This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer File: fKZDuzmcbYetxMfLpdK3L70A0EY.cer (raw, json) Hash identifier: BdJjkeDZeb7CScXsfi+UAMuyEIxJQdLyckmLNAI4ets= Subject key identifier: 7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7B36470D67FBCA631E7F15AC9676C288 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/fKZDuzmcbYetxMfLpdK3L70A0EY.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 20:18:33 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 2.56.16.0/22 IP: 2.59.0.0/22 IP: 5.182.124.0/22 IP: 45.13.248.0/22 IP: 45.67.60.0/22 IP: 45.81.24.0/22 IP: 45.82.40.0/22 IP: 45.85.108.0/22 IP: 45.87.48.0/22 IP: 45.91.164.0/22 IP: 45.94.96.0/22 IP: 45.130.64.0/22 IP: 45.139.0.0/22 IP: 45.144.24.0/22 IP: 45.150.20.0/22 IP: 80.76.52.0/22 IP: 83.150.220.0/22 IP: 91.209.162.0/23 IP: 91.209.230.0/23 IP: 94.154.140.0/22 IP: 171.22.32.0/22 IP: 176.113.64.0/22 IP: 185.101.144.0/22 IP: 185.198.36.0/22 IP: 185.201.128.0/22 IP: 194.32.224.0/22 IP: 213.184.92.0/22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 22:38:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:47:0d:67:fb:ca:63:1e:7f:15:ac:96:76:c2:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 20:18:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7ca643bb399c6d87adc4c7cba5d2b72fbd00d046 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:62:80:77:8f:50:92:ed:d2:38:86:f0:5d:e3: 57:d8:b4:e4:9b:df:1a:df:d2:c5:60:5b:84:60:93: fd:49:74:7b:e7:76:41:2d:a9:65:0a:98:77:70:51: b9:7a:37:8f:05:ed:02:43:65:6d:44:fb:a4:1c:35: 4f:b9:0d:ed:fa:59:ec:09:90:5e:ff:79:c2:a4:ee: ac:e4:4c:02:ae:36:4d:1c:cc:94:95:3f:43:8d:09: 09:23:62:e6:c8:a5:78:9d:a5:1a:fb:89:8d:94:92: ff:97:ac:c7:6e:bc:39:87:66:48:e4:24:3a:e3:d2: 55:8d:aa:ad:a1:33:be:c6:8c:23:9c:59:e7:78:ca: 42:df:66:46:cc:6a:ab:4e:98:47:bf:6f:f2:08:97: ba:3a:41:90:65:74:bf:d5:f3:68:b8:d4:d4:fc:df: 5a:9e:c7:2a:7f:4a:fe:83:8a:37:18:1c:d9:54:ca: 3f:80:ef:67:d3:05:5c:df:f0:26:d7:b2:77:0b:04: 9d:b4:e0:97:6e:0a:e1:1e:d3:dd:61:73:c9:04:c9: 31:49:98:04:62:f7:1e:d0:8f:e5:28:41:7f:2d:dd: 4a:d1:e9:f1:e4:96:1a:d9:3f:af:39:33:bb:0c:5a: b3:af:75:2b:27:a7:a7:cf:a4:b8:c6:63:45:d6:96: 14:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/fKZDuzmcbYetxMfLpdK3L70A0EY.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.56.16.0/22 2.59.0.0/22 5.182.124.0/22 45.13.248.0/22 45.67.60.0/22 45.81.24.0/22 45.82.40.0/22 45.85.108.0/22 45.87.48.0/22 45.91.164.0/22 45.94.96.0/22 45.130.64.0/22 45.139.0.0/22 45.144.24.0/22 45.150.20.0/22 80.76.52.0/22 83.150.220.0/22 91.209.162.0/23 91.209.230.0/23 94.154.140.0/22 171.22.32.0/22 176.113.64.0/22 185.101.144.0/22 185.198.36.0/22 185.201.128.0/22 194.32.224.0/22 213.184.92.0/22 Signature Algorithm: sha256WithRSAEncryption 6c:bf:78:bf:12:20:10:93:61:58:3c:19:d6:27:96:1b:39:64: ab:8f:09:9e:0e:2d:34:82:d6:21:28:76:74:cd:3c:b6:1c:75: e3:93:a9:60:3a:93:6b:3a:18:fc:87:1f:d5:be:78:01:e7:3f: 1c:67:7d:e7:09:cd:05:58:22:d2:0f:a9:bc:9f:06:97:72:06: 91:4e:1d:66:da:32:9e:1c:a2:75:54:b8:bf:2b:e1:03:26:e5: 9d:0c:ec:38:64:7c:63:6e:9f:53:05:88:fb:2f:3c:c2:03:84: 7a:9b:58:cb:eb:79:82:de:ab:61:42:5d:5b:7b:2e:6c:e2:19: e4:ff:a3:77:e8:2d:18:24:bb:b5:fb:0e:ed:8f:ec:b2:e0:99: 0d:63:ad:2a:77:7f:82:a0:6f:9d:11:94:86:e0:bc:77:ae:c7: 7b:f5:0c:fe:ae:87:ff:d6:d9:68:93:bf:5e:46:a1:f7:7a:aa: b3:ee:bf:00:14:ed:74:66:06:2f:1e:17:53:79:6c:1e:ad:16: b9:c1:56:bd:1c:9f:e4:8f:74:7d:e7:e5:1e:6d:27:ab:91:ef: 3c:e9:e3:ff:a6:3e:6b:d7:a0:7f:f8:cd:c8:43:bc:10:b6:30: ef:ca:fd:7e:1b:e8:06:6d:5b:cb:f7:0a:e3:c2:de:4f:dd:3e: b3:c4:95:78 -----BEGIN CERTIFICATE----- MIIGGTCCBQGgAwIBAgISAZt7NkcNZ/vKYx5/FayWdsKIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjAxODMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3Y2E2NDNiYjM5OWM2ZDg3YWRjNGM3Y2JhNWQyYjcyZmJkMDBkMDQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmKAd49Qku3SOIbwXeNX2LTkm98a 39LFYFuEYJP9SXR753ZBLallCph3cFG5ejePBe0CQ2VtRPukHDVPuQ3t+lnsCZBe /3nCpO6s5EwCrjZNHMyUlT9DjQkJI2LmyKV4naUa+4mNlJL/l6zHbrw5h2ZI5CQ6 49JVjaqtoTO+xowjnFnneMpC32ZGzGqrTphHv2/yCJe6OkGQZXS/1fNouNTU/N9a nscqf0r+g4o3GBzZVMo/gO9n0wVc3/Am17J3CwSdtOCXbgrhHtPdYXPJBMkxSZgE Yvce0I/lKEF/Ld1K0enx5JYa2T+vOTO7DFqzr3UrJ6enz6S4xmNF1pYUQQIDAQAB o4IDJTCCAyEwHQYDVR0OBBYEFHymQ7s5nG2HrcTHy6XSty+9ANBGMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E2L2MwMzAx ZC01ODAxLTRhYzYtYjUwMy00NGVhNjQ3MjFjOWUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYvYzAzMDFk LTU4MDEtNGFjNi1iNTAzLTQ0ZWE2NDcyMWM5ZS8xL2ZLWkR1em1jYllldHhNZkxw ZEszTDcwQTBFWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIG/BggrBgEF BQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIDBAICOBADBAICOwADBAIFtnwDBAItDfgD BAItQzwDBAItURgDBAItUigDBAItVWwDBAItVzADBAItW6QDBAItXmADBAItgkAD BAItiwADBAItkBgDBAItlhQDBAJQTDQDBAJTltwDBAFb0aIDBAFb0eYDBAJemowD BAKrFiADBAKwcUADBAK5ZZADBAK5xiQDBAK5yYADBALCIOADBALVuFwwDQYJKoZI hvcNAQELBQADggEBAGy/eL8SIBCTYVg8GdYnlhs5ZKuPCZ4OLTSC1iEodnTNPLYc deOTqWA6k2s6GPyHH9W+eAHnPxxnfecJzQVYItIPqbyfBpdyBpFOHWbaMp4conVU uL8r4QMm5Z0M7DhkfGNun1MFiPsvPMIDhHqbWMvreYLeq2FCXVt7LmziGeT/o3fo LRgku7X7Du2P7LLgmQ1jrSp3f4Kgb50RlIbgvHeux3v1DP6uh//W2WiTv15Gofd6 qrPuvwAU7XRmBi8eF1N5bB6tFrnBVr0cn+SPdH3n5R5tJ6uR7zzp4/+mPmvXoH/4 zchDvBC2MO/K/X4b6AZtW8v3CuPC3k/dPrPElXg= -----END CERTIFICATE-----Generated at Wed Jan 21 02:40:03 2026 by rpki-client