This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ikAAEBrTk8rff8j9Y9qtPG2uEk8.cer File: ikAAEBrTk8rff8j9Y9qtPG2uEk8.cer (raw, json) Hash identifier: 8nAviV6b0g/5CPSoFR2tmJYqeSngsEpJiTQ75D7YzEg= Subject key identifier: 8A:40:00:10:1A:D3:93:CA:DF:7F:C8:FD:63:DA:AD:3C:6D:AE:12:4F Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7B36CFB730F9169C305742A5827654AF Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6c/b27bd0-3d39-4d78-aa2c-1f3ccfa61aac/1/ikAAEBrTk8rff8j9Y9qtPG2uEk8.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6c/b27bd0-3d39-4d78-aa2c-1f3ccfa61aac/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 20:19:08 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 41549 IP: 88.84.0.0/19 IP: 89.186.208.0/21 IP: 146.185.0.0/21 IP: 157.173.80.0/20 IP: 178.21.224.0/21 IP: 185.37.72.0/22 IP: 194.11.218.0/23 IP: 195.20.64.0/19 IP: 213.159.144.0/20 IP: 217.67.128.0/20 IP: 2a01:aec0::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:cf:b7:30:f9:16:9c:30:57:42:a5:82:76:54:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 20:19:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8a4000101ad393cadf7fc8fd63daad3c6dae124f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:99:07:e2:23:bb:09:9d:7b:fe:32:ad:fb:33: 7e:3a:00:bc:ec:27:5b:f4:3e:d5:4c:69:23:c8:5e: 32:91:10:26:e4:8c:3f:94:b6:4e:8f:55:bb:a7:48: bd:5a:19:12:50:b7:c0:07:f6:d6:5d:ff:a1:fe:66: 67:64:95:ba:9a:70:f6:c4:63:92:dd:69:f9:4f:4d: 91:b1:ed:49:ce:c1:5d:04:1d:8f:a2:da:39:cf:8d: c5:da:18:ca:28:b9:9c:67:1b:4b:a8:b7:9e:1f:7d: 7f:64:9e:59:a1:d3:00:c1:f3:c7:fc:33:e6:78:21: 9b:24:6c:df:ec:9a:c0:20:e0:e7:13:5d:9c:50:db: b3:ea:e9:9c:ad:f4:c6:3a:1d:41:99:37:b9:50:04: c6:43:87:3f:b5:52:74:39:6d:ff:01:0c:68:58:15: 69:dd:1a:03:72:2c:06:e9:e5:17:aa:c8:81:e4:b7: 6d:48:3f:86:3f:b0:6d:bc:98:fd:32:1f:1c:2f:31: 8f:57:b7:0f:7f:93:61:b1:a3:44:12:bd:98:77:b8: 67:17:45:27:94:9a:b7:d5:b6:6b:98:4c:37:fb:2e: 8c:8a:54:31:a0:ad:c4:46:d7:5f:d1:db:15:1b:a4: 06:ad:86:b4:b2:75:b1:91:9f:7c:f5:3f:19:b2:a3: 19:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:40:00:10:1A:D3:93:CA:DF:7F:C8:FD:63:DA:AD:3C:6D:AE:12:4F X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/b27bd0-3d39-4d78-aa2c-1f3ccfa61aac/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/b27bd0-3d39-4d78-aa2c-1f3ccfa61aac/1/ikAAEBrTk8rff8j9Y9qtPG2uEk8.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 88.84.0.0/19 89.186.208.0/21 146.185.0.0/21 157.173.80.0/20 178.21.224.0/21 185.37.72.0/22 194.11.218.0/23 195.20.64.0/19 213.159.144.0/20 217.67.128.0/20 IPv6: 2a01:aec0::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 41549 Signature Algorithm: sha256WithRSAEncryption 2e:3d:92:47:1b:dc:9e:f1:b7:5d:69:5d:5f:c9:74:d1:56:b2: 62:da:e6:10:19:b7:3b:a0:7f:2c:58:89:e3:ef:43:3e:b0:fa: ec:f0:37:81:fa:76:33:96:1a:80:2c:07:09:29:fd:ac:6d:01: ee:b8:76:e6:48:9f:38:3b:de:6c:04:4b:f1:45:44:71:35:44: 6a:0c:69:00:2c:2c:ab:f6:91:a5:0b:9e:12:96:ff:1c:d3:54: 8a:e3:18:50:ae:42:39:ba:0d:ab:00:5d:49:62:62:b3:0e:d3: bf:63:e7:7e:5b:91:09:1a:4f:03:ef:a3:fc:c4:a4:09:8c:41: 83:6d:db:6c:31:18:a2:1e:0c:cd:69:a8:22:51:e3:1c:3a:a9: a5:f0:c4:c2:e7:53:a4:e6:10:2f:d0:55:43:67:9a:f8:cf:67: fc:ec:13:bc:8f:bf:f5:56:6b:51:8d:aa:e8:6e:67:78:7b:5c: b4:ee:f3:86:ea:e1:91:43:a7:a4:d7:ea:3c:7d:7c:88:11:d0: 34:4d:02:4d:da:80:e6:3b:28:22:ed:26:64:cb:1c:46:73:32: bd:52:47:aa:5b:d3:53:ce:63:0d:84:6a:62:da:e1:28:09:fa: 69:ae:4d:ec:d7:26:22:b0:8f:36:f9:6a:81:90:63:8c:d3:17: 30:31:92:45 -----BEGIN CERTIFICATE----- MIIF2TCCBMGgAwIBAgISAZt7Ns+3MPkWnDBXQqWCdlSvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjAxOTA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YTQwMDAxMDFhZDM5M2NhZGY3ZmM4ZmQ2M2RhYWQzYzZkYWUxMjRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZkH4iO7CZ17/jKt+zN+OgC87Cdb 9D7VTGkjyF4ykRAm5Iw/lLZOj1W7p0i9WhkSULfAB/bWXf+h/mZnZJW6mnD2xGOS 3Wn5T02Rse1JzsFdBB2Poto5z43F2hjKKLmcZxtLqLeeH31/ZJ5ZodMAwfPH/DPm eCGbJGzf7JrAIODnE12cUNuz6umcrfTGOh1BmTe5UATGQ4c/tVJ0OW3/AQxoWBVp 3RoDciwG6eUXqsiB5LdtSD+GP7BtvJj9Mh8cLzGPV7cPf5NhsaNEEr2Yd7hnF0Un lJq31bZrmEw3+y6MilQxoK3ERtdf0dsVG6QGrYa0snWxkZ989T8ZsqMZ5QIDAQAB o4IC5TCCAuEwHQYDVR0OBBYEFIpAABAa05PK33/I/WParTxtrhJPMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZjL2IyN2Jk MC0zZDM5LTRkNzgtYWEyYy0xZjNjY2ZhNjFhYWMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmMvYjI3YmQw LTNkMzktNGQ3OC1hYTJjLTFmM2NjZmE2MWFhYy8xL2lrQUFFQnJUazhyZmY4ajlZ OXF0UEcydUVrOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGQGCCsGAQUF BwEHAQH/BFUwUzBCBAIAATA8AwQFWFQAAwQDWbrQAwQDkrkAAwQEna1QAwQDshXg AwQCuSVIAwQBwgvaAwQFwxRAAwQE1Z+QAwQE2UOAMA0EAgACMAcDBQAqAa7AMBoG CCsGAQUFBwEIAQH/BAswCaAHMAUCAwCiTTANBgkqhkiG9w0BAQsFAAOCAQEALj2S RxvcnvG3XWldX8l00VayYtrmEBm3O6B/LFiJ4+9DPrD67PA3gfp2M5YagCwHCSn9 rG0B7rh25kifODvebARL8UVEcTVEagxpACwsq/aRpQueEpb/HNNUiuMYUK5COboN qwBdSWJisw7Tv2PnfluRCRpPA++j/MSkCYxBg23bbDEYoh4MzWmoIlHjHDqppfDE wudTpOYQL9BVQ2ea+M9n/OwTvI+/9VZrUY2q6G5neHtctO7zhurhkUOnpNfqPH18 iBHQNE0CTdqA5jsoIu0mZMscRnMyvVJHqlvTU85jDYRqYtrhKAn6aa5N7NcmIrCP NvlqgZBjjNMXMDGSRQ== -----END CERTIFICATE-----Generated at Mon Feb 9 15:12:02 2026 by rpki-client