c:38:a6:4c:51:9e:96:58:92: 1c:27:eb:6a:17:c9:fd:ac:f9:84:45:e0:8f:48:8e:b8:d7:3d: 36:65:0b:c2:05:8c:16:4a:d0:cc:d2:f2:c9:65:03:8c:b4:15: 55:4e:a9:b2:33:e8:c4:31:88:b8:a9:3b:58:91:ac:53:96:b1: 71:07:f1:6f:f5:4c:2f:6e:1d:d5:3d:a0:1d:6d:08:93:17:e4: ac:32:bc:d0:f7:4a:ae:10:50:46:2a:b4:1d:c6:d9:17:54:99: f7:a3:b0:ee:6f:be:5d:b6:0a:21:d3:ff:a1:41:53:da:0c:87: 2a:15:d7:6f:c4:8d:4a:d5:c5:4c:75:d7:ed:e9:40:37:b2:3a: 29:ce:81:03:b3:c7:ca:6b:e5:06:b1:a3:27:3f:d3:59:85:99: 79:24:fa:4e:56:64:9f:b0:fc:1a:1d:c3:05:24:e3:76:30:97: 9f:10:57:be:64:62:c2:88:8b:b5:0b:d2:80:a5:f8:b2:d3:de: f5:01:57:d6 -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgISAZt6WnPNOhzl3CAknJpNC74oMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTYxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0YjcyMDY2ZDdlNmNhOGFkMmZmYTYyYTY5YjA2NzkyM2E0MmRmOTZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNhEAJ0mxHWJvBOig/czsKw8bA4A oY2ZtKR89rakFzoQnjiNOAIQyht8vFOUbIElKjWBZk5tpYavkezJcPnW8f3zk5r9 UXp5ul+Fj0XAt49iz74VdGjiK7mMTThJhwJ5+r5vpYOTNeZKKzzgLX/wbQjurYBu UBZoM7ylc2CbfejaqPq7tNGBnZFUxvkgppfo2toWS++OU9Zyk6aCWB6B5J1TvAfY B+wsyBPUd2ZVb+Mh14rRtzXLPh+bDFJ84bj3C5LkjE1FtRKmlz90xSVGBOabQdyj MB7Pvh6RBBxRGWqQ60lRzUx8/nhfEi3VmBm2dTwByUm68zdxZSyaeErU2wIDAQAB o4ICoDCCApwwHQYDVR0OBBYEFEtyBm1+bKitL/pippsGeSOkLflvMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ1L2E2NGIw OS02NGRmLTQ3MGMtYTY0ZC0xZjY5OTE4NzdiMjYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUvYTY0YjA5 LTY0ZGYtNDcwYy1hNjRkLTFmNjk5MTg3N2IyNi8xL1MzSUdiWDVzcUswdi1tS21t d1o1STZRdC1XOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQCwJFoMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC AwM8qjANBgkqhkiG9w0BAQsFAAOCAQEAJZ4b9/Izv/5dr1f3R5dLlDWVcFvd2PCT bWdqONP5LampBAAIL8wvAflFU1Dhv1IHvWTYMiVuHcHNF0neotUaPDimTFGelliS HCfrahfJ/az5hEXgj0iOuNc9NmULwgWMFkrQzNLyyWUDjLQVVU6psjPoxDGIuKk7 WJGsU5axcQfxb/VML24d1T2gHW0IkxfkrDK80PdKrhBQRiq0HcbZF1SZ96Ow7m++ XbYKIdP/oUFT2gyHKhXXb8SNStXFTHXX7elAN7I6Kc6BA7PHymvlBrGjJz/TWYWZ eST6TlZkn7D8Gh3DBSTjdjCXnxBXvmRiwoiLtQvSgKX4stPe9QFX1g== -----END CERTIFICATE-----Generated at Mon Feb 9 15:09:19 2026 by rpki-client