This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/X8JHQzBLf9mgZdIs2JzalQReJpw.cer File: X8JHQzBLf9mgZdIs2JzalQReJpw.cer (raw, json) Hash identifier: iFtV5Yl0arYBn1WpD+lRZx+xOH0SYL5CRK4TIyM6bm0= Subject key identifier: 5F:C2:47:43:30:4B:7F:D9:A0:65:D2:2C:D8:9C:DA:95:04:5E:26:9C Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7BA4DAC16172E775FFD4AA1416B41671 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/33/e5a2c7-0453-48ba-b10c-0ba9679de2e6/1/X8JHQzBLf9mgZdIs2JzalQReJpw.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/33/e5a2c7-0453-48ba-b10c-0ba9679de2e6/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 22:19:20 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 201659 IP: 185.61.160.0/22 IP: 2a02:7ae0::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a4:da:c1:61:72:e7:75:ff:d4:aa:14:16:b4:16:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 22:19:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5fc24743304b7fd9a065d22cd89cda95045e269c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:d7:b8:af:ea:e4:be:04:3b:f1:27:d6:83:aa: cc:dd:54:95:20:20:de:20:7f:12:9f:d9:9a:f7:8f: 96:bd:e6:9d:67:ee:0b:4e:b5:b7:ce:de:2a:5f:7c: 67:85:e1:ea:83:eb:29:8e:8b:f2:ff:1b:77:a2:21: 1c:9a:91:06:a2:c3:aa:71:f6:14:12:7c:3b:41:0b: fa:71:0a:86:ef:8a:91:72:11:99:31:2e:07:49:91: df:67:6e:1b:1a:1f:bc:57:37:7a:46:5f:06:75:70: 36:dc:ba:43:bc:55:fa:62:5b:c3:e6:7e:ad:e7:37: e9:21:08:90:ae:d5:0c:ba:80:f6:45:ad:ac:22:97: 1a:dd:fb:0c:e4:61:14:9d:d3:aa:9b:0d:85:a0:d5: 84:c5:91:6a:dd:0d:f3:5d:de:17:a8:e8:17:76:89: 60:16:f5:f9:f2:60:fd:12:f6:f7:83:a9:e6:1a:0b: 23:f6:a1:c6:4a:3c:eb:25:ff:36:38:6c:d4:cd:e2: ce:34:59:99:92:90:1b:b8:27:93:bc:27:d6:9e:26: 32:40:5d:31:c5:3c:14:9a:d4:5d:80:25:b4:d0:24: b4:b3:34:9e:f9:ab:7b:00:67:16:16:24:7e:ed:fb: 02:6b:52:dc:ce:29:fe:9a:aa:5b:ac:d6:68:b3:37: b7:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:C2:47:43:30:4B:7F:D9:A0:65:D2:2C:D8:9C:DA:95:04:5E:26:9C X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/e5a2c7-0453-48ba-b10c-0ba9679de2e6/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/e5a2c7-0453-48ba-b10c-0ba9679de2e6/1/X8JHQzBLf9mgZdIs2JzalQReJpw.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.61.160.0/22 IPv6: 2a02:7ae0::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 201659 Signature Algorithm: sha256WithRSAEncryption 16:4c:e0:2b:36:d6:f1:fa:ab:8d:cf:0b:50:42:ad:1e:07:67: a3:17:db:87:15:3e:ba:18:38:67:19:e4:06:76:01:3b:ea:78: 14:ec:73:24:ba:b4:3c:28:e5:9e:ab:4f:1a:75:ea:fc:b8:d7: 5f:6c:1f:1c:46:2e:09:73:0b:37:b8:a2:4b:cf:29:43:e7:c2: 85:09:67:42:ea:4f:37:41:bd:b4:d0:b0:6b:1e:b2:4d:ca:76: 47:fd:a2:c6:07:d4:c7:dd:53:00:8d:f3:08:53:44:59:a3:af: 80:da:8b:25:44:f6:85:bd:40:4e:ff:25:9a:2f:f4:7f:13:f3: 35:27:fd:64:14:4f:a8:76:96:19:75:ca:73:ec:7e:97:f6:36: 07:f9:a8:40:28:89:ae:ea:99:de:ef:3b:dc:91:85:ce:13:1c: 00:c1:fb:e0:36:d7:7c:24:37:e0:42:a4:d3:58:89:e0:e1:43: 0b:f8:96:e6:fa:11:6b:61:b1:32:d4:e4:25:58:04:6f:85:09: a4:ec:c5:b2:9f:95:9d:54:ef:a0:ef:5a:52:b1:91:20:7e:76: ff:55:bf:62:86:ad:0d:98:88:89:44:12:8b:6a:63:df:ee:39: da:35:ed:fb:29:6a:42:7a:0d:26:28:84:de:05:c8:05:b6:bb: 2a:6e:da:ce -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt7pNrBYXLndf/UqhQWtBZxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjIxOTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZmMyNDc0MzMwNGI3ZmQ5YTA2NWQyMmNkODljZGE5NTA0NWUyNjljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNe4r+rkvgQ78SfWg6rM3VSVICDe IH8Sn9ma94+WveadZ+4LTrW3zt4qX3xnheHqg+spjovy/xt3oiEcmpEGosOqcfYU Enw7QQv6cQqG74qRchGZMS4HSZHfZ24bGh+8Vzd6Rl8GdXA23LpDvFX6YlvD5n6t 5zfpIQiQrtUMuoD2Ra2sIpca3fsM5GEUndOqmw2FoNWExZFq3Q3zXd4XqOgXdolg FvX58mD9Evb3g6nmGgsj9qHGSjzrJf82OGzUzeLONFmZkpAbuCeTvCfWniYyQF0x xTwUmtRdgCW00CS0szSe+at7AGcWFiR+7fsCa1Lczin+mqpbrNZosze3FwIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFF/CR0MwS3/ZoGXSLNic2pUEXiacMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzL2U1YTJj Ny0wNDUzLTQ4YmEtYjEwYy0wYmE5Njc5ZGUyZTYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMvZTVhMmM3 LTA0NTMtNDhiYS1iMTBjLTBiYTk2NzlkZTJlNi8xL1g4SkhRekJMZjltZ1pkSXMy SnphbFFSZUpwdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCuT2gMA0EAgACMAcDBQAqAnrgMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwMTuzANBgkqhkiG9w0BAQsFAAOCAQEAFkzgKzbW8fqr jc8LUEKtHgdnoxfbhxU+uhg4ZxnkBnYBO+p4FOxzJLq0PCjlnqtPGnXq/LjXX2wf HEYuCXMLN7iiS88pQ+fChQlnQupPN0G9tNCwax6yTcp2R/2ixgfUx91TAI3zCFNE WaOvgNqLJUT2hb1ATv8lmi/0fxPzNSf9ZBRPqHaWGXXKc+x+l/Y2B/moQCiJruqZ 3u873JGFzhMcAMH74DbXfCQ34EKk01iJ4OFDC/iW5voRa2GxMtTkJVgEb4UJpOzF sp+VnVTvoO9aUrGRIH52/1W/YoatDZiIiUQSi2pj3+452jXt+ylqQnoNJiiE3gXI Bba7Km7azg== -----END CERTIFICATE-----Generated at Mon Feb 9 18:26:01 2026 by rpki-client