This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/TOSIxkAcj16WnhXWRlH7Sy0tzfc.cer File: TOSIxkAcj16WnhXWRlH7Sy0tzfc.cer (raw, json) Hash identifier: 2R1L+HpfnInqx7TZ4EuWjC8JOAWFPc85HJmuc+67Gv0= Subject key identifier: 4C:E4:88:C6:40:1C:8F:5E:96:9E:15:D6:46:51:FB:4B:2D:2D:CD:F7 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7BA3DDAFF9811B3CE40C8F1B1D259BC5 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/15/c5c595-2673-4d5f-8a85-ae8c81f96f42/1/TOSIxkAcj16WnhXWRlH7Sy0tzfc.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/15/c5c595-2673-4d5f-8a85-ae8c81f96f42/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 22:18:15 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 51735 IP: 91.220.78.0/24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:dd:af:f9:81:1b:3c:e4:0c:8f:1b:1d:25:9b:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 22:18:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4ce488c6401c8f5e969e15d64651fb4b2d2dcdf7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:c3:b7:8e:40:77:bb:d5:4b:54:08:2d:50:bc: e3:bc:ba:15:a2:e0:4e:a0:be:a1:ae:3d:e7:98:57: b8:1f:5c:66:37:5f:19:8f:4a:6d:53:7c:27:e9:08: f7:0e:8d:8b:53:2d:74:be:46:41:8c:20:9a:0b:60: b5:a2:7a:ae:a7:d6:0c:d5:8a:61:c7:11:04:09:e4: e2:78:cc:04:e3:de:5a:b3:a8:89:ff:18:eb:eb:b1: 45:2e:46:3a:77:ff:89:30:3d:1b:3f:ca:01:95:e9: e6:b3:a9:f7:a5:35:c7:4a:32:74:e0:5a:c8:f6:4e: b9:f4:80:e6:a0:c1:71:5f:61:f3:44:e6:f6:69:d0: 88:c1:ac:61:db:77:21:b8:b0:cf:ca:c6:6d:37:4d: c2:eb:9c:e1:b6:55:75:5a:59:73:44:04:c1:66:74: fe:d5:a0:71:a1:3a:d8:8a:65:b0:42:0c:04:7a:55: 6c:cf:74:80:2a:69:2f:7f:3e:c8:9c:0f:3c:71:7a: 96:b3:0b:1a:95:0d:1e:b5:33:b6:24:ae:c5:13:d8: 52:bc:8e:d7:54:48:3b:2e:8e:77:cd:62:d3:51:cd: 01:d5:83:db:23:8a:b8:69:fc:2e:e0:78:df:74:4f: 96:ae:23:9e:04:fe:69:eb:66:0f:f8:6a:eb:22:08: 80:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:E4:88:C6:40:1C:8F:5E:96:9E:15:D6:46:51:FB:4B:2D:2D:CD:F7 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c5c595-2673-4d5f-8a85-ae8c81f96f42/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c5c595-2673-4d5f-8a85-ae8c81f96f42/1/TOSIxkAcj16WnhXWRlH7Sy0tzfc.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.220.78.0/24 sbgp-autonomousSysNum: critical Autonomous System Numbers: 51735 Signature Algorithm: sha256WithRSAEncryption 53:94:b3:c6:3b:1e:0d:a1:23:2e:78:6f:31:95:09:10:d9:62: 61:79:5a:d0:52:3e:78:1f:ec:12:f7:f3:99:0e:43:70:a1:31: de:e1:7d:5f:37:44:1f:38:e4:6d:28:91:38:db:9d:0e:c0:d1: c0:0f:99:6b:f5:59:ac:b3:cc:92:2a:c4:10:20:08:f3:2c:a5: bf:73:60:0a:c2:c6:a4:3a:49:b1:0b:de:ad:d2:19:d7:ae:7e: 25:da:e4:3c:35:ad:7d:86:86:46:22:57:0d:13:da:56:95:6c: 0f:2d:e9:e9:12:74:7a:06:46:04:b9:21:a4:3c:e6:11:de:ce: 11:09:a1:99:e4:ce:cc:29:12:2d:00:bc:cb:2e:76:03:dd:29: 38:24:51:1e:13:62:e1:5d:a3:5b:8c:d5:03:24:79:5a:cf:dd: 1b:cc:25:06:16:51:35:fa:32:63:11:03:97:cb:bc:75:cd:bb: 39:ce:bb:b6:4f:bd:89:02:58:a6:e0:6a:41:58:47:21:be:b0: ca:3d:db:cd:10:a5:87:1b:25:b8:03:69:51:54:18:a0:42:b8: ba:6f:10:29:f6:c0:7b:f3:3c:15:42:2e:5c:5b:17:e4:c2:bd: 86:c9:23:1d:b4:f3:5f:4e:b1:eb:0e:8a:d0:d9:7a:6e:5a:0a: c6:46:1a:fe -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgISAZt7o92v+YEbPOQMjxsdJZvFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjIxODE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0Y2U0ODhjNjQwMWM4ZjVlOTY5ZTE1ZDY0NjUxZmI0YjJkMmRjZGY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8O3jkB3u9VLVAgtULzjvLoVouBO oL6hrj3nmFe4H1xmN18Zj0ptU3wn6Qj3Do2LUy10vkZBjCCaC2C1onqup9YM1Yph xxEECeTieMwE495as6iJ/xjr67FFLkY6d/+JMD0bP8oBlenms6n3pTXHSjJ04FrI 9k659IDmoMFxX2HzROb2adCIwaxh23chuLDPysZtN03C65zhtlV1WllzRATBZnT+ 1aBxoTrYimWwQgwEelVsz3SAKmkvfz7InA88cXqWswsalQ0etTO2JK7FE9hSvI7X VEg7Lo53zWLTUc0B1YPbI4q4afwu4HjfdE+WriOeBP5p62YP+GrrIgiAjwIDAQAB o4ICoDCCApwwHQYDVR0OBBYEFEzkiMZAHI9elp4V1kZR+0stLc33MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE1L2M1YzU5 NS0yNjczLTRkNWYtOGE4NS1hZThjODFmOTZmNDIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUvYzVjNTk1 LTI2NzMtNGQ1Zi04YTg1LWFlOGM4MWY5NmY0Mi8xL1RPU0l4a0FjajE2V25oWFdS bEg3U3kwdHpmYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQAW9xOMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC AwDKFzANBgkqhkiG9w0BAQsFAAOCAQEAU5SzxjseDaEjLnhvMZUJENliYXla0FI+ eB/sEvfzmQ5DcKEx3uF9XzdEHzjkbSiRONudDsDRwA+Za/VZrLPMkirEECAI8yyl v3NgCsLGpDpJsQverdIZ165+JdrkPDWtfYaGRiJXDRPaVpVsDy3p6RJ0egZGBLkh pDzmEd7OEQmhmeTOzCkSLQC8yy52A90pOCRRHhNi4V2jW4zVAyR5Ws/dG8wlBhZR NfoyYxEDl8u8dc27Oc67tk+9iQJYpuBqQVhHIb6wyj3bzRClhxsluANpUVQYoEK4 um8QKfbAe/M8FUIuXFsX5MK9hskjHbTzX06x6w6K0Nl6bloKxkYa/g== -----END CERTIFICATE-----Generated at Mon Feb 9 18:25:22 2026 by rpki-client