This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/icPJKk4dT-iFcr-mjJhcMeM2jII.cer File: icPJKk4dT-iFcr-mjJhcMeM2jII.cer (raw, json) Hash identifier: iSHDRrcSo5X2rw2d5cJVoR3/A6801pGA23vBGRiem3s= Subject key identifier: 89:C3:C9:2A:4E:1D:4F:E8:85:72:BF:A6:8C:98:5C:31:E3:36:8C:82 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7F15B03F8A00C5247A9D4FA9DB06CCF4 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/0e/c33905-ecc5-44b7-8146-e91ff5fe6c26/1/icPJKk4dT-iFcr-mjJhcMeM2jII.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/0e/c33905-ecc5-44b7-8146-e91ff5fe6c26/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 14:21:26 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 199302 IP: 2001:67c:150c::/48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:b0:3f:8a:00:c5:24:7a:9d:4f:a9:db:06:cc:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 14:21:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=89c3c92a4e1d4fe88572bfa68c985c31e3368c82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:6d:9a:b5:b3:8d:e6:c6:d4:f8:a9:d0:80:8f: 17:50:1b:19:a2:f0:84:24:d3:6e:10:cb:58:45:f1: 54:64:da:29:79:78:8c:0b:30:48:66:30:b3:32:45: ec:a9:e5:84:cf:e4:bc:82:c0:dd:b5:e9:2e:ad:15: 3c:f1:2d:fc:13:dd:3e:c8:75:8d:2d:54:7a:5c:9a: ac:c4:39:82:8c:12:d9:21:2e:c9:e1:f8:67:50:68: 6a:73:63:e0:9e:eb:b6:3d:22:19:06:e5:f5:ba:b2: 53:b4:52:42:c3:51:69:5d:ab:31:be:c3:60:b1:2a: 4d:d3:0e:61:4a:95:a5:e7:a3:fe:72:1c:3c:08:a1: a1:f3:78:95:4d:54:f6:48:00:4d:f3:c3:46:e8:3f: 75:b2:29:82:74:e6:b6:81:35:cd:f5:de:52:43:4d: 64:42:00:46:0a:95:68:58:17:05:73:30:77:66:16: a8:b9:10:ba:f0:f9:fb:0e:bc:52:f4:f9:2a:d3:33: 4c:be:30:9f:3e:8d:58:49:ae:75:e8:7f:16:7d:e9: ae:d4:04:6c:76:30:95:f0:d6:30:f6:bb:43:7a:04: b6:09:61:95:bc:3e:99:be:22:35:ab:4b:e1:23:07: d7:0e:78:5c:3e:91:c6:e2:a3:0b:ee:a3:35:51:cf: 38:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:C3:C9:2A:4E:1D:4F:E8:85:72:BF:A6:8C:98:5C:31:E3:36:8C:82 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/c33905-ecc5-44b7-8146-e91ff5fe6c26/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/c33905-ecc5-44b7-8146-e91ff5fe6c26/1/icPJKk4dT-iFcr-mjJhcMeM2jII.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:150c::/48 sbgp-autonomousSysNum: critical Autonomous System Numbers: 199302 Signature Algorithm: sha256WithRSAEncryption 42:0b:ad:4e:ea:ad:b9:cd:44:12:c2:a8:f8:33:26:79:af:78: e2:00:7d:0e:26:4f:42:18:2d:70:31:4e:52:94:df:e4:3c:c0: 3d:7d:0a:1c:e2:f4:33:6e:7f:25:c5:5c:a6:a8:e7:7d:c9:f2: 26:bb:e1:10:b9:d0:1b:00:8a:57:ad:1f:67:e9:32:e6:7a:72: 00:cc:f1:5b:4d:2c:d0:bc:3b:3e:78:06:07:b2:f0:aa:09:94: 8f:d3:cd:a7:fd:9b:e5:e7:71:d9:93:fc:23:ef:95:c1:58:35: 76:5b:cb:e4:cd:f6:d1:d2:94:db:05:65:13:46:9c:d9:a0:e7: 2e:4f:4b:4c:b2:b7:d5:4e:0d:38:ee:e0:88:32:7f:e3:ed:6d: ab:95:de:8d:c2:68:99:b7:20:d3:31:b8:13:ea:42:b1:38:e2: ec:d7:66:7e:26:00:de:b0:1a:44:fd:c9:79:7c:07:73:27:64: a3:99:f7:3c:aa:66:ad:f2:f5:c6:8b:00:9e:92:75:13:e4:63: bd:b7:2e:42:d6:c4:27:73:4e:45:88:b3:5c:14:01:e4:78:26: cc:84:72:a9:02:da:90:98:1f:b9:3a:ef:93:82:a9:37:19:1c: e0:f2:b0:ad:83:ac:da:41:1b:d1:67:7d:d7:75:ef:cf:31:8a: e0:77:bd:67 -----BEGIN CERTIFICATE----- MIIFlzCCBH+gAwIBAgISAZt/FbA/igDFJHqdT6nbBsz0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTQyMTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4OWMzYzkyYTRlMWQ0ZmU4ODU3MmJmYTY4Yzk4NWMzMWUzMzY4YzgyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArm2atbON5sbU+KnQgI8XUBsZovCE JNNuEMtYRfFUZNopeXiMCzBIZjCzMkXsqeWEz+S8gsDdtekurRU88S38E90+yHWN LVR6XJqsxDmCjBLZIS7J4fhnUGhqc2Pgnuu2PSIZBuX1urJTtFJCw1FpXasxvsNg sSpN0w5hSpWl56P+chw8CKGh83iVTVT2SABN88NG6D91simCdOa2gTXN9d5SQ01k QgBGCpVoWBcFczB3ZhaouRC68Pn7DrxS9Pkq0zNMvjCfPo1YSa516H8Wfemu1ARs djCV8NYw9rtDegS2CWGVvD6ZviI1q0vhIwfXDnhcPpHG4qML7qM1Uc84FQIDAQAB o4ICozCCAp8wHQYDVR0OBBYEFInDySpOHU/ohXK/poyYXDHjNoyCMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBlL2MzMzkw NS1lY2M1LTQ0YjctODE0Ni1lOTFmZjVmZTZjMjYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUvYzMzOTA1 LWVjYzUtNDRiNy04MTQ2LWU5MWZmNWZlNmMyNi8xL2ljUEpLazRkVC1pRmNyLW1q SmhjTWVNMmpJSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBUMMBoGCCsGAQUFBwEIAQH/BAswCaAH MAUCAwMKhjANBgkqhkiG9w0BAQsFAAOCAQEAQgutTuqtuc1EEsKo+DMmea944gB9 DiZPQhgtcDFOUpTf5DzAPX0KHOL0M25/JcVcpqjnfcnyJrvhELnQGwCKV60fZ+ky 5npyAMzxW00s0Lw7PngGB7LwqgmUj9PNp/2b5edx2ZP8I++VwVg1dlvL5M320dKU 2wVlE0ac2aDnLk9LTLK31U4NOO7giDJ/4+1tq5XejcJombcg0zG4E+pCsTji7Ndm fiYA3rAaRP3JeXwHcydko5n3PKpmrfL1xosAnpJ1E+RjvbcuQtbEJ3NORYizXBQB 5HgmzIRyqQLakJgfuTrvk4KpNxkc4PKwrYOs2kEb0Wd913XvzzGK4He9Zw== -----END CERTIFICATE-----Generated at Mon Feb 9 18:24:55 2026 by rpki-client