This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Vhx8zFI3Z4c3QJLq-sJiPgVxqB4.cer File: Vhx8zFI3Z4c3QJLq-sJiPgVxqB4.cer (raw, json) Hash identifier: pEpMCCNvKVvm8dcsUhOiIAcvsy/BNSo0fQ5gtvv68y8= Subject key identifier: 56:1C:7C:CC:52:37:67:87:37:40:92:EA:FA:C2:62:3E:05:71:A8:1E Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B79ED331AC6DF44E458510B2855B075AE Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/92/dca257-d163-4ed9-94ad-c170091283eb/1/Vhx8zFI3Z4c3QJLq-sJiPgVxqB4.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/92/dca257-d163-4ed9-94ad-c170091283eb/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 14:19:06 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 25385 AS: 211332 IP: 91.233.183.0/24 IP: 2a09:f140::/29 IP: 2a0d:c140::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:33:1a:c6:df:44:e4:58:51:0b:28:55:b0:75:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 14:19:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=561c7ccc52376787374092eafac2623e0571a81e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:29:05:d3:05:4d:b9:b4:87:5f:38:e3:b0:40: 06:82:dd:e6:c8:16:d4:ee:d3:04:25:97:e7:40:e4: 43:fd:6f:c3:f7:bc:5a:1e:17:a6:75:aa:fc:7b:f3: 05:b9:ea:ed:f7:73:ab:50:f5:f1:0b:37:54:42:21: 9e:f3:bc:a7:66:ce:b3:64:7c:c3:ed:e5:85:c6:36: a3:fd:80:c8:d7:07:f0:c7:55:c8:fa:2d:cf:17:b4: 89:56:5a:07:26:87:e0:ba:3d:43:f3:11:91:73:f4: 87:48:ad:61:e7:b9:19:65:f6:3b:e4:50:3d:43:cd: 29:2b:b9:11:69:0b:f4:d6:f1:44:35:4e:fc:0c:12: a2:03:f8:7c:f0:d7:ed:23:3a:1a:d9:16:59:a0:e5: 4a:13:35:0f:65:e4:cf:5c:9f:e7:d5:10:18:c3:b6: a7:3c:d0:d8:b2:51:05:04:ea:76:46:72:b9:a2:44: 05:2a:e4:fc:64:ad:34:89:63:73:ab:9b:33:1f:04: cb:bd:f9:a5:0c:01:91:0d:14:5b:77:fa:48:4c:91: ca:85:6c:51:f4:4c:cc:35:94:77:04:4d:d3:44:99: 51:be:3b:bf:d6:99:c9:24:46:7f:0e:20:04:26:50: 94:03:e5:19:d6:23:80:87:4b:22:d6:6d:2a:c4:a4: 64:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:1C:7C:CC:52:37:67:87:37:40:92:EA:FA:C2:62:3E:05:71:A8:1E X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/dca257-d163-4ed9-94ad-c170091283eb/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/dca257-d163-4ed9-94ad-c170091283eb/1/Vhx8zFI3Z4c3QJLq-sJiPgVxqB4.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.233.183.0/24 IPv6: 2a09:f140::/29 2a0d:c140::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 25385 211332 Signature Algorithm: sha256WithRSAEncryption 48:b7:03:50:8c:4f:1f:d2:eb:cf:72:e3:e0:12:e5:cb:00:9a: fd:e9:ac:e6:b1:8a:e9:dd:1a:e9:e4:f6:d2:6e:32:37:28:f8: fc:2f:b5:52:c6:51:76:ff:66:d3:5c:5c:39:74:df:30:88:2a: 3c:82:ff:87:9d:ec:b7:57:f6:7a:df:bb:bb:12:23:14:05:22: c3:9f:62:5c:50:38:c1:e5:e8:ff:66:bd:2f:5f:c8:d9:48:7e: 82:50:e2:8b:e6:85:44:00:5a:a0:8c:e2:49:cf:da:e8:eb:d9: 66:54:e0:17:83:22:63:81:85:5a:94:6b:a8:f5:c7:89:83:0b: 9d:91:fa:44:13:b9:93:98:b8:4f:fe:35:de:25:13:74:3c:f9: d6:98:77:eb:d9:c8:12:6c:05:31:62:26:c0:a8:77:8a:78:26: 87:10:1a:93:e4:01:bc:08:c2:ed:91:b9:f3:fd:d5:98:59:4f: 3e:24:50:7d:ca:3a:37:b1:74:33:23:47:fd:f4:5b:79:01:dd: 80:64:81:62:f5:06:08:8a:51:5e:ec:c7:6f:42:3a:a2:25:8f: cd:4d:e3:78:d0:74:b5:2b:5f:0f:0b:cf:92:32:b2:d6:09:30: 27:0c:1c:23:ac:f2:5d:39:bb:93:86:41:15:9a:2b:4f:1a:66: ed:e1:59:61 -----BEGIN CERTIFICATE----- MIIFrjCCBJagAwIBAgISAZt57TMaxt9E5FhRCyhVsHWuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTQxOTA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1NjFjN2NjYzUyMzc2Nzg3Mzc0MDkyZWFmYWMyNjIzZTA1NzFhODFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtykF0wVNubSHXzjjsEAGgt3myBbU 7tMEJZfnQORD/W/D97xaHhemdar8e/MFuert93OrUPXxCzdUQiGe87ynZs6zZHzD 7eWFxjaj/YDI1wfwx1XI+i3PF7SJVloHJofguj1D8xGRc/SHSK1h57kZZfY75FA9 Q80pK7kRaQv01vFENU78DBKiA/h88NftIzoa2RZZoOVKEzUPZeTPXJ/n1RAYw7an PNDYslEFBOp2RnK5okQFKuT8ZK00iWNzq5szHwTLvfmlDAGRDRRbd/pITJHKhWxR 9EzMNZR3BE3TRJlRvju/1pnJJEZ/DiAEJlCUA+UZ1iOAh0si1m0qxKRkpwIDAQAB o4ICujCCArYwHQYDVR0OBBYEFFYcfMxSN2eHN0CS6vrCYj4FcageMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyL2RjYTI1 Ny1kMTYzLTRlZDktOTRhZC1jMTcwMDkxMjgzZWIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIvZGNhMjU3 LWQxNjMtNGVkOS05NGFkLWMxNzAwOTEyODNlYi8xL1ZoeDh6RkkzWjRjM1FKTHEt c0ppUGdWeHFCNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDUGCCsGAQUF BwEHAQH/BCYwJDAMBAIAATAGAwQAW+m3MBQEAgACMA4DBQMqCfFAAwUDKg3BQDAe BggrBgEFBQcBCAEB/wQPMA2gCzAJAgJjKQIDAzmEMA0GCSqGSIb3DQEBCwUAA4IB AQBItwNQjE8f0uvPcuPgEuXLAJr96azmsYrp3Rrp5PbSbjI3KPj8L7VSxlF2/2bT XFw5dN8wiCo8gv+Hney3V/Z637u7EiMUBSLDn2JcUDjB5ej/Zr0vX8jZSH6CUOKL 5oVEAFqgjOJJz9ro69lmVOAXgyJjgYValGuo9ceJgwudkfpEE7mTmLhP/jXeJRN0 PPnWmHfr2cgSbAUxYibAqHeKeCaHEBqT5AG8CMLtkbnz/dWYWU8+JFB9yjo3sXQz I0f99Ft5Ad2AZIFi9QYIilFe7MdvQjqiJY/NTeN40HS1K18PC8+SMrLWCTAnDBwj rPJdObuThkEVmitPGmbt4Vlh -----END CERTIFICATE-----Generated at Mon Feb 9 18:28:01 2026 by rpki-client