This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/U12xQ-kGqiDleCkH-EXUp2li_3s.cer File: U12xQ-kGqiDleCkH-EXUp2li_3s.cer (raw, json) Hash identifier: I2vJWNhdZ0b4FN0v0Hq8kjpkRKo287yf1pfI3sQ5jnQ= Subject key identifier: 53:5D:B1:43:E9:06:AA:20:E5:78:29:07:F8:45:D4:A7:69:62:FF:7B Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B797EE32291F470EDEEDC0DD9F2A27BD6 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/87/1a8d98-34c9-4d26-97dc-48731b3c03a4/1/U12xQ-kGqiDleCkH-EXUp2li_3s.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/87/1a8d98-34c9-4d26-97dc-48731b3c03a4/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 12:18:37 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 51785 IP: 46.18.248.0/21 IP: 2a06:a4c0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:e3:22:91:f4:70:ed:ee:dc:0d:d9:f2:a2:7b:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 12:18:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=535db143e906aa20e5782907f845d4a76962ff7b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:a8:b8:73:e2:19:ce:02:03:bf:29:31:e2:0d: 54:e8:09:5f:9e:f0:61:a5:e3:95:9b:70:92:3f:c2: 1c:3a:33:63:03:26:71:65:ac:b3:f8:ad:d5:75:6c: 44:c9:af:e8:55:6c:04:60:d2:9b:40:e3:19:a1:aa: 10:49:35:61:6b:d8:4a:6f:c3:82:3d:45:37:1b:81: 8b:ad:25:58:b4:9b:a2:ff:23:83:5e:49:f0:2b:f3: 9c:5b:c3:f3:48:b3:db:5c:94:4e:03:7f:bb:25:d8: 20:a5:d9:28:b4:28:79:6d:d6:42:3f:4e:12:61:fd: 25:19:86:65:54:59:44:d5:e7:88:eb:f9:25:12:95: 05:f0:cd:98:21:0d:2d:08:12:3c:b5:d0:cd:a0:43: a2:b8:09:68:8a:63:2c:3f:8e:b8:5f:74:24:66:4f: bf:cc:e3:c4:7c:5a:95:ba:2c:b6:c4:fd:28:b4:bf: 13:96:a8:f1:b9:cd:d0:85:c5:33:e3:12:83:61:e3: 73:19:98:09:ce:78:90:e4:ff:f7:12:b5:76:3f:c0: cb:ee:40:11:92:31:2c:53:91:2f:e6:88:81:c0:b8: 3a:e4:8a:62:b6:2e:be:e0:b9:32:71:8e:5d:e6:7a: 3f:25:f3:97:b6:ca:f4:dd:b6:ca:3c:7a:8e:18:70: 81:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:5D:B1:43:E9:06:AA:20:E5:78:29:07:F8:45:D4:A7:69:62:FF:7B X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/1a8d98-34c9-4d26-97dc-48731b3c03a4/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/1a8d98-34c9-4d26-97dc-48731b3c03a4/1/U12xQ-kGqiDleCkH-EXUp2li_3s.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.18.248.0/21 IPv6: 2a06:a4c0::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 51785 Signature Algorithm: sha256WithRSAEncryption 73:b2:03:69:f5:95:17:04:a3:eb:00:6d:0d:27:15:d2:96:4a: 72:82:2d:5a:60:ab:e8:75:42:ac:69:7c:a9:ef:3d:81:79:40: b5:94:28:d0:ff:80:ea:ae:dd:69:a1:2b:77:ec:8e:e0:77:62: 76:3d:b1:c3:c0:ff:ba:3c:7c:bf:3a:56:0a:f9:23:b9:96:ce: 8f:8f:e3:94:07:d2:82:da:8f:66:6e:84:28:7b:ea:3b:f9:1e: ac:22:13:a9:c7:41:31:f2:a8:84:3f:70:78:74:25:72:39:e8: 1b:c6:ca:45:3d:1d:64:24:73:03:8d:aa:f1:cf:de:16:54:e2: a8:2b:42:a3:84:60:9e:58:c3:b2:98:2c:ff:72:43:ca:5d:17: 06:7c:0d:86:9a:dd:eb:f6:4e:2e:db:6c:8d:b4:f5:23:a5:1e: 03:0d:1c:13:34:f0:8e:36:7c:35:ca:c7:24:01:e6:76:1c:ce: e7:ff:50:e1:b5:4f:dd:b0:ba:67:78:eb:f8:71:9e:d1:09:ab: 67:df:55:70:eb:3a:06:59:ba:e8:1f:ef:a6:4d:61:d3:c7:d3: 83:b9:75:1a:ec:b5:98:ed:85:fa:be:da:55:21:b3:43:a8:0a: 30:0e:4e:e2:75:a6:5e:2d:08:c7:dc:15:19:51:e1:3d:d8:a0: 3e:c2:d5:1d -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt5fuMikfRw7e7cDdnyonvWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTIxODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MzVkYjE0M2U5MDZhYTIwZTU3ODI5MDdmODQ1ZDRhNzY5NjJmZjdiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArai4c+IZzgIDvykx4g1U6AlfnvBh peOVm3CSP8IcOjNjAyZxZayz+K3VdWxEya/oVWwEYNKbQOMZoaoQSTVha9hKb8OC PUU3G4GLrSVYtJui/yODXknwK/OcW8PzSLPbXJROA3+7JdggpdkotCh5bdZCP04S Yf0lGYZlVFlE1eeI6/klEpUF8M2YIQ0tCBI8tdDNoEOiuAloimMsP464X3QkZk+/ zOPEfFqVuiy2xP0otL8Tlqjxuc3QhcUz4xKDYeNzGZgJzniQ5P/3ErV2P8DL7kAR kjEsU5Ev5oiBwLg65Ipiti6+4LkycY5d5no/JfOXtsr03bbKPHqOGHCBvQIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFFNdsUPpBqog5XgpB/hF1KdpYv97MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg3LzFhOGQ5 OC0zNGM5LTRkMjYtOTdkYy00ODczMWIzYzAzYTQvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcvMWE4ZDk4 LTM0YzktNGQyNi05N2RjLTQ4NzMxYjNjMDNhNC8xL1UxMnhRLWtHcWlEbGVDa0gt RVhVcDJsaV8zcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQDLhL4MA0EAgACMAcDBQMqBqTAMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwDKSTANBgkqhkiG9w0BAQsFAAOCAQEAc7IDafWVFwSj 6wBtDScV0pZKcoItWmCr6HVCrGl8qe89gXlAtZQo0P+A6q7daaErd+yO4Hdidj2x w8D/ujx8vzpWCvkjuZbOj4/jlAfSgtqPZm6EKHvqO/kerCITqcdBMfKohD9weHQl cjnoG8bKRT0dZCRzA42q8c/eFlTiqCtCo4RgnljDspgs/3JDyl0XBnwNhprd6/ZO LttsjbT1I6UeAw0cEzTwjjZ8NcrHJAHmdhzO5/9Q4bVP3bC6Z3jr+HGe0QmrZ99V cOs6Blm66B/vpk1h08fTg7l1Guy1mO2F+r7aVSGzQ6gKMA5O4nWmXi0Ix9wVGVHh PdigPsLVHQ== -----END CERTIFICATE-----Generated at Mon Feb 9 18:27:26 2026 by rpki-client