This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer File: _97EpGpubk-aktC6Lgs6tWWL4b0.cer (raw, json) Hash identifier: aKqGLjej3UadFgfbr8Wt6ZHw9n34cHQ+d6y7sL0oszQ= Subject key identifier: FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7FF12D59AF4A73A1EE7D7E548990A117 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/_97EpGpubk-aktC6Lgs6tWWL4b0.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 18:21:10 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 24669 AS: 34202 AS: 35545 AS: 42902 AS: 43878 AS: 62240 AS: 202791 -- 202792 AS: 206136 AS: 206144 AS: 206822 AS: 206848 AS: 206986 AS: 207019 AS: 207158 IP: 2.56.188.0/22 IP: 5.180.208.0/22 IP: 5.253.112.0/22 IP: 45.86.208.0/22 IP: 45.140.42.0/23 IP: 45.144.112.0/22 IP: 45.149.172.0/22 IP: 45.150.172.0/22 IP: 45.250.24.0/22 IP: 62.106.78.0/24 IP: 62.164.130.0/24 IP: 62.182.96.0/22 IP: 64.238.203.0 -- 64.238.204.255 IP: 77.247.124.0/22 IP: 80.91.222.0/24 IP: 82.197.75.0/24 IP: 83.229.17.0/24 IP: 83.229.26.0/24 IP: 91.199.118.0/24 IP: 91.238.82.0/24 IP: 91.239.130.0/24 IP: 91.239.157.0/24 IP: 91.246.58.0/24 IP: 92.119.16.0/22 IP: 94.154.156.0/22 IP: 103.103.98.0/23 IP: 103.214.44.0/22 IP: 103.219.20.0/22 IP: 109.104.115.0/24 IP: 109.202.227.0/24 IP: 130.185.164.0/23 IP: 144.48.60.0/22 IP: 152.89.204.0/22 IP: 162.120.68.0/22 IP: 178.238.8.0/22 IP: 185.42.220.0/22 IP: 185.81.171.0/24 IP: 185.141.56.0/22 IP: 185.145.200.0/22 IP: 185.149.195.0/24 IP: 185.164.136.0/22 IP: 185.169.232.0/22 IP: 185.174.108.0/22 IP: 185.175.136.0/22 IP: 185.178.230.0/24 IP: 185.193.156.0/22 IP: 185.195.56.0/22 IP: 185.195.104.0/22 IP: 185.198.188.0/22 IP: 185.232.46.0/24 IP: 185.238.28.0/24 IP: 185.245.80.0/22 IP: 188.95.65.0/24 IP: 188.241.53.0/24 IP: 193.84.51.0/24 IP: 193.107.20.0/24 IP: 193.163.194.0/24 IP: 193.228.193.0/24 IP: 193.228.196.0/24 IP: 193.228.199.0/24 IP: 193.228.206.0/24 IP: 193.239.236.0/23 IP: 194.0.213.0/24 IP: 194.33.44.0/22 IP: 194.35.232.0/22 IP: 194.49.52.0/23 IP: 194.49.66.0/23 IP: 194.79.30.0/24 IP: 200.162.144.0/20 IP: 202.49.186.0/24 IP: 203.24.124.0/24 IP: 209.46.102.0/23 IP: 212.23.215.0/24 IP: 213.255.226.0/24 IP: 213.255.246.0/24 IP: 216.183.125.0/24 IP: 216.245.140.0/24 IP: 217.114.38.0/24 IP: 2a04:92c0::/29 IP: 2a06:bdc0::/29 IP: 2a07:41c0::/29 IP: 2a0a:39c0::/29 IP: 2a0a:54c0::/29 IP: 2a0a:5940::/29 IP: 2a0a:7100::/29 IP: 2a0a:8dc0::/29 IP: 2a0b:1c00::/29 IP: 2a0b:9b00::/29 IP: 2a0b:f300::/29 IP: 2a0c:19c0::/29 IP: 2a0d:5080::/29 IP: 2a0f:93c0::/29 IP: 2a0f:9440::/29 IP: 2a14:100::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f1:2d:59:af:4a:73:a1:ee:7d:7e:54:89:90:a1:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 18:21:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ffdec4a46a6e6e4f9a92d0ba2e0b3ab5658be1bd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:e8:84:6c:d4:d0:19:0a:08:09:82:54:3a:3f: 70:2a:92:a6:65:3c:41:3d:4e:ec:95:c8:a5:f2:e7: 50:78:b9:cf:f3:93:11:2b:8f:97:0e:b2:1b:af:05: 6d:b4:3d:78:1c:1f:9c:89:74:4a:fa:fc:03:a9:3d: 37:2e:2f:2a:24:c4:c6:93:7b:bd:84:dc:0c:f9:d6: 54:72:3a:ff:1a:e4:8d:81:ae:a6:d0:55:c8:15:8c: dc:66:34:c3:73:b0:eb:d3:1c:b9:8d:2b:40:85:25: 4a:67:14:81:97:78:f5:1a:0a:f9:b1:4a:85:39:73: 05:de:b7:f1:3f:9e:6c:e8:dc:0e:e1:bb:81:9c:fd: c7:6c:93:d0:4c:1d:f4:12:7f:65:bf:74:63:fd:e7: d9:29:87:4e:55:08:f6:0a:c0:e8:b7:26:e9:83:ea: a7:64:3d:80:9c:2b:14:94:e7:b9:7e:ae:c7:30:1d: e9:f1:78:b7:fb:f0:55:69:dc:68:32:bb:1c:72:88: ec:a0:7e:59:90:c9:38:ea:d1:a9:3e:26:93:be:e7: e2:d0:b1:77:ac:7f:9e:53:16:64:54:b9:8f:d4:5a: a4:0c:55:c2:7d:a8:f2:26:b8:e4:6f:6a:99:34:79: ad:ba:0c:53:e0:dd:52:4a:37:3a:dc:b5:9b:dc:6c: f2:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/_97EpGpubk-aktC6Lgs6tWWL4b0.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.56.188.0/22 5.180.208.0/22 5.253.112.0/22 45.86.208.0/22 45.140.42.0/23 45.144.112.0/22 45.149.172.0/22 45.150.172.0/22 45.250.24.0/22 62.106.78.0/24 62.164.130.0/24 62.182.96.0/22 64.238.203.0-64.238.204.255 77.247.124.0/22 80.91.222.0/24 82.197.75.0/24 83.229.17.0/24 83.229.26.0/24 91.199.118.0/24 91.238.82.0/24 91.239.130.0/24 91.239.157.0/24 91.246.58.0/24 92.119.16.0/22 94.154.156.0/22 103.103.98.0/23 103.214.44.0/22 103.219.20.0/22 109.104.115.0/24 109.202.227.0/24 130.185.164.0/23 144.48.60.0/22 152.89.204.0/22 162.120.68.0/22 178.238.8.0/22 185.42.220.0/22 185.81.171.0/24 185.141.56.0/22 185.145.200.0/22 185.149.195.0/24 185.164.136.0/22 185.169.232.0/22 185.174.108.0/22 185.175.136.0/22 185.178.230.0/24 185.193.156.0/22 185.195.56.0/22 185.195.104.0/22 185.198.188.0/22 185.232.46.0/24 185.238.28.0/24 185.245.80.0/22 188.95.65.0/24 188.241.53.0/24 193.84.51.0/24 193.107.20.0/24 193.163.194.0/24 193.228.193.0/24 193.228.196.0/24 193.228.199.0/24 193.228.206.0/24 193.239.236.0/23 194.0.213.0/24 194.33.44.0/22 194.35.232.0/22 194.49.52.0/23 194.49.66.0/23 194.79.30.0/24 200.162.144.0/20 202.49.186.0/24 203.24.124.0/24 209.46.102.0/23 212.23.215.0/24 213.255.226.0/24 213.255.246.0/24 216.183.125.0/24 216.245.140.0/24 217.114.38.0/24 IPv6: 2a04:92c0::/29 2a06:bdc0::/29 2a07:41c0::/29 2a0a:39c0::/29 2a0a:54c0::/29 2a0a:5940::/29 2a0a:7100::/29 2a0a:8dc0::/29 2a0b:1c00::/29 2a0b:9b00::/29 2a0b:f300::/29 2a0c:19c0::/29 2a0d:5080::/29 2a0f:93c0::/29 2a0f:9440::/29 2a14:100::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 24669 34202 35545 42902 43878 62240 202791-202792 206136 206144 206822 206848 206986 207019 207158 Signature Algorithm: sha256WithRSAEncryption 7d:dc:68:4b:e3:09:4b:e5:c3:26:d2:77:c1:d4:e9:7b:e0:b3: 89:a8:77:5f:3f:29:af:54:65:5c:96:89:75:96:cb:57:0a:2a: d2:5d:b3:90:ff:1d:84:23:4f:80:13:34:c0:04:e6:1e:d0:32: 31:d7:43:bc:5c:59:f2:51:cf:ff:f0:8b:45:e5:f8:1e:b5:fd: f0:a1:2c:f4:f5:14:2a:4a:1d:31:87:db:7d:f5:a5:0b:9b:ed: 5f:09:f1:3e:31:5b:8e:cd:f1:55:ba:69:5f:99:a7:12:82:11: 08:cd:41:ae:29:da:89:60:a2:53:24:63:8f:c1:e0:e6:93:f5: 3f:5a:ec:eb:af:48:3f:5e:dc:bb:0d:eb:a1:d2:34:90:7d:1a: 07:e7:5a:6e:dc:60:8d:db:58:09:29:29:6c:70:8f:1d:88:1e: 3d:91:8b:0c:18:24:57:91:7a:a5:ee:2c:e4:77:d5:0c:24:e5: 16:57:32:bc:cd:06:e7:87:b5:ef:55:0e:8b:a7:5c:1e:c5:52: d1:57:af:e4:32:55:25:35:d6:21:a1:a3:38:8d:c3:3b:5a:04: 4b:e5:f1:9b:21:27:24:25:36:ce:ef:2d:be:4f:6c:08:0b:64: cd:0a:dd:22:56:fd:3e:86:03:93:5e:2f:e8:fe:3e:39:3c:20: eb:d0:32:1a -----BEGIN CERTIFICATE----- MIIIMzCCBxugAwIBAgISAZt/8S1Zr0pzoe59flSJkKEXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTgyMTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmZmRlYzRhNDZhNmU2ZTRmOWE5MmQwYmEyZTBiM2FiNTY1OGJlMWJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOiEbNTQGQoICYJUOj9wKpKmZTxB PU7slcil8udQeLnP85MRK4+XDrIbrwVttD14HB+ciXRK+vwDqT03Li8qJMTGk3u9 hNwM+dZUcjr/GuSNga6m0FXIFYzcZjTDc7Dr0xy5jStAhSVKZxSBl3j1Ggr5sUqF OXMF3rfxP55s6NwO4buBnP3HbJPQTB30En9lv3Rj/efZKYdOVQj2CsDotybpg+qn ZD2AnCsUlOe5fq7HMB3p8Xi3+/BVadxoMrsccojsoH5ZkMk46tGpPiaTvufi0LF3 rH+eUxZkVLmP1FqkDFXCfajyJrjkb2qZNHmtugxT4N1SSjc63LWb3GzyfQIDAQAB o4IFPzCCBTswHQYDVR0OBBYEFP/exKRqbm5PmpLQui4LOrVli+G9MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M0LzExZTVi My00M2FhLTQyNzktOTQ0MS03ZThjNmQ0ZDliZWYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQvMTFlNWIz LTQzYWEtNDI3OS05NDQxLTdlOGM2ZDRkOWJlZi8xL185N0VwR3B1YmstYWt0QzZM Z3M2dFdXTDRiMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIICdQYIKwYB BQUHAQcBAf8EggJkMIICYDCCAeQEAgABMIIB3AMEAgI4vAMEAgW00AMEAgX9cAME Ai1W0AMEAS2MKgMEAi2QcAMEAi2VrAMEAi2WrAMEAi36GAMEAD5qTgMEAD6kggME Aj62YDAMAwQAQO7LAwQAQO7MAwQCTfd8AwQAUFveAwQAUsVLAwQAU+URAwQAU+Ua AwQAW8d2AwQAW+5SAwQAW++CAwQAW++dAwQAW/Y6AwQCXHcQAwQCXpqcAwQBZ2di AwQCZ9YsAwQCZ9sUAwQAbWhzAwQAbcrjAwQBgrmkAwQCkDA8AwQCmFnMAwQConhE AwQCsu4IAwQCuSrcAwQAuVGrAwQCuY04AwQCuZHIAwQAuZXDAwQCuaSIAwQCuano AwQCua5sAwQCua+IAwQAubLmAwQCucGcAwQCucM4AwQCucNoAwQCuca8AwQAuegu AwQAue4cAwQCufVQAwQAvF9BAwQAvPE1AwQAwVQzAwQAwWsUAwQAwaPCAwQAweTB AwQAweTEAwQAweTHAwQAweTOAwQBwe/sAwQAwgDVAwQCwiEsAwQCwiPoAwQBwjE0 AwQBwjFCAwQAwk8eAwQEyKKQAwQAyjG6AwQAyxh8AwQB0S5mAwQA1BfXAwQA1f/i AwQA1f/2AwQA2Ld9AwQA2PWMAwQA2XImMHYEAgACMHADBQMqBJLAAwUDKga9wAMF AyoHQcADBQMqCjnAAwUDKgpUwAMFAyoKWUADBQMqCnEAAwUDKgqNwAMFAyoLHAAD BQMqC5sAAwUDKgvzAAMFAyoMGcADBQMqDVCAAwUDKg+TwAMFAyoPlEADBQMqFAEA MGEGCCsGAQUFBwEIAQH/BFIwUKBOMEwCAmBdAgMAhZoCAwCK2QIDAKeWAgMAq2YC AwDzIDAKAgMDGCcCAwMYKAIDAyU4AgMDJUACAwMn5gIDAygAAgMDKIoCAwMoqwID Ayk2MA0GCSqGSIb3DQEBCwUAA4IBAQB93GhL4wlL5cMm0nfB1Ol74LOJqHdfPymv VGVclol1lstXCirSXbOQ/x2EI0+AEzTABOYe0DIx10O8XFnyUc//8ItF5fgetf3w oSz09RQqSh0xh9t99aULm+1fCfE+MVuOzfFVumlfmacSghEIzUGuKdqJYKJTJGOP weDmk/U/Wuzrr0g/Xty7Deuh0jSQfRoH51pu3GCN21gJKSlscI8diB49kYsMGCRX kXql7izkd9UMJOUWVzK8zQbnh7XvVQ6Lp1wexVLRV6/kMlUlNdYhoaM4jcM7WgRL 5fGbISckJTbO7y2+T2wIC2TNCt0iVv0+hgOTXi/o/j45PCDr0DIa -----END CERTIFICATE-----Generated at Mon Jan 26 23:25:35 2026 by rpki-client