This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/du8KDuj6FU162kOK8SEiac4KzEE.cer File: du8KDuj6FU162kOK8SEiac4KzEE.cer (raw, json) Hash identifier: f7UKTGkVOAnZNKFNPDf+bwO5cVJU3N+SDwI08hhNAyU= Subject key identifier: 76:EF:0A:0E:E8:FA:15:4D:7A:DA:43:8A:F1:21:22:69:CE:0A:CC:41 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7A5ABAB8140FC260EDB3E88D7CA21706 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/du8KDuj6FU162kOK8SEiac4KzEE.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 16:18:45 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 43152 IP: 77.95.200.0/21 IP: 109.71.240.0/21 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:ba:b8:14:0f:c2:60:ed:b3:e8:8d:7c:a2:17:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 16:18:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=76ef0a0ee8fa154d7ada438af1212269ce0acc41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:68:1b:ae:09:8a:2f:8a:83:48:6d:ca:cd:1e: b4:ba:be:cb:b7:1e:6e:03:57:34:78:b5:f4:4d:9d: 73:2b:94:bd:96:a7:c0:78:0a:48:11:5e:9a:89:f9: 89:5f:8d:84:d6:08:fd:e7:f0:ef:be:f0:b5:2d:07: 6b:9e:7f:04:7a:9b:9b:47:ef:b3:e3:de:4b:5d:06: 15:39:21:d4:db:05:ff:a6:0a:59:ff:73:28:03:e0: 43:25:a1:e5:a8:df:d1:be:ff:cd:f3:f6:8d:bf:ca: 87:e3:8f:9d:f8:f5:6a:47:04:55:54:e6:dc:e8:d4: f4:62:8e:5a:34:34:f4:a7:9e:3b:81:4f:f3:7e:0f: 5f:ba:61:a5:d2:41:0e:a1:d3:f0:9f:a1:0a:5f:69: e3:d1:ea:63:1f:d5:b3:cb:08:42:eb:a3:8a:e0:1b: f7:ba:7f:ba:b9:16:29:13:4b:ec:b8:5c:79:74:70: 53:eb:99:d9:47:18:b1:8c:d4:72:73:ad:37:15:69: 04:97:5b:93:cb:2d:a1:5d:6a:54:10:49:a7:5b:d2: 3a:76:68:2b:25:a8:0e:03:89:d0:fd:a0:a4:eb:fa: a4:2f:2d:a0:35:ad:f8:ff:7d:16:3b:55:90:8d:61: 5a:e4:bd:d4:7e:da:61:97:46:ff:d5:9f:9e:49:0c: 8f:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:EF:0A:0E:E8:FA:15:4D:7A:DA:43:8A:F1:21:22:69:CE:0A:CC:41 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/du8KDuj6FU162kOK8SEiac4KzEE.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.95.200.0/21 109.71.240.0/21 sbgp-autonomousSysNum: critical Autonomous System Numbers: 43152 Signature Algorithm: sha256WithRSAEncryption 1f:73:e3:5e:82:65:ab:95:44:b1:0d:c7:3a:79:da:6a:7c:6f: 51:c6:24:05:71:e8:00:52:c4:d1:f3:31:2e:c2:f4:f0:a1:79: 91:c3:46:04:dd:7d:61:8b:ac:de:9d:4d:e8:26:71:7d:f6:21: af:80:30:5c:24:2b:42:df:22:8d:81:c9:80:92:8a:4a:56:ca: 6a:9a:8d:b1:9b:54:07:2f:b0:26:86:60:4a:a3:d5:a5:6f:6f: 58:e4:b5:4c:0e:af:e2:ec:7c:6e:10:c8:0d:c2:ad:07:a2:ba: 6b:bf:57:06:e3:b2:cd:10:87:af:74:58:9d:b4:be:27:9b:7f: c0:12:89:5c:da:2e:32:43:4f:fe:b8:90:5e:4c:6c:9c:99:df: 18:08:f3:e6:c0:75:e9:11:21:3e:c7:9f:d8:74:c5:df:5a:e9: 28:bf:18:4b:bd:38:e4:3e:84:1e:a5:9d:a8:dd:63:d9:25:82: 5c:06:82:bf:81:6d:a9:b9:4f:68:10:8f:ac:3f:a9:c0:32:1e: 42:31:01:b9:2b:c7:54:07:4e:2f:34:de:94:9c:c0:5d:d6:4b: 1b:8d:a5:8a:23:16:60:9f:5c:b4:ed:35:a5:01:f3:1b:dc:9b: 11:60:d3:d7:79:c9:42:44:ab:8b:d8:48:8a:2d:3e:a6:aa:78: 6f:df:da:a6 -----BEGIN CERTIFICATE----- MIIFmjCCBIKgAwIBAgISAZt6Wrq4FA/CYO2z6I18ohcGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTYxODQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NmVmMGEwZWU4ZmExNTRkN2FkYTQzOGFmMTIxMjI2OWNlMGFjYzQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2gbrgmKL4qDSG3KzR60ur7Ltx5u A1c0eLX0TZ1zK5S9lqfAeApIEV6aifmJX42E1gj95/DvvvC1LQdrnn8EepubR++z 495LXQYVOSHU2wX/pgpZ/3MoA+BDJaHlqN/Rvv/N8/aNv8qH44+d+PVqRwRVVObc 6NT0Yo5aNDT0p547gU/zfg9fumGl0kEOodPwn6EKX2nj0epjH9WzywhC66OK4Bv3 un+6uRYpE0vsuFx5dHBT65nZRxixjNRyc603FWkEl1uTyy2hXWpUEEmnW9I6dmgr JagOA4nQ/aCk6/qkLy2gNa34/30WO1WQjWFa5L3Uftphl0b/1Z+eSQyPEQIDAQAB o4ICpjCCAqIwHQYDVR0OBBYEFHbvCg7o+hVNetpDivEhImnOCsxBMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE1LzE2ODZj My1kYTcwLTRiNTQtYWIyYi0zYmU5OTVkMmJiZGEvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUvMTY4NmMz LWRhNzAtNGI1NC1hYjJiLTNiZTk5NWQyYmJkYS8xL2R1OEtEdWo2RlUxNjJrT0s4 U0VpYWM0S3pFRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF BwEHAQH/BBYwFDASBAIAATAMAwQDTV/IAwQDbUfwMBoGCCsGAQUFBwEIAQH/BAsw CaAHMAUCAwCokDANBgkqhkiG9w0BAQsFAAOCAQEAH3PjXoJlq5VEsQ3HOnnaanxv UcYkBXHoAFLE0fMxLsL08KF5kcNGBN19YYus3p1N6CZxffYhr4AwXCQrQt8ijYHJ gJKKSlbKapqNsZtUBy+wJoZgSqPVpW9vWOS1TA6v4ux8bhDIDcKtB6K6a79XBuOy zRCHr3RYnbS+J5t/wBKJXNouMkNP/riQXkxsnJnfGAjz5sB16REhPsef2HTF31rp KL8YS7045D6EHqWdqN1j2SWCXAaCv4FtqblPaBCPrD+pwDIeQjEBuSvHVAdOLzTe lJzAXdZLG42liiMWYJ9ctO01pQHzG9ybEWDT13nJQkSri9hIii0+pqp4b9/apg== -----END CERTIFICATE-----Generated at Mon Feb 9 15:06:08 2026 by rpki-client