This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/hduDqDZaYER28oLSTTJ60e8P3lI.cer File: hduDqDZaYER28oLSTTJ60e8P3lI.cer (raw, json) Hash identifier: mDiL7ptkMUCpiTiv2415bdj1QoLr7/ws1zuhJTo8RdI= Subject key identifier: 85:DB:83:A8:36:5A:60:44:76:F2:82:D2:4D:32:7A:D1:EF:0F:DE:52 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7D5D37ACAB8B542A5C7F0D54F89ADE4C Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/0e/2c8f08-e599-44f3-bbc1-8cbef913e342/1/hduDqDZaYER28oLSTTJ60e8P3lI.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/0e/2c8f08-e599-44f3-bbc1-8cbef913e342/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 06:20:19 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 41153 AS: 44187 AS: 60402 IP: 46.226.232.0/21 IP: 87.237.24.0/21 IP: 91.215.4.0/22 IP: 185.25.80.0/22 IP: 185.199.188.0/22 IP: 185.199.232.0/22 IP: 194.140.246.0/24 IP: 213.5.232.0/22 IP: 2a00:c600::/29 IP: 2a09:8d40::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:37:ac:ab:8b:54:2a:5c:7f:0d:54:f8:9a:de:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 06:20:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=85db83a8365a604476f282d24d327ad1ef0fde52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:3a:bf:21:43:26:56:a6:0a:05:1e:7c:c2:ba: ac:5f:54:f0:3f:3f:5e:73:fd:4e:eb:97:8a:45:b7: 8a:06:53:20:9c:ae:d8:c3:52:b8:0c:19:73:af:86: 15:d0:f3:7f:5a:8f:d6:23:5e:1e:c0:ec:5c:e1:91: f3:e4:78:e0:4f:12:be:e7:dd:89:ca:9a:58:06:31: b7:f0:c9:e4:72:a8:61:7d:c9:f5:3c:97:fd:af:db: 9f:61:93:57:d6:d3:84:9d:9e:8b:f0:18:7f:40:c6: b1:e7:76:4a:23:3f:b5:80:c0:77:00:2a:1a:d3:21: c3:a5:bc:5f:68:dd:a3:9a:21:a1:d4:a5:b7:03:26: c7:90:b9:2f:1c:99:2c:09:45:54:8a:9e:65:a9:0d: e4:bf:0f:d6:e0:e6:7e:5c:65:41:5a:27:f2:5f:cc: 7f:4e:43:c4:b1:46:b0:0f:be:c2:50:f2:4b:4d:96: 44:df:78:ca:44:f9:fe:6b:09:cc:ef:e2:bd:b7:2f: 1c:ec:69:0a:58:b4:b1:4c:68:00:ac:cd:4c:0c:0e: 85:44:33:23:89:d2:59:5c:d1:43:6e:1f:7c:e4:cf: cf:4f:8e:f0:5e:fd:40:17:e4:74:a7:aa:af:b8:9c: 40:7f:1e:58:7d:df:ef:a1:f2:9b:8f:0c:36:e8:94: 06:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:DB:83:A8:36:5A:60:44:76:F2:82:D2:4D:32:7A:D1:EF:0F:DE:52 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/2c8f08-e599-44f3-bbc1-8cbef913e342/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/2c8f08-e599-44f3-bbc1-8cbef913e342/1/hduDqDZaYER28oLSTTJ60e8P3lI.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.226.232.0/21 87.237.24.0/21 91.215.4.0/22 185.25.80.0/22 185.199.188.0/22 185.199.232.0/22 194.140.246.0/24 213.5.232.0/22 IPv6: 2a00:c600::/29 2a09:8d40::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 41153 44187 60402 Signature Algorithm: sha256WithRSAEncryption 44:e9:8c:6b:71:38:6d:d2:5c:e8:96:70:79:e4:da:da:60:10: 5a:42:6a:c3:8f:4b:ba:fa:bb:78:fc:66:21:57:63:b9:89:9e: 0e:f0:39:ca:3e:28:d9:16:64:23:cd:86:53:3f:fa:47:86:93: 1f:b3:9a:8a:60:c1:8f:6b:ee:9e:6f:88:e8:44:f8:e0:74:cd: 3c:a5:ee:db:3e:35:9b:f3:35:e6:25:a9:16:42:70:25:0a:d9: ff:dc:c8:5c:7e:3c:bb:c9:82:7b:6c:d3:72:29:c2:6f:5f:6d: 5d:a9:a8:34:62:1b:ef:09:d7:c1:03:f2:17:6d:ff:ea:9a:4c: 17:9d:d3:3c:79:ae:d5:70:aa:1e:0f:9a:88:20:66:80:71:d9: e1:ef:fc:ec:44:81:fb:6f:f2:6f:ac:e9:60:ad:61:b7:5d:f9: c8:98:25:90:3f:22:e8:ef:81:62:f7:e5:48:dd:ee:f8:76:6b: e6:80:7b:45:eb:a9:0e:12:92:76:ab:f9:38:15:39:06:4e:e2: 30:ec:e1:59:fe:ad:bb:22:8e:9a:56:44:7f:74:99:2c:f9:b9: a6:35:7e:91:e4:54:1d:17:d5:7b:b4:4b:28:4a:54:17:89:66: 59:3d:80:14:f5:d9:3c:c5:90:0b:97:74:7f:f7:72:0f:80:44: 64:27:f2:8e -----BEGIN CERTIFICATE----- MIIF3jCCBMagAwIBAgISAZt9XTesq4tUKlx/DVT4mt5MMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDYyMDE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NWRiODNhODM2NWE2MDQ0NzZmMjgyZDI0ZDMyN2FkMWVmMGZkZTUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTq/IUMmVqYKBR58wrqsX1TwPz9e c/1O65eKRbeKBlMgnK7Yw1K4DBlzr4YV0PN/Wo/WI14ewOxc4ZHz5HjgTxK+592J yppYBjG38Mnkcqhhfcn1PJf9r9ufYZNX1tOEnZ6L8Bh/QMax53ZKIz+1gMB3ACoa 0yHDpbxfaN2jmiGh1KW3AybHkLkvHJksCUVUip5lqQ3kvw/W4OZ+XGVBWifyX8x/ TkPEsUawD77CUPJLTZZE33jKRPn+awnM7+K9ty8c7GkKWLSxTGgArM1MDA6FRDMj idJZXNFDbh985M/PT47wXv1AF+R0p6qvuJxAfx5Yfd/vofKbjww26JQGzwIDAQAB o4IC6jCCAuYwHQYDVR0OBBYEFIXbg6g2WmBEdvKC0k0yetHvD95SMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBlLzJjOGYw OC1lNTk5LTQ0ZjMtYmJjMS04Y2JlZjkxM2UzNDIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUvMmM4ZjA4 LWU1OTktNDRmMy1iYmMxLThjYmVmOTEzZTM0Mi8xL2hkdURxRFphWUVSMjhvTFNU VEo2MGU4UDNsSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF8GCCsGAQUF BwEHAQH/BFAwTjA2BAIAATAwAwQDLuLoAwQDV+0YAwQCW9cEAwQCuRlQAwQCuce8 AwQCucfoAwQAwoz2AwQC1QXoMBQEAgACMA4DBQMqAMYAAwUDKgmNQDAkBggrBgEF BQcBCAEB/wQVMBOgETAPAgMAoMECAwCsmwIDAOvyMA0GCSqGSIb3DQEBCwUAA4IB AQBE6YxrcTht0lzolnB55NraYBBaQmrDj0u6+rt4/GYhV2O5iZ4O8DnKPijZFmQj zYZTP/pHhpMfs5qKYMGPa+6eb4joRPjgdM08pe7bPjWb8zXmJakWQnAlCtn/3Mhc fjy7yYJ7bNNyKcJvX21dqag0YhvvCdfBA/IXbf/qmkwXndM8ea7VcKoeD5qIIGaA cdnh7/zsRIH7b/JvrOlgrWG3XfnImCWQPyLo74Fi9+VI3e74dmvmgHtF66kOEpJ2 q/k4FTkGTuIw7OFZ/q27Io6aVkR/dJks+bmmNX6R5FQdF9V7tEsoSlQXiWZZPYAU 9dk8xZALl3R/93IPgERkJ/KO -----END CERTIFICATE-----Generated at Mon Jan 26 21:07:40 2026 by rpki-client