This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fINUmPNRmaFXGWTYVcOHd1FoGrk.cer File: fINUmPNRmaFXGWTYVcOHd1FoGrk.cer (raw, json) Hash identifier: XuNR5nnI16zmexzFtMzaGAMD0VvadHtDQJsiC3TIdm4= Subject key identifier: 7C:83:54:98:F3:51:99:A1:57:19:64:D8:55:C3:87:77:51:68:1A:B9 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7AC8639242C0C1C3D7A40E41A14A9D5C Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/fINUmPNRmaFXGWTYVcOHd1FoGrk.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 18:18:31 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 29024 AS: 61207 IP: 87.237.208.0/21 IP: 89.221.240.0/20 IP: 91.189.40.0/21 IP: 185.3.48.0/22 IP: 185.15.120.0/22 IP: 185.187.252.0/22 IP: 185.215.196.0/22 IP: 195.35.82.0/23 IP: 2a02:fc00::/29 IP: 2a0f:440::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:63:92:42:c0:c1:c3:d7:a4:0e:41:a1:4a:9d:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 18:18:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7c835498f35199a1571964d855c3877751681ab9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:7c:33:c5:6a:99:86:0e:75:1b:89:24:0e:0f: 4d:d1:75:4a:f6:58:69:5f:64:e7:fa:9e:42:28:f0: 48:86:97:9a:da:2f:60:a3:ba:65:2c:80:31:6d:b3: 75:f5:74:3a:85:6b:88:ec:78:fb:50:65:5a:3a:a7: 76:77:ca:47:83:21:15:1d:86:33:64:71:bb:73:a8: 81:38:b4:e3:a0:57:5f:c3:f2:9e:f7:96:8d:30:15: 4c:83:f8:e1:d7:40:55:b8:e8:53:79:7c:a8:8b:a4: 8b:2a:75:df:2a:bf:a0:f0:ed:e5:08:74:a8:ec:65: 94:97:af:6d:57:97:81:36:ca:17:16:71:5f:a4:53: c8:81:7e:ff:ae:c4:7b:d0:07:e0:2c:95:e4:01:9c: 41:a6:71:85:17:1e:75:08:66:3d:c4:54:fb:8b:9d: 6e:e9:1b:36:9f:4b:3a:43:79:17:fa:a5:2b:00:a4: 65:82:52:3f:54:f0:bf:f6:cc:5d:85:d8:3e:55:a2: 8f:b3:b1:37:ed:96:31:89:b1:90:c8:b7:f7:b4:25: 32:04:02:2b:e9:35:e3:e2:8c:37:d8:94:33:24:ed: 44:f9:35:97:b6:6d:9b:5b:5b:ec:29:22:fc:94:44: 73:95:41:c0:33:e2:74:37:67:21:a7:be:83:e5:03: 9f:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:83:54:98:F3:51:99:A1:57:19:64:D8:55:C3:87:77:51:68:1A:B9 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/fINUmPNRmaFXGWTYVcOHd1FoGrk.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 87.237.208.0/21 89.221.240.0/20 91.189.40.0/21 185.3.48.0/22 185.15.120.0/22 185.187.252.0/22 185.215.196.0/22 195.35.82.0/23 IPv6: 2a02:fc00::/29 2a0f:440::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 29024 61207 Signature Algorithm: sha256WithRSAEncryption 27:0c:83:f7:61:20:ee:21:03:0e:6e:b8:89:86:31:89:6d:d1: 3c:d1:33:f9:da:33:a8:2c:bd:23:91:6a:79:82:04:74:04:83: 3a:9d:dc:d8:98:fb:c0:f3:d0:af:cf:19:82:09:b5:1c:04:99: e1:75:1e:6d:e6:7e:9a:a4:58:80:06:47:bc:03:fa:1d:ad:9f: e0:12:79:5f:cb:cb:75:f6:87:6a:96:3e:5c:9d:15:7d:de:06: b2:7f:fb:7b:79:46:04:db:f7:55:b3:01:11:f7:9b:42:5f:ca: 78:40:f6:87:d5:7c:4a:e2:b3:54:62:82:60:cd:3f:2b:55:c7: 9f:b5:10:ae:fa:53:d3:4b:6e:6b:f1:08:00:9d:8a:69:0a:b8: d7:b1:b7:31:de:6d:26:43:93:80:69:ec:0c:a4:16:93:f9:26: 8d:38:30:9c:ff:76:e5:f1:34:01:ce:42:32:1d:37:8e:a1:1c: f6:63:07:31:0a:d5:f9:d5:67:24:ed:93:3b:37:69:62:57:9c: b1:ac:8e:dc:e4:22:33:c2:9d:1f:41:ec:0b:17:59:21:4b:f0: b1:9c:0c:5e:5f:53:7b:52:33:dd:05:36:09:82:ba:db:18:2b: d9:c1:33:9d:51:70:6f:1d:c8:71:8a:c9:fc:b7:3c:73:2f:0c: e3:92:35:25 -----BEGIN CERTIFICATE----- MIIF2DCCBMCgAwIBAgISAZt6yGOSQsDBw9ekDkGhSp1cMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTgxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3YzgzNTQ5OGYzNTE5OWExNTcxOTY0ZDg1NWMzODc3NzUxNjgxYWI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXwzxWqZhg51G4kkDg9N0XVK9lhp X2Tn+p5CKPBIhpea2i9go7plLIAxbbN19XQ6hWuI7Hj7UGVaOqd2d8pHgyEVHYYz ZHG7c6iBOLTjoFdfw/Ke95aNMBVMg/jh10BVuOhTeXyoi6SLKnXfKr+g8O3lCHSo 7GWUl69tV5eBNsoXFnFfpFPIgX7/rsR70AfgLJXkAZxBpnGFFx51CGY9xFT7i51u 6Rs2n0s6Q3kX+qUrAKRlglI/VPC/9sxdhdg+VaKPs7E37ZYxibGQyLf3tCUyBAIr 6TXj4ow32JQzJO1E+TWXtm2bW1vsKSL8lERzlUHAM+J0N2chp76D5QOfRwIDAQAB o4IC5DCCAuAwHQYDVR0OBBYEFHyDVJjzUZmhVxlk2FXDh3dRaBq5MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBjLzlmOGFl Mi0wZmI1LTRjMDQtYWQ5My00Y2U0NzdkYmI0MDcvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMvOWY4YWUy LTBmYjUtNGMwNC1hZDkzLTRjZTQ3N2RiYjQwNy8xL2ZJTlVtUE5SbWFGWEdXVFlW Y09IZDFGb0dyay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF8GCCsGAQUF BwEHAQH/BFAwTjA2BAIAATAwAwQDV+3QAwQEWd3wAwQDW70oAwQCuQMwAwQCuQ94 AwQCubv8AwQCudfEAwQBwyNSMBQEAgACMA4DBQMqAvwAAwUDKg8EQDAeBggrBgEF BQcBCAEB/wQPMA2gCzAJAgJxYAIDAO8XMA0GCSqGSIb3DQEBCwUAA4IBAQAnDIP3 YSDuIQMObriJhjGJbdE80TP52jOoLL0jkWp5ggR0BIM6ndzYmPvA89CvzxmCCbUc BJnhdR5t5n6apFiABke8A/odrZ/gEnlfy8t19odqlj5cnRV93gayf/t7eUYE2/dV swER95tCX8p4QPaH1XxK4rNUYoJgzT8rVceftRCu+lPTS25r8QgAnYppCrjXsbcx 3m0mQ5OAaewMpBaT+SaNODCc/3bl8TQBzkIyHTeOoRz2YwcxCtX51Wck7ZM7N2li V5yxrI7c5CIzwp0fQewLF1khS/CxnAxeX1N7UjPdBTYJgrrbGCvZwTOdUXBvHchx isn8tzxzLwzjkjUl -----END CERTIFICATE-----Generated at Mon Jan 26 21:41:08 2026 by rpki-client