This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/U_rXyaSF_rKReT654tuY9BjlxLg.cer File: U_rXyaSF_rKReT654tuY9BjlxLg.cer (raw, json) Hash identifier: vKHrtBXKI8pZaA8R3viOMB4n1fTakfyP8AOQjMlDkXI= Subject key identifier: 53:FA:D7:C9:A4:85:FE:B2:91:79:3E:B9:E2:DB:98:F4:18:E5:C4:B8 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7A5B06FFE7E4E31704FA23AEB29DB9FF Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f6/5140e8-c7fc-48bf-960e-0f04c6a995fd/1/U_rXyaSF_rKReT654tuY9BjlxLg.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f6/5140e8-c7fc-48bf-960e-0f04c6a995fd/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 16:19:04 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 185.134.232.0/22 IP: 2a06:ef80::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:06:ff:e7:e4:e3:17:04:fa:23:ae:b2:9d:b9:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 16:19:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=53fad7c9a485feb291793eb9e2db98f418e5c4b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:b3:14:93:37:7c:3c:bb:38:ae:d4:91:94:50: f5:94:f3:0b:90:43:f3:87:24:21:46:1b:4e:78:b3: 7f:08:da:41:d8:5e:3d:42:46:a3:12:ec:29:a1:3e: 8e:59:87:56:e8:d5:53:a0:f0:b0:ef:95:59:15:fb: 15:eb:71:6d:6f:df:45:7b:1e:c3:f9:b3:36:e6:75: 5b:56:94:aa:8b:21:67:63:62:96:aa:39:14:4e:f8: 65:60:34:62:f1:07:f8:93:a4:34:ef:09:0b:c9:9e: 2d:f6:01:83:4a:bd:48:42:ba:a5:c2:9a:98:f7:6b: 12:cc:92:7c:c8:49:af:64:4d:af:b8:85:d2:ed:37: 2d:ac:e7:33:2c:24:ea:1f:20:0a:2f:28:ea:ae:2d: dc:00:ff:d7:a0:91:a0:16:91:49:9d:8e:92:ac:a9: d4:e0:62:c3:22:1a:97:d1:b5:6c:5c:b8:0c:28:28: 7b:d1:e5:3e:01:cf:16:01:77:bd:75:f1:5e:c7:4c: 6f:3c:14:d0:8d:dd:c2:08:66:3d:3e:20:02:ed:28: 9c:15:b4:99:92:8a:53:18:5c:e3:0b:6f:61:fe:68: d9:73:c1:15:04:d6:9c:6b:a9:43:46:1f:89:e7:30: 05:a5:d6:00:3a:d1:ee:69:4f:8c:18:d8:e0:8b:70: 51:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:FA:D7:C9:A4:85:FE:B2:91:79:3E:B9:E2:DB:98:F4:18:E5:C4:B8 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/5140e8-c7fc-48bf-960e-0f04c6a995fd/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/5140e8-c7fc-48bf-960e-0f04c6a995fd/1/U_rXyaSF_rKReT654tuY9BjlxLg.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.134.232.0/22 IPv6: 2a06:ef80::/29 Signature Algorithm: sha256WithRSAEncryption 55:c9:53:bc:97:de:fb:85:5f:39:75:1b:ec:da:fd:85:4c:75: 05:ba:55:63:d6:21:e7:86:39:30:41:bd:f5:92:49:5f:4e:a6: d2:06:a1:b7:c8:7c:54:bf:21:35:90:1b:66:d3:a2:40:f7:fa: dc:43:8c:fc:03:63:b8:e3:89:57:5e:ea:25:f1:9a:b2:a9:f4: 10:e0:f8:12:d1:11:17:6f:69:68:c3:30:6b:27:60:54:8f:87: 0b:de:e8:10:4e:c4:7a:b6:4f:ff:3d:d5:e9:b6:b0:fb:72:6d: 39:d1:3c:d3:87:48:54:c5:6c:77:62:6b:95:ee:8f:a6:34:f9: 71:97:8d:e8:b9:6a:15:b2:fc:07:bf:a2:05:a0:56:d5:8d:dc: 98:a3:a2:5f:32:a6:82:b1:3f:25:2b:73:1e:77:fa:5b:42:1e: 94:14:28:24:b8:8a:3a:d3:4f:c7:30:dc:61:fd:fb:62:62:87: 52:63:dc:15:81:72:b1:da:a4:29:43:1b:15:13:39:8f:d1:68: c4:6b:2c:ef:1a:b6:cd:15:ab:6d:19:3f:8d:7c:3e:35:67:79: 03:f7:01:16:d8:a9:b9:b0:82:5d:e1:1d:05:7c:c5:17:3d:82: d1:17:3b:13:2d:78:d1:a0:02:d1:64:95:b7:e8:90:66:24:cb: 72:39:52:88 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgISAZt6Wwb/5+TjFwT6I66ynbn/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTYxOTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1M2ZhZDdjOWE0ODVmZWIyOTE3OTNlYjllMmRiOThmNDE4ZTVjNGI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbMUkzd8PLs4rtSRlFD1lPMLkEPz hyQhRhtOeLN/CNpB2F49QkajEuwpoT6OWYdW6NVToPCw75VZFfsV63Ftb99Fex7D +bM25nVbVpSqiyFnY2KWqjkUTvhlYDRi8Qf4k6Q07wkLyZ4t9gGDSr1IQrqlwpqY 92sSzJJ8yEmvZE2vuIXS7TctrOczLCTqHyAKLyjqri3cAP/XoJGgFpFJnY6SrKnU 4GLDIhqX0bVsXLgMKCh70eU+Ac8WAXe9dfFex0xvPBTQjd3CCGY9PiAC7SicFbSZ kopTGFzjC29h/mjZc8EVBNaca6lDRh+J5zAFpdYAOtHuaU+MGNjgi3BRXwIDAQAB o4ICkzCCAo8wHQYDVR0OBBYEFFP618mkhf6ykXk+ueLbmPQY5cS4MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y2LzUxNDBl OC1jN2ZjLTQ4YmYtOTYwZS0wZjA0YzZhOTk1ZmQvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvNTE0MGU4 LWM3ZmMtNDhiZi05NjBlLTBmMDRjNmE5OTVmZC8xL1Vfclh5YVNGX3JLUmVUNjU0 dHVZOUJqbHhMZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCuYboMA0EAgACMAcDBQMqBu+AMA0GCSqGSIb3 DQEBCwUAA4IBAQBVyVO8l977hV85dRvs2v2FTHUFulVj1iHnhjkwQb31kklfTqbS BqG3yHxUvyE1kBtm06JA9/rcQ4z8A2O444lXXuol8ZqyqfQQ4PgS0REXb2lowzBr J2BUj4cL3ugQTsR6tk//PdXptrD7cm050TzTh0hUxWx3YmuV7o+mNPlxl43ouWoV svwHv6IFoFbVjdyYo6JfMqaCsT8lK3Med/pbQh6UFCgkuIo600/HMNxh/ftiYodS Y9wVgXKx2qQpQxsVEzmP0WjEayzvGrbNFattGT+NfD41Z3kD9wEW2Km5sIJd4R0F fMUXPYLRFzsTLXjRoALRZJW36JBmJMtyOVKI -----END CERTIFICATE-----Generated at Mon Feb 9 15:09:53 2026 by rpki-client