This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/W1t31kWP-tmE5R3zNPPo-YOCrCQ.cer File: W1t31kWP-tmE5R3zNPPo-YOCrCQ.cer (raw, json) Hash identifier: 5OzMOgLZk20GH6n2KHxaHdlIdtyCjFMNmi+Kc7CRJzI= Subject key identifier: 5B:5B:77:D6:45:8F:FA:D9:84:E5:1D:F3:34:F3:E8:F9:83:82:AC:24 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7EA6FAC2BBD653BC7361DC24D56C9DEB Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ea/1540c1-9867-403d-8b9b-f3d9f63d5d97/1/W1t31kWP-tmE5R3zNPPo-YOCrCQ.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ea/1540c1-9867-403d-8b9b-f3d9f63d5d97/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 12:20:31 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 47273 IP: 139.28.40.0/22 IP: 185.15.80.0/22 IP: 185.82.248.0/22 IP: 193.239.36.0/22 IP: 2a05:9680::/29 IP: 2a09:f280::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:fa:c2:bb:d6:53:bc:73:61:dc:24:d5:6c:9d:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 12:20:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5b5b77d6458ffad984e51df334f3e8f98382ac24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:74:22:8b:5d:ea:32:ca:a2:9b:b5:9c:95:57: 16:80:23:a4:83:82:1b:02:91:25:97:31:36:41:11: 47:1a:af:f4:7c:07:58:bc:ea:9d:b6:be:66:30:7c: 03:bd:a3:33:2e:4e:ba:c1:df:d1:53:f6:b2:67:81: 97:e8:ad:a7:88:ab:1d:a1:54:46:ef:fd:a7:5a:ed: b3:b4:fc:88:a6:af:19:6f:45:71:c3:00:a1:2c:4b: dc:36:66:66:d6:c8:56:c5:59:24:3b:f8:41:39:ba: d4:c9:1f:d1:f2:91:75:df:2d:21:67:2b:e0:43:ff: 05:ac:a7:5c:e9:37:08:62:38:83:38:55:67:23:11: 07:6a:6c:45:e7:3f:df:96:af:f0:59:a2:2f:d1:d2: 85:9c:13:c6:83:cd:67:e6:0d:3d:a2:b8:65:5b:54: c3:28:65:e4:51:b3:09:ab:f3:c7:59:5e:a6:67:de: cb:6b:36:a5:5a:cc:73:d4:3a:8f:1c:6a:f8:df:be: 6d:97:8e:a1:3b:ad:da:35:77:0e:66:11:3a:4a:69: 8e:b7:e3:d4:58:cc:e7:93:64:3b:5d:d4:68:b8:dc: d4:83:a8:cc:be:40:d6:98:52:46:38:83:a5:fb:b9: e1:ef:39:84:40:5e:a8:48:28:7a:bc:88:6b:13:7d: d9:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:5B:77:D6:45:8F:FA:D9:84:E5:1D:F3:34:F3:E8:F9:83:82:AC:24 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1540c1-9867-403d-8b9b-f3d9f63d5d97/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1540c1-9867-403d-8b9b-f3d9f63d5d97/1/W1t31kWP-tmE5R3zNPPo-YOCrCQ.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 139.28.40.0/22 185.15.80.0/22 185.82.248.0/22 193.239.36.0/22 IPv6: 2a05:9680::/29 2a09:f280::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 47273 Signature Algorithm: sha256WithRSAEncryption 3d:37:09:4b:dd:79:4e:01:08:18:5a:f1:5d:f4:e3:53:8d:07: da:96:1d:fe:6c:06:5b:a3:31:ea:3b:bd:5c:f3:5d:ec:ff:2f: 71:47:80:00:cd:8e:e0:1a:e2:8d:86:a9:6b:ab:6f:f4:b4:d8: 16:39:ca:ca:5c:1b:bc:8d:d2:01:e6:0e:6c:fd:73:5f:3f:71: 3e:39:50:98:77:4f:1f:47:36:c2:02:ad:b2:dd:6c:23:7e:a8: ef:97:e4:5c:5b:3d:5c:71:3e:1e:09:57:a2:d5:c4:eb:f7:69: 47:9b:9d:de:f7:81:e5:c8:95:3b:56:17:de:0c:0d:e3:13:bf: 83:1d:23:fb:94:3f:db:97:2b:18:e9:1e:66:aa:75:ce:95:81: 72:fc:99:bc:d8:c3:69:36:eb:40:00:52:c3:b7:92:fc:53:9d: 60:c7:62:4e:98:a5:b5:a3:f7:9b:b0:6e:92:dc:b4:ae:71:d6: 71:b4:c3:ba:ac:00:3f:78:4c:a3:e2:b5:0c:3f:44:12:67:9c: f9:b8:3e:ac:04:ae:0c:42:07:c4:51:c2:a2:0d:f4:98:79:9c: 5a:d4:52:de:35:66:f1:6c:07:e5:7e:27:1c:89:83:35:18:35: 04:bd:52:ad:d0:85:8f:ba:eb:3f:61:6c:dd:51:ac:75:17:e4: 28:a7:82:4c -----BEGIN CERTIFICATE----- MIIFvDCCBKSgAwIBAgISAZt+pvrCu9ZTvHNh3CTVbJ3rMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTIyMDMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YjViNzdkNjQ1OGZmYWQ5ODRlNTFkZjMzNGYzZThmOTgzODJhYzI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3Qii13qMsqim7WclVcWgCOkg4Ib ApEllzE2QRFHGq/0fAdYvOqdtr5mMHwDvaMzLk66wd/RU/ayZ4GX6K2niKsdoVRG 7/2nWu2ztPyIpq8Zb0VxwwChLEvcNmZm1shWxVkkO/hBObrUyR/R8pF13y0hZyvg Q/8FrKdc6TcIYjiDOFVnIxEHamxF5z/flq/wWaIv0dKFnBPGg81n5g09orhlW1TD KGXkUbMJq/PHWV6mZ97LazalWsxz1DqPHGr4375tl46hO63aNXcOZhE6SmmOt+PU WMznk2Q7XdRouNzUg6jMvkDWmFJGOIOl+7nh7zmEQF6oSCh6vIhrE33ZuQIDAQAB o4ICyDCCAsQwHQYDVR0OBBYEFFtbd9ZFj/rZhOUd8zTz6PmDgqwkMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VhLzE1NDBj MS05ODY3LTQwM2QtOGI5Yi1mM2Q5ZjYzZDVkOTcvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEvMTU0MGMx LTk4NjctNDAzZC04YjliLWYzZDlmNjNkNWQ5Ny8xL1cxdDMxa1dQLXRtRTVSM3pO UFBvLVlPQ3JDUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEcGCCsGAQUF BwEHAQH/BDgwNjAeBAIAATAYAwQCixwoAwQCuQ9QAwQCuVL4AwQCwe8kMBQEAgAC MA4DBQMqBZaAAwUDKgnygDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMAuKkwDQYJ KoZIhvcNAQELBQADggEBAD03CUvdeU4BCBha8V3041ONB9qWHf5sBlujMeo7vVzz Xez/L3FHgADNjuAa4o2GqWurb/S02BY5yspcG7yN0gHmDmz9c18/cT45UJh3Tx9H NsICrbLdbCN+qO+X5FxbPVxxPh4JV6LVxOv3aUebnd73geXIlTtWF94MDeMTv4Md I/uUP9uXKxjpHmaqdc6VgXL8mbzYw2k260AAUsO3kvxTnWDHYk6YpbWj95uwbpLc tK5x1nG0w7qsAD94TKPitQw/RBJnnPm4PqwErgxCB8RRwqIN9Jh5nFrUUt41ZvFs B+V+JxyJgzUYNQS9Uq3QhY+66z9hbN1RrHUX5Cingkw= -----END CERTIFICATE-----Generated at Mon Feb 9 15:11:44 2026 by rpki-client