This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer File: _liVLTk5NfDTvOgU_ZF40EaTrrk.cer (raw, json) Hash identifier: sOllCbAyl7+tm9eFz2RyAsbztjjz25XJakPxssk42Wo= Subject key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7C808D787CB1D1F51CD25CECB10F97C1 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 02:19:18 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 41494 AS: 56512 IP: 85.204.78.0/24 IP: 85.204.98.0/24 IP: 85.204.122.0/24 IP: 85.204.125.0/24 IP: 85.204.127.0/24 IP: 85.204.254.0/24 IP: 86.104.125.0/24 IP: 86.104.128.0/22 IP: 86.105.253.0/24 IP: 86.106.80.0/24 IP: 86.106.97.0/24 IP: 86.106.104.0/24 IP: 86.106.200.0/21 IP: 89.33.5.0/24 IP: 89.33.20.0/22 IP: 89.33.120.0/21 IP: 89.33.163.0/24 IP: 89.33.176.0/22 IP: 89.33.242.0/24 IP: 89.33.248.0/23 IP: 89.33.253.0/24 IP: 89.34.8.0/21 IP: 89.35.38.0/24 IP: 89.35.160.0/23 IP: 89.36.20.0/24 IP: 89.36.150.0/23 IP: 89.36.198.0/24 IP: 89.37.136.0/24 IP: 89.37.156.0/23 IP: 89.39.110.0/24 IP: 89.39.252.0/24 IP: 89.40.22.0/23 IP: 89.40.25.0/24 IP: 89.40.130.0/24 IP: 89.40.196.0/22 IP: 89.43.16.0/22 IP: 89.43.40.0/21 IP: 89.43.73.0/24 IP: 89.43.136.0/22 IP: 89.43.200.0/23 IP: 89.44.209.0/24 IP: 89.44.214.0/23 IP: 89.44.224.0/21 IP: 89.45.16.0/21 IP: 89.45.34.0/24 IP: 89.47.54.0/24 IP: 89.47.91.0/24 IP: 91.196.153.0/24 IP: 91.206.123.0/24 IP: 92.114.111.0/24 IP: 93.113.47.0/24 IP: 93.113.158.0/24 IP: 93.113.202.0/23 IP: 93.114.55.0/24 IP: 93.114.99.0/24 IP: 93.114.171.0/24 IP: 93.114.187.0/24 IP: 93.114.232.0/23 IP: 93.115.34.0/24 IP: 93.115.174.0/24 IP: 139.28.8.0/22 IP: 185.1.36.0/24 IP: 185.86.64.0/22 IP: 185.202.84.0/22 IP: 188.212.134.0/24 IP: 188.212.192.0/21 IP: 188.213.18.0/24 IP: 188.215.72.0/23 IP: 188.215.95.0/24 IP: 188.240.14.0/24 IP: 188.241.10.0/23 IP: 188.241.36.0/23 IP: 193.23.4.0/22 IP: 193.187.149.0/24 IP: 195.95.178.0/24 IP: 2001:7f8:64::/48 IP: 2001:7f8:97::/48 IP: 2a05:b680::/29 IP: 2a09:b80::/29 IP: 2a0c:9fc0::/32 IP: 2a10:bf00::/29 IP: 2a10:c300::/29 IP: 2a14:3700::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:8d:78:7c:b1:d1:f5:1c:d2:5c:ec:b1:0f:97:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 02:19:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fe58952d393935f0d3bce814fd9178d04693aeb9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:bf:0f:d4:9d:52:7c:04:f9:52:fc:00:9a:d1: 1f:e7:bf:8f:99:e9:e5:a3:aa:a6:7d:1d:a8:68:06: 65:e2:40:78:49:80:7c:8e:49:d1:6b:00:1c:d5:9d: f0:31:d3:df:a8:d7:74:bb:a9:4b:8b:0f:b6:65:a0: 9d:6e:74:23:26:f4:aa:cf:c2:21:3f:e8:6c:5f:c2: 3d:ef:a7:e8:dc:df:5f:1d:72:f5:2e:b4:9e:d9:bc: ac:94:7a:8d:96:b8:8d:48:6d:f0:07:6c:01:44:6d: 03:cf:31:6a:46:3a:7a:41:46:e2:da:c6:be:7c:be: 6d:28:30:53:cf:07:3b:10:38:14:78:76:7f:b7:91: 2a:75:19:42:71:0e:e5:e4:8a:b7:39:1e:c7:e8:75: 05:e8:60:cd:84:65:c0:16:85:a6:7e:f0:fc:dc:3c: 83:9a:22:f1:b3:28:94:9c:ea:ac:0f:94:80:d2:a2: 69:ad:d5:9b:27:9e:eb:99:41:88:06:e9:69:c6:54: aa:58:77:a8:bf:fe:01:3b:44:cc:df:1a:e6:97:20: 9c:13:69:18:09:94:53:5a:56:75:ef:d9:46:74:17: 09:19:85:12:77:7e:1d:57:6f:83:33:24:3a:58:e9: 81:14:3f:76:ea:bf:61:3c:a5:44:d1:35:80:16:58: 6e:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.204.78.0/24 85.204.98.0/24 85.204.122.0/24 85.204.125.0/24 85.204.127.0/24 85.204.254.0/24 86.104.125.0/24 86.104.128.0/22 86.105.253.0/24 86.106.80.0/24 86.106.97.0/24 86.106.104.0/24 86.106.200.0/21 89.33.5.0/24 89.33.20.0/22 89.33.120.0/21 89.33.163.0/24 89.33.176.0/22 89.33.242.0/24 89.33.248.0/23 89.33.253.0/24 89.34.8.0/21 89.35.38.0/24 89.35.160.0/23 89.36.20.0/24 89.36.150.0/23 89.36.198.0/24 89.37.136.0/24 89.37.156.0/23 89.39.110.0/24 89.39.252.0/24 89.40.22.0/23 89.40.25.0/24 89.40.130.0/24 89.40.196.0/22 89.43.16.0/22 89.43.40.0/21 89.43.73.0/24 89.43.136.0/22 89.43.200.0/23 89.44.209.0/24 89.44.214.0/23 89.44.224.0/21 89.45.16.0/21 89.45.34.0/24 89.47.54.0/24 89.47.91.0/24 91.196.153.0/24 91.206.123.0/24 92.114.111.0/24 93.113.47.0/24 93.113.158.0/24 93.113.202.0/23 93.114.55.0/24 93.114.99.0/24 93.114.171.0/24 93.114.187.0/24 93.114.232.0/23 93.115.34.0/24 93.115.174.0/24 139.28.8.0/22 185.1.36.0/24 185.86.64.0/22 185.202.84.0/22 188.212.134.0/24 188.212.192.0/21 188.213.18.0/24 188.215.72.0/23 188.215.95.0/24 188.240.14.0/24 188.241.10.0/23 188.241.36.0/23 193.23.4.0/22 193.187.149.0/24 195.95.178.0/24 IPv6: 2001:7f8:64::/48 2001:7f8:97::/48 2a05:b680::/29 2a09:b80::/29 2a0c:9fc0::/32 2a10:bf00::/29 2a10:c300::/29 2a14:3700::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 41494 56512 Signature Algorithm: sha256WithRSAEncryption 80:7f:e8:d3:d2:d4:cd:dc:c0:41:72:0f:6f:73:dc:79:33:c4: 02:12:8f:85:67:97:61:47:bb:ee:be:f6:fe:e9:ab:75:8e:a8: 7c:f8:b1:8e:77:a6:b5:f8:1c:25:52:bf:e7:97:19:43:8b:f8: ec:3c:52:ef:46:99:0c:cd:51:8f:ce:ec:33:78:33:b6:a2:12: c0:7d:68:64:ea:d3:be:33:34:5b:31:4d:bd:a6:6f:13:b2:60: 7d:00:b9:6d:67:09:1a:7e:a8:f3:2d:c7:3a:f4:01:d5:55:40: e1:2f:a5:4c:c4:15:d9:a1:00:04:ec:59:88:00:c8:5e:e2:54: ce:6d:a8:27:7d:a9:f8:b5:60:22:fc:70:66:51:e2:fc:94:b6: 0d:01:fc:a0:df:89:99:04:e2:7e:66:4d:62:71:6f:ba:1d:33: 98:36:3d:0f:4b:ea:bc:ec:14:5e:46:16:a5:f6:71:00:ed:24: a3:90:84:4b:26:d0:43:78:ee:b3:17:ca:58:9b:60:86:24:ef: 5a:ad:5d:dd:77:5a:23:94:d9:87:ff:22:9b:87:5b:26:35:71: c8:77:5d:7e:a3:a0:50:8f:e8:e0:eb:bf:5b:53:71:b2:2d:ec: 23:24:5e:2e:db:09:fd:fb:4b:ab:33:00:e4:f0:1f:bc:bf:ef: ba:bc:c0:81 -----BEGIN CERTIFICATE----- MIIHozCCBougAwIBAgISAZt8gI14fLHR9RzSXOyxD5fBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDIxOTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmZTU4OTUyZDM5MzkzNWYwZDNiY2U4MTRmZDkxNzhkMDQ2OTNhZWI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1r8P1J1SfAT5UvwAmtEf57+Pmenl o6qmfR2oaAZl4kB4SYB8jknRawAc1Z3wMdPfqNd0u6lLiw+2ZaCdbnQjJvSqz8Ih P+hsX8I976fo3N9fHXL1LrSe2byslHqNlriNSG3wB2wBRG0DzzFqRjp6QUbi2sa+ fL5tKDBTzwc7EDgUeHZ/t5EqdRlCcQ7l5Iq3OR7H6HUF6GDNhGXAFoWmfvD83DyD miLxsyiUnOqsD5SA0qJprdWbJ57rmUGIBulpxlSqWHeov/4BO0TM3xrmlyCcE2kY CZRTWlZ179lGdBcJGYUSd34dV2+DMyQ6WOmBFD926r9hPKVE0TWAFlhuswIDAQAB o4IErzCCBKswHQYDVR0OBBYEFP5YlS05OTXw07zoFP2ReNBGk665MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMwL2IyNmFh OC1hY2U3LTRmYTYtOWU4ZS01ZDQ4YjY1Y2U1NzMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAvYjI2YWE4 LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8xL19saVZMVGs1TmZEVHZPZ1Vf WkY0MEVhVHJyay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIICJwYIKwYB BQUHAQcBAf8EggIWMIICEjCCAcoEAgABMIIBwgMEAFXMTgMEAFXMYgMEAFXMegME AFXMfQMEAFXMfwMEAFXM/gMEAFZofQMEAlZogAMEAFZp/QMEAFZqUAMEAFZqYQME AFZqaAMEA1ZqyAMEAFkhBQMEAlkhFAMEA1kheAMEAFkhowMEAlkhsAMEAFkh8gME AVkh+AMEAFkh/QMEA1kiCAMEAFkjJgMEAVkjoAMEAFkkFAMEAVkklgMEAFkkxgME AFkliAMEAVklnAMEAFknbgMEAFkn/AMEAVkoFgMEAFkoGQMEAFkoggMEAlkoxAME AlkrEAMEA1krKAMEAFkrSQMEAlkriAMEAVkryAMEAFks0QMEAVks1gMEA1ks4AME A1ktEAMEAFktIgMEAFkvNgMEAFkvWwMEAFvEmQMEAFvOewMEAFxybwMEAF1xLwME AF1xngMEAV1xygMEAF1yNwMEAF1yYwMEAF1yqwMEAF1yuwMEAV1y6AMEAF1zIgME AF1zrgMEAoscCAMEALkBJAMEArlWQAMEArnKVAMEALzUhgMEA7zUwAMEALzVEgME AbzXSAMEALzXXwMEALzwDgMEAbzxCgMEAbzxJAMEAsEXBAMEAMG7lQMEAMNfsjBC BAIAAjA8AwcAIAEH+ABkAwcAIAEH+ACXAwUDKgW2gAMFAyoJC4ADBQAqDJ/AAwUD KhC/AAMFAyoQwwADBQMqFDcAMB8GCCsGAQUFBwEIAQH/BBAwDqAMMAoCAwCiFgID ANzAMA0GCSqGSIb3DQEBCwUAA4IBAQCAf+jT0tTN3MBBcg9vc9x5M8QCEo+FZ5dh R7vuvvb+6at1jqh8+LGOd6a1+BwlUr/nlxlDi/jsPFLvRpkMzVGPzuwzeDO2ohLA fWhk6tO+MzRbMU29pm8TsmB9ALltZwkafqjzLcc69AHVVUDhL6VMxBXZoQAE7FmI AMhe4lTObagnfan4tWAi/HBmUeL8lLYNAfyg34mZBOJ+Zk1icW+6HTOYNj0PS+q8 7BReRhal9nEA7SSjkIRLJtBDeO6zF8pYm2CGJO9arV3dd1ojlNmH/yKbh1smNXHI d11+o6BQj+jg679bU3GyLewjJF4u2wn9+0urMwDk8B+8v++6vMCB -----END CERTIFICATE-----Generated at Wed Jan 21 09:15:41 2026 by rpki-client