This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/XqhfHdTQNGSA8AmHSo9WcOMQhcI.cer File: XqhfHdTQNGSA8AmHSo9WcOMQhcI.cer (raw, json) Hash identifier: L9O6FPIoe1KHBJHGNveZl28jPQkRro1+4rA5ayL6238= Subject key identifier: 5E:A8:5F:1D:D4:D0:34:64:80:F0:09:87:4A:8F:56:70:E3:10:85:C2 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7EA713BCCB2C081EC104E63ECA379C9E Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 12:20:37 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 204258 IP: 185.109.40.0/22 IP: 2a06:4e80::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:13:bc:cb:2c:08:1e:c1:04:e6:3e:ca:37:9c:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 12:20:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5ea85f1dd4d0346480f009874a8f5670e31085c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:85:c1:a7:a4:83:ff:e4:0f:5f:c9:c9:1e:d0: 6b:6a:f4:6c:2b:0b:10:e7:24:14:f2:7c:75:33:e1: d2:33:d5:43:77:d7:67:70:a6:a9:83:c7:26:d7:d1: 38:7e:00:a3:11:90:8d:cd:0c:26:31:e5:45:c7:f0: 54:14:6c:b6:e3:62:3e:6f:93:dc:33:17:9a:88:27: 5b:4a:8c:19:7e:6d:a1:69:f3:9a:52:a9:30:71:70: 39:c8:ae:65:a6:02:58:4c:d6:42:47:66:0b:62:f0: 60:24:1d:6d:4f:fc:cb:f5:6c:91:a1:1e:6e:48:1c: 68:d3:cc:f4:34:67:91:ce:b0:eb:ba:e8:6b:07:08: f5:2a:98:20:ff:59:ca:8f:d5:3a:d6:56:45:c8:db: 6d:ea:20:2d:a8:91:da:4e:a2:1b:f1:1d:30:1d:68: 5b:21:f3:e6:75:92:db:fc:8d:88:d1:a4:10:66:1a: 65:a4:21:3d:c7:b4:c7:d9:9a:f1:88:11:a9:1b:cf: 4b:3a:80:bb:e5:96:19:fc:f6:c1:77:6b:60:7b:8d: bf:ad:1b:62:87:c3:5f:64:b8:f8:a2:40:79:b9:de: ba:12:23:ed:2b:98:a4:81:56:f7:04:b2:ba:32:55: 47:d8:f0:40:d6:77:b8:22:04:ed:67:7c:93:f4:44: d4:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:A8:5F:1D:D4:D0:34:64:80:F0:09:87:4A:8F:56:70:E3:10:85:C2 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.109.40.0/22 IPv6: 2a06:4e80::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 204258 Signature Algorithm: sha256WithRSAEncryption 50:28:16:ad:88:5c:0c:8c:55:5c:ff:25:f0:7b:77:50:6a:17: bf:34:f0:b3:d5:9e:83:7b:11:d1:ee:74:3a:17:20:58:e2:89: 01:e6:c2:e3:31:6b:ca:10:7d:78:57:90:e0:eb:cf:fb:1f:73: bf:c2:db:1f:0d:ea:c2:1c:2b:23:a4:42:d5:a1:8a:4d:21:84: 46:c9:20:7c:d9:80:38:1b:ab:53:07:ad:32:de:e9:72:77:ba: f9:bc:d2:cd:14:a9:1b:55:bb:61:ad:04:8a:51:99:17:5d:24: e8:19:09:60:17:68:bf:0f:c5:57:9b:90:6a:a1:cd:21:93:c4: ed:23:d7:7d:d0:ec:73:c3:06:c8:c5:f1:eb:4c:4e:cd:f4:83: 8f:51:97:16:e9:72:86:1d:39:23:b9:f1:d1:07:a1:59:d1:c9: 77:a4:ed:40:ff:fb:33:43:58:73:1b:28:c6:aa:29:82:4d:0f: 67:77:c1:0c:80:47:ac:9f:40:71:d4:61:14:93:33:63:6a:4c: 9f:6a:4d:d7:d7:d9:e9:2f:99:f9:3e:0d:4f:5f:6f:fc:4f:af: 60:82:46:9f:46:a9:4b:fc:36:3c:92:e9:a6:48:12:db:18:ad: bc:ac:9d:ef:e8:e1:6c:e7:9f:3d:bb:33:f7:49:8a:62:4a:90: 9e:53:27:8c -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt+pxO8yywIHsEE5j7KN5yeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTIyMDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZWE4NWYxZGQ0ZDAzNDY0ODBmMDA5ODc0YThmNTY3MGUzMTA4NWMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoXBp6SD/+QPX8nJHtBravRsKwsQ 5yQU8nx1M+HSM9VDd9dncKapg8cm19E4fgCjEZCNzQwmMeVFx/BUFGy242I+b5Pc MxeaiCdbSowZfm2hafOaUqkwcXA5yK5lpgJYTNZCR2YLYvBgJB1tT/zL9WyRoR5u SBxo08z0NGeRzrDruuhrBwj1Kpgg/1nKj9U61lZFyNtt6iAtqJHaTqIb8R0wHWhb IfPmdZLb/I2I0aQQZhplpCE9x7TH2ZrxiBGpG89LOoC75ZYZ/PbBd2tge42/rRti h8NfZLj4okB5ud66EiPtK5ikgVb3BLK6MlVH2PBA1ne4IgTtZ3yT9ETUkwIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFF6oXx3U0DRkgPAJh0qPVnDjEIXCMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VjL2VmNzgw OC0xMjJiLTRiODktOTM1OC01OTBjNWYxYjAxYjMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMvZWY3ODA4 LTEyMmItNGI4OS05MzU4LTU5MGM1ZjFiMDFiMy8xL1hxaGZIZFRRTkdTQThBbUhT bzlXY09NUWhjSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCuW0oMA0EAgACMAcDBQMqBk6AMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwMd4jANBgkqhkiG9w0BAQsFAAOCAQEAUCgWrYhcDIxV XP8l8Ht3UGoXvzTws9Weg3sR0e50OhcgWOKJAebC4zFryhB9eFeQ4OvP+x9zv8Lb Hw3qwhwrI6RC1aGKTSGERskgfNmAOBurUwetMt7pcne6+bzSzRSpG1W7Ya0EilGZ F10k6BkJYBdovw/FV5uQaqHNIZPE7SPXfdDsc8MGyMXx60xOzfSDj1GXFulyhh05 I7nx0QehWdHJd6TtQP/7M0NYcxsoxqopgk0PZ3fBDIBHrJ9AcdRhFJMzY2pMn2pN 19fZ6S+Z+T4NT19v/E+vYIJGn0apS/w2PJLppkgS2xitvKyd7+jhbOefPbsz90mK YkqQnlMnjA== -----END CERTIFICATE-----Generated at Mon Feb 9 15:08:26 2026 by rpki-client