This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ewGNKlH-8tdsYmAFVsZtV8t-knA.cer File: ewGNKlH-8tdsYmAFVsZtV8t-knA.cer (raw, json) Hash identifier: piGWvRsQ+pkD2FADXLA46p+Oqk41sDXuEbKq0cKnhO0= Subject key identifier: 7B:01:8D:2A:51:FE:F2:D7:6C:62:60:05:56:C6:6D:57:CB:7E:92:70 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B79ED348AE09E4FDF3998B7B06183C6FC Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/80/e6fd0d-a02b-49c2-9a2c-4dc2dd56d57f/1/ewGNKlH-8tdsYmAFVsZtV8t-knA.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/80/e6fd0d-a02b-49c2-9a2c-4dc2dd56d57f/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 14:19:07 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 201596 IP: 141.195.32.0/19 IP: 185.47.248.0/22 IP: 185.58.136.0/22 IP: 2a01:80e0::/29 IP: 2a02:6420::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:34:8a:e0:9e:4f:df:39:98:b7:b0:61:83:c6:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 14:19:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7b018d2a51fef2d76c62600556c66d57cb7e9270 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:75:7e:ac:1e:4a:df:0b:00:d1:bc:54:b8:92: 3c:da:44:fe:bc:c2:13:54:85:35:0e:bd:87:fe:45: d6:bc:64:f4:e2:e7:20:d2:1c:51:49:0a:b5:66:35: 47:f0:9c:fc:e4:f3:b7:e4:ab:9b:5e:31:b4:19:9a: a1:2b:19:d5:ba:a2:8e:1f:77:3a:e1:9b:ec:d1:20: a0:5d:e7:71:de:40:e4:d0:d6:0f:de:59:0f:cd:3f: d7:23:c4:53:d1:75:28:94:70:55:fa:50:e4:4d:9a: e0:2b:21:25:81:c7:8d:36:e5:00:25:da:fa:2e:f8: 1f:10:ff:80:97:6d:94:27:90:8a:f4:62:b0:9f:88: 69:2a:e0:dc:29:9d:e2:39:e6:38:a2:87:09:c4:9c: eb:1b:21:b3:78:c5:6c:71:4f:4a:47:05:cd:b2:ba: a7:e6:60:a8:85:4c:3b:c5:39:1c:37:9f:c2:69:d9: ce:ec:68:2a:a2:e0:d0:80:0d:f4:25:f4:ef:92:73: 18:fd:da:96:47:52:7f:2c:c8:a1:70:c1:70:18:90: c3:a3:81:06:02:c7:be:f8:09:5a:cc:f3:b5:f4:46: 31:0e:02:6e:6b:61:7c:2d:bf:08:3d:83:c6:92:43: c5:42:01:9d:1a:d3:88:97:59:61:b8:cd:94:37:a9: ac:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:01:8D:2A:51:FE:F2:D7:6C:62:60:05:56:C6:6D:57:CB:7E:92:70 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e6fd0d-a02b-49c2-9a2c-4dc2dd56d57f/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e6fd0d-a02b-49c2-9a2c-4dc2dd56d57f/1/ewGNKlH-8tdsYmAFVsZtV8t-knA.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 141.195.32.0/19 185.47.248.0/22 185.58.136.0/22 IPv6: 2a01:80e0::/29 2a02:6420::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 201596 Signature Algorithm: sha256WithRSAEncryption 69:97:80:1d:0b:3d:e2:e4:67:45:a3:ad:27:28:85:c4:02:e5: cc:69:5e:d5:c8:8e:65:20:21:07:6a:24:52:4d:6c:ea:ed:6f: f8:0a:67:81:7e:32:1b:70:1a:1d:29:ba:55:13:4e:64:af:3c: ee:0c:6d:4d:f8:7c:d9:fc:fa:b8:16:c9:ee:b5:7c:ae:1f:5c: ce:69:b5:75:c7:5a:aa:ef:26:44:7d:d0:9a:10:db:29:a8:3d: 05:45:88:d2:0e:8a:b3:a3:14:7c:cf:27:8d:43:35:be:89:e3: 35:a5:cd:aa:dd:be:fb:ca:e4:af:ca:df:56:98:37:65:66:4d: fd:16:4d:44:ee:18:62:d0:6d:10:3f:3f:36:44:c0:ab:0b:9b: 3c:a0:1f:12:b9:a1:28:bd:96:d4:e4:5e:a6:a0:4e:b2:02:a8: f7:65:49:62:93:c1:70:e9:48:fc:6b:c7:50:cf:f4:5c:e4:18: d5:6c:e4:ca:d0:19:b1:97:cc:a4:d3:06:e1:2e:4e:6a:59:99: 2e:62:9b:6f:9e:3f:25:d2:da:29:22:36:ce:90:af:99:bd:6c: e7:df:6d:2e:9a:4d:ac:2a:0d:d4:c8:cc:3f:32:f6:d4:02:35: 0e:42:88:1b:07:e9:71:7d:72:0d:3b:f8:38:fc:f8:de:41:97: 9a:e5:78:e3 -----BEGIN CERTIFICATE----- MIIFtjCCBJ6gAwIBAgISAZt57TSK4J5P3zmYt7Bhg8b8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTQxOTA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3YjAxOGQyYTUxZmVmMmQ3NmM2MjYwMDU1NmM2NmQ1N2NiN2U5MjcwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3V+rB5K3wsA0bxUuJI82kT+vMIT VIU1Dr2H/kXWvGT04ucg0hxRSQq1ZjVH8Jz85PO35KubXjG0GZqhKxnVuqKOH3c6 4Zvs0SCgXedx3kDk0NYP3lkPzT/XI8RT0XUolHBV+lDkTZrgKyElgceNNuUAJdr6 LvgfEP+Al22UJ5CK9GKwn4hpKuDcKZ3iOeY4oocJxJzrGyGzeMVscU9KRwXNsrqn 5mCohUw7xTkcN5/CadnO7GgqouDQgA30JfTvknMY/dqWR1J/LMihcMFwGJDDo4EG Ase++AlazPO19EYxDgJua2F8Lb8IPYPGkkPFQgGdGtOIl1lhuM2UN6msxwIDAQAB o4ICwjCCAr4wHQYDVR0OBBYEFHsBjSpR/vLXbGJgBVbGbVfLfpJwMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgwL2U2ZmQw ZC1hMDJiLTQ5YzItOWEyYy00ZGMyZGQ1NmQ1N2YvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAvZTZmZDBk LWEwMmItNDljMi05YTJjLTRkYzJkZDU2ZDU3Zi8xL2V3R05LbEgtOHRkc1ltQUZW c1p0Vjh0LWtuQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEEGCCsGAQUF BwEHAQH/BDIwMDAYBAIAATASAwQFjcMgAwQCuS/4AwQCuTqIMBQEAgACMA4DBQMq AYDgAwUAKgJkIDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDE3wwDQYJKoZIhvcN AQELBQADggEBAGmXgB0LPeLkZ0WjrScohcQC5cxpXtXIjmUgIQdqJFJNbOrtb/gK Z4F+MhtwGh0pulUTTmSvPO4MbU34fNn8+rgWye61fK4fXM5ptXXHWqrvJkR90JoQ 2ymoPQVFiNIOirOjFHzPJ41DNb6J4zWlzardvvvK5K/K31aYN2VmTf0WTUTuGGLQ bRA/PzZEwKsLmzygHxK5oSi9ltTkXqagTrICqPdlSWKTwXDpSPxrx1DP9FzkGNVs 5MrQGbGXzKTTBuEuTmpZmS5im2+ePyXS2ikiNs6Qr5m9bOffbS6aTawqDdTIzD8y 9tQCNQ5CiBsH6XF9cg07+Dj8+N5Bl5rleOM= -----END CERTIFICATE-----Generated at Mon Feb 9 15:09:12 2026 by rpki-client