This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YJDN0x06cdoc5KS9hfGYfjyk6vo.cer File: YJDN0x06cdoc5KS9hfGYfjyk6vo.cer (raw, json) Hash identifier: uHMW8LpH8WCMRJdULJhtpzIH58OSQWNBqL9z1jyN65M= Subject key identifier: 60:90:CD:D3:1D:3A:71:DA:1C:E4:A4:BD:85:F1:98:7E:3C:A4:EA:FA Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7834E57B1C360AC43575E38D770DA84D Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/14/08900f-b361-47ad-893f-7351f869b42b/1/YJDN0x06cdoc5KS9hfGYfjyk6vo.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/14/08900f-b361-47ad-893f-7351f869b42b/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 06:18:11 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 21453 IP: 80.84.112.0/20 IP: 80.252.128.0/19 IP: 88.84.192.0/19 IP: 94.253.0.0/17 IP: 95.183.64.0/18 IP: 178.57.224.0/19 IP: 178.167.0.0/17 IP: 185.5.148.0/22 IP: 212.7.224.0/19 IP: 2a01:4200::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:e5:7b:1c:36:0a:c4:35:75:e3:8d:77:0d:a8:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 06:18:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6090cdd31d3a71da1ce4a4bd85f1987e3ca4eafa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:ad:07:46:e1:6e:61:db:ad:0a:77:dd:ae:db: 84:fd:3c:73:db:87:17:8f:85:73:68:b1:1b:3e:bd: 14:10:bf:da:50:58:30:ed:98:75:14:c5:ab:51:61: f1:85:67:6b:d0:e9:0c:40:d9:1e:92:d9:b3:90:62: 4d:a3:7f:b6:22:4e:f4:5f:f0:47:14:a6:f0:89:e3: 9c:f5:8c:7c:de:20:e2:b5:76:88:d9:ec:f7:b9:53: 4a:31:36:82:a9:ce:1d:fe:05:e5:38:8f:c3:fb:b4: 1a:83:93:d4:9b:3c:28:8e:65:43:b3:59:2b:06:66: c0:df:65:5c:8d:55:87:43:d5:7a:24:ae:a9:70:27: f0:da:d4:7c:b1:75:78:02:bf:2d:1a:79:7e:a3:93: 5b:bb:36:14:70:ab:53:36:3d:76:3c:b6:db:06:fc: bc:e6:f1:1e:51:09:e5:29:b2:76:df:d9:d3:41:53: c6:d0:82:2f:88:e6:95:c5:4f:4d:89:12:9f:12:cc: fc:d3:ed:b2:45:9f:3b:e0:9c:02:59:47:f5:16:f5: 8a:9f:2b:2e:2c:72:96:da:bc:ac:80:25:d9:3a:22: 52:0f:16:c2:44:cb:34:43:12:4b:68:60:70:1f:bd: cf:7e:89:91:c9:43:dd:96:57:8a:c6:c3:96:2a:c5: a1:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:90:CD:D3:1D:3A:71:DA:1C:E4:A4:BD:85:F1:98:7E:3C:A4:EA:FA X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/08900f-b361-47ad-893f-7351f869b42b/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/08900f-b361-47ad-893f-7351f869b42b/1/YJDN0x06cdoc5KS9hfGYfjyk6vo.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.84.112.0/20 80.252.128.0/19 88.84.192.0/19 94.253.0.0/17 95.183.64.0/18 178.57.224.0/19 178.167.0.0/17 185.5.148.0/22 212.7.224.0/19 IPv6: 2a01:4200::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 21453 Signature Algorithm: sha256WithRSAEncryption 2b:ed:af:7b:17:fe:f9:ff:5e:95:f8:51:14:1e:c4:13:a0:b4: 07:c8:c5:ae:1d:73:28:ae:ef:cb:11:a5:0e:48:27:85:b6:2b: 31:0c:c2:f1:84:ed:3e:65:99:c7:80:aa:f4:3e:b9:8b:cc:61: dc:52:0a:b6:2f:2a:d5:5e:76:61:56:35:8f:e8:60:3f:2d:6f: 4e:e0:24:ea:1f:a9:f5:4e:de:9d:b1:5f:15:c9:60:88:f6:4c: be:3a:79:14:2a:a1:d4:ee:39:2b:bc:cf:fa:19:63:c0:6c:86: 90:bb:06:3e:ac:66:69:0a:29:94:61:47:1d:78:6f:18:d9:ad: 8a:42:3b:a1:7f:4b:84:6a:a0:04:d8:75:75:44:9a:50:38:aa: c8:61:9a:37:b8:3f:e7:40:de:4e:94:cb:58:fa:a4:23:65:a9: b0:5a:72:a6:b7:49:f4:f4:ad:f2:bb:61:e1:34:30:73:df:4f: 63:8d:01:a0:cf:5f:34:09:e8:ae:9e:65:c4:65:85:a3:5c:e6: f3:fe:2b:e5:8c:07:31:ca:97:56:08:32:78:96:6e:c7:f1:44: 5e:a4:30:88:3f:3e:55:5d:a1:1f:f3:ad:ca:88:80:92:ad:73: 41:23:c4:e2:37:ce:e7:af:ce:98:ec:fc:77:66:29:35:d2:04: d6:81:3f:0b -----BEGIN CERTIFICATE----- MIIF0jCCBLqgAwIBAgISAZt4NOV7HDYKxDV14413DahNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDYxODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MDkwY2RkMzFkM2E3MWRhMWNlNGE0YmQ4NWYxOTg3ZTNjYTRlYWZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmK0HRuFuYdutCnfdrtuE/Txz24cX j4VzaLEbPr0UEL/aUFgw7Zh1FMWrUWHxhWdr0OkMQNkektmzkGJNo3+2Ik70X/BH FKbwieOc9Yx83iDitXaI2ez3uVNKMTaCqc4d/gXlOI/D+7Qag5PUmzwojmVDs1kr BmbA32VcjVWHQ9V6JK6pcCfw2tR8sXV4Ar8tGnl+o5NbuzYUcKtTNj12PLbbBvy8 5vEeUQnlKbJ239nTQVPG0IIviOaVxU9NiRKfEsz80+2yRZ874JwCWUf1FvWKnysu LHKW2rysgCXZOiJSDxbCRMs0QxJLaGBwH73PfomRyUPdlleKxsOWKsWh1QIDAQAB o4IC3jCCAtowHQYDVR0OBBYEFGCQzdMdOnHaHOSkvYXxmH48pOr6MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE0LzA4OTAw Zi1iMzYxLTQ3YWQtODkzZi03MzUxZjg2OWI0MmIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQvMDg5MDBm LWIzNjEtNDdhZC04OTNmLTczNTFmODY5YjQyYi8xL1lKRE4weDA2Y2RvYzVLUzlo ZkdZZmp5azZ2by5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF4GCCsGAQUF BwEHAQH/BE8wTTA8BAIAATA2AwQEUFRwAwQFUPyAAwQFWFTAAwQHXv0AAwQGX7dA AwQFsjngAwQHsqcAAwQCuQWUAwQF1AfgMA0EAgACMAcDBQMqAUIAMBkGCCsGAQUF BwEIAQH/BAowCKAGMAQCAlPNMA0GCSqGSIb3DQEBCwUAA4IBAQAr7a97F/75/16V +FEUHsQToLQHyMWuHXMoru/LEaUOSCeFtisxDMLxhO0+ZZnHgKr0PrmLzGHcUgq2 LyrVXnZhVjWP6GA/LW9O4CTqH6n1Tt6dsV8VyWCI9ky+OnkUKqHU7jkrvM/6GWPA bIaQuwY+rGZpCimUYUcdeG8Y2a2KQjuhf0uEaqAE2HV1RJpQOKrIYZo3uD/nQN5O lMtY+qQjZamwWnKmt0n09K3yu2HhNDBz309jjQGgz180CeiunmXEZYWjXObz/ivl jAcxypdWCDJ4lm7H8URepDCIPz5VXaEf863KiICSrXNBI8TiN87nr86Y7Px3Zik1 0gTWgT8L -----END CERTIFICATE-----Generated at Mon Feb 9 22:34:59 2026 by rpki-client