This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cWhC3EOYNmNaXJ7WwKSVs-Y0SgM.cer File: cWhC3EOYNmNaXJ7WwKSVs-Y0SgM.cer (raw, json) Hash identifier: /3fhyizyKnAOgEXsxXDHic9wcfCp7QNv5oC7XOgIubI= Subject key identifier: 71:68:42:DC:43:98:36:63:5A:5C:9E:D6:C0:A4:95:B3:E6:34:4A:03 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7EA6DB7C623CD1B20419C7C95A102A7C Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a6/f86007-a964-4d1f-835d-70602756cc8d/1/cWhC3EOYNmNaXJ7WwKSVs-Y0SgM.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a6/f86007-a964-4d1f-835d-70602756cc8d/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 12:20:23 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 61165 IP: 146.19.252.0/24 IP: 176.117.111.0/24 IP: 2a14:5d80::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:db:7c:62:3c:d1:b2:04:19:c7:c9:5a:10:2a:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 12:20:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=716842dc439836635a5c9ed6c0a495b3e6344a03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:8d:04:fb:fd:14:b5:bb:01:ec:6d:48:1b:7f: 2e:51:76:ef:fb:63:77:b9:39:90:5a:7b:ba:7e:71: d4:85:b4:66:8a:8d:33:6f:8d:59:8d:36:8c:d0:b2: 3b:dd:30:14:ed:dc:ae:d2:64:b4:39:af:ee:fc:eb: a4:35:f0:83:00:c5:76:2c:e2:86:72:91:5c:3e:3f: b3:6c:d6:b8:bf:ef:67:ae:07:a8:6b:d4:27:5e:8c: cf:40:b9:dd:c3:28:7f:ce:bc:06:b4:eb:6d:45:e1: 42:64:c1:17:3d:45:b8:24:e7:59:01:4e:4f:d0:c9: 47:f6:3b:bf:cb:c6:f0:39:6f:2c:57:bf:ac:e1:29: 42:22:8a:3f:53:eb:16:93:55:1f:1f:f9:3b:e7:a8: d9:38:37:c6:ae:6f:51:7e:ca:15:09:42:48:ad:69: d3:9d:60:99:66:a8:d8:ae:60:49:21:73:f5:0d:5d: 28:dd:a3:fa:4e:14:eb:7e:3b:78:21:3b:cc:e8:89: 1a:d6:c3:14:59:26:8e:9e:db:9a:78:83:d1:dd:44: 74:aa:05:16:92:6e:d1:cb:25:9f:fe:83:68:47:bb: 9a:f5:34:cd:c8:38:27:a1:a5:91:d8:1b:89:bc:ff: 67:89:ba:98:b7:20:4a:7f:f2:c9:6a:fb:71:56:99: ff:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:68:42:DC:43:98:36:63:5A:5C:9E:D6:C0:A4:95:B3:E6:34:4A:03 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/f86007-a964-4d1f-835d-70602756cc8d/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/f86007-a964-4d1f-835d-70602756cc8d/1/cWhC3EOYNmNaXJ7WwKSVs-Y0SgM.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 146.19.252.0/24 176.117.111.0/24 IPv6: 2a14:5d80::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 61165 Signature Algorithm: sha256WithRSAEncryption 4d:b1:a7:da:49:ae:16:37:ed:9b:1c:ea:fb:37:f8:a5:d8:c6: 9f:d8:e8:7f:8a:20:43:61:1c:34:cf:30:c5:12:24:92:a7:eb: e6:a5:7d:68:4c:13:34:51:7d:84:34:59:18:56:4e:6d:b3:6c: 31:0b:84:1d:b2:e0:a3:2f:37:96:20:81:94:cd:d4:64:80:cc: ef:46:18:bf:96:02:d8:30:b0:21:50:fc:75:c8:cf:7a:b7:98: e3:53:b4:a7:fb:97:f8:f0:35:4a:98:b8:b2:8d:50:e4:e3:84: c5:93:7a:7e:3f:61:cd:8d:62:65:34:ea:35:d8:1f:e7:95:4d: 43:f3:4f:aa:ae:9f:c5:9f:f0:1f:b3:ac:a3:91:6b:92:3b:16: e9:74:14:35:33:19:93:f5:f5:c1:96:fd:72:5d:bb:65:c1:7d: 71:19:ad:29:fa:80:74:a7:61:f9:6b:d5:54:f9:a8:da:c2:40: 8c:4f:24:b2:f1:cb:21:9c:21:16:6d:e5:9e:7a:4c:b5:5d:2d: 0e:58:ec:d3:e4:d0:39:0b:83:d6:05:20:50:6e:33:06:c5:eb: 82:fe:df:11:13:34:a0:dc:03:e3:5e:37:37:e9:7c:23:b1:95: 9b:67:4c:53:ef:c1:00:00:78:75:e0:17:9d:9b:8d:7f:7a:80: 81:88:6a:d2 -----BEGIN CERTIFICATE----- MIIFqTCCBJGgAwIBAgISAZt+ptt8YjzRsgQZx8laECp8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTIyMDIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MTY4NDJkYzQzOTgzNjYzNWE1YzllZDZjMGE0OTViM2U2MzQ0YTAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjo0E+/0UtbsB7G1IG38uUXbv+2N3 uTmQWnu6fnHUhbRmio0zb41ZjTaM0LI73TAU7dyu0mS0Oa/u/OukNfCDAMV2LOKG cpFcPj+zbNa4v+9nrgeoa9QnXozPQLndwyh/zrwGtOttReFCZMEXPUW4JOdZAU5P 0MlH9ju/y8bwOW8sV7+s4SlCIoo/U+sWk1UfH/k756jZODfGrm9RfsoVCUJIrWnT nWCZZqjYrmBJIXP1DV0o3aP6ThTrfjt4ITvM6Ika1sMUWSaOntuaeIPR3UR0qgUW km7RyyWf/oNoR7ua9TTNyDgnoaWR2BuJvP9nibqYtyBKf/LJavtxVpn/XQIDAQAB o4ICtTCCArEwHQYDVR0OBBYEFHFoQtxDmDZjWlye1sCklbPmNEoDMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E2L2Y4NjAw Ny1hOTY0LTRkMWYtODM1ZC03MDYwMjc1NmNjOGQvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYvZjg2MDA3 LWE5NjQtNGQxZi04MzVkLTcwNjAyNzU2Y2M4ZC8xL2NXaEMzRU9ZTm1OYVhKN1d3 S1NWcy1ZMFNnTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF BwEHAQH/BCUwIzASBAIAATAMAwQAkhP8AwQAsHVvMA0EAgACMAcDBQMqFF2AMBoG CCsGAQUFBwEIAQH/BAswCaAHMAUCAwDu7TANBgkqhkiG9w0BAQsFAAOCAQEATbGn 2kmuFjftmxzq+zf4pdjGn9jof4ogQ2EcNM8wxRIkkqfr5qV9aEwTNFF9hDRZGFZO bbNsMQuEHbLgoy83liCBlM3UZIDM70YYv5YC2DCwIVD8dcjPereY41O0p/uX+PA1 Spi4so1Q5OOExZN6fj9hzY1iZTTqNdgf55VNQ/NPqq6fxZ/wH7Oso5FrkjsW6XQU NTMZk/X1wZb9cl27ZcF9cRmtKfqAdKdh+WvVVPmo2sJAjE8ksvHLIZwhFm3lnnpM tV0tDljs0+TQOQuD1gUgUG4zBsXrgv7fERM0oNwD4143N+l8I7GVm2dMU+/BAAB4 deAXnZuNf3qAgYhq0g== -----END CERTIFICATE-----Generated at Mon Feb 9 19:46:46 2026 by rpki-client