This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer File: hwxYmk8iqcov-ZtMSPi99JKHFyU.cer (raw, json) Hash identifier: o1DlBIZmKp0UexSZcpD9XXKueE5zbMv3Y/Du1UHG6dI= Subject key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B79EBD48B57792FC9872871B67C6B3139 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 14:17:37 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 1901 AS: 5423 -- 5424 AS: 8333 AS: 8447 AS: 8562 AS: 12382 AS: 12547 AS: 12656 AS: 12793 AS: 15824 AS: 16305 AS: 21285 AS: 25382 AS: 28834 AS: 41351 IP: 37.44.220.0/22 IP: 46.74.0.0/15 IP: 46.206.0.0/15 IP: 62.46.0.0/15 IP: 62.116.32.0/19 IP: 80.75.32.0/19 IP: 80.89.96.0/20 IP: 80.120.0.0/14 IP: 80.240.224.0/20 IP: 81.5.192.0/18 IP: 84.20.160.0/19 IP: 85.90.128.0/19 IP: 88.116.0.0/15 IP: 89.144.192.0/18 IP: 90.152.128.0/17 IP: 91.112.0.0/14 IP: 92.248.0.0/17 IP: 93.82.0.0/15 IP: 93.111.0.0/16 IP: 176.66.0.0/16 IP: 178.188.0.0/14 IP: 185.157.248.0/22 IP: 188.20.0.0/14 IP: 188.45.0.0/16 IP: 192.164.0.0 -- 192.164.37.255 IP: 192.164.39.0 -- 192.164.71.255 IP: 192.164.80.0 -- 192.164.159.255 IP: 192.164.208.0 -- 192.164.255.255 IP: 193.80.0.0/15 IP: 193.83.0.0/16 IP: 193.104.65.0/24 IP: 193.154.0.0/16 IP: 193.187.212.0 -- 193.187.243.255 IP: 194.48.124.0 -- 194.48.139.255 IP: 194.96.0.0/16 IP: 194.118.0.0/16 IP: 194.152.96.0/19 IP: 194.152.160.0/19 IP: 194.166.0.0/16 IP: 195.3.64.0/18 IP: 195.64.0.0/19 IP: 195.80.234.0/24 IP: 195.82.224.0/19 IP: 195.170.64.0/19 IP: 195.200.197.0/24 IP: 195.230.32.0/19 IP: 195.250.32.0/24 IP: 212.16.32.0/19 IP: 212.60.160.0/19 IP: 212.88.0.0/19 IP: 212.88.160.0/19 IP: 212.124.128.0/19 IP: 212.183.0.0/17 IP: 212.197.128.0/18 IP: 213.33.0.0/17 IP: 213.147.160.0/19 IP: 213.157.128.0/19 IP: 213.225.0.0/18 IP: 213.240.64.0/18 IP: 217.76.160.0/20 IP: 217.149.160.0/20 IP: 2001:850::/29 IP: 2001:870::/29 IP: 2001:890::/29 IP: 2001:4bb8::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:eb:d4:8b:57:79:2f:c9:87:28:71:b6:7c:6b:31:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 14:17:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:a5:d5:ae:ea:55:1c:6c:36:45:af:42:dc:2c: f4:01:2f:c4:87:80:40:2e:c5:d1:36:c4:a9:bd:63: 0d:d8:22:17:ca:af:8f:1b:48:47:db:8f:c6:e4:b9: c8:6e:94:8f:d6:a6:51:df:a0:66:23:e7:25:a4:4b: f0:86:3c:da:ed:e2:61:66:ee:7c:c8:6b:9d:1a:22: 7e:40:a2:a7:41:aa:bb:c6:45:52:49:76:5d:1d:b0: 7c:a4:88:bf:0a:7e:b6:b9:70:3a:6a:dc:d9:af:df: a5:ce:1b:d5:61:97:0c:1f:e0:45:9f:fe:2a:08:7f: 69:f6:f3:90:c9:5b:49:6f:ef:41:9e:fc:38:82:81: 35:75:39:62:b0:bc:a0:07:4d:13:29:5a:1d:0b:d4: 81:18:10:64:b0:97:94:4b:c6:d2:e3:76:fe:71:03: d8:68:ac:f6:6c:4e:c3:04:42:4b:4a:63:34:b3:24: a3:7d:89:59:c0:34:eb:03:9a:9b:00:1d:48:6c:c9: 01:8a:83:1a:37:16:ba:4e:a0:65:91:88:82:44:48: c3:96:f9:71:e6:52:fd:22:dd:68:92:1c:46:8d:95: 6e:3e:0f:a8:28:13:ed:83:bf:c8:a9:c9:d0:ee:b3: db:0f:34:5a:0e:b5:4c:ff:3c:c6:2b:7c:c0:d7:31: 0b:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.44.220.0/22 46.74.0.0/15 46.206.0.0/15 62.46.0.0/15 62.116.32.0/19 80.75.32.0/19 80.89.96.0/20 80.120.0.0/14 80.240.224.0/20 81.5.192.0/18 84.20.160.0/19 85.90.128.0/19 88.116.0.0/15 89.144.192.0/18 90.152.128.0/17 91.112.0.0/14 92.248.0.0/17 93.82.0.0/15 93.111.0.0/16 176.66.0.0/16 178.188.0.0/14 185.157.248.0/22 188.20.0.0/14 188.45.0.0/16 192.164.0.0-192.164.37.255 192.164.39.0-192.164.71.255 192.164.80.0-192.164.159.255 192.164.208.0-192.164.255.255 193.80.0.0/15 193.83.0.0/16 193.104.65.0/24 193.154.0.0/16 193.187.212.0-193.187.243.255 194.48.124.0-194.48.139.255 194.96.0.0/16 194.118.0.0/16 194.152.96.0/19 194.152.160.0/19 194.166.0.0/16 195.3.64.0/18 195.64.0.0/19 195.80.234.0/24 195.82.224.0/19 195.170.64.0/19 195.200.197.0/24 195.230.32.0/19 195.250.32.0/24 212.16.32.0/19 212.60.160.0/19 212.88.0.0/19 212.88.160.0/19 212.124.128.0/19 212.183.0.0/17 212.197.128.0/18 213.33.0.0/17 213.147.160.0/19 213.157.128.0/19 213.225.0.0/18 213.240.64.0/18 217.76.160.0/20 217.149.160.0/20 IPv6: 2001:850::/29 2001:870::/29 2001:890::/29 2001:4bb8::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 1901 5423-5424 8333 8447 8562 12382 12547 12656 12793 15824 16305 21285 25382 28834 41351 Signature Algorithm: sha256WithRSAEncryption 86:5b:40:38:1e:0f:3b:b8:a7:a0:cc:1e:75:45:7c:c0:68:da: ac:b9:38:bb:e9:84:77:73:46:af:e9:e7:78:a0:26:d1:9b:5e: 37:70:e0:10:6e:b6:93:b5:de:89:14:51:ea:df:23:a2:98:49: bd:81:fb:07:f4:93:55:27:01:3d:a3:d1:22:69:28:4c:2c:09: 84:ec:b1:9f:39:56:79:5f:3d:c8:68:20:f4:58:d5:31:90:72: d0:f0:d7:52:f2:33:ea:c0:a2:b1:bd:77:7d:5e:29:92:3e:48: 47:fe:d3:a5:35:ec:f3:f7:e1:61:ea:c0:16:0c:da:b6:90:55: e2:db:14:d3:ce:77:46:c2:cb:70:b3:1f:86:d6:c1:1b:5d:79: eb:47:f5:8c:15:3b:e6:f6:d8:4b:05:6c:63:17:b8:9f:d4:a8: 2b:7b:c4:04:0d:7b:d5:3a:36:6a:7a:0a:8c:6d:d0:4c:cf:c0: 33:eb:c9:9d:99:15:37:6e:2c:86:89:92:50:0d:1c:82:d5:50: d3:d8:70:97:5e:5e:a9:2c:1c:cc:bf:d6:7a:23:90:1d:59:30: 06:c3:f7:11:82:f0:6d:a5:df:56:48:eb:5c:28:45:dd:19:68: 3d:13:4b:91:44:41:f9:7f:3e:a7:dd:73:54:fa:ca:4c:ff:57: 7e:a6:8a:35 -----BEGIN CERTIFICATE----- MIIHhDCCBmygAwIBAgISAZt569SLV3kvyYcocbZ8azE5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTQxNzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NzBjNTg5YTRmMjJhOWNhMmZmOTliNGM0OGY4YmRmNDkyODcxNzI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2aXVrupVHGw2Ra9C3Cz0AS/Eh4BA LsXRNsSpvWMN2CIXyq+PG0hH24/G5LnIbpSP1qZR36BmI+clpEvwhjza7eJhZu58 yGudGiJ+QKKnQaq7xkVSSXZdHbB8pIi/Cn62uXA6atzZr9+lzhvVYZcMH+BFn/4q CH9p9vOQyVtJb+9Bnvw4goE1dTlisLygB00TKVodC9SBGBBksJeUS8bS43b+cQPY aKz2bE7DBEJLSmM0sySjfYlZwDTrA5qbAB1IbMkBioMaNxa6TqBlkYiCREjDlvlx 5lL9It1okhxGjZVuPg+oKBPtg7/IqcnQ7rPbDzRaDrVM/zzGK3zA1zELDwIDAQAB o4IEkDCCBIwwHQYDVR0OBBYEFIcMWJpPIqnKL/mbTEj4vfSShxclMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FkL2Y1MDVi NS0wZTQ2LTRiM2YtYmYxYi04NDlkM2E2YjljMmQvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWQvZjUwNWI1 LTBlNDYtNGIzZi1iZjFiLTg0OWQzYTZiOWMyZC8xL2h3eFltazhpcWNvdi1adE1T UGk5OUpLSEZ5VS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBzwYIKwYB BQUHAQcBAf8EggG+MIIBujCCAZIEAgABMIIBigMEAiUs3AMDAS5KAwMBLs4DAwE+ LgMEBT50IAMEBVBLIAMEBFBZYAMDAlB4AwQEUPDgAwQGUQXAAwQFVBSgAwQFVVqA AwMBWHQDBAZZkMADBAdamIADAwJbcAMEB1z4AAMDAV1SAwMAXW8DAwCwQgMDArK8 AwQCuZ34AwMCvBQDAwC8LTALAwMCwKQDBAHApCQwDAMEAMCkJwMEA8CkQDAMAwQE wKRQAwQFwKSAMAsDBATApNADAwDApAMDAcFQAwMAwVMDBADBaEEDAwDBmjAMAwQC wbvUAwQCwbvwMAwDBALCMHwDBALCMIgDAwDCYAMDAMJ2AwQFwphgAwQFwpigAwMA wqYDBAbDA0ADBAXDQAADBADDUOoDBAXDUuADBAXDqkADBADDyMUDBAXD5iADBADD +iADBAXUECADBAXUPKADBAXUWAADBAXUWKADBAXUfIADBAfUtwADBAbUxYADBAfV IQADBAXVk6ADBAXVnYADBAbV4QADBAbV8EADBATZTKADBATZlaAwIgQCAAIwHAMF AyABCFADBQMgAQhwAwUDIAEIkAMFAyABS7gwWAYIKwYBBQUHAQgBAf8ESTBHoEUw QwICB20wCAICFS8CAhUwAgIgjQICIP8CAiFyAgIwXgICMQMCAjFwAgIx+QICPdAC Aj+xAgJTJQICYyYCAnCiAgMAoYcwDQYJKoZIhvcNAQELBQADggEBAIZbQDgeDzu4 p6DMHnVFfMBo2qy5OLvphHdzRq/p53igJtGbXjdw4BButpO13okUUerfI6KYSb2B +wf0k1UnAT2j0SJpKEwsCYTssZ85VnlfPchoIPRY1TGQctDw11LyM+rAorG9d31e KZI+SEf+06U17PP34WHqwBYM2raQVeLbFNPOd0bCy3CzH4bWwRtdeetH9YwVO+b2 2EsFbGMXuJ/UqCt7xAQNe9U6Nmp6Coxt0EzPwDPryZ2ZFTduLIaJklANHILVUNPY cJdeXqksHMy/1nojkB1ZMAbD9xGC8G2l31ZI61woRd0ZaD0TS5FEQfl/Pqfdc1T6 ykz/V36mijU= -----END CERTIFICATE-----Generated at Tue Jan 27 02:52:36 2026 by rpki-client