This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/SU14c0FlEKL7I0bvNCKAFVUicTs.cer File: SU14c0FlEKL7I0bvNCKAFVUicTs.cer (raw, json) Hash identifier: 3S7epsfwhv+g0Yx8avOkLBmV7FFmOtt42hJp6PTUSjU= Subject key identifier: 49:4D:78:73:41:65:10:A2:FB:23:46:EF:34:22:80:15:55:22:71:3B Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7EA56902E6AAA0839CED4755DF4693D3 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/25/28f7a6-e1ba-4978-9122-e18e7b2ac536/1/SU14c0FlEKL7I0bvNCKAFVUicTs.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/25/28f7a6-e1ba-4978-9122-e18e7b2ac536/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 12:18:48 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 29141 IP: 5.45.176.0/21 IP: 31.14.46.0/23 IP: 31.170.104.0/21 IP: 80.83.112.0/20 IP: 130.255.72.0/21 IP: 130.255.184.0/21 IP: 185.13.148.0/22 IP: 185.45.112.0/22 IP: 195.68.246.0/23 IP: 195.128.160.0/23 IP: 2a02:e00::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 09:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a5:69:02:e6:aa:a0:83:9c:ed:47:55:df:46:93:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 12:18:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=494d7873416510a2fb2346ef342280155522713b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:10:47:54:e4:a0:ea:f4:84:3c:b0:11:2c:6d: 00:18:88:85:9b:11:8f:51:18:1b:14:bf:3e:a7:bc: 8d:1f:06:07:a4:ba:2d:d9:4d:13:65:d6:09:db:c6: 6c:17:0a:f0:68:60:40:4d:2b:b6:e9:46:76:7a:81: 11:9d:19:99:ce:65:2b:dd:05:ac:09:ff:9d:bc:7c: 68:0e:1b:69:b6:fb:42:c1:c9:af:50:24:1f:43:c2: 1a:58:54:23:e8:80:3b:6f:bf:da:65:29:ea:23:03: f8:36:67:9c:0d:49:88:58:90:92:8f:1d:43:59:32: 83:54:72:f9:82:06:ae:4e:5e:47:42:c2:d3:5b:c1: b8:24:59:00:1a:0a:2a:f4:f6:93:95:6b:54:7b:75: ed:6e:de:2f:74:da:a3:23:ab:94:85:b9:46:3a:53: 2a:bf:4c:1d:c4:6a:b1:82:28:23:9a:d4:8b:7f:f4: ff:29:28:ba:80:a4:7f:46:5f:7f:d6:9b:c3:80:3a: 29:af:ba:b0:2c:01:8b:3b:d3:ec:c3:54:e9:54:27: 87:91:d3:ea:30:09:41:3a:c1:4c:68:cd:2f:e9:b0: c4:95:b1:98:fa:ac:37:1a:18:77:36:15:44:ad:c6: 08:23:08:7f:eb:03:5f:14:92:3d:d0:04:b9:89:83: 00:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:4D:78:73:41:65:10:A2:FB:23:46:EF:34:22:80:15:55:22:71:3B X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/28f7a6-e1ba-4978-9122-e18e7b2ac536/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/28f7a6-e1ba-4978-9122-e18e7b2ac536/1/SU14c0FlEKL7I0bvNCKAFVUicTs.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.45.176.0/21 31.14.46.0/23 31.170.104.0/21 80.83.112.0/20 130.255.72.0/21 130.255.184.0/21 185.13.148.0/22 185.45.112.0/22 195.68.246.0/23 195.128.160.0/23 IPv6: 2a02:e00::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 29141 Signature Algorithm: sha256WithRSAEncryption 8a:55:ce:39:1a:cb:6c:14:91:da:24:85:b5:4c:73:20:77:bf: 13:35:98:05:b5:34:62:d5:10:ef:70:61:20:38:6d:4b:67:28: 85:22:38:cc:08:6e:06:7c:35:a1:29:a2:65:64:f4:b2:b5:dd: c7:b0:56:af:b7:b6:5b:f2:24:75:4c:8c:0a:00:c0:92:05:22: 88:bb:4b:a3:c2:d5:b9:fa:72:68:6a:93:97:17:78:26:b6:14: ff:ff:70:5d:79:08:fb:01:ea:54:d8:d4:8a:b5:63:2f:35:95: dd:06:6e:b8:c2:38:88:d9:86:53:86:f3:01:97:71:6f:d8:e9: 58:89:95:da:53:7a:c7:51:9a:4c:0b:d0:22:df:e0:47:4f:87: f6:99:0a:44:41:1d:02:9c:15:9b:a3:85:94:4d:7c:af:72:e9: 32:f9:1d:c5:4b:bf:3e:86:c2:c0:38:d6:9f:48:64:e6:5f:08: 44:1c:68:95:c9:7a:58:e1:34:1d:ea:8b:46:19:5c:40:9b:e1: c9:6e:6b:7d:b8:2a:df:29:e6:58:6c:ea:8f:2d:1c:f0:77:53: 72:1c:16:ec:b1:aa:f3:ef:33:3d:34:8c:5f:2c:91:e6:51:1f: 8a:1f:35:87:57:3b:b0:4d:05:52:1c:2d:10:f9:8d:4b:5b:68: 4b:6d:52:fb -----BEGIN CERTIFICATE----- MIIF2DCCBMCgAwIBAgISAZt+pWkC5qqgg5ztR1XfRpPTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTIxODQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0OTRkNzg3MzQxNjUxMGEyZmIyMzQ2ZWYzNDIyODAxNTU1MjI3MTNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxBHVOSg6vSEPLARLG0AGIiFmxGP URgbFL8+p7yNHwYHpLot2U0TZdYJ28ZsFwrwaGBATSu26UZ2eoERnRmZzmUr3QWs Cf+dvHxoDhtptvtCwcmvUCQfQ8IaWFQj6IA7b7/aZSnqIwP4NmecDUmIWJCSjx1D WTKDVHL5ggauTl5HQsLTW8G4JFkAGgoq9PaTlWtUe3Xtbt4vdNqjI6uUhblGOlMq v0wdxGqxgigjmtSLf/T/KSi6gKR/Rl9/1pvDgDopr7qwLAGLO9Psw1TpVCeHkdPq MAlBOsFMaM0v6bDElbGY+qw3Ghh3NhVErcYIIwh/6wNfFJI90AS5iYMAGQIDAQAB o4IC5DCCAuAwHQYDVR0OBBYEFElNeHNBZRCi+yNG7zQigBVVInE7MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI1LzI4Zjdh Ni1lMWJhLTQ5NzgtOTEyMi1lMThlN2IyYWM1MzYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUvMjhmN2E2 LWUxYmEtNDk3OC05MTIyLWUxOGU3YjJhYzUzNi8xL1NVMTRjMEZsRUtMN0kwYnZO Q0tBRlZVaWNUcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGQGCCsGAQUF BwEHAQH/BFUwUzBCBAIAATA8AwQDBS2wAwQBHw4uAwQDH6poAwQEUFNwAwQDgv9I AwQDgv+4AwQCuQ2UAwQCuS1wAwQBw0T2AwQBw4CgMA0EAgACMAcDBQAqAg4AMBkG CCsGAQUFBwEIAQH/BAowCKAGMAQCAnHVMA0GCSqGSIb3DQEBCwUAA4IBAQCKVc45 GstsFJHaJIW1THMgd78TNZgFtTRi1RDvcGEgOG1LZyiFIjjMCG4GfDWhKaJlZPSy td3HsFavt7Zb8iR1TIwKAMCSBSKIu0ujwtW5+nJoapOXF3gmthT//3BdeQj7AepU 2NSKtWMvNZXdBm64wjiI2YZThvMBl3Fv2OlYiZXaU3rHUZpMC9Ai3+BHT4f2mQpE QR0CnBWbo4WUTXyvcuky+R3FS78+hsLAONafSGTmXwhEHGiVyXpY4TQd6otGGVxA m+HJbmt9uCrfKeZYbOqPLRzwd1NyHBbssarz7zM9NIxfLJHmUR+KHzWHVzuwTQVS HC0Q+Y1LW2hLbVL7 -----END CERTIFICATE-----Generated at Tue Jan 27 11:14:43 2026 by rpki-client