This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4LgCn_HYX2UJguB_SKjo_PcaG0.cer File: d4LgCn_HYX2UJguB_SKjo_PcaG0.cer (raw, json) Hash identifier: zRz99UHUIc/sVMN+siUnlZk4Qwyw0wrWzOd3qrYWv7s= Subject key identifier: 77:82:E0:0A:7F:C7:61:7D:94:26:0B:81:FD:22:A3:A3:F3:DC:68:6D Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019C2357015D322B8EEB0AEB2B7066288F0A Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Tue 03 Feb 2026 11:50:30 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 13082 AS: 21299 AS: 35566 AS: 42770 AS: 197556 AS: 206026 IP: 5.34.0.0/17 IP: 5.101.52.0 -- 5.101.59.255 IP: 5.188.240.0/20 IP: 31.132.80.0/20 IP: 37.9.16.0/20 IP: 37.99.0.0/17 IP: 46.34.192.0/19 IP: 46.42.192.0/18 IP: 46.227.184.0/21 IP: 67.209.128.0/19 IP: 77.74.64.0/21 IP: 77.94.3.0 -- 77.94.31.255 IP: 80.241.32.0/20 IP: 85.29.128.0/18 IP: 86.107.128.0/20 IP: 87.239.160.0/21 IP: 87.243.8.0 -- 87.243.63.255 IP: 87.247.0.0/18 IP: 89.33.112.0/22 IP: 89.33.208.0/20 IP: 89.35.252.0/22 IP: 89.36.164.0/22 IP: 89.36.200.0/22 IP: 89.37.24.0/22 IP: 89.37.220.0/22 IP: 89.40.48.0/20 IP: 89.40.192.0/22 IP: 89.42.60.0/22 IP: 89.42.204.0/23 IP: 89.43.20.0/22 IP: 89.43.164.0/22 IP: 89.44.12.0/22 IP: 91.215.96.0/22 IP: 91.240.8.0/22 IP: 91.244.96.0/20 IP: 91.245.196.0/22 IP: 92.49.192.0/18 IP: 92.55.160.0/19 IP: 95.82.64.0/18 IP: 103.241.108.0/22 IP: 109.166.56.0 -- 109.166.87.255 IP: 109.201.32.0/19 IP: 109.206.0.0/19 IP: 146.0.60.0/22 IP: 146.0.192.0/20 IP: 162.255.196.0/22 IP: 173.244.144.0/20 IP: 176.100.48.0/21 IP: 176.118.56.0/21 IP: 176.124.80.0/20 IP: 176.222.128.0/18 IP: 176.223.72.0/21 IP: 176.223.100.0/22 IP: 176.223.184.0/22 IP: 185.8.232.0/22 IP: 185.14.100.0/22 IP: 185.34.66.0/24 IP: 185.80.80.0/22 IP: 185.97.56.0/22 IP: 185.116.140.0/22 IP: 188.246.236.0 -- 188.246.255.255 IP: 188.247.176.0 -- 188.247.223.255 IP: 192.159.38.0/23 IP: 192.162.156.0/22 IP: 192.175.14.0/23 IP: 194.0.124.0/22 IP: 194.105.104.0/21 IP: 194.187.136.0/22 IP: 198.45.116.0/22 IP: 198.89.88.0/21 IP: 207.174.216.0/22 IP: 212.76.0.0/19 IP: 213.5.184.0/21 IP: 213.109.208.0/20 IP: 2a01:4b40::/32 IP: 2a01:b0c0::/32 IP: 2a0d:b200::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:10:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:23:57:01:5d:32:2b:8e:eb:0a:eb:2b:70:66:28:8f:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Feb 3 11:50:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7782e00a7fc7617d94260b81fd22a3a3f3dc686d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:0d:f3:b1:c0:ec:5b:ef:b4:73:e9:a5:03:5c: f7:b3:b1:94:52:4b:98:93:72:81:19:f3:73:07:24: 1d:1b:44:36:81:8e:4c:fb:b7:bc:d3:24:84:14:9d: a8:55:43:70:35:87:29:85:ce:a4:52:12:02:3f:c9: b1:dd:c1:60:5e:ff:74:f6:da:cb:28:f8:60:d9:3c: ef:9b:2f:8a:5f:51:c8:2d:8b:3c:fb:7a:69:0a:26: f7:6c:5f:13:fa:23:00:39:a1:12:d3:c2:f9:70:c4: b4:fe:24:c1:23:9f:d7:b7:1e:58:55:78:c8:6c:b5: a4:60:bb:6c:8f:bc:34:b5:7d:fa:3d:19:3f:ea:7e: d2:70:e6:77:66:da:fd:62:0f:dc:ff:6f:99:5a:3c: e0:37:c7:93:ac:31:e4:dc:4b:3c:0f:14:b8:ed:49: ef:59:5d:ce:5b:3b:af:6a:82:58:63:cd:f3:f9:85: 6c:33:e9:80:32:e8:0a:1e:0f:e0:7a:7e:0c:0c:66: 75:0b:d0:c8:57:c2:ee:16:6b:93:7b:8c:2d:ad:0a: 3e:1b:02:63:d2:ea:de:ae:ce:14:c2:a8:dd:b7:90: f5:43:b0:94:b5:21:4d:7d:06:25:96:d4:4f:c2:3c: f3:20:bf:69:be:38:bf:b3:20:8a:ea:cb:6c:b2:4d: 7d:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:82:E0:0A:7F:C7:61:7D:94:26:0B:81:FD:22:A3:A3:F3:DC:68:6D X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.34.0.0/17 5.101.52.0-5.101.59.255 5.188.240.0/20 31.132.80.0/20 37.9.16.0/20 37.99.0.0/17 46.34.192.0/19 46.42.192.0/18 46.227.184.0/21 67.209.128.0/19 77.74.64.0/21 77.94.3.0-77.94.31.255 80.241.32.0/20 85.29.128.0/18 86.107.128.0/20 87.239.160.0/21 87.243.8.0-87.243.63.255 87.247.0.0/18 89.33.112.0/22 89.33.208.0/20 89.35.252.0/22 89.36.164.0/22 89.36.200.0/22 89.37.24.0/22 89.37.220.0/22 89.40.48.0/20 89.40.192.0/22 89.42.60.0/22 89.42.204.0/23 89.43.20.0/22 89.43.164.0/22 89.44.12.0/22 91.215.96.0/22 91.240.8.0/22 91.244.96.0/20 91.245.196.0/22 92.49.192.0/18 92.55.160.0/19 95.82.64.0/18 103.241.108.0/22 109.166.56.0-109.166.87.255 109.201.32.0/19 109.206.0.0/19 146.0.60.0/22 146.0.192.0/20 162.255.196.0/22 173.244.144.0/20 176.100.48.0/21 176.118.56.0/21 176.124.80.0/20 176.222.128.0/18 176.223.72.0/21 176.223.100.0/22 176.223.184.0/22 185.8.232.0/22 185.14.100.0/22 185.34.66.0/24 185.80.80.0/22 185.97.56.0/22 185.116.140.0/22 188.246.236.0-188.246.255.255 188.247.176.0-188.247.223.255 192.159.38.0/23 192.162.156.0/22 192.175.14.0/23 194.0.124.0/22 194.105.104.0/21 194.187.136.0/22 198.45.116.0/22 198.89.88.0/21 207.174.216.0/22 212.76.0.0/19 213.5.184.0/21 213.109.208.0/20 IPv6: 2a01:4b40::/32 2a01:b0c0::/32 2a0d:b200::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 13082 21299 35566 42770 197556 206026 Signature Algorithm: sha256WithRSAEncryption 21:30:5f:75:a6:06:f8:76:5b:4c:0e:c8:66:d4:c6:d5:4a:4f: e9:63:a5:b0:11:b9:02:1f:1f:57:9a:ae:99:a9:fc:07:62:29: a1:e4:7d:b2:a3:0c:aa:41:7d:0e:96:13:b9:06:dd:5f:42:b3: 50:32:11:c2:73:41:0f:bd:7e:45:8a:12:4a:61:86:b3:31:0d: d2:43:09:7d:71:11:36:85:cb:5f:77:27:3d:76:54:ca:59:d1: fe:3b:c3:7f:8d:03:3a:50:86:90:12:9f:9a:fc:06:81:89:22: 54:06:f8:7e:63:2c:ce:67:10:48:02:91:ca:08:1b:0f:50:23: fc:d5:b9:50:72:40:95:b0:21:9e:9f:f2:6d:6e:93:b2:21:31: c3:71:70:42:67:00:ba:4f:ae:cd:33:50:cf:24:35:bc:28:0b: 5b:13:8f:9b:70:5b:12:60:3c:9d:9f:96:20:9d:92:e9:95:f3: 1c:6d:cc:eb:4a:bf:4e:90:19:cc:dc:47:c9:b5:7b:45:02:7c: 8a:37:5e:4f:fb:74:85:b9:4a:78:77:51:7b:e6:57:f1:3a:7a: 31:1b:df:b1:99:95:d0:df:0a:01:0b:c8:76:51:01:89:ba:cf: 9e:f6:e6:1d:27:2a:b9:f3:9d:d6:aa:37:39:99:3b:e5:54:c5: 22:73:8f:21 -----BEGIN CERTIFICATE----- MIIHtzCCBp+gAwIBAgISAZwjVwFdMiuO6wrrK3BmKI8KMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMjAzMTE1MDMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NzgyZTAwYTdmYzc2MTdkOTQyNjBiODFmZDIyYTNhM2YzZGM2ODZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQ3zscDsW++0c+mlA1z3s7GUUkuY k3KBGfNzByQdG0Q2gY5M+7e80ySEFJ2oVUNwNYcphc6kUhICP8mx3cFgXv909trL KPhg2Tzvmy+KX1HILYs8+3ppCib3bF8T+iMAOaES08L5cMS0/iTBI5/Xtx5YVXjI bLWkYLtsj7w0tX36PRk/6n7ScOZ3Ztr9Yg/c/2+ZWjzgN8eTrDHk3Es8DxS47Unv WV3OWzuvaoJYY83z+YVsM+mAMugKHg/gen4MDGZ1C9DIV8LuFmuTe4wtrQo+GwJj 0urers4Uwqjdt5D1Q7CUtSFNfQYlltRPwjzzIL9pvji/syCK6stssk19PwIDAQAB o4IEwzCCBL8wHQYDVR0OBBYEFHeC4Ap/x2F9lCYLgf0io6Pz3GhtMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI1L2FkZTYw YS1mZDhjLTQyMmUtYmNhOC05YTAyODRiM2FkYzEvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUvYWRlNjBh LWZkOGMtNDIyZS1iY2E4LTlhMDI4NGIzYWRjMS8xL2Q0TGdDbl9IWVgyVUpndUJf U0tqb19QY2FHMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIICKQYIKwYB BQUHAQcBAf8EggIYMIICFDCCAfMEAgABMIIB6wMEBwUiADAMAwQCBWU0AwQCBWU4 AwQEBbzwAwQEH4RQAwQEJQkQAwQHJWMAAwQFLiLAAwQGLirAAwQDLuO4AwQFQ9GA AwQDTUpAMAwDBABNXgMDBAVNXgADBARQ8SADBAZVHYADBARWa4ADBANX76AwDAME A1fzCAMEBlfzAAMEBlf3AAMEAlkhcAMEBFkh0AMEAlkj/AMEAlkkpAMEAlkkyAME AlklGAMEAlkl3AMEBFkoMAMEAlkowAMEAlkqPAMEAVkqzAMEAlkrFAMEAlkrpAME AlksDAMEAlvXYAMEAlvwCAMEBFv0YAMEAlv1xAMEBlwxwAMEBVw3oAMEBl9SQAME AmfxbDAMAwQDbaY4AwQDbaZQAwQFbckgAwQFbc4AAwQCkgA8AwQEkgDAAwQCov/E AwQErfSQAwQDsGQwAwQDsHY4AwQEsHxQAwQGsN6AAwQDsN9IAwQCsN9kAwQCsN+4 AwQCuQjoAwQCuQ5kAwQAuSJCAwQCuVBQAwQCuWE4AwQCuXSMMAsDBAK89uwDAwC8 9jAMAwQEvPewAwQFvPfAAwQBwJ8mAwQCwKKcAwQBwK8OAwQCwgB8AwQDwmloAwQC wruIAwQCxi10AwQDxllYAwQCz67YAwQF1EwAAwQD1QW4AwQE1W3QMBsEAgACMBUD BQAqAUtAAwUAKgGwwAMFAyoNsgAwMQYIKwYBBQUHAQgBAf8EIjAgoB4wHAICMxoC AlMzAgMAiu4CAwCnEgIDAwO0AgMDJMowDQYJKoZIhvcNAQELBQADggEBACEwX3Wm Bvh2W0wOyGbUxtVKT+ljpbARuQIfH1earpmp/AdiKaHkfbKjDKpBfQ6WE7kG3V9C s1AyEcJzQQ+9fkWKEkphhrMxDdJDCX1xETaFy193Jz12VMpZ0f47w3+NAzpQhpAS n5r8BoGJIlQG+H5jLM5nEEgCkcoIGw9QI/zVuVByQJWwIZ6f8m1uk7IhMcNxcEJn ALpPrs0zUM8kNbwoC1sTj5twWxJgPJ2fliCdkumV8xxtzOtKv06QGczcR8m1e0UC fIo3Xk/7dIW5Snh3UXvmV/E6ejEb37GZldDfCgELyHZRAYm6z5725h0nKrnzndaq NzmZO+VUxSJzjyE= -----END CERTIFICATE-----Generated at Mon Feb 9 16:51:28 2026 by rpki-client