This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/XHGW3F9A-W0t5nmdx3G6o7U9zYI.cer File: XHGW3F9A-W0t5nmdx3G6o7U9zYI.cer (raw, json) Hash identifier: YLU37+FJ+pBCiiEXVL1JhTcsxgyHVf/hpgFDW9c+ENk= Subject key identifier: 5C:71:96:DC:5F:40:F9:6D:2D:E6:79:9D:C7:71:BA:A3:B5:3D:CD:82 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7A5B998C1D1382A099338AF2CD185B6D Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/06/73ea59-c14d-42b8-b69c-c52b5dd0e7ac/1/XHGW3F9A-W0t5nmdx3G6o7U9zYI.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/06/73ea59-c14d-42b8-b69c-c52b5dd0e7ac/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 16:19:42 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 56612 IP: 195.128.150.0/24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:99:8c:1d:13:82:a0:99:33:8a:f2:cd:18:5b:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 16:19:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5c7196dc5f40f96d2de6799dc771baa3b53dcd82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:55:c3:60:62:d0:09:62:f4:a7:c5:89:f3:57: 26:ca:26:79:a1:f9:d6:62:86:76:c9:05:06:1c:79: 06:57:48:1f:89:1d:aa:c5:81:54:48:c8:ee:48:2f: b8:81:24:e1:75:03:92:d5:a5:3a:a6:41:fe:ea:ee: 15:cb:66:32:c3:ee:58:af:91:b2:23:b2:9a:1f:f4: d6:9f:46:f7:3b:38:04:2a:66:25:1e:8d:50:fd:e7: fb:84:4e:f2:47:35:63:1a:13:0f:e5:98:10:4a:4e: bd:cf:42:ab:99:79:31:35:61:aa:5b:a9:01:a4:0c: 51:15:4f:2c:01:69:72:e1:42:77:cb:b6:e7:e0:e5: 81:bc:05:22:3f:3c:ec:24:e8:f8:f6:e4:8d:62:4f: d9:c0:3a:c3:93:ec:b8:d3:1a:4a:bd:ca:bb:e7:36: e2:59:da:5d:db:f4:2a:ed:78:a3:be:b8:b4:48:06: 1f:f6:3d:fe:51:9b:05:8b:c9:66:18:45:b6:7f:f7: 42:0a:e7:8b:73:40:fa:98:01:81:4e:44:c8:51:4f: 91:98:db:25:a0:09:96:ee:26:72:b4:2c:87:26:d3: 1f:67:4e:c6:21:d8:91:5f:8f:a5:9e:8e:86:fb:d6: b7:f4:23:57:7b:2a:7a:8f:d8:d6:bd:e7:71:f5:69: 55:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:71:96:DC:5F:40:F9:6D:2D:E6:79:9D:C7:71:BA:A3:B5:3D:CD:82 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/73ea59-c14d-42b8-b69c-c52b5dd0e7ac/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/73ea59-c14d-42b8-b69c-c52b5dd0e7ac/1/XHGW3F9A-W0t5nmdx3G6o7U9zYI.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.128.150.0/24 sbgp-autonomousSysNum: critical Autonomous System Numbers: 56612 Signature Algorithm: sha256WithRSAEncryption 9a:86:a5:84:ff:74:38:4e:7a:02:e2:9c:7c:fb:67:91:d6:6d: de:01:0b:6d:85:cc:78:20:1e:9b:69:e2:31:17:02:a9:af:13: 61:16:db:1a:ca:14:ad:1e:14:71:f2:32:db:ac:85:a6:60:15: a0:ab:d3:17:53:c4:7c:4e:8e:91:e1:c1:28:20:fa:c9:2c:15: e3:cd:5c:66:5d:eb:d7:c5:6e:6c:a1:b4:97:f2:55:22:20:52: e2:ed:99:b6:f7:73:d0:1f:3a:d0:11:67:be:ef:bc:8a:77:10: 04:54:ed:93:a7:ba:d1:78:4e:01:7d:95:91:9c:e3:ac:37:ce: 50:d8:56:19:46:71:af:7c:b4:d2:be:06:f8:22:57:7d:c8:da: bb:cf:1e:16:64:9a:7a:9d:8e:fa:87:df:f0:02:15:7b:9f:61: 51:6a:65:4d:87:0b:62:97:5e:5e:2a:a3:f1:9d:22:88:2c:2f: f3:7f:ba:7a:e7:4b:4f:af:47:66:16:54:cc:d7:2c:2e:4f:a6: 61:17:f5:3b:5f:1f:5b:82:79:48:7d:2f:2a:3e:54:23:67:b0: 37:8f:10:9b:b8:26:f7:78:b7:96:30:e0:6e:af:d7:81:ad:92: 18:1a:98:83:2a:03:c2:cc:b9:d1:0e:0b:61:8b:ad:c1:e9:92: 1b:e2:b3:f2 -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgISAZt6W5mMHROCoJkzivLNGFttMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTYxOTQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YzcxOTZkYzVmNDBmOTZkMmRlNjc5OWRjNzcxYmFhM2I1M2RjZDgyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01XDYGLQCWL0p8WJ81cmyiZ5ofnW YoZ2yQUGHHkGV0gfiR2qxYFUSMjuSC+4gSThdQOS1aU6pkH+6u4Vy2Yyw+5Yr5Gy I7KaH/TWn0b3OzgEKmYlHo1Q/ef7hE7yRzVjGhMP5ZgQSk69z0KrmXkxNWGqW6kB pAxRFU8sAWly4UJ3y7bn4OWBvAUiPzzsJOj49uSNYk/ZwDrDk+y40xpKvcq75zbi Wdpd2/Qq7Xijvri0SAYf9j3+UZsFi8lmGEW2f/dCCueLc0D6mAGBTkTIUU+RmNsl oAmW7iZytCyHJtMfZ07GIdiRX4+lno6G+9a39CNXeyp6j9jWvedx9WlVVwIDAQAB o4ICoDCCApwwHQYDVR0OBBYEFFxxltxfQPltLeZ5ncdxuqO1Pc2CMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA2LzczZWE1 OS1jMTRkLTQyYjgtYjY5Yy1jNTJiNWRkMGU3YWMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYvNzNlYTU5 LWMxNGQtNDJiOC1iNjljLWM1MmI1ZGQwZTdhYy8xL1hIR1czRjlBLVcwdDVubWR4 M0c2bzdVOXpZSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQAw4CWMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC AwDdJDANBgkqhkiG9w0BAQsFAAOCAQEAmoalhP90OE56AuKcfPtnkdZt3gELbYXM eCAem2niMRcCqa8TYRbbGsoUrR4UcfIy26yFpmAVoKvTF1PEfE6OkeHBKCD6ySwV 481cZl3r18VubKG0l/JVIiBS4u2Ztvdz0B860BFnvu+8incQBFTtk6e60XhOAX2V kZzjrDfOUNhWGUZxr3y00r4G+CJXfcjau88eFmSaep2O+off8AIVe59hUWplTYcL YpdeXiqj8Z0iiCwv83+6eudLT69HZhZUzNcsLk+mYRf1O18fW4J5SH0vKj5UI2ew N48Qm7gm93i3ljDgbq/Xga2SGBqYgyoDwsy50Q4LYYutwemSG+Kz8g== -----END CERTIFICATE-----Generated at Mon Feb 9 19:41:40 2026 by rpki-client