This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dfrLB_LMuS7rqHhUyUJA5PWsj1I.cer File: dfrLB_LMuS7rqHhUyUJA5PWsj1I.cer (raw, json) Hash identifier: PBAB5GEakaB4rvEtBPbeY7rCBhdnX6P4IBhJAHaGubM= Subject key identifier: 75:FA:CB:07:F2:CC:B9:2E:EB:A8:78:54:C9:42:40:E4:F5:AC:8F:52 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7DCB379BD5176F35D244DBC80085823D Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/dfrLB_LMuS7rqHhUyUJA5PWsj1I.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 08:20:28 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 47927 IP: 46.28.120.0/21 IP: 94.126.8.0/21 IP: 159.255.140.0/22 IP: 159.255.152.0/22 IP: 185.63.40.0/22 IP: 188.95.72.0/21 IP: 2a02:b88::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:10:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:37:9b:d5:17:6f:35:d2:44:db:c8:00:85:82:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 08:20:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=75facb07f2ccb92eeba87854c94240e4f5ac8f52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:d6:e1:fc:19:da:2a:bb:14:50:e3:ea:21:ed: 59:5b:74:8e:bd:13:f5:6b:bc:a6:04:f9:79:c6:39: ae:bb:91:ab:98:fb:bc:7f:77:51:18:d0:7b:2b:80: 25:3e:94:00:5c:e1:3d:7b:47:55:60:96:9a:37:63: a7:c1:3f:68:2f:08:d4:04:0c:1e:93:93:bc:60:68: fa:ec:e7:13:80:eb:8c:10:85:45:b6:0f:42:99:1e: b8:f3:aa:fb:2f:a9:99:f9:70:52:34:cb:38:41:e6: c7:7c:04:88:dc:e6:f9:0b:f3:3c:4a:bb:60:82:59: 0a:7a:b5:18:ce:1a:73:1d:ee:7a:00:b3:7f:3d:58: c9:ae:8a:52:0a:ab:aa:ca:93:5c:33:43:9d:22:d5: 06:a9:7b:ad:6d:60:8f:51:86:a0:9d:3b:58:4f:00: 5b:06:58:0e:b0:0c:bd:c6:ef:2a:73:35:a6:90:70: 9f:80:9a:29:fa:ab:96:04:d2:15:33:54:80:e9:ff: 7d:24:83:14:0e:1f:e5:8d:f5:87:ee:5c:0d:a4:6d: d5:fd:ac:c9:49:16:f9:b3:5a:01:f7:12:a5:9a:90: 11:aa:c5:c6:30:b3:61:eb:8a:32:a9:93:e4:d6:aa: b9:80:b0:59:97:cf:fb:75:86:7f:40:75:c8:3d:26: 8a:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:FA:CB:07:F2:CC:B9:2E:EB:A8:78:54:C9:42:40:E4:F5:AC:8F:52 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/dfrLB_LMuS7rqHhUyUJA5PWsj1I.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.28.120.0/21 94.126.8.0/21 159.255.140.0/22 159.255.152.0/22 185.63.40.0/22 188.95.72.0/21 IPv6: 2a02:b88::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 47927 Signature Algorithm: sha256WithRSAEncryption 0b:ff:40:21:f6:4a:53:22:55:3c:0f:d2:72:c2:fb:72:e6:5c: c4:fa:2e:d4:2d:bd:2d:8b:6b:f3:95:14:e2:4a:64:a1:2a:c4: f4:ad:6c:5b:a9:be:97:f7:3a:d1:a4:e1:2a:02:8a:0c:4d:c1: aa:36:03:21:4d:7e:e5:a7:bc:6c:e9:46:a8:fa:0c:8f:74:be: 33:65:f0:d9:56:59:70:94:a1:12:fe:bb:e2:b0:61:db:f7:07: 85:84:e9:41:0b:ce:76:1f:d7:f5:6d:48:c7:1d:35:73:07:00: 4e:c7:66:d0:26:6a:53:77:88:c6:f5:00:92:ee:2a:ee:a1:73: 01:17:b6:25:0b:ef:02:bc:b1:87:e8:1d:4a:d6:b9:58:28:06: 4d:3f:70:31:fc:32:27:b4:4a:10:4e:b9:a5:57:8d:00:da:a3: e6:3b:9f:f8:f9:6b:0b:dd:3d:95:9e:ee:f6:04:d8:db:d8:73: bd:5f:5e:1b:b8:0e:b9:cc:b7:e3:a2:e0:1d:c8:3b:f0:78:d2: 9a:1e:c1:63:e9:08:a5:01:d3:ab:da:c9:b5:f7:14:e4:89:24: 49:f5:b4:93:fc:92:fe:e1:20:f8:77:24:5b:16:f7:4a:3b:5b: 6c:ec:18:ab:fa:f6:f2:90:6e:e0:ee:f8:50:76:f3:c8:c5:8c: 32:2b:06:3b -----BEGIN CERTIFICATE----- MIIFwTCCBKmgAwIBAgISAZt9yzeb1RdvNdJE28gAhYI9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDgyMDI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NWZhY2IwN2YyY2NiOTJlZWJhODc4NTRjOTQyNDBlNGY1YWM4ZjUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9bh/BnaKrsUUOPqIe1ZW3SOvRP1 a7ymBPl5xjmuu5GrmPu8f3dRGNB7K4AlPpQAXOE9e0dVYJaaN2OnwT9oLwjUBAwe k5O8YGj67OcTgOuMEIVFtg9CmR6486r7L6mZ+XBSNMs4QebHfASI3Ob5C/M8Srtg glkKerUYzhpzHe56ALN/PVjJropSCquqypNcM0OdItUGqXutbWCPUYagnTtYTwBb BlgOsAy9xu8qczWmkHCfgJop+quWBNIVM1SA6f99JIMUDh/ljfWH7lwNpG3V/azJ SRb5s1oB9xKlmpARqsXGMLNh64oyqZPk1qq5gLBZl8/7dYZ/QHXIPSaK8QIDAQAB o4ICzTCCAskwHQYDVR0OBBYEFHX6ywfyzLku66h4VMlCQOT1rI9SMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NkLzkwMGNi Zi00NzdiLTQ2YmUtOGY1ZC1jOTExNDgzZGE3OGMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2QvOTAwY2Jm LTQ3N2ItNDZiZS04ZjVkLWM5MTE0ODNkYTc4Yy8xL2RmckxCX0xNdVM3cnFIaFV5 VUpBNVBXc2oxSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEwGCCsGAQUF BwEHAQH/BD0wOzAqBAIAATAkAwQDLhx4AwQDXn4IAwQCn/+MAwQCn/+YAwQCuT8o AwQDvF9IMA0EAgACMAcDBQAqAguIMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwC7 NzANBgkqhkiG9w0BAQsFAAOCAQEAC/9AIfZKUyJVPA/ScsL7cuZcxPou1C29LYtr 85UU4kpkoSrE9K1sW6m+l/c60aThKgKKDE3BqjYDIU1+5ae8bOlGqPoMj3S+M2Xw 2VZZcJShEv674rBh2/cHhYTpQQvOdh/X9W1Ixx01cwcATsdm0CZqU3eIxvUAku4q 7qFzARe2JQvvAryxh+gdSta5WCgGTT9wMfwyJ7RKEE65pVeNANqj5juf+PlrC909 lZ7u9gTY29hzvV9eG7gOucy346LgHcg78HjSmh7BY+kIpQHTq9rJtfcU5IkkSfW0 k/yS/uEg+HckWxb3SjtbbOwYq/r28pBu4O74UHbzyMWMMisGOw== -----END CERTIFICATE-----Generated at Mon Feb 9 16:51:52 2026 by rpki-client