This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ikHi8tFFLnxMwH2_p4OdWN9X8hg.cer File: ikHi8tFFLnxMwH2_p4OdWN9X8hg.cer (raw, json) Hash identifier: Mkn9wf8FKXTUu8Ehp2bkf+2NTXJfpGYcklJ4U0Kg0hE= Subject key identifier: 8A:41:E2:F2:D1:45:2E:7C:4C:C0:7D:BF:A7:83:9D:58:DF:57:F2:18 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B79103B15EF1CA0A80DED9C31BF8347DA Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 10:17:45 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 50197 IP: 193.104.59.0/24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:3b:15:ef:1c:a0:a8:0d:ed:9c:31:bf:83:47:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 10:17:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8a41e2f2d1452e7c4cc07dbfa7839d58df57f218 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:bc:ba:e4:e5:f9:e0:f6:c6:2e:bb:3b:ac:ea: f5:64:d9:06:0b:f6:5a:19:a4:5b:a1:53:51:6e:6a: 8d:30:e7:0f:3a:68:5e:a8:bc:ef:d2:c7:61:e0:04: 94:72:e0:91:fe:3c:7a:a7:69:82:8b:1f:c5:82:b8: 0c:44:5a:e9:5d:44:71:08:e5:dd:ec:c6:1a:f5:bd: 4c:97:27:64:34:e5:48:3f:61:58:47:0b:fa:73:a1: f6:71:71:6b:4e:3d:53:b9:48:eb:fb:ca:9c:9d:a9: ec:9f:cc:e0:1d:d2:e2:0a:73:53:42:a6:84:43:b9: 02:41:80:fd:f5:4b:33:91:b4:d8:35:8c:46:31:83: c1:49:f4:d6:12:78:32:db:68:e1:95:e7:76:73:fd: 9b:26:d4:81:f7:c4:6a:cf:1b:71:57:f3:64:3e:36: 72:c1:2d:7e:69:4c:02:6a:66:cb:29:34:22:66:a4: 50:e1:d6:18:58:44:64:e6:ca:4f:47:88:f4:11:42: 62:01:34:bc:49:30:78:24:7c:14:12:36:94:65:2a: 24:81:66:6e:35:c3:11:e4:29:a7:eb:12:ff:58:0d: 0f:48:2f:24:ba:2c:0d:68:60:8b:1d:96:4a:51:9b: 57:61:ef:97:42:18:e6:ac:b4:86:cd:52:a2:b1:cf: ac:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:41:E2:F2:D1:45:2E:7C:4C:C0:7D:BF:A7:83:9D:58:DF:57:F2:18 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.104.59.0/24 sbgp-autonomousSysNum: critical Autonomous System Numbers: 50197 Signature Algorithm: sha256WithRSAEncryption 20:3d:ed:82:69:a8:4e:b8:c0:bc:5b:96:ff:fb:99:4b:16:ba: df:e1:8b:2a:b1:df:49:5e:71:72:7a:1d:08:e7:d7:ff:8b:7d: 47:89:06:37:22:1b:ce:dd:59:bc:09:ef:c0:16:40:53:d2:93: 0d:4a:c7:08:3c:76:47:39:d0:59:e0:44:c1:8b:61:6e:f2:d3: 38:46:bc:09:e7:b2:35:40:ff:75:9f:31:49:60:44:85:8e:b9: 9c:eb:a4:10:bb:4e:e3:97:df:3d:55:71:1d:c9:b0:14:21:c2: 29:59:eb:2e:db:dc:ef:7d:04:8c:4e:93:a3:38:38:83:f5:1e: d4:5c:89:ba:a0:09:af:cd:10:55:09:64:5e:b0:2b:be:29:c1: 8a:d2:54:59:7f:e0:93:34:af:12:d5:6d:dc:84:83:f9:b6:9d: c1:76:cf:b5:e7:09:b0:f1:85:1d:40:0f:ff:60:db:df:73:ba: c7:39:e4:73:7e:cf:2d:d2:b1:1a:b2:92:32:72:c8:e6:9d:55: 51:28:9b:d7:01:fc:66:77:76:01:cf:f2:8a:c6:e1:ac:76:21: c6:b0:d4:54:0d:e1:a0:6f:d4:65:74:ce:0c:b1:1d:bc:d2:49: af:f5:35:58:15:74:c7:d6:7a:13:1b:f6:64:67:5b:b7:db:25: a4:31:96:a1 -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgISAZt5EDsV7xygqA3tnDG/g0faMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTAxNzQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YTQxZTJmMmQxNDUyZTdjNGNjMDdkYmZhNzgzOWQ1OGRmNTdmMjE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7y65OX54PbGLrs7rOr1ZNkGC/Za GaRboVNRbmqNMOcPOmheqLzv0sdh4ASUcuCR/jx6p2mCix/FgrgMRFrpXURxCOXd 7MYa9b1MlydkNOVIP2FYRwv6c6H2cXFrTj1TuUjr+8qcnansn8zgHdLiCnNTQqaE Q7kCQYD99UszkbTYNYxGMYPBSfTWEngy22jhled2c/2bJtSB98RqzxtxV/NkPjZy wS1+aUwCambLKTQiZqRQ4dYYWERk5spPR4j0EUJiATS8STB4JHwUEjaUZSokgWZu NcMR5Cmn6xL/WA0PSC8kuiwNaGCLHZZKUZtXYe+XQhjmrLSGzVKisc+sOwIDAQAB o4ICoDCCApwwHQYDVR0OBBYEFIpB4vLRRS58TMB9v6eDnVjfV/IYMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2EwL2JmNjlj NC1kNjRhLTQzNDAtOWJmMS0zNjQ4NTRjYmMwZTgvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAvYmY2OWM0 LWQ2NGEtNDM0MC05YmYxLTM2NDg1NGNiYzBlOC8xL2lrSGk4dEZGTG54TXdIMl9w NE9kV045WDhoZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQAwWg7MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC AwDEFTANBgkqhkiG9w0BAQsFAAOCAQEAID3tgmmoTrjAvFuW//uZSxa63+GLKrHf SV5xcnodCOfX/4t9R4kGNyIbzt1ZvAnvwBZAU9KTDUrHCDx2RznQWeBEwYthbvLT OEa8CeeyNUD/dZ8xSWBEhY65nOukELtO45ffPVVxHcmwFCHCKVnrLtvc730EjE6T ozg4g/Ue1FyJuqAJr80QVQlkXrArvinBitJUWX/gkzSvEtVt3ISD+badwXbPtecJ sPGFHUAP/2Db33O6xznkc37PLdKxGrKSMnLI5p1VUSib1wH8Znd2Ac/yisbhrHYh xrDUVA3hoG/UZXTODLEdvNJJr/U1WBV0x9Z6Exv2ZGdbt9slpDGWoQ== -----END CERTIFICATE-----Generated at Mon Feb 9 20:55:28 2026 by rpki-client