This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/VHkd3iyb3qNmzn7GxagAxdpjNFQ.cer File: VHkd3iyb3qNmzn7GxagAxdpjNFQ.cer (raw, json) Hash identifier: /x2rHqQGp0hGD8XF+JicMnYJ5bOgojoVgm09LA1nV1k= Subject key identifier: 54:79:1D:DE:2C:9B:DE:A3:66:CE:7E:C6:C5:A8:00:C5:DA:63:34:54 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B797F370A75D5B0706938543C6069C36F Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/VHkd3iyb3qNmzn7GxagAxdpjNFQ.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 12:18:58 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 203872 AS: 212772 IP: 45.156.136.0/22 IP: 46.243.228.0/22 IP: 92.255.56.0/24 IP: 92.255.68.0/22 IP: 92.255.84.0/24 IP: 94.140.14.0/23 IP: 176.103.128.0/19 IP: 185.113.28.0/22 IP: 217.72.12.0/22 IP: 2a10:50c0::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:37:0a:75:d5:b0:70:69:38:54:3c:60:69:c3:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 12:18:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=54791dde2c9bdea366ce7ec6c5a800c5da633454 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:c0:30:89:bc:2e:3e:a8:13:68:fa:b4:c0:2d: 07:77:65:ce:2a:e9:9b:b1:f6:82:eb:2e:38:55:c7: 0c:46:42:21:8b:6d:35:f1:e1:1c:19:52:99:bc:2d: f7:b4:64:89:fb:2b:8b:ed:55:3d:65:28:f8:aa:c7: b4:46:8c:6a:90:21:48:f2:cc:b5:33:01:c7:c2:b4: 11:b3:30:c7:e8:75:a7:c3:db:39:5f:2a:49:de:67: 76:08:3a:df:12:be:8f:08:5b:3c:fa:ab:09:d2:dd: d9:a1:9f:9a:12:cf:b2:d3:a5:36:8a:4b:45:e2:1c: bb:6f:a4:45:0c:19:25:e1:17:c0:af:0e:27:79:6b: 10:0a:5b:47:52:d4:8a:d4:fb:50:ac:40:ad:5a:bf: 16:5b:bc:a4:9b:7d:23:4c:cb:6e:5a:fa:ed:7f:dd: 8b:f9:83:ee:b7:05:1e:c5:94:43:94:a9:22:46:d4: 78:34:42:b9:f7:77:6d:d7:f5:37:26:fd:4f:80:b9: d8:81:1c:e9:3c:44:34:f4:13:93:53:c3:79:56:5b: c2:12:17:48:af:5d:d7:27:de:e5:47:a7:52:82:8c: fe:42:ed:ec:38:e2:91:1a:e7:33:a3:f5:f2:38:15: 8d:a9:d2:0a:89:f6:a5:d3:da:71:2e:a7:da:d2:a3: 81:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:79:1D:DE:2C:9B:DE:A3:66:CE:7E:C6:C5:A8:00:C5:DA:63:34:54 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/VHkd3iyb3qNmzn7GxagAxdpjNFQ.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.156.136.0/22 46.243.228.0/22 92.255.56.0/24 92.255.68.0/22 92.255.84.0/24 94.140.14.0/23 176.103.128.0/19 185.113.28.0/22 217.72.12.0/22 IPv6: 2a10:50c0::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 203872 212772 Signature Algorithm: sha256WithRSAEncryption 10:56:fb:5b:d0:de:c0:f7:5e:70:50:30:f1:bc:0c:1c:a2:8f: 3c:1d:4e:a0:59:6d:8a:7e:ce:24:b2:7c:8f:97:68:34:2d:ec: de:e4:45:04:a1:e9:ca:5a:87:5f:f0:49:6e:59:76:cc:16:5a: ef:cf:b0:b2:be:93:b3:1c:8c:ba:b5:5e:89:ba:fe:e5:05:20: 59:e0:84:0f:94:5a:88:a5:c0:a7:54:84:68:53:eb:89:48:9c: c2:21:04:3f:e7:51:5a:55:84:f5:c9:77:4c:e3:91:d1:30:dc: 58:30:dd:27:66:e8:86:80:38:d8:bb:00:aa:5f:b8:30:ee:4a: fd:b8:62:11:0e:df:96:c8:dd:c4:34:2c:3f:7c:8c:69:38:5b: 04:a7:d6:d5:cd:de:6e:dc:4a:14:93:4f:fc:07:4b:dd:e5:ce: e3:00:84:33:05:30:e9:bb:a6:6e:b1:21:86:b2:1d:fa:1b:b1: f4:e4:1c:d8:a8:18:32:86:97:d5:2d:73:05:23:a8:56:6b:37: c8:1a:a3:04:55:0c:a9:f2:e7:d8:a9:03:7a:29:c3:57:fb:7c: 86:b0:12:a1:6f:1b:d2:c1:73:cf:2e:c1:60:3e:a1:46:7d:7f: d8:d8:bc:9d:71:d5:0f:60:83:fe:73:fe:90:7a:1d:02:aa:04: 47:05:1d:dc -----BEGIN CERTIFICATE----- MIIF2DCCBMCgAwIBAgISAZt5fzcKddWwcGk4VDxgacNvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTIxODU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1NDc5MWRkZTJjOWJkZWEzNjZjZTdlYzZjNWE4MDBjNWRhNjMzNDU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsAwibwuPqgTaPq0wC0Hd2XOKumb sfaC6y44VccMRkIhi2018eEcGVKZvC33tGSJ+yuL7VU9ZSj4qse0RoxqkCFI8sy1 MwHHwrQRszDH6HWnw9s5XypJ3md2CDrfEr6PCFs8+qsJ0t3ZoZ+aEs+y06U2iktF 4hy7b6RFDBkl4RfArw4neWsQCltHUtSK1PtQrECtWr8WW7ykm30jTMtuWvrtf92L +YPutwUexZRDlKkiRtR4NEK593dt1/U3Jv1PgLnYgRzpPEQ09BOTU8N5VlvCEhdI r13XJ97lR6dSgoz+Qu3sOOKRGuczo/XyOBWNqdIKifal09pxLqfa0qOBKwIDAQAB o4IC5DCCAuAwHQYDVR0OBBYEFFR5Hd4sm96jZs5+xsWoAMXaYzRUMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhmLzE3ZTU2 Ny05ZTQ0LTQ0NGEtYWM2NC0xOGIzNGJlYTliMDYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYvMTdlNTY3 LTllNDQtNDQ0YS1hYzY0LTE4YjM0YmVhOWIwNi8xL1ZIa2QzaXliM3FObXpuN0d4 YWdBeGRwak5GUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF4GCCsGAQUF BwEHAQH/BE8wTTA8BAIAATA2AwQCLZyIAwQCLvPkAwQAXP84AwQCXP9EAwQAXP9U AwQBXowOAwQFsGeAAwQCuXEcAwQC2UgMMA0EAgACMAcDBQAqEFDAMB8GCCsGAQUF BwEIAQH/BBAwDqAMMAoCAwMcYAIDAz8kMA0GCSqGSIb3DQEBCwUAA4IBAQAQVvtb 0N7A915wUDDxvAwcoo88HU6gWW2Kfs4ksnyPl2g0Leze5EUEoenKWodf8EluWXbM Flrvz7CyvpOzHIy6tV6Juv7lBSBZ4IQPlFqIpcCnVIRoU+uJSJzCIQQ/51FaVYT1 yXdM45HRMNxYMN0nZuiGgDjYuwCqX7gw7kr9uGIRDt+WyN3ENCw/fIxpOFsEp9bV zd5u3EoUk0/8B0vd5c7jAIQzBTDpu6ZusSGGsh36G7H05BzYqBgyhpfVLXMFI6hW azfIGqMEVQyp8ufYqQN6KcNX+3yGsBKhbxvSwXPPLsFgPqFGfX/Y2LydcdUPYIP+ c/6Qeh0CqgRHBR3c -----END CERTIFICATE-----Generated at Mon Feb 9 15:09:11 2026 by rpki-client