This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer File: WAbaWlklEnXOsYaU4XQVNSrt1qo.cer (raw, json) Hash identifier: GdyrYCnEsdrVutt7NTQOtcWZvRKPY3rvPUu5bGIWPps= Subject key identifier: 58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B76EB2496D8C04B302394E4345171CB3F Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/WAbaWlklEnXOsYaU4XQVNSrt1qo.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 00:18:00 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 43332 AS: 57991 AS: 58119 AS: 203840 AS: 212560 IP: 31.193.184.0/24 IP: 91.237.119.0/24 IP: 185.187.80.0/22 IP: 185.220.144.0/22 IP: 185.255.196.0/22 IP: 2a0b:9b80::/29 IP: 2a0b:f7c0::/29 IP: 2a0c:b200::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 11:32:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:24:96:d8:c0:4b:30:23:94:e4:34:51:71:cb:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 00:18:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5806da5a59251275ceb18694e17415352aedd6aa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:d4:09:37:3b:0f:cb:53:77:b5:6e:0b:97:54: dd:e8:90:e1:c0:e1:ad:85:30:c8:07:d2:f3:26:2e: c6:23:07:69:02:33:54:e1:68:8d:6f:40:86:5b:86: b1:46:0d:62:4f:1f:ec:1e:3d:06:ef:8e:0c:3e:c4: 82:be:b7:c1:9a:50:dd:7e:d2:45:55:80:ab:2b:3c: 4f:5a:ae:ac:d6:35:f4:38:f3:9f:7b:84:6c:e7:4a: a3:8c:a3:a5:ae:b9:78:7f:63:4f:53:8a:8b:77:b5: 9e:1d:5e:84:2d:87:40:6b:8e:b0:0c:25:4e:20:d7: ad:ee:3f:f5:b5:2c:b0:8d:26:08:d5:97:c1:90:c5: c6:9e:cb:bc:49:b6:11:e8:39:6b:b5:b5:dd:b4:3b: f7:61:dc:78:39:3f:36:30:3b:41:e2:f3:b1:69:f5: 36:2a:70:cd:d9:e8:df:94:3e:d2:2a:58:6a:d0:c5: 05:39:70:8d:e0:b8:03:00:6a:8e:a4:be:20:bf:f1: 1b:da:35:03:81:95:10:21:bb:3c:2e:b0:40:0f:b0: 20:3b:83:25:34:bb:01:e3:a5:a5:16:0a:c5:96:9c: 14:10:dd:a7:62:62:07:b5:51:3b:43:0d:79:9c:6f: 82:c5:a4:c9:21:33:51:90:8c:c7:3f:97:08:4e:6b: 6c:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/WAbaWlklEnXOsYaU4XQVNSrt1qo.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.193.184.0/24 91.237.119.0/24 185.187.80.0/22 185.220.144.0/22 185.255.196.0/22 IPv6: 2a0b:9b80::/29 2a0b:f7c0::/29 2a0c:b200::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 43332 57991 58119 203840 212560 Signature Algorithm: sha256WithRSAEncryption 3b:3f:5c:7b:a9:70:1f:1f:5e:ea:17:8e:79:f0:40:3e:64:75: 2a:16:e6:01:b6:cb:d3:0a:54:c6:b7:0b:56:b1:d6:e8:5b:4c: 4b:a5:4f:99:18:82:79:6c:39:10:3b:94:c1:bb:c4:18:46:3d: 29:4e:62:87:8b:e3:20:d8:4c:cf:68:d0:f3:87:ce:b4:55:cb: 2f:d8:32:f2:aa:48:ba:6a:e6:9b:0e:5e:d8:1f:e3:5e:1e:b6: 89:a8:df:cf:f6:b6:74:c3:55:d6:4f:75:96:8e:33:62:49:b2: 12:16:de:16:b0:8c:75:c5:88:6f:99:32:b9:b8:72:c1:26:2d: 09:29:51:5e:9a:26:49:66:9e:12:ae:8b:48:75:84:c9:e3:83: 9b:2f:a2:ee:89:ef:cd:01:76:81:09:43:4c:01:9d:17:f5:1a: f3:3d:4a:ca:ae:1d:f4:9b:45:ba:a7:e3:d1:3e:7d:a5:a7:e2: fd:eb:87:73:67:01:09:a7:99:53:d7:2a:e2:d7:ea:9f:09:9c: 71:d4:55:25:02:8d:77:6a:d5:c3:a8:4e:1c:82:b7:17:9e:36: b9:c4:63:3c:47:9e:20:7a:ff:1e:43:11:db:a1:b5:3b:e2:10: 22:0d:34:cc:e3:1d:f2:25:45:e0:c6:b7:4b:97:f2:cd:98:7f: 76:8a:df:8b -----BEGIN CERTIFICATE----- MIIF3TCCBMWgAwIBAgISAZt26ySW2MBLMCOU5DRRccs/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDAxODAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ODA2ZGE1YTU5MjUxMjc1Y2ViMTg2OTRlMTc0MTUzNTJhZWRkNmFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5tQJNzsPy1N3tW4Ll1Td6JDhwOGt hTDIB9LzJi7GIwdpAjNU4WiNb0CGW4axRg1iTx/sHj0G744MPsSCvrfBmlDdftJF VYCrKzxPWq6s1jX0OPOfe4Rs50qjjKOlrrl4f2NPU4qLd7WeHV6ELYdAa46wDCVO INet7j/1tSywjSYI1ZfBkMXGnsu8SbYR6DlrtbXdtDv3Ydx4OT82MDtB4vOxafU2 KnDN2ejflD7SKlhq0MUFOXCN4LgDAGqOpL4gv/Eb2jUDgZUQIbs8LrBAD7AgO4Ml NLsB46WlFgrFlpwUEN2nYmIHtVE7Qw15nG+CxaTJITNRkIzHP5cITmts6QIDAQAB o4IC6TCCAuUwHQYDVR0OBBYEFFgG2lpZJRJ1zrGGlOF0FTUq7daqMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I2LzVkZjEx OS1iMWRmLTRjZWItYmQ0Zi1mNzljY2MzZjRlYWYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYvNWRmMTE5 LWIxZGYtNGNlYi1iZDRmLWY3OWNjYzNmNGVhZi8xL1dBYmFXbGtsRW5YT3NZYVU0 WFFWTlNydDFxby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFQGCCsGAQUF BwEHAQH/BEUwQzAkBAIAATAeAwQAH8G4AwQAW+13AwQCubtQAwQCudyQAwQCuf/E MBsEAgACMBUDBQMqC5uAAwUDKgv3wAMFAyoMsgAwLgYIKwYBBQUHAQgBAf8EHzAd oBswGQIDAKlEAgMA4ocCAwDjBwIDAxxAAgMDPlAwDQYJKoZIhvcNAQELBQADggEB ADs/XHupcB8fXuoXjnnwQD5kdSoW5gG2y9MKVMa3C1ax1uhbTEulT5kYgnlsORA7 lMG7xBhGPSlOYoeL4yDYTM9o0POHzrRVyy/YMvKqSLpq5psOXtgf414etomo38/2 tnTDVdZPdZaOM2JJshIW3hawjHXFiG+ZMrm4csEmLQkpUV6aJklmnhKui0h1hMnj g5svou6J780BdoEJQ0wBnRf1GvM9SsquHfSbRbqn49E+faWn4v3rh3NnAQmnmVPX KuLX6p8JnHHUVSUCjXdq1cOoThyCtxeeNrnEYzxHniB6/x5DEduhtTviECINNMzj HfIlReDGt0uX8s2Yf3aK34s= -----END CERTIFICATE-----Generated at Wed Jan 7 13:47:59 2026 by rpki-client