This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/hXosdK9aRNmq5HoLiUJfpPf8fBk.cer File: hXosdK9aRNmq5HoLiUJfpPf8fBk.cer (raw, json) Hash identifier: pENvNKDMa87WURWnqVMaiRV6ybH5WISbydgqEHs4fzc= Subject key identifier: 85:7A:2C:74:AF:5A:44:D9:AA:E4:7A:0B:89:42:5F:A4:F7:FC:7C:19 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019C0A49DFFE38484AE3A26A30B33279DA8F Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/hXosdK9aRNmq5HoLiUJfpPf8fBk.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 29 Jan 2026 15:05:39 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 43281 AS: 201711 AS: 205557 AS: 210133 AS: 212638 IP: 37.77.168.0/21 IP: 77.247.200.0/21 IP: 185.214.40.0/22 IP: 2a03:9d80::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:0a:49:df:fe:38:48:4a:e3:a2:6a:30:b3:32:79:da:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 29 15:05:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=857a2c74af5a44d9aae47a0b89425fa4f7fc7c19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:43:e3:ba:9d:9f:3a:95:c4:07:1c:09:f9:76: 5e:37:ba:75:64:81:ab:94:6d:51:5a:e7:4e:c5:af: 94:62:f6:34:9d:84:9f:64:e8:da:c0:1a:4b:18:75: 62:d4:c0:b6:28:84:42:16:23:65:39:d7:0d:bf:62: 75:8d:1e:d4:b8:0e:01:cb:76:bf:4f:62:d9:0d:e1: ce:0f:76:05:78:59:8e:00:ca:71:c0:96:f8:4b:d9: fa:9f:80:36:46:09:00:d1:df:8c:0a:6c:76:7c:fd: 6c:d9:85:bc:af:89:10:22:e7:44:5b:a2:0c:8e:3f: 4e:79:95:ca:d4:0c:0f:3b:1c:09:1f:ed:a2:15:38: b5:dd:ce:cc:14:51:67:a6:60:39:a9:4b:39:f7:1d: f5:19:76:76:cb:56:7c:99:78:1e:e2:05:de:70:eb: 41:9e:3c:de:4d:3b:f1:9f:72:c3:f3:7f:1b:59:a0: dc:09:15:94:51:2d:82:da:75:04:6f:eb:34:5c:d9: b8:04:87:5c:aa:7e:50:c4:8d:0b:d0:81:fc:7d:20: ef:b4:46:51:ff:91:98:19:4f:71:bb:18:20:f5:26: 40:d2:88:f3:54:f3:05:23:37:b2:08:b2:77:31:96: 68:86:f1:1e:63:10:d7:2d:13:b5:6b:57:97:03:1b: ca:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:7A:2C:74:AF:5A:44:D9:AA:E4:7A:0B:89:42:5F:A4:F7:FC:7C:19 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/hXosdK9aRNmq5HoLiUJfpPf8fBk.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.77.168.0/21 77.247.200.0/21 185.214.40.0/22 IPv6: 2a03:9d80::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 43281 201711 205557 210133 212638 Signature Algorithm: sha256WithRSAEncryption ae:16:88:3d:4e:9d:75:31:27:61:5e:79:e6:7d:cf:4e:5e:db: c9:10:5a:a9:56:da:6c:87:25:31:d1:a9:5f:25:a8:16:76:34: 7e:b4:1b:15:dd:f1:d9:1a:9f:57:ca:61:9b:7c:db:ae:01:27: 00:e7:7b:ff:d0:6a:f6:21:ea:b2:b4:4f:75:d7:28:7a:7d:98: f6:43:f2:84:00:c7:21:87:a1:3b:ea:fc:49:b1:d6:2d:e1:5f: f1:57:a0:86:81:06:c8:28:0b:e6:d2:68:fb:2e:85:7b:54:aa: ce:8b:36:fc:e6:1a:10:e0:5e:fb:53:c5:b9:52:44:31:22:ba: b0:f6:71:11:31:74:79:47:6b:54:30:e8:f6:b8:d6:7e:8c:7c: 80:c0:e1:eb:52:49:ee:4c:27:36:0d:1d:e5:51:14:90:2f:00: c8:29:d5:56:68:d3:32:41:79:c6:19:d7:42:1d:99:81:ff:25: 81:28:f0:06:e3:e7:33:67:9b:c9:b1:65:2b:86:18:23:eb:f9: 38:90:3c:ee:e0:df:9c:5f:d7:ab:f5:8a:16:1c:39:08:06:55: bf:56:a5:9e:84:58:f6:3d:95:e3:62:bf:c1:b4:97:89:15:a7: 3b:a5:9e:7c:3d:08:8a:09:53:f9:fc:4d:7b:df:45:53:5c:fc: 8b:43:d8:80 -----BEGIN CERTIFICATE----- MIIFwzCCBKugAwIBAgISAZwKSd/+OEhK46JqMLMyedqPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTI5MTUwNTM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NTdhMmM3NGFmNWE0NGQ5YWFlNDdhMGI4OTQyNWZhNGY3ZmM3YzE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykPjup2fOpXEBxwJ+XZeN7p1ZIGr lG1RWudOxa+UYvY0nYSfZOjawBpLGHVi1MC2KIRCFiNlOdcNv2J1jR7UuA4By3a/ T2LZDeHOD3YFeFmOAMpxwJb4S9n6n4A2RgkA0d+MCmx2fP1s2YW8r4kQIudEW6IM jj9OeZXK1AwPOxwJH+2iFTi13c7MFFFnpmA5qUs59x31GXZ2y1Z8mXge4gXecOtB njzeTTvxn3LD838bWaDcCRWUUS2C2nUEb+s0XNm4BIdcqn5QxI0L0IH8fSDvtEZR /5GYGU9xuxgg9SZA0ojzVPMFIzeyCLJ3MZZohvEeYxDXLRO1a1eXAxvKWwIDAQAB o4ICzzCCAsswHQYDVR0OBBYEFIV6LHSvWkTZquR6C4lCX6T3/HwZMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkzLzBhOWEz My05OWRjLTRiOTItOGNlZC04MzZhYzk3YzAxYmIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTMvMGE5YTMz LTk5ZGMtNGI5Mi04Y2VkLTgzNmFjOTdjMDFiYi8xL2hYb3NkSzlhUk5tcTVIb0xp VUpmcFBmOGZCay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF BwEHAQH/BCswKTAYBAIAATASAwQDJU2oAwQDTffIAwQCudYoMA0EAgACMAcDBQAq A52AMC4GCCsGAQUFBwEIAQH/BB8wHaAbMBkCAwCpEQIDAxPvAgMDIvUCAwM01QID Az6eMA0GCSqGSIb3DQEBCwUAA4IBAQCuFog9Tp11MSdhXnnmfc9OXtvJEFqpVtps hyUx0alfJagWdjR+tBsV3fHZGp9XymGbfNuuAScA53v/0Gr2IeqytE911yh6fZj2 Q/KEAMchh6E76vxJsdYt4V/xV6CGgQbIKAvm0mj7LoV7VKrOizb85hoQ4F77U8W5 UkQxIrqw9nERMXR5R2tUMOj2uNZ+jHyAwOHrUknuTCc2DR3lURSQLwDIKdVWaNMy QXnGGddCHZmB/yWBKPAG4+czZ5vJsWUrhhgj6/k4kDzu4N+cX9er9YoWHDkIBlW/ VqWehFj2PZXjYr/BtJeJFac7pZ58PQiKCVP5/E1730VTXPyLQ9iA -----END CERTIFICATE-----Generated at Mon Feb 9 19:41:49 2026 by rpki-client