This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/XbWMRb7iUfx1daY-W0kN7GEU5so.cer File: XbWMRb7iUfx1daY-W0kN7GEU5so.cer (raw, json) Hash identifier: u73j1B/z81s5mSQFWitnQvcl5ifktjmu6kMXKhrJvqM= Subject key identifier: 5D:B5:8C:45:BE:E2:51:FC:75:75:A6:3E:5B:49:0D:EC:61:14:E6:CA Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7EA4C7029BBAC96B4DE5130505CF4E39 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/XbWMRb7iUfx1daY-W0kN7GEU5so.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 12:18:06 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 43231 IP: 89.44.108.0/24 IP: 185.188.36.0/22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:c7:02:9b:ba:c9:6b:4d:e5:13:05:05:cf:4e:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 12:18:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5db58c45bee251fc7575a63e5b490dec6114e6ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:ac:8e:fe:4e:69:e4:84:fe:7b:1a:81:7b:c7: 51:6b:1d:aa:6b:1e:4b:f7:e8:29:e9:b2:a3:c9:d0: 43:1b:60:2d:43:70:f8:0c:a1:2a:4c:fb:b9:23:30: ad:af:26:7f:5a:d9:ed:7c:58:9e:c7:1f:b9:96:93: ff:57:68:45:c6:a3:63:82:bf:73:a0:5e:26:84:40: 3d:0d:5a:f1:c2:6a:96:6d:3c:da:d6:cd:51:f4:b2: b3:2e:bd:02:5e:e4:6c:46:ea:48:ac:e4:2a:c5:38: cf:74:c4:3a:5e:db:5b:42:ae:e8:b0:76:2b:bc:40: 80:ca:61:20:3c:74:8c:e6:5b:49:64:0c:2b:1d:3e: 47:c7:41:67:04:f7:c9:20:c5:ac:82:2a:86:67:f9: 53:c8:96:f5:75:db:06:29:7f:db:c6:e0:72:f7:b4: 7e:89:af:d1:a3:2a:a6:33:91:de:4e:b9:f9:32:5c: d9:36:51:89:b1:a8:8e:67:d9:f8:f3:cc:c4:9b:cb: a5:7b:1b:8b:ff:71:7a:3f:6c:cb:73:8a:6e:9c:57: 05:10:09:74:35:0b:5a:46:5b:d1:67:85:45:b2:94: 8e:eb:5c:e4:22:44:14:9c:fd:16:f8:3f:d2:f5:c9: e9:4a:a1:6c:65:e4:ea:24:72:2b:9e:52:81:a6:79: 90:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:B5:8C:45:BE:E2:51:FC:75:75:A6:3E:5B:49:0D:EC:61:14:E6:CA X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/XbWMRb7iUfx1daY-W0kN7GEU5so.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.44.108.0/24 185.188.36.0/22 sbgp-autonomousSysNum: critical Autonomous System Numbers: 43231 Signature Algorithm: sha256WithRSAEncryption 31:26:c6:30:1c:c7:de:de:cf:0c:97:34:f5:83:b9:a3:2f:4a: 0c:36:d0:ae:85:1f:e1:6a:f3:da:ac:8d:cf:6b:13:d9:e2:5a: 72:43:c0:07:c4:04:a0:2e:ba:2c:46:de:26:87:f8:db:56:fe: f9:fe:a4:da:fb:d9:a3:27:47:cc:bf:25:14:af:fb:dd:b8:e2: 9d:1a:00:ea:3c:fc:3f:21:29:a1:a2:d9:44:4e:d0:ca:1f:bd: ab:f9:9c:19:14:7a:53:8e:97:50:b6:7e:3e:b1:35:06:f9:2e: 48:04:85:23:a7:7e:d5:18:e0:5c:bd:f2:33:6e:93:8e:e4:08: ee:43:9b:f4:57:e5:00:7a:e2:ab:e8:29:c1:8d:6a:c7:96:cb: a4:a0:83:6e:e5:bd:f8:a4:aa:43:97:52:1b:b3:64:10:53:c3: e7:92:7f:c2:38:2e:f8:9c:d6:18:82:c0:b7:01:d7:a9:68:9c: 97:14:86:f3:a1:99:0a:bb:02:c3:6e:41:e8:75:c3:05:86:51: 8f:35:72:44:3d:10:90:05:97:3e:00:8b:49:0b:97:75:87:e5: e5:64:be:34:1b:b8:fe:e3:62:2a:bc:53:29:c4:47:46:67:28: 85:c1:71:3d:1d:96:74:1e:91:2d:a7:d6:08:57:25:fd:39:03: f7:78:bd:e9 -----BEGIN CERTIFICATE----- MIIFmjCCBIKgAwIBAgISAZt+pMcCm7rJa03lEwUFz045MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTIxODA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZGI1OGM0NWJlZTI1MWZjNzU3NWE2M2U1YjQ5MGRlYzYxMTRlNmNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKyO/k5p5IT+exqBe8dRax2qax5L 9+gp6bKjydBDG2AtQ3D4DKEqTPu5IzCtryZ/WtntfFiexx+5lpP/V2hFxqNjgr9z oF4mhEA9DVrxwmqWbTza1s1R9LKzLr0CXuRsRupIrOQqxTjPdMQ6XttbQq7osHYr vECAymEgPHSM5ltJZAwrHT5Hx0FnBPfJIMWsgiqGZ/lTyJb1ddsGKX/bxuBy97R+ ia/RoyqmM5HeTrn5MlzZNlGJsaiOZ9n488zEm8ulexuL/3F6P2zLc4punFcFEAl0 NQtaRlvRZ4VFspSO61zkIkQUnP0W+D/S9cnpSqFsZeTqJHIrnlKBpnmQvQIDAQAB o4ICpjCCAqIwHQYDVR0OBBYEFF21jEW+4lH8dXWmPltJDexhFObKMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JjL2FkZjkz ZC05OGRhLTQxY2MtOGE2ZC05YzJhZDQ3NWEyMzEvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMvYWRmOTNk LTk4ZGEtNDFjYy04YTZkLTljMmFkNDc1YTIzMS8xL1hiV01SYjdpVWZ4MWRhWS1X MGtON0dFVTVzby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF BwEHAQH/BBYwFDASBAIAATAMAwQAWSxsAwQCubwkMBoGCCsGAQUFBwEIAQH/BAsw CaAHMAUCAwCo3zANBgkqhkiG9w0BAQsFAAOCAQEAMSbGMBzH3t7PDJc09YO5oy9K DDbQroUf4Wrz2qyNz2sT2eJackPAB8QEoC66LEbeJof421b++f6k2vvZoydHzL8l FK/73bjinRoA6jz8PyEpoaLZRE7Qyh+9q/mcGRR6U46XULZ+PrE1BvkuSASFI6d+ 1RjgXL3yM26TjuQI7kOb9FflAHriq+gpwY1qx5bLpKCDbuW9+KSqQ5dSG7NkEFPD 55J/wjgu+JzWGILAtwHXqWiclxSG86GZCrsCw25B6HXDBYZRjzVyRD0QkAWXPgCL SQuXdYfl5WS+NBu4/uNiKrxTKcRHRmcohcFxPR2WdB6RLafWCFcl/TkD93i96Q== -----END CERTIFICATE-----Generated at Mon Feb 9 15:06:10 2026 by rpki-client