This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer File: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer (raw, json) Hash identifier: vy5vUgiTpJdf+zrs9a/cCFxj0M6dA1aYIdk542DAjwU= Subject key identifier: 86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7834A206C5257EADBD34B5AD065084ED Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 06:17:53 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 38924 IP: 95.87.0.0/18 IP: 2a00:fc40::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:a2:06:c5:25:7e:ad:bd:34:b5:ad:06:50:84:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 06:17:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=864abd435f899d570a8e5fb83bdad1153455dee0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:2c:f1:57:d4:21:79:cf:f8:9c:bd:af:ea:04: 24:bd:34:4a:90:8c:69:ee:59:36:18:af:c2:14:67: 23:35:e2:9a:f0:8e:64:a4:8e:7c:7c:d2:18:c7:46: 0a:93:2b:83:22:40:dd:d0:be:2b:0c:e2:ea:aa:9c: 5a:67:51:f6:43:84:1c:d5:12:9f:d6:04:1f:76:2e: d9:7a:d3:72:89:5c:1a:56:9f:09:6c:ae:8b:4d:6f: c1:3f:e4:df:80:24:f4:30:e6:3c:e5:fc:7e:52:28: 89:62:8e:5c:7f:69:0c:c7:07:5e:55:b7:cc:0f:f9: 11:df:29:65:e3:71:d9:b1:c4:63:cd:27:80:91:ab: 9e:3f:10:af:33:e0:80:1c:19:07:d5:83:31:87:c0: f3:60:47:c9:ae:b2:2d:1b:24:4a:88:cd:8e:44:94: d3:db:c3:d4:80:52:b7:18:15:b5:7f:0d:ce:1c:ba: 95:99:61:e7:bb:f2:04:c4:fc:7d:3b:c3:54:8b:72: 9f:2c:f8:56:b1:f0:34:0d:45:fd:4b:6c:da:93:d0: d0:ac:2e:ff:c2:68:71:1a:bc:43:ec:f0:d5:a9:3a: 9f:3e:ea:49:cc:2d:c9:4c:57:cd:46:d5:03:e7:43: c4:5a:53:59:de:07:e6:5a:b3:8d:76:58:db:39:72: f4:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 95.87.0.0/18 IPv6: 2a00:fc40::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 38924 Signature Algorithm: sha256WithRSAEncryption 31:0b:2f:98:09:9f:ef:06:55:3b:15:71:d7:d0:91:66:34:fc: b3:5c:1f:86:5b:d4:66:d7:92:a2:29:3f:8f:ab:ef:b0:0e:d8: 2c:90:63:14:2b:c3:86:d5:6a:f6:e4:30:ac:68:d8:51:c6:17: 24:31:a2:d3:ae:d0:e7:e7:68:28:95:88:40:31:df:a0:ac:2b: a3:52:17:94:f9:54:2b:36:8c:8f:9d:af:cb:c1:e0:c5:69:b1: b8:b9:0e:90:fe:52:cb:8f:a2:13:40:30:33:ee:53:17:13:4e: 0a:2f:68:8e:51:d6:80:d7:6a:e5:6a:b3:c9:40:c0:3c:98:09: 78:4f:af:cb:b5:a1:72:70:e0:24:71:97:5b:ee:ac:92:b2:9e: b9:0d:77:d6:04:64:c7:d4:67:ca:e2:56:7e:c8:b4:1a:1b:b8: b3:91:68:2a:be:3c:cf:45:a1:c6:40:b9:94:fd:2d:e9:29:6b: 6e:42:6d:97:9d:88:f7:60:22:ec:da:85:76:a6:21:c9:8f:8d: 93:a6:21:ff:79:d4:be:33:78:77:8c:36:f6:6d:72:c0:70:d7: cb:0b:70:a1:34:60:f3:04:e9:36:a2:de:2a:6e:14:11:82:c7: 49:24:4e:4c:c1:22:03:ec:9d:da:ae:02:5e:74:93:86:8d:9c: 51:fb:fc:37 -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt4NKIGxSV+rb00ta0GUITtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDYxNzUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NjRhYmQ0MzVmODk5ZDU3MGE4ZTVmYjgzYmRhZDExNTM0NTVkZWUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCzxV9Qhec/4nL2v6gQkvTRKkIxp 7lk2GK/CFGcjNeKa8I5kpI58fNIYx0YKkyuDIkDd0L4rDOLqqpxaZ1H2Q4Qc1RKf 1gQfdi7ZetNyiVwaVp8JbK6LTW/BP+TfgCT0MOY85fx+UiiJYo5cf2kMxwdeVbfM D/kR3yll43HZscRjzSeAkauePxCvM+CAHBkH1YMxh8DzYEfJrrItGyRKiM2ORJTT 28PUgFK3GBW1fw3OHLqVmWHnu/IExPx9O8NUi3KfLPhWsfA0DUX9S2zak9DQrC7/ wmhxGrxD7PDVqTqfPupJzC3JTFfNRtUD50PEWlNZ3gfmWrONdljbOXL0tQIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFIZKvUNfiZ1XCo5fuDva0RU0Vd7gMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJhLzNmMTMz Zi0xYzgxLTRhNGItYTI1NS0zZTM2NDY1OTFhYTAvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEvM2YxMzNm LTFjODEtNGE0Yi1hMjU1LTNlMzY0NjU5MWFhMC8xL2hrcTlRMS1KblZjS2psLTRP OXJSRlRSVjN1QS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQGX1cAMA0EAgACMAcDBQAqAPxAMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwCYDDANBgkqhkiG9w0BAQsFAAOCAQEAMQsvmAmf7wZV OxVx19CRZjT8s1wfhlvUZteSoik/j6vvsA7YLJBjFCvDhtVq9uQwrGjYUcYXJDGi 067Q5+doKJWIQDHfoKwro1IXlPlUKzaMj52vy8HgxWmxuLkOkP5Sy4+iE0AwM+5T FxNOCi9ojlHWgNdq5WqzyUDAPJgJeE+vy7WhcnDgJHGXW+6skrKeuQ131gRkx9Rn yuJWfsi0Ghu4s5FoKr48z0WhxkC5lP0t6SlrbkJtl52I92Ai7NqFdqYhyY+Nk6Yh /3nUvjN4d4w29m1ywHDXywtwoTRg8wTpNqLeKm4UEYLHSSROTMEiA+yd2q4CXnST ho2cUfv8Nw== -----END CERTIFICATE-----Generated at Mon Feb 9 15:13:09 2026 by rpki-client