This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer File: W1JjSi6wP4VlteM9wrn0kEH3z7A.cer (raw, json) Hash identifier: kmkIBf0vop10TqStMHYWY4vC04qMjAkIGWUdLSSPvFM= Subject key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7D5CFA8F0B73C270A28B0B57AE076E9F Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 06:20:04 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 41689 AS: 43754 AS: 51433 AS: 203000 AS: 211421 IP: 5.134.192.0/21 IP: 31.7.64.0/20 IP: 31.25.128.0/21 IP: 37.156.8.0/21 IP: 37.156.144.0/22 IP: 46.143.0.0/17 IP: 46.245.64.0/18 IP: 77.238.104.0/21 IP: 77.238.120.0/22 IP: 78.110.112.0/21 IP: 78.110.124.0/22 IP: 79.127.0.0/17 IP: 85.198.8.0 -- 85.198.23.255 IP: 85.198.28.0/22 IP: 86.57.0.0/17 IP: 89.41.40.0/22 IP: 89.235.96.0/22 IP: 93.115.144.0/21 IP: 93.118.180.0/22 IP: 109.122.224.0/20 IP: 128.65.176.0/20 IP: 176.65.240.0/22 IP: 176.65.252.0/22 IP: 178.22.120.0/21 IP: 178.216.248.0/22 IP: 185.49.84.0/22 IP: 185.79.96.0/22 IP: 185.98.112.0/22 IP: 185.99.212.0/22 IP: 185.109.244.0 -- 185.109.251.255 IP: 185.112.32.0/21 IP: 185.120.220.0/22 IP: 185.120.248.0/22 IP: 185.129.116.0/22 IP: 185.141.168.0/22 IP: 185.141.212.0/22 IP: 185.147.160.0/22 IP: 188.0.240.0/23 IP: 193.151.128.0/19 IP: 212.33.192.0/20 IP: 2a05:1a00::/26 IP: 2a05:4c80::/29 IP: 2a06:5480::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:fa:8f:0b:73:c2:70:a2:8b:0b:57:ae:07:6e:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 06:20:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:20:85:7c:47:b0:ba:5c:de:5d:05:8a:c5:0a: ca:6f:f3:85:d2:da:b9:d1:31:d4:e3:44:64:e7:2d: 77:17:61:c1:59:49:72:2e:16:79:89:58:8f:9e:73: 13:49:b0:34:53:0c:f4:bc:52:fd:f1:6b:3b:99:f2: b2:1e:87:95:38:5a:ab:06:8f:a7:37:36:07:d9:2f: 50:3b:e7:a8:4c:7c:ab:26:30:fe:be:98:60:a8:9b: b2:39:ad:2a:b2:ad:f8:b4:5e:1e:4a:8f:b6:e0:a1: ea:19:a7:7a:8f:81:66:63:63:29:8a:79:a1:45:e5: 51:e5:a2:50:e0:a9:06:91:b3:a7:c7:9e:98:e8:e7: da:5b:6f:e4:3f:9f:8f:ab:d2:4a:b1:ba:8b:1c:6c: 61:f4:d9:72:e3:bd:a1:63:07:32:90:08:dd:fc:dd: 27:98:b1:48:1a:ab:8f:79:e1:48:12:e0:69:71:f2: 7a:e1:ab:b0:f9:1f:99:df:5e:19:6c:1f:29:58:e0: e2:77:60:2e:39:fa:2a:c8:e0:ec:89:80:1b:51:5e: 01:28:7c:4f:6c:b4:c1:79:30:44:0d:c3:6b:79:3c: be:47:f6:f7:7e:a4:24:69:d8:9e:f5:ea:d4:05:3c: 3c:3d:32:43:27:50:93:52:72:16:57:f0:19:53:c1: 1d:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.134.192.0/21 31.7.64.0/20 31.25.128.0/21 37.156.8.0/21 37.156.144.0/22 46.143.0.0/17 46.245.64.0/18 77.238.104.0/21 77.238.120.0/22 78.110.112.0/21 78.110.124.0/22 79.127.0.0/17 85.198.8.0-85.198.23.255 85.198.28.0/22 86.57.0.0/17 89.41.40.0/22 89.235.96.0/22 93.115.144.0/21 93.118.180.0/22 109.122.224.0/20 128.65.176.0/20 176.65.240.0/22 176.65.252.0/22 178.22.120.0/21 178.216.248.0/22 185.49.84.0/22 185.79.96.0/22 185.98.112.0/22 185.99.212.0/22 185.109.244.0-185.109.251.255 185.112.32.0/21 185.120.220.0/22 185.120.248.0/22 185.129.116.0/22 185.141.168.0/22 185.141.212.0/22 185.147.160.0/22 188.0.240.0/23 193.151.128.0/19 212.33.192.0/20 IPv6: 2a05:1a00::/26 2a05:4c80::/29 2a06:5480::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 41689 43754 51433 203000 211421 Signature Algorithm: sha256WithRSAEncryption 1b:4c:ba:b6:31:10:cc:f9:65:39:dd:ab:f7:4f:ae:d2:7b:54: 0e:de:da:27:29:78:16:fe:8b:3f:11:06:34:c8:c9:19:a8:22: b1:21:2d:a8:49:a3:9b:cc:10:60:05:cb:16:24:34:0b:e4:e0: 1f:63:e9:cd:27:ea:72:5a:ed:ae:fc:49:30:53:7c:b7:4b:97: 89:52:4e:d7:96:2c:49:25:a9:b7:67:b3:b2:7c:a4:1b:3e:74: 98:da:69:15:8d:d1:30:72:1a:ce:84:86:c5:51:02:8c:72:71: 8d:ea:29:e1:ad:15:07:5a:d1:52:e2:b8:50:39:c7:32:ea:af: 8c:56:9b:c2:a4:a6:b6:63:1f:5c:a6:9e:71:83:fb:83:1b:1c: fe:33:4f:e1:3e:0f:52:1b:ef:5b:28:02:3c:ef:fc:8c:f7:56: 16:16:b3:76:72:72:3f:44:09:77:4e:6c:06:f9:9b:9a:8b:a2: 3d:de:24:61:84:cd:88:ff:b6:e5:e4:59:05:e4:eb:3a:0e:5d: cd:d4:f8:cb:b1:db:39:23:52:d2:cd:f9:dd:0a:a8:86:09:68: 00:ae:c5:82:b0:98:72:7c:12:d2:ca:d5:44:a2:d8:d9:37:9c: 8d:de:2d:5b:ba:5f:a4:55:15:f0:c6:49:8c:d9:87:43:de:52: 8e:cf:7e:31 -----BEGIN CERTIFICATE----- MIIGyTCCBbGgAwIBAgISAZt9XPqPC3PCcKKLC1euB26fMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDYyMDA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YjUyNjM0YTJlYjAzZjg1NjViNWUzM2RjMmI5ZjQ5MDQxZjdjZmIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5iCFfEewulzeXQWKxQrKb/OF0tq5 0THU40Rk5y13F2HBWUlyLhZ5iViPnnMTSbA0Uwz0vFL98Ws7mfKyHoeVOFqrBo+n NzYH2S9QO+eoTHyrJjD+vphgqJuyOa0qsq34tF4eSo+24KHqGad6j4FmY2Mpinmh ReVR5aJQ4KkGkbOnx56Y6OfaW2/kP5+Pq9JKsbqLHGxh9Nly472hYwcykAjd/N0n mLFIGquPeeFIEuBpcfJ64auw+R+Z314ZbB8pWODid2AuOfoqyODsiYAbUV4BKHxP bLTBeTBEDcNreTy+R/b3fqQkadie9erUBTw8PTJDJ1CTUnIWV/AZU8EdQQIDAQAB o4ID1TCCA9EwHQYDVR0OBBYEFFtSY0ousD+FZbXjPcK59JBB98+wMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IwLzdhNWI0 NC02YjE4LTQyZDMtYThkNS1kYzY1NTRmZDEyMzUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAvN2E1YjQ0 LTZiMTgtNDJkMy1hOGQ1LWRjNjU1NGZkMTIzNS8xL1cxSmpTaTZ3UDRWbHRlTTl3 cm4wa0VIM3o3QS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBPgYIKwYB BQUHAQcBAf8EggEtMIIBKTCCAQgEAgABMIIBAAMEAwWGwAMEBB8HQAMEAx8ZgAME AyWcCAMEAiWckAMEBy6PAAMEBi71QAMEA03uaAMEAk3ueAMEA05ucAMEAk5ufAME B09/ADAMAwQDVcYIAwQDVcYQAwQCVcYcAwQHVjkAAwQCWSkoAwQCWetgAwQDXXOQ AwQCXXa0AwQEbXrgAwQEgEGwAwQCsEHwAwQCsEH8AwQDshZ4AwQCstj4AwQCuTFU AwQCuU9gAwQCuWJwAwQCuWPUMAwDBAK5bfQDBAK5bfgDBAO5cCADBAK5eNwDBAK5 ePgDBAK5gXQDBAK5jagDBAK5jdQDBAK5k6ADBAG8APADBAXBl4ADBATUIcAwGwQC AAIwFQMFBioFGgADBQMqBUyAAwUDKgZUgDAuBggrBgEFBQcBCAEB/wQfMB2gGzAZ AgMAotkCAwCq6gIDAMjpAgMDGPgCAwM53TANBgkqhkiG9w0BAQsFAAOCAQEAG0y6 tjEQzPllOd2r90+u0ntUDt7aJyl4Fv6LPxEGNMjJGagisSEtqEmjm8wQYAXLFiQ0 C+TgH2PpzSfqclrtrvxJMFN8t0uXiVJO15YsSSWpt2ezsnykGz50mNppFY3RMHIa zoSGxVECjHJxjeop4a0VB1rRUuK4UDnHMuqvjFabwqSmtmMfXKaecYP7gxsc/jNP 4T4PUhvvWygCPO/8jPdWFhazdnJyP0QJd05sBvmbmouiPd4kYYTNiP+25eRZBeTr Og5dzdT4y7HbOSNS0s353QqohgloAK7FgrCYcnwS0srVRKLY2Tecjd4tW7pfpFUV 8MZJjNmHQ95Sjs9+MQ== -----END CERTIFICATE-----Generated at Tue Jan 27 01:08:16 2026 by rpki-client