This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer File: gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer (raw, json) Hash identifier: 5T1P/36BaWguGxinqerDk7W27qWvPGBpzsOWl2UuODo= Subject key identifier: 81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019BB79A3127493D3E62A4EFD5DF912C0AD1 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Tue 13 Jan 2026 13:44:54 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 211880 AS: 213176 IP: 85.155.128.0/20 IP: 209.35.224.0/19 IP: 212.59.64.0/21 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b7:9a:31:27:49:3d:3e:62:a4:ef:d5:df:91:2c:0a:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 13 13:44:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:75:7d:68:6c:15:98:4f:51:05:f7:eb:19:e7: 46:ed:84:de:bf:85:61:9d:de:3a:11:28:df:fc:10: 33:75:58:fc:43:d1:54:d9:81:66:7b:ca:32:7b:23: 8d:1f:51:4b:a9:bd:e1:a3:20:b3:27:fc:3a:16:36: 65:85:35:84:7e:1d:70:56:df:f8:81:db:c4:a9:fb: 39:5a:0b:ff:4f:08:b8:f7:7e:4b:16:5a:aa:31:d9: 8d:83:cc:af:bc:a7:c0:5f:af:b5:82:49:73:f4:cc: ce:1e:70:20:a3:bd:14:1a:80:84:71:95:23:1b:09: 5a:af:34:98:f4:77:e3:80:37:78:cd:df:97:5b:68: 94:7d:81:cd:c6:0b:d5:40:90:76:42:a6:b6:c5:20: 8f:14:2f:eb:61:62:09:df:2e:b9:41:72:9b:c2:0d: 74:a8:c9:3a:72:30:95:31:ee:21:5a:23:d0:6a:6d: 22:2d:3a:6d:d6:9d:e2:03:ef:13:65:ff:f9:d5:4c: a3:44:dc:a1:96:b2:41:a1:f2:d9:f6:cd:b6:fd:b8: 9c:2f:e8:56:e8:b0:1b:3a:bf:1c:b8:0e:4e:07:70: 28:1a:e3:db:13:43:06:9e:be:c8:9f:7a:82:55:bd: bb:37:a5:bb:ce:f2:a3:99:4c:01:da:1f:56:1b:00: 85:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.155.128.0/20 209.35.224.0/19 212.59.64.0/21 sbgp-autonomousSysNum: critical Autonomous System Numbers: 211880 213176 Signature Algorithm: sha256WithRSAEncryption 1d:7c:b7:9b:aa:cb:5f:d7:84:87:ed:00:91:d4:0c:60:b6:ab: e2:42:83:2f:7b:5b:b6:df:a6:b2:4f:3e:95:43:ac:cd:e9:a4: 37:8b:27:ff:56:f5:25:3c:1c:18:7c:44:35:54:c0:2e:2f:49: a6:03:c5:f8:e6:4b:ff:05:b0:68:d0:6e:57:65:92:32:92:f7: 44:ea:b0:df:ef:57:fe:b0:1f:d8:95:68:db:c3:f1:54:80:c5: b3:b6:ee:4d:cf:d1:e1:dc:f3:a4:33:06:dc:1c:36:43:6c:bc: 27:bf:50:11:bb:28:d4:d3:3e:5d:db:f4:79:f3:c6:9b:fd:72: 95:31:41:9d:04:07:e7:af:43:46:40:f2:c1:13:13:c9:85:74: 01:4f:de:22:9c:82:e7:77:38:51:70:6e:f9:e7:67:e5:b1:d9: 8c:21:a9:80:a0:74:eb:dc:88:6f:8a:84:b9:5d:0b:b8:72:4d: 24:d9:68:c7:dc:2c:af:d0:e5:d6:e4:92:42:f0:d9:d2:2c:52: e2:ed:d1:e4:cb:e7:36:10:71:ea:dc:c7:ad:c6:ea:8f:cb:54: 5d:93:5d:17:54:d3:00:1c:ab:82:42:17:ff:ca:31:23:e1:53: 9e:ad:90:6c:5d:d9:1d:7f:54:79:5e:31:ed:d5:35:91:ce:6d: bc:3c:bf:33 -----BEGIN CERTIFICATE----- MIIFpTCCBI2gAwIBAgISAZu3mjEnST0+YqTv1d+RLArRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTEzMTM0NDU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4MWEyZDBkY2Q1MGE2ODJmOTc1ZWEzZDhjMzhlNWU2N2JiMDMyMmY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3V9aGwVmE9RBffrGedG7YTev4Vh nd46ESjf/BAzdVj8Q9FU2YFme8oyeyONH1FLqb3hoyCzJ/w6FjZlhTWEfh1wVt/4 gdvEqfs5Wgv/Twi4935LFlqqMdmNg8yvvKfAX6+1gklz9MzOHnAgo70UGoCEcZUj GwlarzSY9HfjgDd4zd+XW2iUfYHNxgvVQJB2Qqa2xSCPFC/rYWIJ3y65QXKbwg10 qMk6cjCVMe4hWiPQam0iLTpt1p3iA+8TZf/51UyjRNyhlrJBofLZ9s22/bicL+hW 6LAbOr8cuA5OB3AoGuPbE0MGnr7In3qCVb27N6W7zvKjmUwB2h9WGwCFjQIDAQAB o4ICsTCCAq0wHQYDVR0OBBYEFIGi0NzVCmgvl16j2MOOXme7AyL5MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2UyL2QyNWE3 Mi1iYmUzLTRhYjAtOTU2NC1mZTQ1ZDUxNjBjMzkvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvZDI1YTcy LWJiZTMtNGFiMC05NTY0LWZlNDVkNTE2MGMzOS8xL2dhTFEzTlVLYUMtWFhxUFl3 NDVlWjdzREl2ay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUF BwEHAQH/BBwwGjAYBAIAATASAwQEVZuAAwQF0SPgAwQD1DtAMB8GCCsGAQUFBwEI AQH/BBAwDqAMMAoCAwM7qAIDA0C4MA0GCSqGSIb3DQEBCwUAA4IBAQAdfLebqstf 14SH7QCR1AxgtqviQoMve1u236ayTz6VQ6zN6aQ3iyf/VvUlPBwYfEQ1VMAuL0mm A8X45kv/BbBo0G5XZZIykvdE6rDf71f+sB/YlWjbw/FUgMWztu5Nz9Hh3POkMwbc HDZDbLwnv1ARuyjU0z5d2/R588ab/XKVMUGdBAfnr0NGQPLBExPJhXQBT94inILn dzhRcG7552flsdmMIamAoHTr3IhvioS5XQu4ck0k2WjH3Cyv0OXW5JJC8NnSLFLi 7dHky+c2EHHq3MetxuqPy1Rdk10XVNMAHKuCQhf/yjEj4VOerZBsXdkdf1R5XjHt 1TWRzm28PL8z -----END CERTIFICATE-----Generated at Tue Jan 27 06:10:45 2026 by rpki-client