This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer File: et9j43Wwt4UIG1lFsdGNnehuDvw.cer (raw, json) Hash identifier: qLK7JmjdNfrGoA7GvnRoQHV0Yzk6twvbnROH10A2QX8= Subject key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B76EAB2DE524F4F864AE09A7BE7AFBC00 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft caRepository: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/ Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 00:17:31 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 50530 IP: 109.110.160.0/19 IP: 185.4.220.0/22 IP: 185.205.220.0/22 IP: 185.222.184.0/22 IP: 193.246.160.0/23 IP: 217.65.70.0/24 IP: 2a00:1ce0::/32 IP: 2a0b:ac0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:b2:de:52:4f:4f:86:4a:e0:9a:7b:e7:af:bc:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 00:17:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:63:11:78:3c:6c:8b:ff:04:96:40:b2:f0:40: a2:4c:32:65:3c:fa:e0:c8:a5:63:dc:89:8d:49:b5: 40:86:4c:5d:f6:67:08:ba:08:9f:ad:90:b0:51:77: 28:da:f1:31:1d:a9:7b:fd:fe:ef:2e:93:48:80:5e: 2c:81:24:f4:a6:f1:50:db:79:76:f8:9f:6d:16:b4: c0:80:3b:98:4f:9e:77:01:cd:23:08:c4:9f:d2:52: c2:79:e5:36:b2:3d:82:1e:37:f3:0e:10:73:bd:c6: ac:78:36:9d:75:b3:c4:d3:c2:16:58:d5:06:b8:23: 62:9b:1c:ab:cd:0f:8e:69:b8:8e:1f:d7:4b:08:47: 14:5b:15:b8:d3:68:9a:c7:0b:4f:ef:18:9e:ef:85: 9c:8b:04:ad:33:49:c7:7e:d2:f6:f2:40:9f:23:2f: a9:ba:43:e9:60:ac:18:97:cf:72:e5:36:ce:55:53: 37:fe:a5:13:f6:e7:e1:c1:66:e8:04:c7:c4:93:63: c6:84:aa:49:ce:33:ed:7c:b3:4b:2c:a1:bb:75:d3: a7:71:3a:14:8c:d4:2e:e1:49:0c:6d:c9:74:64:5b: 27:a0:a3:48:f7:8b:0e:2c:7f:14:57:94:a9:c0:c1: 81:e7:88:ec:47:08:19:16:71:3f:13:1d:0e:3d:58: 79:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/ RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.110.160.0/19 185.4.220.0/22 185.205.220.0/22 185.222.184.0/22 193.246.160.0/23 217.65.70.0/24 IPv6: 2a00:1ce0::/32 2a0b:ac0::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 50530 Signature Algorithm: sha256WithRSAEncryption 35:f1:3c:1e:1f:86:04:c6:78:7f:be:87:10:45:90:6d:ac:45: 00:3f:a4:41:d1:a7:c1:9e:07:53:2b:b1:e8:f5:98:84:c6:a7: b9:7e:0c:f2:78:77:27:d3:35:9b:b8:bf:b2:16:f0:cd:5b:92: 76:4c:8b:6f:fa:bd:ff:63:ba:84:ce:bb:21:85:bc:44:26:c5: 01:07:70:17:59:65:3e:64:89:fa:53:b0:bc:d7:34:8a:6b:3a: f6:67:ad:dc:ee:62:8b:bc:4b:41:30:f9:2e:b4:2f:ee:64:ef: f2:43:e5:55:c7:7a:0d:6b:df:21:38:a1:fc:f1:6a:a1:1a:5c: 7e:2d:de:fe:06:8c:4f:26:ed:83:f5:47:f9:44:b1:98:ad:e8: 90:2a:6a:fc:cf:a6:43:34:af:46:51:6e:2d:4d:3d:13:df:21: db:75:1c:54:7f:01:0b:1b:93:8e:55:57:be:8e:03:34:66:c1: 4d:e0:d7:0b:3a:75:c5:e1:b1:cc:4a:f4:f2:4d:a7:3a:9e:76: 70:59:ef:92:88:16:98:e2:a8:0b:76:9c:02:fc:21:c6:b1:42: a5:ad:01:e2:04:d1:36:50:1c:3f:09:14:52:6f:c3:2a:43:90: 64:9c:04:31:16:be:a1:52:21:b2:be:2d:d9:17:38:93:8c:15: e7:21:da:a7 -----BEGIN CERTIFICATE----- MIIF5DCCBMygAwIBAgISAZt26rLeUk9Phkrgmnvnr7wAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDAxNzMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3YWRmNjNlMzc1YjBiNzg1MDgxYjU5NDViMWQxOGQ5ZGU4NmUwZWZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGMReDxsi/8ElkCy8ECiTDJlPPrg yKVj3ImNSbVAhkxd9mcIugifrZCwUXco2vExHal7/f7vLpNIgF4sgST0pvFQ23l2 +J9tFrTAgDuYT553Ac0jCMSf0lLCeeU2sj2CHjfzDhBzvcaseDaddbPE08IWWNUG uCNimxyrzQ+OabiOH9dLCEcUWxW402iaxwtP7xie74WciwStM0nHftL28kCfIy+p ukPpYKwYl89y5TbOVVM3/qUT9ufhwWboBMfEk2PGhKpJzjPtfLNLLKG7ddOncToU jNQu4UkMbcl0ZFsnoKNI94sOLH8UV5SpwMGB54jsRwgZFnE/Ex0OPVh5zQIDAQAB o4IC8DCCAuwwHQYDVR0OBBYEFHrfY+N1sLeFCBtZRbHRjZ3obg78MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FlZTNk NThkLTkwNGEtNDM3NS1iZjkzLThiNWYzOGNhYjAwMi8wLzCBiwYIKwYBBQUHMAqG f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVl M2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvN0FERjYzRTM3NUIw Qjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5tZnQwPAYIKwYBBQUHMA2GMGh0 dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g AQH/BA4wDDAKBggrBgEFBQcOAjBTBggrBgEFBQcBBwEB/wREMEIwKgQCAAEwJAME BW1uoAMEArkE3AMEArnN3AMEArneuAMEAcH2oAMEANlBRjAUBAIAAjAOAwUAKgAc 4AMFAyoLCsAwGgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAMViMA0GCSqGSIb3DQEB CwUAA4IBAQA18TweH4YExnh/vocQRZBtrEUAP6RB0afBngdTK7Ho9ZiExqe5fgzy eHcn0zWbuL+yFvDNW5J2TItv+r3/Y7qEzrshhbxEJsUBB3AXWWU+ZIn6U7C81zSK azr2Z63c7mKLvEtBMPkutC/uZO/yQ+VVx3oNa98hOKH88WqhGlx+Ld7+BoxPJu2D 9Uf5RLGYreiQKmr8z6ZDNK9GUW4tTT0T3yHbdRxUfwELG5OOVVe+jgM0ZsFN4NcL OnXF4bHMSvTyTac6nnZwWe+SiBaY4qgLdpwC/CHGsUKlrQHiBNE2UBw/CRRSb8Mq Q5BknAQxFr6hUiGyvi3ZFziTjBXnIdqn -----END CERTIFICATE-----Generated at Mon Jan 19 12:17:32 2026 by rpki-client