This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer File: U53I-Drwei_XEh53wBzCg8ZRoIc.cer (raw, json) Hash identifier: 1m5z56tw38m7Tw5JywDGKh4X6vU1GD9C3H+aQ4XRbLY= Subject key identifier: 53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B797F067813422A3050C05C486514952B Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 12:18:46 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 48842 IP: 91.212.60.0/24 IP: 193.169.172.0/23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:06:78:13:42:2a:30:50:c0:5c:48:65:14:95:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 12:18:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=539dc8f83af07a2fd7121e77c01cc283c651a087 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:05:be:14:38:77:3f:7d:db:a2:61:89:5d:b3: 81:27:1c:07:f3:b1:60:36:23:e7:d2:ea:56:6f:8e: 9a:81:3b:25:78:f2:a0:d5:77:79:08:10:af:0b:c4: 47:49:3a:78:cd:be:ca:ff:07:f3:87:a9:e8:4b:25: e7:d9:32:84:80:c6:1d:24:27:0e:cb:80:ef:5f:4f: 1d:92:59:05:0a:e8:e4:9a:74:bf:49:08:ea:c9:fe: 81:55:1e:1b:13:20:e1:c6:84:14:65:33:21:c0:10: 08:2d:f0:f7:de:5f:65:0d:db:1e:3f:1b:3d:03:d4: e1:e1:12:bc:a1:51:e7:ab:7a:f8:e9:bc:f0:79:f4: 75:77:25:6d:7d:04:96:ac:83:00:82:d2:76:7b:78: 60:d0:00:74:e0:9a:df:b3:07:0d:68:ff:fd:22:33: ce:cb:56:0c:c9:ee:01:26:76:93:5f:79:a4:83:bd: ad:ac:d6:41:13:b4:7e:dc:3b:66:50:ea:61:9e:65: 5f:4b:05:82:51:0d:2d:25:fd:43:64:3c:01:87:1c: 32:ba:0a:cc:cd:d7:9f:12:e8:17:6f:1c:38:95:20: b2:38:73:ae:08:4d:5b:70:9a:42:3d:24:a2:59:a7: bc:d5:f5:79:7c:5f:cd:44:11:ca:29:08:95:cd:1f: 15:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.212.60.0/24 193.169.172.0/23 sbgp-autonomousSysNum: critical Autonomous System Numbers: 48842 Signature Algorithm: sha256WithRSAEncryption a4:fe:7f:0e:f4:c5:e5:99:f8:3f:fd:4f:97:e9:8a:10:97:a5: 34:0f:67:cf:c3:23:be:f5:6e:d6:94:c8:6f:85:b1:ff:91:55: f5:ed:85:38:2d:05:3f:5f:4a:de:1d:6e:05:d2:78:34:02:68: 0e:83:f3:92:cb:b9:d2:08:e6:1e:90:7d:35:e0:4b:3a:b0:8b: a0:76:08:f1:cc:68:97:5d:13:3d:33:72:d4:17:25:4a:17:0d: 24:d8:de:8c:c1:3a:59:1a:1d:57:c4:e2:4b:3d:25:13:13:5a: a6:63:1b:9d:eb:78:03:82:ef:0d:f8:ae:52:f4:97:03:e2:a3: 0f:ee:fd:09:1d:74:db:6b:d3:67:82:3a:c2:a2:96:61:45:ff: 82:ed:9b:18:06:b3:74:8f:bd:b6:2e:ed:6b:e6:3d:92:f7:df: aa:ef:b7:d5:e6:ae:2f:cb:75:c2:22:7c:2a:51:35:63:c4:de: d7:e0:ed:0b:d7:e4:9f:27:6e:ba:37:47:91:10:6f:ca:d1:52: f4:d4:a4:76:08:34:ff:ae:f2:0a:5d:6d:15:57:59:14:21:aa: fc:98:f8:ae:b5:77:84:32:77:2b:b9:eb:7d:8c:58:56:cd:05: 75:17:5a:d3:f4:e1:28:52:44:92:86:df:a5:e1:65:60:29:17: e6:1d:4f:83 -----BEGIN CERTIFICATE----- MIIFmjCCBIKgAwIBAgISAZt5fwZ4E0IqMFDAXEhlFJUrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTIxODQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MzlkYzhmODNhZjA3YTJmZDcxMjFlNzdjMDFjYzI4M2M2NTFhMDg3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQW+FDh3P33bomGJXbOBJxwH87Fg NiPn0upWb46agTslePKg1Xd5CBCvC8RHSTp4zb7K/wfzh6noSyXn2TKEgMYdJCcO y4DvX08dklkFCujkmnS/SQjqyf6BVR4bEyDhxoQUZTMhwBAILfD33l9lDdsePxs9 A9Th4RK8oVHnq3r46bzwefR1dyVtfQSWrIMAgtJ2e3hg0AB04JrfswcNaP/9IjPO y1YMye4BJnaTX3mkg72trNZBE7R+3DtmUOphnmVfSwWCUQ0tJf1DZDwBhxwyugrM zdefEugXbxw4lSCyOHOuCE1bcJpCPSSiWae81fV5fF/NRBHKKQiVzR8VrQIDAQAB o4ICpjCCAqIwHQYDVR0OBBYEFFOdyPg68Hov1xIed8AcwoPGUaCHMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYwLzczMmVh Mi05YTVjLTRlZGEtYjliNC02Mjc2YjE3OGVmZGYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAvNzMyZWEy LTlhNWMtNGVkYS1iOWI0LTYyNzZiMTc4ZWZkZi8xL1U1M0ktRHJ3ZWlfWEVoNTN3 QnpDZzhaUm9JYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF BwEHAQH/BBYwFDASBAIAATAMAwQAW9Q8AwQBwamsMBoGCCsGAQUFBwEIAQH/BAsw CaAHMAUCAwC+yjANBgkqhkiG9w0BAQsFAAOCAQEApP5/DvTF5Zn4P/1Pl+mKEJel NA9nz8MjvvVu1pTIb4Wx/5FV9e2FOC0FP19K3h1uBdJ4NAJoDoPzksu50gjmHpB9 NeBLOrCLoHYI8cxol10TPTNy1BclShcNJNjejME6WRodV8TiSz0lExNapmMbnet4 A4LvDfiuUvSXA+KjD+79CR1022vTZ4I6wqKWYUX/gu2bGAazdI+9ti7ta+Y9kvff qu+31eauL8t1wiJ8KlE1Y8Te1+DtC9fknyduujdHkRBvytFS9NSkdgg0/67yCl1t FVdZFCGq/Jj4rrV3hDJ3K7nrfYxYVs0FdRda0/ThKFJEkobfpeFlYCkX5h1Pgw== -----END CERTIFICATE-----Generated at Mon Feb 9 19:51:47 2026 by rpki-client