This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_tSpb-HtAo1ZEtd6UAsJR4vRgyI.cer File: _tSpb-HtAo1ZEtd6UAsJR4vRgyI.cer (raw, json) Hash identifier: r2in/hgwJCNT1HowyrWTI8A3KdZrkO+dEWgny7WtPXk= Subject key identifier: FE:D4:A9:6F:E1:ED:02:8D:59:12:D7:7A:50:0B:09:47:8B:D1:83:22 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B79111568921EBFBD27DF0B56BD503A4C Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c0/98183c-edc4-464d-bf45-8899d1058b64/1/_tSpb-HtAo1ZEtd6UAsJR4vRgyI.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c0/98183c-edc4-464d-bf45-8899d1058b64/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 10:18:41 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 2.59.224.0/22 IP: 2a09:fb40::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:10:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:15:68:92:1e:bf:bd:27:df:0b:56:bd:50:3a:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 10:18:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fed4a96fe1ed028d5912d77a500b09478bd18322 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:97:11:7f:99:9d:8c:7d:92:d8:8d:9b:36:be: a5:8c:1e:a8:a6:e4:e6:72:7f:d4:72:84:f3:ef:58: c6:53:d6:4c:1e:bb:09:8a:25:fd:1e:99:9d:87:27: 2b:84:ea:55:fa:38:16:45:38:d2:72:fc:51:62:61: 0e:61:88:b0:d5:14:64:2b:97:f6:70:4d:24:2d:25: c2:ef:a6:4f:1d:ed:6f:6c:15:02:ee:f5:e9:9c:03: bd:26:ec:cf:d5:02:9f:1f:45:1f:37:6d:c8:ba:e1: 5b:50:ce:66:28:02:35:ab:28:31:51:04:51:93:4a: 80:4b:de:07:4c:66:08:f0:b5:cc:88:c3:20:ff:7a: 12:77:e1:97:76:f0:4b:90:0d:f9:9a:da:c9:5a:7e: c1:bd:84:7a:87:56:0c:a1:39:53:b8:40:20:6e:16: 3a:76:68:45:41:c8:c0:20:67:12:da:94:2c:b9:d1: 2f:e8:bd:bb:ae:60:99:ee:03:c4:73:52:7b:20:35: cd:61:8d:48:8a:e4:dc:a3:c9:ce:e1:0e:58:42:d3: 99:a0:1e:0e:15:40:af:71:d0:c1:e0:c0:f1:0d:8f: 80:79:14:71:04:61:51:03:80:ce:55:b6:81:79:7f: 49:bb:bb:bb:04:60:f9:b0:56:0a:27:86:f5:60:6a: 9f:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:D4:A9:6F:E1:ED:02:8D:59:12:D7:7A:50:0B:09:47:8B:D1:83:22 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/98183c-edc4-464d-bf45-8899d1058b64/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/98183c-edc4-464d-bf45-8899d1058b64/1/_tSpb-HtAo1ZEtd6UAsJR4vRgyI.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.59.224.0/22 IPv6: 2a09:fb40::/29 Signature Algorithm: sha256WithRSAEncryption 22:2a:f0:b7:55:60:fb:60:92:e2:21:56:06:3b:20:00:1e:5c: c8:9d:f4:7a:38:d6:8c:42:b8:e9:41:e8:af:9e:24:7c:49:ee: 1d:85:d2:8d:b9:09:7f:7f:20:13:de:f2:9a:f5:12:e9:6c:39: f5:f6:b4:8b:b3:4e:2c:0f:ed:41:a0:52:64:62:c4:6c:3b:5b: fd:45:d2:6d:34:15:3f:c4:6d:4d:e8:9f:6f:30:c8:24:fd:50: 15:9e:12:f2:cc:e2:f6:cd:00:ef:e9:c3:d9:bc:56:29:ed:4f: 73:3b:7c:a7:0b:63:67:76:ed:9b:0c:4c:60:69:ae:e5:78:2d: 6c:ab:4b:d6:12:c0:2d:56:8d:07:fb:21:03:af:a0:e3:3a:e0: 45:e8:1c:99:6c:5f:5a:ac:e5:b0:60:9e:09:06:6d:10:19:7f: 14:89:8f:95:7c:dd:24:af:c8:57:a2:33:e6:92:bd:cd:fa:98: 5f:12:83:67:c6:9f:4e:eb:8d:d1:6f:07:fc:f3:2f:15:04:cf: 26:cb:ca:51:04:02:c0:c8:ef:87:fb:51:50:26:1c:97:cf:63: 39:66:a8:3e:4a:21:ca:71:b0:40:94:37:e6:63:06:76:32:e9: 88:79:89:6b:1b:66:b6:73:f1:28:b8:7e:47:1d:e3:79:c5:0c: 9c:ce:59:91 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgISAZt5ERVokh6/vSffC1a9UDpMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTAxODQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmZWQ0YTk2ZmUxZWQwMjhkNTkxMmQ3N2E1MDBiMDk0NzhiZDE4MzIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5cRf5mdjH2S2I2bNr6ljB6opuTm cn/UcoTz71jGU9ZMHrsJiiX9HpmdhycrhOpV+jgWRTjScvxRYmEOYYiw1RRkK5f2 cE0kLSXC76ZPHe1vbBUC7vXpnAO9JuzP1QKfH0UfN23IuuFbUM5mKAI1qygxUQRR k0qAS94HTGYI8LXMiMMg/3oSd+GXdvBLkA35mtrJWn7BvYR6h1YMoTlTuEAgbhY6 dmhFQcjAIGcS2pQsudEv6L27rmCZ7gPEc1J7IDXNYY1IiuTco8nO4Q5YQtOZoB4O FUCvcdDB4MDxDY+AeRRxBGFRA4DOVbaBeX9Ju7u7BGD5sFYKJ4b1YGqfWQIDAQAB o4ICkzCCAo8wHQYDVR0OBBYEFP7UqW/h7QKNWRLXelALCUeL0YMiMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MwLzk4MTgz Yy1lZGM0LTQ2NGQtYmY0NS04ODk5ZDEwNThiNjQvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAvOTgxODNj LWVkYzQtNDY0ZC1iZjQ1LTg4OTlkMTA1OGI2NC8xL190U3BiLUh0QW8xWkV0ZDZV QXNKUjR2Umd5SS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCAjvgMA0EAgACMAcDBQMqCftAMA0GCSqGSIb3 DQEBCwUAA4IBAQAiKvC3VWD7YJLiIVYGOyAAHlzInfR6ONaMQrjpQeivniR8Se4d hdKNuQl/fyAT3vKa9RLpbDn19rSLs04sD+1BoFJkYsRsO1v9RdJtNBU/xG1N6J9v MMgk/VAVnhLyzOL2zQDv6cPZvFYp7U9zO3ynC2Nndu2bDExgaa7leC1sq0vWEsAt Vo0H+yEDr6DjOuBF6ByZbF9arOWwYJ4JBm0QGX8UiY+VfN0kr8hXojPmkr3N+phf EoNnxp9O643Rbwf88y8VBM8my8pRBALAyO+H+1FQJhyXz2M5Zqg+SiHKcbBAlDfm YwZ2MumIeYlrG2a2c/EouH5HHeN5xQyczlmR -----END CERTIFICATE-----Generated at Mon Feb 9 16:51:22 2026 by rpki-client