This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fgQjIR9JsTNelLi9u7EWhmT2gE8.cer File: fgQjIR9JsTNelLi9u7EWhmT2gE8.cer (raw, json) Hash identifier: enWnb4In8ReVLv2xHAXvjplPGjdd32zbR6shw164ZCM= Subject key identifier: 7E:04:23:21:1F:49:B1:33:5E:94:B8:BD:BB:B1:16:86:64:F6:80:4F Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7C800FF9ACD2274B823D027D08DB541D Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/be/77ac86-31f6-4370-b433-b0e7d41b5d36/1/fgQjIR9JsTNelLi9u7EWhmT2gE8.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/be/77ac86-31f6-4370-b433-b0e7d41b5d36/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 02:18:46 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 204213 IP: 86.106.142.0/24 IP: 86.107.47.0/24 IP: 86.107.184.0/24 IP: 89.32.248.0/22 IP: 89.33.87.0/24 IP: 89.35.172.0/24 IP: 89.39.208.0/24 IP: 89.40.65.0/24 IP: 89.42.208.0/22 IP: 89.45.89.0/24 IP: 185.94.96.0/22 IP: 188.212.22.0/24 IP: 217.144.104.0/22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:0f:f9:ac:d2:27:4b:82:3d:02:7d:08:db:54:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 02:18:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7e0423211f49b1335e94b8bdbbb1168664f6804f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:e4:3e:38:49:cf:67:70:d1:89:f7:66:ed:da: 3a:10:ce:87:a3:c2:9f:dc:c1:3f:e5:8a:d5:54:d9: eb:60:e2:9f:50:f3:c9:ee:7b:12:87:a9:0e:62:95: 70:39:d2:ca:1d:3f:50:a6:ec:96:60:c6:ad:56:53: e5:e5:3d:a5:d8:d8:9e:1f:54:3c:78:b6:50:c0:4d: 1d:dc:55:97:1d:1b:ff:56:ee:b3:79:00:36:63:1f: 5f:da:e4:61:0d:2d:e8:05:10:94:2f:11:14:af:1b: 97:05:08:08:96:59:7b:a3:2c:e2:e6:f4:20:3a:12: 27:fa:b8:52:c9:60:73:58:11:e0:00:f9:1e:3f:2e: c9:64:35:21:35:9f:cc:f0:a7:c6:3e:fa:34:8f:42: 29:e9:b2:b7:57:64:b6:2d:ac:9c:67:dc:c9:0e:30: f3:3b:0f:00:0d:82:1e:e5:d0:98:32:9f:15:46:84: f4:6a:e2:a7:53:b0:ac:ee:75:fe:30:8c:9f:57:d2: dc:e7:ce:dd:b9:12:54:2b:fb:de:44:58:ae:e9:a6: 3a:83:10:39:81:74:a1:be:dc:2c:9e:12:0e:c4:37: 09:4f:7c:35:86:8d:33:51:b0:bb:6b:18:c6:f0:5d: f4:d2:4f:58:ff:10:42:52:81:b3:82:20:18:79:c1: 2c:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:04:23:21:1F:49:B1:33:5E:94:B8:BD:BB:B1:16:86:64:F6:80:4F X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/77ac86-31f6-4370-b433-b0e7d41b5d36/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/77ac86-31f6-4370-b433-b0e7d41b5d36/1/fgQjIR9JsTNelLi9u7EWhmT2gE8.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.106.142.0/24 86.107.47.0/24 86.107.184.0/24 89.32.248.0/22 89.33.87.0/24 89.35.172.0/24 89.39.208.0/24 89.40.65.0/24 89.42.208.0/22 89.45.89.0/24 185.94.96.0/22 188.212.22.0/24 217.144.104.0/22 sbgp-autonomousSysNum: critical Autonomous System Numbers: 204213 Signature Algorithm: sha256WithRSAEncryption 40:c6:31:94:71:d6:16:02:a9:27:b4:47:f5:37:b7:29:41:3a: e0:3a:34:4d:fa:63:56:28:92:77:be:d1:f6:12:03:ec:9f:79: e5:34:03:cd:91:a6:a8:ef:d5:a7:04:83:d4:6d:bd:8d:0d:86: 04:1b:3d:92:e3:d5:67:7f:43:e9:75:fc:56:1b:df:d8:2c:db: 89:8b:88:2c:45:80:cc:4f:6a:81:69:fa:c8:e2:06:21:fa:4c: 13:83:60:29:1f:c7:f2:bd:d4:f3:bd:fd:25:60:2d:f6:b1:6c: 8d:d0:3a:18:a3:14:a8:be:f3:a3:c6:c9:ae:ac:82:47:71:4e: 56:33:c4:89:3d:31:51:75:24:fc:ba:e5:8d:e1:af:61:b1:65: 4f:1f:b9:e7:4f:6c:93:87:b0:48:e3:86:78:2e:9c:ff:0f:e9: 1b:10:f7:37:41:22:b0:ad:a0:c7:e8:31:fb:01:dc:fd:86:2a: af:55:24:2b:0a:c2:bb:f4:9e:cb:c6:02:fe:e9:38:2e:4a:cb: 28:51:db:cb:e9:e5:49:2e:39:36:71:da:a4:1f:68:a7:77:e4: 5f:0b:ed:30:b8:7b:aa:2c:f7:83:2d:06:bc:3c:03:90:33:c8: 98:ca:60:ca:15:74:cd:dd:08:24:e9:38:15:11:c8:ed:f6:9d: af:16:0c:cc -----BEGIN CERTIFICATE----- MIIF3DCCBMSgAwIBAgISAZt8gA/5rNInS4I9An0I21QdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDIxODQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3ZTA0MjMyMTFmNDliMTMzNWU5NGI4YmRiYmIxMTY4NjY0ZjY4MDRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3eQ+OEnPZ3DRifdm7do6EM6Ho8Kf 3ME/5YrVVNnrYOKfUPPJ7nsSh6kOYpVwOdLKHT9QpuyWYMatVlPl5T2l2NieH1Q8 eLZQwE0d3FWXHRv/Vu6zeQA2Yx9f2uRhDS3oBRCULxEUrxuXBQgIlll7oyzi5vQg OhIn+rhSyWBzWBHgAPkePy7JZDUhNZ/M8KfGPvo0j0Ip6bK3V2S2LaycZ9zJDjDz Ow8ADYIe5dCYMp8VRoT0auKnU7Cs7nX+MIyfV9Lc587duRJUK/veRFiu6aY6gxA5 gXShvtwsnhIOxDcJT3w1ho0zUbC7axjG8F300k9Y/xBCUoGzgiAYecEshQIDAQAB o4IC6DCCAuQwHQYDVR0OBBYEFH4EIyEfSbEzXpS4vbuxFoZk9oBPMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JlLzc3YWM4 Ni0zMWY2LTQzNzAtYjQzMy1iMGU3ZDQxYjVkMzYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUvNzdhYzg2 LTMxZjYtNDM3MC1iNDMzLWIwZTdkNDFiNWQzNi8xL2ZnUWpJUjlKc1ROZWxMaTl1 N0VXaG1UMmdFOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGcGCCsGAQUF BwEHAQH/BFgwVjBUBAIAATBOAwQAVmqOAwQAVmsvAwQAVmu4AwQCWSD4AwQAWSFX AwQAWSOsAwQAWSfQAwQAWShBAwQCWSrQAwQAWS1ZAwQCuV5gAwQAvNQWAwQC2ZBo MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMdtTANBgkqhkiG9w0BAQsFAAOCAQEA QMYxlHHWFgKpJ7RH9Te3KUE64Do0TfpjViiSd77R9hID7J955TQDzZGmqO/VpwSD 1G29jQ2GBBs9kuPVZ39D6XX8Vhvf2CzbiYuILEWAzE9qgWn6yOIGIfpME4NgKR/H 8r3U8739JWAt9rFsjdA6GKMUqL7zo8bJrqyCR3FOVjPEiT0xUXUk/LrljeGvYbFl Tx+5509sk4ewSOOGeC6c/w/pGxD3N0EisK2gx+gx+wHc/YYqr1UkKwrCu/Sey8YC /uk4LkrLKFHby+nlSS45NnHapB9op3fkXwvtMLh7qiz3gy0GvDwDkDPImMpgyhV0 zd0IJOk4FRHI7fadrxYMzA== -----END CERTIFICATE-----Generated at Mon Feb 9 20:50:02 2026 by rpki-client