This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer File: YhcForItk4GoI8l5xvTnc0I1I20.cer (raw, json) Hash identifier: m8ooNg8LI/nzafYq3ssMN8cpJd0pPN7L5J9RRK7g2AU= Subject key identifier: 62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7DCB53BD1CF30B5FD52E184DACEA692E Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 08:20:35 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 198355 IP: 37.18.240.0/21 IP: 185.91.136.0/22 IP: 2a03:26a0::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:53:bd:1c:f3:0b:5f:d5:2e:18:4d:ac:ea:69:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 08:20:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=621705a2b22d9381a823c979c6f4e7734235236d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:9a:68:90:5e:d7:70:2c:30:0d:b6:a0:e9:13: 03:79:40:2e:be:f5:91:d5:63:c4:6a:56:a6:70:10: b4:45:50:46:69:7a:22:ba:d0:c8:ff:f8:87:9c:83: 6c:21:70:a8:b4:6e:28:fe:54:7c:ea:25:7b:44:31: f2:5e:8e:5d:17:49:ec:af:47:27:7e:2d:e7:eb:73: d9:af:3f:03:16:67:f6:3f:35:70:6e:e1:a0:cb:dc: b9:b4:b7:52:28:57:7f:d7:55:00:bf:53:92:60:d1: ef:1a:85:37:03:8e:c1:52:31:ab:a8:62:a4:46:ee: ab:54:79:2d:31:31:90:c3:0b:a0:b2:44:38:2b:e2: 97:09:2e:3c:35:42:cc:42:84:3a:6b:19:da:63:64: cb:ee:72:b4:fb:f9:71:e4:ad:ab:7a:b4:fe:75:d1: 01:35:9b:09:a5:6c:a1:bb:66:21:bb:02:e2:d3:c7: ba:9a:b5:e6:47:4e:0b:4b:6c:16:59:4c:39:88:13: c9:6f:36:d6:15:23:d1:4b:8d:36:58:eb:4f:40:7d: a7:2f:70:89:8f:fc:cc:36:a0:c1:de:68:28:c4:67: df:59:fb:dd:e2:34:67:e2:0e:22:92:11:01:36:a4: e0:4f:ba:0e:da:4b:14:32:d4:95:31:8e:26:91:0b: 27:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.18.240.0/21 185.91.136.0/22 IPv6: 2a03:26a0::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 198355 Signature Algorithm: sha256WithRSAEncryption 67:bc:11:8e:a2:0a:c6:0c:f6:9e:e2:67:be:5c:63:27:b2:99: ec:11:47:ea:9d:22:fc:96:44:38:45:a5:d1:63:88:97:52:15: ba:03:eb:7d:c1:a7:40:64:bf:32:30:d2:ff:06:f5:94:98:53: 8c:db:28:cf:be:6e:4b:e7:4f:26:55:9d:65:04:d1:ec:d3:5b: 08:a9:b4:99:b7:63:9e:ba:47:c9:98:9a:7b:ae:55:55:38:7d: 0b:8c:72:92:91:4a:49:9e:d0:81:9e:92:2a:af:d7:0c:09:96: 4b:e7:9c:25:ee:95:ce:20:93:f5:f7:7c:4c:6b:43:e9:8c:96: f3:c0:dc:5c:4a:9c:47:f7:ab:32:99:db:bd:f3:5c:fd:30:d1: 92:ec:6f:8d:66:42:5c:3a:30:69:95:6a:f4:6f:58:07:3f:62: f2:e1:ba:8b:25:0e:74:b5:c5:e1:db:1c:d7:0c:79:50:d1:08: 7c:b5:a6:97:18:0f:55:08:c2:8d:66:9e:8e:bf:5f:00:91:eb: a8:0e:e7:8f:43:3e:76:18:0c:75:20:5c:cc:8a:a4:b5:f4:f3: 3b:2b:46:28:9d:9d:6a:45:60:8e:29:04:4c:d6:d9:c4:93:be: 1e:cb:78:21:ed:ac:a7:58:1f:f5:4c:7c:97:fe:ee:f1:df:66: 36:e2:68:0e -----BEGIN CERTIFICATE----- MIIFqTCCBJGgAwIBAgISAZt9y1O9HPMLX9UuGE2s6mkuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDgyMDM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MjE3MDVhMmIyMmQ5MzgxYTgyM2M5NzljNmY0ZTc3MzQyMzUyMzZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZpokF7XcCwwDbag6RMDeUAuvvWR 1WPEalamcBC0RVBGaXoiutDI//iHnINsIXCotG4o/lR86iV7RDHyXo5dF0nsr0cn fi3n63PZrz8DFmf2PzVwbuGgy9y5tLdSKFd/11UAv1OSYNHvGoU3A47BUjGrqGKk Ru6rVHktMTGQwwugskQ4K+KXCS48NULMQoQ6axnaY2TL7nK0+/lx5K2rerT+ddEB NZsJpWyhu2YhuwLi08e6mrXmR04LS2wWWUw5iBPJbzbWFSPRS402WOtPQH2nL3CJ j/zMNqDB3mgoxGffWfvd4jRn4g4ikhEBNqTgT7oO2ksUMtSVMY4mkQsndwIDAQAB o4ICtTCCArEwHQYDVR0OBBYEFGIXBaKyLZOBqCPJecb053NCNSNtMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FjL2M5MjM0 ZC1lMTMzLTQxOTQtODRhYy03MWEzOWRiODhhMjMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMvYzkyMzRk LWUxMzMtNDE5NC04NGFjLTcxYTM5ZGI4OGEyMy8xL1loY0Zvckl0azRHb0k4bDV4 dlRuYzBJMUkyMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF BwEHAQH/BCUwIzASBAIAATAMAwQDJRLwAwQCuVuIMA0EAgACMAcDBQAqAyagMBoG CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMG0zANBgkqhkiG9w0BAQsFAAOCAQEAZ7wR jqIKxgz2nuJnvlxjJ7KZ7BFH6p0i/JZEOEWl0WOIl1IVugPrfcGnQGS/MjDS/wb1 lJhTjNsoz75uS+dPJlWdZQTR7NNbCKm0mbdjnrpHyZiae65VVTh9C4xykpFKSZ7Q gZ6SKq/XDAmWS+ecJe6VziCT9fd8TGtD6YyW88DcXEqcR/erMpnbvfNc/TDRkuxv jWZCXDowaZVq9G9YBz9i8uG6iyUOdLXF4dsc1wx5UNEIfLWmlxgPVQjCjWaejr9f AJHrqA7nj0M+dhgMdSBczIqktfTzOytGKJ2dakVgjikETNbZxJO+Hst4Ie2sp1gf 9Ux8l/7u8d9mNuJoDg== -----END CERTIFICATE-----Generated at Mon Feb 9 20:49:59 2026 by rpki-client