This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_xukAAfM3NCTDxor3EsC4plFdno.cer File: _xukAAfM3NCTDxor3EsC4plFdno.cer (raw, json) Hash identifier: UTzYEUAsKaHDQRw5cVq+/bVVsNz1FZLIEEVbpT5eX88= Subject key identifier: FF:1B:A4:00:07:CC:DC:D0:93:0F:1A:2B:DC:4B:02:E2:99:45:76:7A Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7F13C73244F2DD0C4D0BCBFF1E35EA29 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9d/060720-7320-49b5-89ab-8d2a653ba999/1/_xukAAfM3NCTDxor3EsC4plFdno.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9d/060720-7320-49b5-89ab-8d2a653ba999/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 14:19:21 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 185.104.136.0/22 IP: 217.65.132.0/22 IP: 2a10:97c0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:13:c7:32:44:f2:dd:0c:4d:0b:cb:ff:1e:35:ea:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 14:19:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ff1ba40007ccdcd0930f1a2bdc4b02e29945767a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:0b:1c:46:d0:c4:3f:31:93:a4:89:09:e3:d0: 77:e1:47:63:14:66:b7:3e:9d:90:a9:0a:e2:19:de: 7a:43:f5:00:ad:99:64:bb:57:e6:87:35:5c:f2:35: 5c:04:29:41:81:4c:03:3f:f1:80:c9:6c:f7:30:59: c8:9a:0e:be:08:91:18:e1:b3:10:94:dd:33:73:2e: bf:3c:bb:2a:be:78:ff:4d:9c:a3:7e:0a:0a:ed:01: 94:57:33:81:87:75:da:af:48:e6:bf:e3:e5:5f:e5: 3e:47:6d:a1:6b:7a:a8:92:8d:73:da:d4:72:ef:9b: 1c:b7:94:19:72:19:4b:e4:ac:4b:5b:29:01:bb:a5: 83:c3:82:ea:5e:7b:6f:af:e8:74:1c:6d:d8:90:47: 3b:dc:22:46:95:0d:d0:bd:0d:a4:9b:11:02:02:14: 5a:b8:9f:59:12:f5:16:68:16:88:5c:dc:f2:1d:59: 03:68:4e:0e:56:ba:c4:37:08:25:48:4b:ea:8c:34: 74:56:14:b1:d1:14:cf:88:19:b4:41:cf:a1:41:8f: 06:77:da:b9:4f:43:21:9a:95:e3:53:b4:aa:25:61: 85:d2:8c:38:79:d6:3a:28:e8:a7:60:c0:0f:9d:6f: 77:f7:09:47:86:83:73:86:43:e2:ce:e5:7c:0e:2d: f5:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:1B:A4:00:07:CC:DC:D0:93:0F:1A:2B:DC:4B:02:E2:99:45:76:7A X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/060720-7320-49b5-89ab-8d2a653ba999/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/060720-7320-49b5-89ab-8d2a653ba999/1/_xukAAfM3NCTDxor3EsC4plFdno.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.104.136.0/22 217.65.132.0/22 IPv6: 2a10:97c0::/29 Signature Algorithm: sha256WithRSAEncryption 72:c7:f4:67:0c:97:ef:37:1d:c2:97:28:a5:27:e6:92:0c:1c: 56:98:59:de:dd:40:b3:79:bd:93:b3:16:a9:84:db:5e:35:c8: 40:c9:fb:9b:ad:a3:1b:4c:15:80:a6:37:ca:fe:61:5d:b8:e1: b0:b7:c2:7c:ea:20:54:92:7d:49:e3:41:5d:24:3c:57:39:95: 96:65:af:f6:f0:c9:c7:b0:bc:b0:15:e0:0a:7d:46:61:34:ef: 1d:22:40:ba:93:1e:24:08:ed:33:c7:d6:c9:0e:7f:0b:47:02: 5e:f2:39:19:ed:12:c5:19:4d:a7:ee:cf:fe:13:ab:fe:07:6f: 4b:f1:57:17:c9:07:86:b1:90:b4:87:6c:63:1b:02:cb:de:74: 97:eb:bd:ac:35:7b:cc:fa:84:aa:81:c3:94:9d:51:8a:62:90: 77:1b:6c:fb:bb:9f:76:78:87:d0:0b:50:08:d5:58:9f:3c:9d: 33:25:6b:72:e0:ee:a8:ed:9c:75:07:64:05:05:20:6e:44:3f: f2:6c:85:4e:18:1b:aa:28:b7:1b:08:00:b5:37:67:9c:26:c3: 8e:46:94:a2:c1:a8:8c:95:51:4b:fb:91:86:db:32:54:5e:1f: 57:be:86:4f:c8:3b:85:87:e9:0b:4f:88:ed:84:f7:42:a3:53: a4:6f:c8:ca -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgISAZt/E8cyRPLdDE0Ly/8eNeopMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTQxOTIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmZjFiYTQwMDA3Y2NkY2QwOTMwZjFhMmJkYzRiMDJlMjk5NDU3NjdhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAscRtDEPzGTpIkJ49B34UdjFGa3 Pp2QqQriGd56Q/UArZlku1fmhzVc8jVcBClBgUwDP/GAyWz3MFnImg6+CJEY4bMQ lN0zcy6/PLsqvnj/TZyjfgoK7QGUVzOBh3Xar0jmv+PlX+U+R22ha3qoko1z2tRy 75sct5QZchlL5KxLWykBu6WDw4LqXntvr+h0HG3YkEc73CJGlQ3QvQ2kmxECAhRa uJ9ZEvUWaBaIXNzyHVkDaE4OVrrENwglSEvqjDR0VhSx0RTPiBm0Qc+hQY8Gd9q5 T0MhmpXjU7SqJWGF0ow4edY6KOinYMAPnW939wlHhoNzhkPizuV8Di310wIDAQAB o4ICmTCCApUwHQYDVR0OBBYEFP8bpAAHzNzQkw8aK9xLAuKZRXZ6MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzlkLzA2MDcy MC03MzIwLTQ5YjUtODlhYi04ZDJhNjUzYmE5OTkvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQvMDYwNzIw LTczMjAtNDliNS04OWFiLThkMmE2NTNiYTk5OS8xL194dWtBQWZNM05DVER4b3Iz RXNDNHBsRmRuby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF BwEHAQH/BCUwIzASBAIAATAMAwQCuWiIAwQC2UGEMA0EAgACMAcDBQMqEJfAMA0G CSqGSIb3DQEBCwUAA4IBAQByx/RnDJfvNx3ClyilJ+aSDBxWmFne3UCzeb2Tsxap hNteNchAyfubraMbTBWApjfK/mFduOGwt8J86iBUkn1J40FdJDxXOZWWZa/28MnH sLywFeAKfUZhNO8dIkC6kx4kCO0zx9bJDn8LRwJe8jkZ7RLFGU2n7s/+E6v+B29L 8VcXyQeGsZC0h2xjGwLL3nSX672sNXvM+oSqgcOUnVGKYpB3G2z7u592eIfQC1AI 1VifPJ0zJWty4O6o7Zx1B2QFBSBuRD/ybIVOGBuqKLcbCAC1N2ecJsOORpSiwaiM lVFL+5GG2zJUXh9XvoZPyDuFh+kLT4jthPdCo1Okb8jK -----END CERTIFICATE-----Generated at Mon Feb 9 18:23:49 2026 by rpki-client