This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer File: gho_IfsMKU1tSlKbLx29S9ERm9c.cer (raw, json) Hash identifier: Ksic99m258PE8dP5XDTz1r5Y/Xjoh6liTX0vF6PwEOc= Subject key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019ADF3B2232681F5C216005D705174E8640 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Tue 02 Dec 2025 13:23:05 +0000 Certificate not after: Wed 01 Jul 2026 00:00:00 +0000 Subordinate resources: IP: 5.182.100.0/22 IP: 45.11.236.0/22 IP: 45.14.72.0/22 IP: 45.84.44.0/22 IP: 45.157.72.0/22 IP: 85.8.188.0/22 IP: 85.209.216.0/22 IP: 88.218.100.0/22 IP: 91.201.140.0/22 IP: 92.119.180.0/22 IP: 139.28.136.0/22 IP: 141.98.240.0/22 IP: 193.31.72.0/22 IP: 194.5.0.0/22 IP: 194.38.24.0/22 IP: 194.124.52.0/22 IP: 195.206.108.0/22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 04 Dec 2025 09:57:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:df:3b:22:32:68:1f:5c:21:60:05:d7:05:17:4e:86:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Dec 2 13:23:05 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:cb:a6:b7:b3:d1:1f:ac:ae:4b:04:e0:66:3d: 41:98:0a:8f:69:1d:5c:35:a9:64:2d:64:eb:de:fb: cd:3b:9d:57:ac:0d:2d:86:61:2c:ed:f9:67:11:90: 0e:d1:7b:02:17:b8:f2:aa:af:8b:37:8b:ff:be:8c: aa:8c:82:08:27:d2:0a:cb:a4:28:77:3e:a9:9a:bf: bd:81:72:d8:db:85:25:10:be:78:93:ed:aa:72:8e: 84:bb:b5:53:3e:e4:ba:74:09:a8:cd:8a:c9:a5:02: 40:e7:ad:79:fc:5e:b3:75:33:e2:8c:bb:aa:a2:f8: 0a:3d:d5:b8:f5:95:cf:05:87:42:cf:7c:3d:bc:16: 2a:ea:bd:fd:8d:73:f4:3f:0e:22:b6:8f:e8:d7:2d: 2b:48:c6:d6:de:5d:7f:a9:2d:1c:84:19:90:8a:69: ee:0f:f5:ce:11:28:4a:52:5a:12:66:e0:0e:de:09: f7:df:e2:0d:83:74:a5:2c:8c:63:0b:3b:e6:13:9e: 6c:0b:87:fa:1c:7d:25:bc:3f:fd:69:47:5a:26:ce: ac:a0:84:a3:8b:d5:81:7d:f3:e3:1a:6c:49:0d:0e: 9e:07:0a:ee:8b:96:e4:97:33:07:71:07:df:c5:56: 70:2a:50:d3:c6:fd:72:bf:2a:f2:74:7b:19:8a:4b: 08:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.182.100.0/22 45.11.236.0/22 45.14.72.0/22 45.84.44.0/22 45.157.72.0/22 85.8.188.0/22 85.209.216.0/22 88.218.100.0/22 91.201.140.0/22 92.119.180.0/22 139.28.136.0/22 141.98.240.0/22 193.31.72.0/22 194.5.0.0/22 194.38.24.0/22 194.124.52.0/22 195.206.108.0/22 Signature Algorithm: sha256WithRSAEncryption 8a:7f:84:34:27:88:f5:b2:29:aa:26:48:a3:02:99:54:3a:67: 4e:af:65:b2:ef:9d:68:80:1f:b2:6d:31:b9:25:21:0a:60:ed: 51:d9:83:ee:3b:fb:43:07:6a:07:bc:ea:57:72:13:6b:96:fe: bf:7a:08:fc:ed:76:07:5d:13:4a:d8:fc:40:2c:4d:ee:a3:a6: 6d:22:1b:cb:e8:5c:06:84:53:5e:5c:5a:de:2a:a8:1c:aa:10: 19:20:9a:c3:b5:3a:57:6e:3e:03:af:96:05:d8:d2:d3:a2:a8: 49:22:58:a6:3b:74:c0:7a:97:d9:8f:17:f2:25:9d:ac:40:00: d6:75:0d:73:9e:26:a8:0d:8b:4a:6b:c7:c5:06:4b:d0:42:cb: 57:ed:3e:aa:e5:8e:33:0b:a1:b5:85:e2:df:ab:72:e9:1f:b4: 12:d6:af:0c:e1:27:2b:97:45:c1:7f:c2:19:9d:0f:5d:2a:76: 7d:0e:b5:fc:70:66:8f:6a:3e:a1:fc:1e:7c:f9:40:c2:6d:e9: 9e:2c:bf:ad:05:fc:71:33:83:9d:3f:fc:98:be:2a:b8:51:57: 42:78:95:f4:3b:6e:c0:f7:3f:11:0a:4a:cd:a4:8f:88:46:e2: 90:8c:b6:44:e9:14:f6:2c:7c:ba:58:9d:a3:d4:a0:ab:31:49: b2:10:8f:11 -----BEGIN CERTIFICATE----- MIIF2DCCBMCgAwIBAgISAZrfOyIyaB9cIWAF1wUXToZAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjUxMjAyMTMyMzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4MjFhM2YyMWZiMGMyOTRkNmQ0YTUyOWIyZjFkYmQ0YmQxMTE5YmQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucumt7PRH6yuSwTgZj1BmAqPaR1c NalkLWTr3vvNO51XrA0thmEs7flnEZAO0XsCF7jyqq+LN4v/voyqjIIIJ9IKy6Qo dz6pmr+9gXLY24UlEL54k+2qco6Eu7VTPuS6dAmozYrJpQJA5615/F6zdTPijLuq ovgKPdW49ZXPBYdCz3w9vBYq6r39jXP0Pw4ito/o1y0rSMbW3l1/qS0chBmQimnu D/XOEShKUloSZuAO3gn33+INg3SlLIxjCzvmE55sC4f6HH0lvD/9aUdaJs6soISj i9WBffPjGmxJDQ6eBwrui5bklzMHcQffxVZwKlDTxv1yvyrydHsZiksIRwIDAQAB o4IC5DCCAuAwHQYDVR0OBBYEFIIaPyH7DClNbUpSmy8dvUvREZvXMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEyL2VkYzg1 NS1mMmJjLTRlOWMtOGMwYy1iNmYyYWM4NmVmMjcvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIvZWRjODU1 LWYyYmMtNGU5Yy04YzBjLWI2ZjJhYzg2ZWYyNy8xL2dob19JZnNNS1UxdFNsS2JM eDI5UzlFUm05Yy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMH8GCCsGAQUF BwEHAQH/BHAwbjBsBAIAATBmAwQCBbZkAwQCLQvsAwQCLQ5IAwQCLVQsAwQCLZ1I AwQCVQi8AwQCVdHYAwQCWNpkAwQCW8mMAwQCXHe0AwQCixyIAwQCjWLwAwQCwR9I AwQCwgUAAwQCwiYYAwQCwnw0AwQCw85sMA0GCSqGSIb3DQEBCwUAA4IBAQCKf4Q0 J4j1simqJkijAplUOmdOr2Wy751ogB+ybTG5JSEKYO1R2YPuO/tDB2oHvOpXchNr lv6/egj87XYHXRNK2PxALE3uo6ZtIhvL6FwGhFNeXFreKqgcqhAZIJrDtTpXbj4D r5YF2NLToqhJIlimO3TAepfZjxfyJZ2sQADWdQ1zniaoDYtKa8fFBkvQQstX7T6q 5Y4zC6G1heLfq3LpH7QS1q8M4Scrl0XBf8IZnQ9dKnZ9DrX8cGaPaj6h/B58+UDC bemeLL+tBfxxM4OdP/yYviq4UVdCeJX0O27A9z8RCkrNpI+IRuKQjLZE6RT2LHy6 WJ2j1KCrMUmyEI8R -----END CERTIFICATE-----Generated at Wed Dec 3 12:45:58 2025 by rpki-client