This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bxDY4VZOQDEsnd8huiqgO6VZ6tY.cer File: bxDY4VZOQDEsnd8huiqgO6VZ6tY.cer (raw, json) Hash identifier: 6u+V9Fh3f+XCw3VqdgvZw1Q0gaVhTRy6aSNEh+bVl5w= Subject key identifier: 6F:10:D8:E1:56:4E:40:31:2C:9D:DF:21:BA:2A:A0:3B:A5:59:EA:D6 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7E390693CAB1FD1F3B361C235DBA7C9B Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/bxDY4VZOQDEsnd8huiqgO6VZ6tY.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 10:20:25 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 64476 IP: 46.247.136.0 -- 46.247.141.255 IP: 85.190.64.0/19 IP: 87.121.208.0/21 IP: 185.161.168.0/22 IP: 185.231.8.0/22 IP: 185.253.168.0/22 IP: 2a0a:e800::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:06:93:ca:b1:fd:1f:3b:36:1c:23:5d:ba:7c:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 10:20:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6f10d8e1564e40312c9ddf21ba2aa03ba559ead6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:41:9f:cb:8d:d4:30:18:b6:b4:9b:6f:14:ea: 70:3b:2e:9c:e0:6f:7a:b4:ce:ca:ee:53:14:d1:29: 66:2f:ed:2e:cb:4a:73:81:55:73:e0:fe:08:f9:6f: 4b:a7:d7:ef:c4:9f:fe:eb:b0:1d:9d:67:e1:fb:d1: 73:62:e6:df:96:5b:f9:e0:93:9f:d0:13:ab:e6:cd: 29:20:b5:e1:11:ea:3b:b2:0d:a5:3a:5e:31:57:a4: e6:7b:11:4f:19:40:de:fd:43:b4:56:a3:e4:37:8d: c4:b0:7e:b3:82:e1:ba:94:db:83:54:8f:7d:a6:1a: fb:45:eb:22:c4:7e:ab:b5:5e:ed:68:d4:00:51:a0: c7:c8:4b:c8:9f:f9:40:5f:5d:b7:f4:da:da:c4:68: 10:f1:22:b7:ba:26:2d:ac:de:37:1b:58:34:f8:f9: a3:1d:aa:c2:f0:ec:51:34:60:cd:0e:6b:88:6b:28: 13:df:8b:56:0e:a0:82:d6:8e:d6:6a:fb:71:32:89: 64:bd:ac:e0:69:bd:c4:3f:8a:96:c5:56:53:ab:98: 6f:cd:42:3c:f2:ca:0c:6a:97:7f:42:f9:34:bb:e1: bc:dd:d6:75:36:78:7d:e4:40:62:68:9e:cc:0a:42: fa:73:4e:d7:90:a8:89:51:2f:c9:6a:ee:08:e9:95: 45:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:10:D8:E1:56:4E:40:31:2C:9D:DF:21:BA:2A:A0:3B:A5:59:EA:D6 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/bxDY4VZOQDEsnd8huiqgO6VZ6tY.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.247.136.0-46.247.141.255 85.190.64.0/19 87.121.208.0/21 185.161.168.0/22 185.231.8.0/22 185.253.168.0/22 IPv6: 2a0a:e800::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 64476 Signature Algorithm: sha256WithRSAEncryption 09:68:00:4b:4b:7a:53:a5:44:e8:40:d7:6b:3b:9d:56:02:0e: 23:dd:bd:07:37:e2:63:f6:13:1f:0d:c4:e4:f7:6a:f8:b7:24: d2:48:9a:38:e2:77:79:02:ab:26:4d:23:17:ee:b2:30:f9:96: b4:da:83:ac:fd:23:64:a4:23:7c:71:98:2d:be:fa:e6:ba:ad: 83:fb:2c:ca:73:db:ff:eb:ac:cf:43:d2:8d:5f:67:97:e6:8a: 07:c3:c2:9b:e1:a3:a7:b6:a9:a9:b5:c9:aa:69:c8:fb:bb:1b: 08:0e:ed:2b:e3:dd:94:f4:ec:b9:84:3b:9e:6a:8c:8c:c9:b4: 86:b7:6a:a0:d1:12:15:db:a9:ef:eb:a5:e7:9a:df:15:e4:1b: 1c:2b:b0:6c:14:ac:dd:af:65:ce:fd:25:af:ff:ac:75:c1:4f: bb:ff:a6:15:11:48:b2:46:38:60:6b:5d:bf:c3:f4:4c:02:17: 02:4e:9b:73:2e:a3:7f:ba:1f:8e:ae:0c:dd:db:bf:74:77:7c: ae:ce:85:5f:8c:68:99:f2:6e:93:5f:c5:1d:27:b6:20:3a:2e: f8:cb:f1:15:ff:49:3a:4a:7f:a5:fb:1c:df:34:b7:05:6a:9d: ac:ca:fc:a4:ae:ba:7e:88:82:35:ed:57:15:cf:30:76:27:dd: a7:79:08:30 -----BEGIN CERTIFICATE----- MIIFyTCCBLGgAwIBAgISAZt+OQaTyrH9Hzs2HCNdunybMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTAyMDI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZjEwZDhlMTU2NGU0MDMxMmM5ZGRmMjFiYTJhYTAzYmE1NTllYWQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkGfy43UMBi2tJtvFOpwOy6c4G96 tM7K7lMU0SlmL+0uy0pzgVVz4P4I+W9Lp9fvxJ/+67AdnWfh+9FzYubfllv54JOf 0BOr5s0pILXhEeo7sg2lOl4xV6TmexFPGUDe/UO0VqPkN43EsH6zguG6lNuDVI99 phr7ResixH6rtV7taNQAUaDHyEvIn/lAX1239NraxGgQ8SK3uiYtrN43G1g0+Pmj HarC8OxRNGDNDmuIaygT34tWDqCC1o7WavtxMolkvazgab3EP4qWxVZTq5hvzUI8 8soMapd/Qvk0u+G83dZ1Nnh95EBiaJ7MCkL6c07XkKiJUS/Jau4I6ZVFOQIDAQAB o4IC1TCCAtEwHQYDVR0OBBYEFG8Q2OFWTkAxLJ3fIboqoDulWerWMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRmL2NmZGEw NS0xOTBkLTQxNDItYmQ0Zi1iNmE4ZjhlODBmN2IvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvY2ZkYTA1 LTE5MGQtNDE0Mi1iZDRmLWI2YThmOGU4MGY3Yi8xL2J4RFk0VlpPUURFc25kOGh1 aXFnTzZWWjZ0WS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFQGCCsGAQUF BwEHAQH/BEUwQzAyBAIAATAsMAwDBAMu94gDBAEu94wDBAVVvkADBANXedADBAK5 oagDBAK55wgDBAK5/agwDQQCAAIwBwMFAyoK6AAwGgYIKwYBBQUHAQgBAf8ECzAJ oAcwBQIDAPvcMA0GCSqGSIb3DQEBCwUAA4IBAQAJaABLS3pTpUToQNdrO51WAg4j 3b0HN+Jj9hMfDcTk92r4tyTSSJo44nd5AqsmTSMX7rIw+Za02oOs/SNkpCN8cZgt vvrmuq2D+yzKc9v/66zPQ9KNX2eX5ooHw8Kb4aOntqmptcmqacj7uxsIDu0r492U 9Oy5hDueaoyMybSGt2qg0RIV26nv66Xnmt8V5BscK7BsFKzdr2XO/SWv/6x1wU+7 /6YVEUiyRjhga12/w/RMAhcCTptzLqN/uh+Orgzd2790d3yuzoVfjGiZ8m6TX8Ud J7YgOi74y/EV/0k6Sn+l+xzfNLcFap2syvykrrp+iII17VcVzzB2J92neQgw -----END CERTIFICATE-----Generated at Mon Feb 9 19:50:53 2026 by rpki-client