This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer File: aRJCwzvC4unkWFCg_GSrLHUGpLg.cer (raw, json) Hash identifier: kE6e6K1RkTiSLPJOqevji3Ld8K6SFp36H3f68OJAJWQ= Subject key identifier: 69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019BDFDB27ABD7BB5E6F554DC5D88EFCE894 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Wed 21 Jan 2026 09:20:40 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 59711 AS: 61046 AS: 201525 AS: 202015 IP: 5.149.248.0/21 IP: 77.83.196.0/22 IP: 79.141.160.0/20 IP: 80.75.215.0/24 IP: 85.158.108.0/22 IP: 89.44.80.0/24 IP: 89.46.38.0/24 IP: 89.150.40.0/24 IP: 89.150.45.0/24 IP: 89.150.48.0/24 IP: 89.150.57.0/24 IP: 91.193.16.0/22 IP: 91.220.8.0/24 IP: 94.126.224.0/22 IP: 185.33.84.0/22 IP: 185.40.86.0/24 IP: 185.80.52.0/22 IP: 185.81.112.0/22 IP: 185.104.192.0/22 IP: 185.117.88.0/22 IP: 185.123.102.0/24 IP: 185.174.133.0/24 IP: 185.174.135.0/24 IP: 185.221.222.0/23 IP: 185.223.57.0/24 IP: 185.235.137.0 -- 185.235.138.255 IP: 185.253.116.0/22 IP: 188.119.148.0/23 IP: 193.42.36.0/22 IP: 193.111.208.0/24 IP: 194.124.229.0/24 IP: 195.95.155.0/24 IP: 2a01:8640::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:df:db:27:ab:d7:bb:5e:6f:55:4d:c5:d8:8e:fc:e8:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 21 09:20:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:d6:3d:d6:1e:d5:d9:c2:28:ec:a0:d9:eb:cf: 45:70:1c:60:86:15:74:a6:b1:f8:ea:06:c0:8b:c4: e9:5d:bc:c5:62:e1:5d:b2:24:7d:0f:7a:81:29:06: 50:b8:db:df:e4:07:c1:28:97:8e:63:f6:7f:75:fa: e0:36:de:e7:e1:55:c3:74:11:5c:3a:32:a3:26:71: 1b:02:cb:63:39:61:a7:d6:a0:64:9d:de:94:d2:82: 70:62:d6:c0:40:a9:44:db:d0:78:19:84:d8:39:cf: d6:2f:6f:c0:8c:b8:13:91:8a:48:aa:49:98:99:6d: 80:d3:48:ba:fb:97:51:32:f5:29:8d:17:b3:7c:30: f9:18:36:c5:43:36:dd:81:86:eb:4e:82:00:27:7c: 1d:47:16:e7:44:7b:15:47:c8:75:e6:7a:3d:ca:e2: 04:40:c2:da:2d:ec:7f:5a:3c:43:ff:57:e0:d8:50: d8:2f:c7:ab:2c:da:eb:56:0b:0b:71:c2:17:f4:63: 30:57:7f:f9:aa:5a:a6:12:09:9d:54:1b:54:b6:60: 33:81:b1:37:bd:d7:f5:f1:87:3e:e6:56:69:18:78: d2:45:6c:99:8c:48:28:bc:2b:21:b3:05:ea:2e:c1: a2:6b:54:e4:55:e5:07:85:e3:02:23:4e:4d:07:a1: a2:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.149.248.0/21 77.83.196.0/22 79.141.160.0/20 80.75.215.0/24 85.158.108.0/22 89.44.80.0/24 89.46.38.0/24 89.150.40.0/24 89.150.45.0/24 89.150.48.0/24 89.150.57.0/24 91.193.16.0/22 91.220.8.0/24 94.126.224.0/22 185.33.84.0/22 185.40.86.0/24 185.80.52.0/22 185.81.112.0/22 185.104.192.0/22 185.117.88.0/22 185.123.102.0/24 185.174.133.0/24 185.174.135.0/24 185.221.222.0/23 185.223.57.0/24 185.235.137.0-185.235.138.255 185.253.116.0/22 188.119.148.0/23 193.42.36.0/22 193.111.208.0/24 194.124.229.0/24 195.95.155.0/24 IPv6: 2a01:8640::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 59711 61046 201525 202015 Signature Algorithm: sha256WithRSAEncryption 41:dc:21:c9:55:f5:9e:f7:cc:4c:b9:15:15:12:e8:60:55:c8: c2:10:96:d1:c6:08:3d:72:53:18:df:89:6b:71:c8:21:65:24: 1c:ef:3b:39:d2:3c:ea:12:7e:76:61:bb:26:10:a8:99:96:28: 0c:01:b1:b2:42:ba:be:2f:d1:12:dd:28:4f:40:ea:fe:2f:38: 9e:e6:78:b1:7b:9c:de:9c:fe:39:29:7e:af:c8:07:8d:bd:64: 96:fc:32:aa:82:5f:7b:08:6f:6a:49:67:5e:b5:14:1c:99:ca: 51:76:95:5a:1f:e1:d4:c8:c2:54:a8:8c:8b:36:01:57:4a:cf: 76:77:c3:d7:44:a9:62:95:09:41:74:39:e8:54:16:51:ad:40: 74:a0:6b:0e:95:53:87:e5:8f:a6:2d:1d:3c:9b:ea:89:8e:2e: 8e:34:d2:63:2b:4d:62:b0:6a:f2:f0:35:99:4f:8e:d2:1b:8f: 25:37:d7:cf:46:45:0a:5b:d7:d6:04:77:24:0e:d6:c7:6a:e3: f1:86:d9:f3:aa:dd:f6:14:e9:27:77:11:1c:7e:ed:ec:dd:81: 1e:21:65:e1:86:ad:ab:d8:76:5d:ec:2f:d2:96:da:d7:38:af: 3c:80:7b:38:35:12:9e:2f:84:56:b8:a7:2a:ec:7e:36:58:c9: 53:11:0d:21 -----BEGIN CERTIFICATE----- MIIGeTCCBWGgAwIBAgISAZvf2yer17teb1VNxdiO/OiUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTIxMDkyMDQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2OTEyNDJjMzNiYzJlMmU5ZTQ1ODUwYTBmYzY0YWIyYzc1MDZhNGI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNY91h7V2cIo7KDZ689FcBxghhV0 prH46gbAi8TpXbzFYuFdsiR9D3qBKQZQuNvf5AfBKJeOY/Z/dfrgNt7n4VXDdBFc OjKjJnEbAstjOWGn1qBknd6U0oJwYtbAQKlE29B4GYTYOc/WL2/AjLgTkYpIqkmY mW2A00i6+5dRMvUpjRezfDD5GDbFQzbdgYbrToIAJ3wdRxbnRHsVR8h15no9yuIE QMLaLex/WjxD/1fg2FDYL8erLNrrVgsLccIX9GMwV3/5qlqmEgmdVBtUtmAzgbE3 vdf18Yc+5lZpGHjSRWyZjEgovCshswXqLsGia1TkVeUHheMCI05NB6GitwIDAQAB o4IDhTCCA4EwHQYDVR0OBBYEFGkSQsM7wuLp5FhQoPxkqyx1BqS4MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M3LzYzNTZi OS1jNDlmLTRiNGQtOGUyOS0zNjJmZmU4ZWUyNzAvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcvNjM1NmI5 LWM0OWYtNGI0ZC04ZTI5LTM2MmZmZThlZTI3MC8xL2FSSkN3enZDNHVua1dGQ2df R1NyTEhVR3BMZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIH0BggrBgEF BQcBBwEB/wSB5DCB4TCBzwQCAAEwgcgDBAMFlfgDBAJNU8QDBARPjaADBABQS9cD BAJVnmwDBABZLFADBABZLiYDBABZligDBABZli0DBABZljADBABZljkDBAJbwRAD BABb3AgDBAJefuADBAK5IVQDBAC5KFYDBAK5UDQDBAK5UXADBAK5aMADBAK5dVgD BAC5e2YDBAC5roUDBAC5rocDBAG53d4DBAC53zkwDAMEALnriQMEALnrigMEArn9 dAMEAbx3lAMEAsEqJAMEAMFv0AMEAMJ85QMEAMNfmzANBAIAAjAHAwUAKgGGQDAp BggrBgEFBQcBCAEB/wQaMBigFjAUAgMA6T8CAwDudgIDAxM1AgMDFR8wDQYJKoZI hvcNAQELBQADggEBAEHcIclV9Z73zEy5FRUS6GBVyMIQltHGCD1yUxjfiWtxyCFl JBzvOznSPOoSfnZhuyYQqJmWKAwBsbJCur4v0RLdKE9A6v4vOJ7meLF7nN6c/jkp fq/IB429ZJb8MqqCX3sIb2pJZ161FByZylF2lVof4dTIwlSojIs2AVdKz3Z3w9dE qWKVCUF0OehUFlGtQHSgaw6VU4flj6YtHTyb6omOLo400mMrTWKwavLwNZlPjtIb jyU3189GRQpb19YEdyQO1sdq4/GG2fOq3fYU6Sd3ERx+7ezdgR4hZeGGravYdl3s L9KW2tc4rzyAezg1Ep4vhFa4pyrsfjZYyVMRDSE= -----END CERTIFICATE-----Generated at Sun Jan 25 10:40:12 2026 by rpki-client