This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/hw4qIH9pdyFKlXqOFI0fi1pc0II.cer File: hw4qIH9pdyFKlXqOFI0fi1pc0II.cer (raw, json) Hash identifier: 0LHIxQLe7vyrbdCxMv+1fj0eWrBIvtCD0IiDe7lCk4g= Subject key identifier: 87:0E:2A:20:7F:69:77:21:4A:95:7A:8E:14:8D:1F:8B:5A:5C:D0:82 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7F15FB653CD8F06A16C1E05289593683 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 14:21:45 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 213909 IP: 188.211.169.0/24 IP: 193.163.93.0/24 IP: 2a11:1f40::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:fb:65:3c:d8:f0:6a:16:c1:e0:52:89:59:36:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 14:21:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=870e2a207f6977214a957a8e148d1f8b5a5cd082 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:1c:5c:58:78:30:30:e4:80:d4:c4:5f:83:27: 1a:d1:48:38:cc:da:b3:c9:87:15:4d:7a:df:2f:24: 46:67:10:06:c2:aa:a7:19:a0:cd:0d:e8:48:79:4e: 93:fc:53:cc:8a:28:35:87:0a:d0:42:3b:05:50:25: 18:a2:b1:ea:47:26:7f:69:5a:2a:7e:d4:56:60:09: 93:69:cf:8c:c7:c7:52:66:7a:4b:da:34:0b:1c:86: 4f:46:c6:2b:11:48:da:1e:3b:0d:c3:7a:d7:ac:26: 0f:db:bd:51:0d:e1:5e:61:1d:02:69:57:ef:ab:d9: f6:05:74:ba:3d:e2:da:bb:ea:ef:06:cf:a8:41:4a: ae:8a:6b:89:f3:e9:36:23:94:36:b7:34:12:55:34: cb:7e:36:83:d5:d0:36:7f:40:73:c3:39:a2:3e:ab: 8f:dd:d0:f5:5d:fc:7f:d1:fd:f9:87:cf:3f:23:0b: 88:eb:f6:20:8e:31:76:2e:b2:53:8b:36:26:c9:fe: 19:bf:a8:34:32:06:ed:15:58:bd:07:d2:74:5b:8f: bd:eb:4c:c9:d0:bf:61:be:6b:4e:ef:67:d1:f3:21: 3a:dc:97:57:df:c1:9b:37:8b:7e:26:d1:41:c6:b2: 7b:ad:11:90:ed:c0:85:41:e8:36:62:f8:2d:0c:77: 27:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:0E:2A:20:7F:69:77:21:4A:95:7A:8E:14:8D:1F:8B:5A:5C:D0:82 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 188.211.169.0/24 193.163.93.0/24 IPv6: 2a11:1f40::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 213909 Signature Algorithm: sha256WithRSAEncryption 0a:3c:26:2b:44:fb:b0:bc:d3:6e:38:a3:ee:04:69:91:8f:17: 3e:d9:84:27:bb:11:5e:8d:7b:3a:49:a3:b2:15:80:7a:87:09: 4f:2d:1a:44:b1:69:56:13:db:4e:51:d9:8d:e3:14:76:bc:c7: e3:1a:3f:1e:6f:59:e1:3f:e2:6a:67:ad:f4:49:bc:66:63:aa: 68:0a:ca:f1:74:e7:81:82:ea:0e:33:42:7c:ff:66:bf:35:02: ab:a3:5d:bd:a2:15:a5:bd:63:3b:21:20:78:e2:c4:d1:a0:76: b7:bf:36:68:8b:64:63:69:2b:6d:8e:38:4d:b3:fd:c7:d2:43: b2:84:e0:d2:57:78:c2:11:21:c0:24:10:48:b6:59:0a:f1:1b: e0:36:22:01:f4:57:7d:f8:3d:18:dd:32:8e:9f:72:4f:e0:5f: c8:c1:24:cb:84:24:b7:82:83:86:c1:55:26:78:13:6d:0b:b3: 06:4b:64:d9:51:22:a2:1a:5a:9c:d0:2c:c2:02:54:2f:9e:7d: 30:b2:3b:08:46:7d:a0:41:9a:f0:c7:b0:39:80:33:fa:fd:93: 6f:b0:36:c9:80:b3:fc:36:af:5a:1e:cb:e9:19:ea:0a:1d:82: 25:55:16:77:d6:43:26:21:61:f9:37:73:f2:25:e4:1f:75:4f: f4:a5:1c:a0 -----BEGIN CERTIFICATE----- MIIFqTCCBJGgAwIBAgISAZt/FftlPNjwahbB4FKJWTaDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTQyMTQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NzBlMmEyMDdmNjk3NzIxNGE5NTdhOGUxNDhkMWY4YjVhNWNkMDgyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxxcWHgwMOSA1MRfgyca0Ug4zNqz yYcVTXrfLyRGZxAGwqqnGaDNDehIeU6T/FPMiig1hwrQQjsFUCUYorHqRyZ/aVoq ftRWYAmTac+Mx8dSZnpL2jQLHIZPRsYrEUjaHjsNw3rXrCYP271RDeFeYR0CaVfv q9n2BXS6PeLau+rvBs+oQUquimuJ8+k2I5Q2tzQSVTTLfjaD1dA2f0BzwzmiPquP 3dD1Xfx/0f35h88/IwuI6/YgjjF2LrJTizYmyf4Zv6g0MgbtFVi9B9J0W4+960zJ 0L9hvmtO72fR8yE63JdX38GbN4t+JtFBxrJ7rRGQ7cCFQeg2YvgtDHcnvwIDAQAB o4ICtTCCArEwHQYDVR0OBBYEFIcOKiB/aXchSpV6jhSNH4taXNCCMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FmLzQyMTE1 OC1mMGM2LTQ2MTktYWZhNS04YTk0Njg3ZGJhNmYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYvNDIxMTU4 LWYwYzYtNDYxOS1hZmE1LThhOTQ2ODdkYmE2Zi8xL2h3NHFJSDlwZHlGS2xYcU9G STBmaTFwYzBJSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF BwEHAQH/BCUwIzASBAIAATAMAwQAvNOpAwQAwaNdMA0EAgACMAcDBQMqER9AMBoG CCsGAQUFBwEIAQH/BAswCaAHMAUCAwNDlTANBgkqhkiG9w0BAQsFAAOCAQEACjwm K0T7sLzTbjij7gRpkY8XPtmEJ7sRXo17OkmjshWAeocJTy0aRLFpVhPbTlHZjeMU drzH4xo/Hm9Z4T/iamet9Em8ZmOqaArK8XTngYLqDjNCfP9mvzUCq6NdvaIVpb1j OyEgeOLE0aB2t782aItkY2krbY44TbP9x9JDsoTg0ld4whEhwCQQSLZZCvEb4DYi AfRXffg9GN0yjp9yT+BfyMEky4Qkt4KDhsFVJngTbQuzBktk2VEiohpanNAswgJU L559MLI7CEZ9oEGa8MewOYAz+v2Tb7A2yYCz/DavWh7L6RnqCh2CJVUWd9ZDJiFh +Tdz8iXkH3VP9KUcoA== -----END CERTIFICATE-----Generated at Mon Feb 9 21:04:36 2026 by rpki-client