This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/hbT4demdNbFCBGk-7hHKm2qv5K4.cer File: hbT4demdNbFCBGk-7hHKm2qv5K4.cer (raw, json) Hash identifier: jleMVnd7QFg8hJ/h6fV4KFI3rwlWWNA4C+lVE4v/V4E= Subject key identifier: 85:B4:F8:75:E9:9D:35:B1:42:04:69:3E:EE:11:CA:9B:6A:AF:E4:AE Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019C3F108C4496ED9AB79704AACC4FED0AD6 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/cb/b8219e-346a-43b9-b823-938a73b6f7c2/1/hbT4demdNbFCBGk-7hHKm2qv5K4.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/cb/b8219e-346a-43b9-b823-938a73b6f7c2/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Sun 08 Feb 2026 21:02:55 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 58208 IP: 5.42.152.0/21 IP: 91.216.120.0/24 IP: 185.118.68.0/22 IP: 2a01:45c0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:10:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:3f:10:8c:44:96:ed:9a:b7:97:04:aa:cc:4f:ed:0a:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Feb 8 21:02:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=85b4f875e99d35b14204693eee11ca9b6aafe4ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:76:cb:85:3e:b8:a3:11:06:75:86:93:e5:3b: 82:15:3b:d5:04:70:d6:df:8e:31:57:26:68:c1:e1: 85:32:55:85:95:ab:72:3c:a7:ee:9e:9a:e4:0f:5f: a8:79:67:b2:0c:5a:6d:42:c2:25:e8:f8:d8:f9:d0: db:ed:c3:b2:5a:0b:30:ce:97:e0:fd:a6:c5:c2:1e: 8c:c0:14:7c:fc:61:26:25:a8:51:a6:1b:a7:cf:d1: 5d:38:6d:02:c2:9a:30:61:c9:08:4f:f9:1a:ca:dc: 03:1a:49:2f:c5:c7:52:ac:54:53:e3:dd:60:55:63: 05:80:57:91:75:29:a6:ce:90:40:7a:87:02:12:c0: 4f:12:33:6e:78:19:e0:ab:ae:de:e3:59:14:08:a9: 54:e7:3f:45:d7:20:92:d3:9c:a4:b4:f3:8a:2c:f8: 6f:62:01:3d:ec:d8:5f:e3:9b:04:9b:fb:ad:29:56: e3:0f:15:2c:cd:59:b8:62:3d:ef:b0:ee:71:05:45: 60:7e:3e:eb:66:74:d1:4c:16:57:9c:7b:fb:f0:ae: 7e:28:f8:80:33:a5:a1:74:79:2f:b6:38:92:91:ef: 9c:8e:2a:67:70:62:e6:fa:64:f8:7c:5d:66:e6:a4: 7c:d5:73:fb:3a:2c:3c:9f:35:dd:66:fb:2a:01:5f: ce:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:B4:F8:75:E9:9D:35:B1:42:04:69:3E:EE:11:CA:9B:6A:AF:E4:AE X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/b8219e-346a-43b9-b823-938a73b6f7c2/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/b8219e-346a-43b9-b823-938a73b6f7c2/1/hbT4demdNbFCBGk-7hHKm2qv5K4.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.42.152.0/21 91.216.120.0/24 185.118.68.0/22 IPv6: 2a01:45c0::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 58208 Signature Algorithm: sha256WithRSAEncryption 14:68:e1:09:f6:09:db:cc:64:f9:ac:dd:46:7e:c2:37:ef:12: d9:bd:e6:33:5e:d2:55:74:b4:21:1e:87:3d:eb:24:a0:1c:81: b1:59:95:3c:63:9e:85:54:91:75:cd:7b:08:df:b4:70:9c:5d: d7:45:4d:93:8c:f0:a8:10:1b:55:e3:c5:22:67:e2:fe:f1:b4: 79:02:ab:1e:7d:59:d8:8e:3f:d7:36:db:1e:51:2a:cb:c2:12: 71:e7:8a:dd:11:e2:67:80:a3:6f:53:b5:46:0c:ec:27:dd:88: e9:76:23:b5:1d:de:5f:fc:cc:98:69:50:b5:37:d5:0a:94:01: ae:1e:31:38:95:ff:82:50:0a:e4:4d:e1:20:68:bd:fa:68:f8: a7:bb:a8:10:4e:28:62:32:06:33:c3:0a:f2:f9:8b:f9:2e:47: a8:e3:75:d2:07:3d:e9:9d:cb:9e:4b:3b:c3:64:7a:02:16:49: c3:23:34:59:e4:0d:c2:e6:21:de:5f:57:fd:a7:35:f5:bd:1e: 8c:e4:35:8e:72:75:59:7a:bf:1b:35:81:cd:fb:ef:70:98:96: e0:b6:e1:6f:0f:51:e6:62:e5:72:f9:32:0b:77:30:6d:0e:f6: 20:42:b4:45:47:78:36:5b:33:c7:2d:5d:1f:5e:1e:9b:27:29: be:60:80:e7 -----BEGIN CERTIFICATE----- MIIFrzCCBJegAwIBAgISAZw/EIxElu2at5cEqsxP7QrWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMjA4MjEwMjU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NWI0Zjg3NWU5OWQzNWIxNDIwNDY5M2VlZTExY2E5YjZhYWZlNGFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXbLhT64oxEGdYaT5TuCFTvVBHDW 344xVyZoweGFMlWFlatyPKfunprkD1+oeWeyDFptQsIl6PjY+dDb7cOyWgswzpfg /abFwh6MwBR8/GEmJahRphunz9FdOG0CwpowYckIT/kaytwDGkkvxcdSrFRT491g VWMFgFeRdSmmzpBAeocCEsBPEjNueBngq67e41kUCKlU5z9F1yCS05yktPOKLPhv YgE97Nhf45sEm/utKVbjDxUszVm4Yj3vsO5xBUVgfj7rZnTRTBZXnHv78K5+KPiA M6WhdHkvtjiSke+cjipncGLm+mT4fF1m5qR81XP7Oiw8nzXdZvsqAV/OswIDAQAB o4ICuzCCArcwHQYDVR0OBBYEFIW0+HXpnTWxQgRpPu4Ryptqr+SuMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NiL2I4MjE5 ZS0zNDZhLTQzYjktYjgyMy05MzhhNzNiNmY3YzIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2IvYjgyMTll LTM0NmEtNDNiOS1iODIzLTkzOGE3M2I2ZjdjMi8xL2hiVDRkZW1kTmJGQ0JHay03 aEhLbTJxdjVLNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF BwEHAQH/BCswKTAYBAIAATASAwQDBSqYAwQAW9h4AwQCuXZEMA0EAgACMAcDBQMq AUXAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwDjYDANBgkqhkiG9w0BAQsFAAOC AQEAFGjhCfYJ28xk+azdRn7CN+8S2b3mM17SVXS0IR6HPeskoByBsVmVPGOehVSR dc17CN+0cJxd10VNk4zwqBAbVePFImfi/vG0eQKrHn1Z2I4/1zbbHlEqy8ISceeK 3RHiZ4Cjb1O1RgzsJ92I6XYjtR3eX/zMmGlQtTfVCpQBrh4xOJX/glAK5E3hIGi9 +mj4p7uoEE4oYjIGM8MK8vmL+S5HqON10gc96Z3Lnks7w2R6AhZJwyM0WeQNwuYh 3l9X/ac19b0ejOQ1jnJ1WXq/GzWBzfvvcJiW4Lbhbw9R5mLlcvkyC3cwbQ72IEK0 RUd4Nlszxy1dH14emycpvmCA5w== -----END CERTIFICATE-----Generated at Mon Feb 9 16:48:31 2026 by rpki-client