This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer File: ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer (raw, json) Hash identifier: 8hc+nGXcozeqMRC7DAEzkjzZnj6EkPoMDl/q2EDjvJY= Subject key identifier: 72:24:D6:F0:72:52:1A:D6:EB:3D:02:9B:18:9F:42:D2:40:A9:15:30 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7BA53217A2464EE75444ECFB6CCD80D2 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 22:19:42 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 48470 IP: 46.175.96.0/21 IP: 91.215.140.0/22 IP: 91.247.68.0/22 IP: 94.232.184.0/21 IP: 193.107.140.0/22 IP: 195.191.190.0/23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:32:17:a2:46:4e:e7:54:44:ec:fb:6c:cd:80:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 22:19:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7224d6f072521ad6eb3d029b189f42d240a91530 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:16:b9:d6:9c:22:d8:7c:33:b5:82:07:03:dd: 6b:2a:08:65:f3:a2:11:a8:e6:4b:54:e1:49:31:d0: 70:d0:5f:d2:5f:da:8a:56:76:77:0d:c9:fc:64:6a: 81:1f:6d:d3:20:64:9c:13:e9:b7:e9:65:1d:4b:9b: a0:9c:6d:f3:ac:a4:e4:50:31:2b:16:78:00:c9:54: 4a:64:e6:8a:c7:08:a6:be:42:b0:c0:94:7a:e9:47: 71:67:d6:70:92:a6:f3:a9:95:83:cf:a3:0e:3c:93: 27:76:2d:c0:e7:16:0f:22:f3:ac:1a:f2:09:a4:b7: 65:d5:57:64:8e:be:52:4e:e1:e2:5d:45:47:00:1b: 47:c7:3f:cb:6d:e8:80:b2:d9:4c:cb:00:64:b6:96: cb:4f:d7:bc:4f:61:64:d5:0a:b9:bf:2f:6e:ec:f0: 11:2f:86:f9:1f:80:fd:69:e0:d7:45:19:fb:18:e7: 72:6e:e7:e6:e6:c8:50:3d:82:34:09:de:5d:81:87: 1b:d4:5b:4e:8b:ea:4f:03:82:8a:cd:66:b3:74:fe: 33:31:76:16:30:42:df:cd:f3:30:b2:23:cf:ac:5c: c3:cb:bc:f7:55:1c:39:7d:7b:9b:df:77:2f:7c:7d: 3e:05:41:28:ee:6b:a3:9c:03:59:7a:5c:90:21:48: 28:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:24:D6:F0:72:52:1A:D6:EB:3D:02:9B:18:9F:42:D2:40:A9:15:30 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.175.96.0/21 91.215.140.0/22 91.247.68.0/22 94.232.184.0/21 193.107.140.0/22 195.191.190.0/23 sbgp-autonomousSysNum: critical Autonomous System Numbers: 48470 Signature Algorithm: sha256WithRSAEncryption 2a:d3:68:e0:1e:43:36:ef:d0:59:f3:5d:4b:6f:d8:5e:5c:2c: 37:c7:c2:c6:b6:21:97:2b:55:ed:65:92:f8:ef:13:a9:e1:40: c7:06:40:54:86:a5:49:22:a8:fd:f6:ef:b4:e3:ef:4d:e0:71: 49:b3:9c:c2:e2:d0:33:ea:97:99:fc:4e:66:8a:7b:71:9e:a2: 70:fb:89:b1:a5:f6:c3:ce:e9:63:d8:93:39:6d:29:8c:a2:02: 0f:cf:d3:38:e0:79:71:aa:c2:51:67:0e:86:8e:e2:b2:ab:7e: 04:ad:e1:e4:47:3e:06:69:de:38:d1:25:ee:f2:c9:f4:fb:68: 9e:fc:2d:9d:1d:28:8c:87:e7:ef:c8:67:65:be:5d:d1:f3:8a: db:42:5f:7d:48:92:c7:31:a9:2d:87:3e:92:41:31:8c:db:f0: c8:33:37:bd:43:3a:f9:5e:61:72:f6:6a:fa:43:a5:13:16:ec: e7:75:51:ac:4b:93:32:45:f8:80:5f:46:a6:2c:32:2d:f6:7f: 48:ea:68:7a:e7:f7:f3:be:10:40:dd:1e:79:65:39:38:69:0f: 07:86:22:d5:4f:5c:3b:cb:e5:26:b6:60:d5:3e:0b:fa:63:44: 3d:7d:ee:a1:b2:74:e2:c1:49:db:ea:b6:cb:8b:b0:c2:f1:5b: 74:7b:af:8e -----BEGIN CERTIFICATE----- MIIFsjCCBJqgAwIBAgISAZt7pTIXokZO51RE7PtszYDSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjIxOTQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MjI0ZDZmMDcyNTIxYWQ2ZWIzZDAyOWIxODlmNDJkMjQwYTkxNTMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApha51pwi2HwztYIHA91rKghl86IR qOZLVOFJMdBw0F/SX9qKVnZ3Dcn8ZGqBH23TIGScE+m36WUdS5ugnG3zrKTkUDEr FngAyVRKZOaKxwimvkKwwJR66UdxZ9ZwkqbzqZWDz6MOPJMndi3A5xYPIvOsGvIJ pLdl1Vdkjr5STuHiXUVHABtHxz/LbeiAstlMywBktpbLT9e8T2Fk1Qq5vy9u7PAR L4b5H4D9aeDXRRn7GOdybufm5shQPYI0Cd5dgYcb1FtOi+pPA4KKzWazdP4zMXYW MELfzfMwsiPPrFzDy7z3VRw5fXub33cvfH0+BUEo7mujnANZelyQIUgopwIDAQAB o4ICvjCCArowHQYDVR0OBBYEFHIk1vByUhrW6z0CmxifQtJAqRUwMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhlLzQzZjJk MC01MWViLTQ1YzUtYmJiZS05YzEzNzBkYTkzOWUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUvNDNmMmQw LTUxZWItNDVjNS1iYmJlLTljMTM3MGRhOTM5ZS8xL2NpVFc4SEpTR3RiclBRS2JH SjlDMGtDcEZUQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUF BwEHAQH/BC4wLDAqBAIAATAkAwQDLq9gAwQCW9eMAwQCW/dEAwQDXui4AwQCwWuM AwQBw7++MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwC9VjANBgkqhkiG9w0BAQsF AAOCAQEAKtNo4B5DNu/QWfNdS2/YXlwsN8fCxrYhlytV7WWS+O8TqeFAxwZAVIal SSKo/fbvtOPvTeBxSbOcwuLQM+qXmfxOZop7cZ6icPuJsaX2w87pY9iTOW0pjKIC D8/TOOB5carCUWcOho7isqt+BK3h5Ec+BmneONEl7vLJ9PtonvwtnR0ojIfn78hn Zb5d0fOK20JffUiSxzGpLYc+kkExjNvwyDM3vUM6+V5hcvZq+kOlExbs53VRrEuT MkX4gF9GpiwyLfZ/SOpoeuf3874QQN0eeWU5OGkPB4Yi1U9cO8vlJrZg1T4L+mNE PX3uobJ04sFJ2+q2y4uwwvFbdHuvjg== -----END CERTIFICATE-----Generated at Tue Jan 27 09:58:24 2026 by rpki-client