This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/i9S8vzXbf-LvZjUipaOjl5pPH_g.cer File: i9S8vzXbf-LvZjUipaOjl5pPH_g.cer (raw, json) Hash identifier: Hj8hA1KkSk+t4nvR9k+uxJVvKkDPv9QMHaYQXp0CzoI= Subject key identifier: 8B:D4:BC:BF:35:DB:7F:E2:EF:66:35:22:A5:A3:A3:97:9A:4F:1F:F8 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7BA503AC251E0C5D356B8C05D2FC139F Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/cd/a14272-2794-4f38-9640-478ed7f8d05e/1/i9S8vzXbf-LvZjUipaOjl5pPH_g.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/cd/a14272-2794-4f38-9640-478ed7f8d05e/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 22:19:30 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 208591 IP: 45.84.208.0/22 IP: 2a0e:a180::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:03:ac:25:1e:0c:5d:35:6b:8c:05:d2:fc:13:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 22:19:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8bd4bcbf35db7fe2ef663522a5a3a3979a4f1ff8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:fd:fd:ff:b5:80:45:6d:5f:e4:ef:11:20:08: d5:fe:26:bc:3b:40:23:2a:2f:96:ca:01:5b:17:c6: 16:35:cf:24:fc:07:2e:bd:82:a0:3e:d0:2b:00:69: aa:70:95:54:bd:4c:7f:d3:2f:64:b3:9f:a7:06:67: 9b:4c:0d:be:67:08:b4:bd:6f:cb:6f:75:96:11:d8: cf:8f:36:24:e8:3d:f7:5f:8d:50:9d:98:1a:ef:84: aa:25:29:76:6b:95:1d:b1:f3:2f:e7:e8:b1:5e:36: 2b:eb:2b:64:dd:c8:31:f5:1f:ef:4d:f3:e2:28:f3: 52:59:ba:55:a8:14:30:eb:1e:90:05:0e:08:18:d6: 24:8c:ae:05:6d:ed:5d:1d:58:9d:03:42:33:20:71: 62:cc:57:23:1e:f0:b2:cb:db:97:a7:66:7b:a1:ec: d5:3a:42:b8:29:62:2d:d6:da:ed:83:60:6b:02:19: e4:48:dd:c7:e1:35:c0:ee:f2:60:75:55:2a:69:84: 20:5d:8e:fb:4a:4a:6b:6f:dd:01:bf:c6:84:fc:c7: fe:8d:48:98:6d:4d:8c:72:9a:8f:bc:d2:cb:49:16: c5:b7:0c:bf:2c:84:1f:16:1d:40:79:2b:92:f8:be: 06:f7:46:ab:62:b5:79:d1:70:0d:69:dc:b1:94:ff: aa:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:D4:BC:BF:35:DB:7F:E2:EF:66:35:22:A5:A3:A3:97:9A:4F:1F:F8 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a14272-2794-4f38-9640-478ed7f8d05e/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a14272-2794-4f38-9640-478ed7f8d05e/1/i9S8vzXbf-LvZjUipaOjl5pPH_g.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.84.208.0/22 IPv6: 2a0e:a180::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 208591 Signature Algorithm: sha256WithRSAEncryption 9f:7c:e0:29:4e:33:07:e0:6b:f3:47:50:a4:44:66:4f:27:6a: 43:ae:91:74:88:ab:6c:c9:87:ff:15:cb:70:2d:42:6d:c6:8f: 4d:b8:a8:b7:c4:6a:01:21:f9:84:d3:47:0f:80:a2:75:a5:89: 30:13:0c:a0:22:75:40:50:6c:c7:6a:ac:d1:f7:c2:75:0a:3e: 18:3e:9b:9c:11:5d:90:d9:08:a2:46:82:1e:9d:de:39:ed:7a: 6f:d6:66:7f:65:b9:b1:ef:08:7d:8e:ca:9e:14:c9:92:6b:61: 4a:e7:19:91:69:8b:ad:03:28:21:cf:40:39:45:ce:d0:fa:61: 2c:03:a0:1e:76:53:fe:61:74:9c:c6:3d:79:a1:f4:48:4e:2f: 17:9f:5d:50:34:ed:42:19:b7:62:39:33:49:4a:12:6a:fa:a9: 85:f4:bf:d4:0f:2a:9c:44:f0:35:bd:c5:34:79:56:8a:6c:31: 97:f3:4f:2d:e4:5d:22:33:a0:f2:76:4d:45:5f:2c:1a:b4:65: 35:91:b7:85:ac:dc:f1:68:7b:7d:d3:37:37:e2:bc:a9:de:c7: 75:55:44:cd:f9:65:a0:6a:e2:64:3e:ea:30:49:27:cd:48:a5: 71:6d:d6:65:a5:68:d8:1d:29:f2:06:54:45:35:9c:ba:b9:66: 4d:f8:f9:e4 -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt7pQOsJR4MXTVrjAXS/BOfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjIxOTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YmQ0YmNiZjM1ZGI3ZmUyZWY2NjM1MjJhNWEzYTM5NzlhNGYxZmY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuv39/7WARW1f5O8RIAjV/ia8O0Aj Ki+WygFbF8YWNc8k/AcuvYKgPtArAGmqcJVUvUx/0y9ks5+nBmebTA2+Zwi0vW/L b3WWEdjPjzYk6D33X41QnZga74SqJSl2a5UdsfMv5+ixXjYr6ytk3cgx9R/vTfPi KPNSWbpVqBQw6x6QBQ4IGNYkjK4Fbe1dHVidA0IzIHFizFcjHvCyy9uXp2Z7oezV OkK4KWIt1trtg2BrAhnkSN3H4TXA7vJgdVUqaYQgXY77Skprb90Bv8aE/Mf+jUiY bU2McpqPvNLLSRbFtwy/LIQfFh1AeSuS+L4G90arYrV50XANadyxlP+q4QIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFIvUvL8123/i72Y1IqWjo5eaTx/4MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NkL2ExNDI3 Mi0yNzk0LTRmMzgtOTY0MC00NzhlZDdmOGQwNWUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2QvYTE0Mjcy LTI3OTQtNGYzOC05NjQwLTQ3OGVkN2Y4ZDA1ZS8xL2k5Uzh2elhiZi1MdlpqVWlw YU9qbDVwUEhfZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCLVTQMA0EAgACMAcDBQMqDqGAMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwMuzzANBgkqhkiG9w0BAQsFAAOCAQEAn3zgKU4zB+Br 80dQpERmTydqQ66RdIirbMmH/xXLcC1CbcaPTbiot8RqASH5hNNHD4CidaWJMBMM oCJ1QFBsx2qs0ffCdQo+GD6bnBFdkNkIokaCHp3eOe16b9Zmf2W5se8IfY7KnhTJ kmthSucZkWmLrQMoIc9AOUXO0PphLAOgHnZT/mF0nMY9eaH0SE4vF59dUDTtQhm3 YjkzSUoSavqphfS/1A8qnETwNb3FNHlWimwxl/NPLeRdIjOg8nZNRV8sGrRlNZG3 hazc8Wh7fdM3N+K8qd7HdVVEzflloGriZD7qMEknzUilcW3WZaVo2B0p8gZURTWc urlmTfj55A== -----END CERTIFICATE-----Generated at Mon Feb 9 18:27:27 2026 by rpki-client