This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_XF_OrY5RaG-c5wrOiWJvqVd224.cer File: _XF_OrY5RaG-c5wrOiWJvqVd224.cer (raw, json) Hash identifier: 0FEy0trvkzgZh1ApNj+e8EYolnOCYGGSA8ojEsljbUc= Subject key identifier: FD:71:7F:3A:B6:39:45:A1:BE:73:9C:2B:3A:25:89:BE:A5:5D:DB:6E Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B76EAE17DBD2A428CDA23FB9A7A1E3F2E Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/_XF_OrY5RaG-c5wrOiWJvqVd224.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 00:17:43 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 47505 IP: 91.206.78.0/23 IP: 193.142.208.0/24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:e1:7d:bd:2a:42:8c:da:23:fb:9a:7a:1e:3f:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 00:17:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fd717f3ab63945a1be739c2b3a2589bea55ddb6e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:ab:8c:98:b1:93:9e:3e:cd:f5:3d:92:a1:21: ba:ee:a2:16:d9:3c:89:89:17:65:e9:4c:6d:97:cf: cb:c7:8b:87:43:df:ff:69:26:4e:bf:bb:2b:49:fe: ee:b9:8b:e1:e4:76:4a:71:7b:da:b1:36:5d:9a:7b: ca:6b:df:7c:ab:ff:81:64:f6:77:70:11:d4:55:10: a4:7d:b6:89:21:bf:50:07:06:c7:93:8f:be:08:5b: 5a:a6:80:68:70:b3:f5:1e:32:57:89:0e:0d:2c:60: 3c:80:59:b9:2f:e4:e9:cc:21:e3:38:8e:f5:af:07: 39:9e:f0:e0:d4:d4:b2:1b:e5:71:15:3d:7e:50:52: fb:e4:30:44:50:a3:b1:fc:51:4c:b5:8e:6b:b7:00: d4:1c:e8:5b:bf:f4:12:f7:6e:68:b7:00:ee:da:c7: 14:6b:36:5f:6e:82:08:7b:04:ad:d8:fc:66:2a:6c: 4e:c7:b0:12:91:b9:85:9e:7e:f9:09:ee:40:c0:a8: c8:8c:b1:03:87:4f:c0:9a:13:f8:60:9f:49:2a:b0: 1e:7d:3e:96:06:bb:39:a8:01:b8:a7:d5:d9:a2:20: 8d:da:41:55:07:b5:f0:b0:ab:51:ef:a6:a5:cd:b4: 14:8e:4f:52:97:4e:7c:6a:9b:8c:a3:63:44:db:fe: 4b:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:71:7F:3A:B6:39:45:A1:BE:73:9C:2B:3A:25:89:BE:A5:5D:DB:6E X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/2f0a66-1634-40fb-99b0-931505ff41c5/1/_XF_OrY5RaG-c5wrOiWJvqVd224.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.206.78.0/23 193.142.208.0/24 sbgp-autonomousSysNum: critical Autonomous System Numbers: 47505 Signature Algorithm: sha256WithRSAEncryption 19:ae:a0:dd:89:d0:12:8e:3d:35:d1:5f:88:e9:0e:47:5f:1f: 8c:38:ac:11:7e:73:e6:bc:4b:df:71:42:65:57:c1:95:b9:76: 21:7a:80:5e:39:7e:f3:11:a1:8c:f1:cd:d9:70:d7:2a:51:bf: d0:13:66:cf:b3:69:29:1e:28:da:1e:f8:c9:9d:67:19:8e:79: f5:d4:b1:77:2c:44:26:82:f4:c3:e1:1e:6b:60:f1:92:c9:0c: da:35:6c:58:fc:0e:33:7f:63:1b:53:5f:52:2e:ee:d4:e3:fd: 15:68:b7:1b:b0:34:15:52:89:f6:84:5d:fc:3a:a1:62:3a:d3: d6:98:1b:c1:1e:b9:01:b5:a7:30:33:8f:b5:ae:81:0d:be:e3: b4:e0:65:2e:47:4b:f4:e6:05:ba:77:e5:f1:5a:d6:de:53:55: ca:d2:93:10:5c:7a:0d:d3:87:82:27:c8:25:e3:22:41:29:4f: c4:4b:56:f6:4f:37:12:20:93:64:0f:e2:68:db:7c:ea:f1:49: 8d:26:d3:58:8d:c2:35:9c:2e:ab:11:ab:39:10:4e:7d:99:97: 4b:cb:93:e0:5c:12:7a:95:5b:2b:d0:81:9e:78:ff:bb:2d:c7: 83:60:71:82:2d:d2:d9:38:27:01:fb:13:84:9c:2c:97:f8:9e: c2:94:cc:62 -----BEGIN CERTIFICATE----- MIIFmjCCBIKgAwIBAgISAZt26uF9vSpCjNoj+5p6Hj8uMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDAxNzQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmZDcxN2YzYWI2Mzk0NWExYmU3MzljMmIzYTI1ODliZWE1NWRkYjZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqquMmLGTnj7N9T2SoSG67qIW2TyJ iRdl6Uxtl8/Lx4uHQ9//aSZOv7srSf7uuYvh5HZKcXvasTZdmnvKa998q/+BZPZ3 cBHUVRCkfbaJIb9QBwbHk4++CFtapoBocLP1HjJXiQ4NLGA8gFm5L+TpzCHjOI71 rwc5nvDg1NSyG+VxFT1+UFL75DBEUKOx/FFMtY5rtwDUHOhbv/QS925otwDu2scU azZfboIIewSt2PxmKmxOx7ASkbmFnn75Ce5AwKjIjLEDh0/AmhP4YJ9JKrAefT6W Brs5qAG4p9XZoiCN2kFVB7XwsKtR76alzbQUjk9Sl058apuMo2NE2/5LlwIDAQAB o4ICpjCCAqIwHQYDVR0OBBYEFP1xfzq2OUWhvnOcKzolib6lXdtuMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg3LzJmMGE2 Ni0xNjM0LTQwZmItOTliMC05MzE1MDVmZjQxYzUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcvMmYwYTY2 LTE2MzQtNDBmYi05OWIwLTkzMTUwNWZmNDFjNS8xL19YRl9Pclk1UmFHLWM1d3JP aVdKdnFWZDIyNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF BwEHAQH/BBYwFDASBAIAATAMAwQBW85OAwQAwY7QMBoGCCsGAQUFBwEIAQH/BAsw CaAHMAUCAwC5kTANBgkqhkiG9w0BAQsFAAOCAQEAGa6g3YnQEo49NdFfiOkOR18f jDisEX5z5rxL33FCZVfBlbl2IXqAXjl+8xGhjPHN2XDXKlG/0BNmz7NpKR4o2h74 yZ1nGY559dSxdyxEJoL0w+Eea2DxkskM2jVsWPwOM39jG1NfUi7u1OP9FWi3G7A0 FVKJ9oRd/DqhYjrT1pgbwR65AbWnMDOPta6BDb7jtOBlLkdL9OYFunfl8VrW3lNV ytKTEFx6DdOHgifIJeMiQSlPxEtW9k83EiCTZA/iaNt86vFJjSbTWI3CNZwuqxGr ORBOfZmXS8uT4FwSepVbK9CBnnj/uy3Hg2Bxgi3S2TgnAfsThJwsl/iewpTMYg== -----END CERTIFICATE-----Generated at Mon Feb 9 15:05:16 2026 by rpki-client