This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/k89OeSfhBJZOTJb0QWSc40F0zjo.cer File: k89OeSfhBJZOTJb0QWSc40F0zjo.cer (raw, json) Hash identifier: QJgzR5J3eCc301FpfrfgLWrI0fgPB8FeuNe3Yg8ByV0= Subject key identifier: 93:CF:4E:79:27:E1:04:96:4E:4C:96:F4:41:64:9C:E3:41:74:CE:3A Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7EA723BBC4572B4E66818A4687EADF61 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/46/0b0007-d30a-4994-ab00-bd5b4e54712b/1/k89OeSfhBJZOTJb0QWSc40F0zjo.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/46/0b0007-d30a-4994-ab00-bd5b4e54712b/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 12:20:41 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 56349 IP: 46.227.176.0/21 IP: 2a02:6380::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:23:bb:c4:57:2b:4e:66:81:8a:46:87:ea:df:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 12:20:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=93cf4e7927e104964e4c96f441649ce34174ce3a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:da:53:f1:bc:5a:5b:57:c8:69:c9:8d:c3:d7: c5:36:c5:8b:16:be:e7:64:ad:17:dc:09:6c:2d:6f: e0:72:f5:c6:fe:ec:91:bf:8b:ed:61:25:a5:b1:fd: 0b:0a:52:7c:7b:6f:10:ff:2b:38:be:8b:45:01:e6: 06:d7:f8:ec:f6:bb:31:f7:71:81:fe:5a:f9:13:ee: d9:25:2c:d4:17:fe:e2:bc:6c:02:75:01:13:5d:90: b5:d7:d6:d7:2e:c7:61:1f:dd:19:be:b4:bf:d3:f8: f2:a4:aa:37:3c:4e:35:99:eb:3d:43:41:35:46:ee: 95:0e:5e:b5:26:63:e4:e8:10:bf:07:73:27:c8:f0: 15:26:92:9c:b4:f5:26:86:3b:f7:3d:26:ac:8b:33: 0f:cf:69:b1:10:d3:b1:74:b5:86:4c:f0:da:55:e7: a7:0f:ff:78:2e:b4:5e:e9:60:dd:ce:59:45:61:55: e1:5a:d1:b4:6b:61:f4:56:73:58:73:89:59:ab:1c: bf:40:0b:1e:6a:a6:e8:8d:4a:27:63:a5:a8:94:db: 98:f2:79:ae:fe:32:65:68:64:0f:24:1e:bf:f6:b0: 91:43:36:f6:b1:e0:8c:34:43:6a:41:94:3e:97:a1: 42:f3:00:c2:1e:78:15:5a:9b:77:3f:d5:47:38:e1: a2:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:CF:4E:79:27:E1:04:96:4E:4C:96:F4:41:64:9C:E3:41:74:CE:3A X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/0b0007-d30a-4994-ab00-bd5b4e54712b/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/0b0007-d30a-4994-ab00-bd5b4e54712b/1/k89OeSfhBJZOTJb0QWSc40F0zjo.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.227.176.0/21 IPv6: 2a02:6380::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 56349 Signature Algorithm: sha256WithRSAEncryption 86:ce:28:6e:e2:ec:3b:3e:f2:92:69:63:c4:a8:18:68:18:ae: 33:0a:fd:85:ce:eb:50:8b:fa:f6:f7:b1:ca:98:85:b7:3f:e2: cc:de:05:90:83:a9:7f:ab:43:44:17:01:de:34:77:48:de:ba: a0:6c:3f:b9:c8:20:98:3b:11:45:c1:70:a2:c6:b0:de:02:7f: 55:c4:6a:bb:91:4e:93:34:c5:25:53:15:a9:b5:e2:de:3f:b4: 0c:96:c0:a6:d1:0d:0d:bb:f3:95:ba:92:96:2c:8a:5c:f4:03: 71:ee:a4:14:0d:1f:f0:bf:e1:e6:2d:92:3d:a2:e1:d7:7e:c1: ca:6d:6a:f2:d8:ff:45:45:d5:c0:d4:ca:ec:ac:da:4e:56:f0: aa:72:c9:94:55:a9:1b:20:ca:f2:61:b8:3a:2b:65:64:24:e7: 83:ad:f5:8d:3a:53:c5:25:70:a0:00:ca:32:51:16:e2:f8:38: c9:3d:a1:18:1a:0c:53:0e:39:dc:99:37:43:c2:77:9a:08:82: 06:9c:80:4d:0b:05:72:2d:45:16:38:ee:c1:a1:20:73:2a:53: d9:21:1c:00:ae:c7:c2:81:a9:dc:b8:5d:76:8f:03:ed:d1:85: 79:d9:e3:ce:e6:84:db:27:17:b3:17:52:51:ef:3c:84:9e:e7: 45:1e:95:c5 -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt+pyO7xFcrTmaBikaH6t9hMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTIyMDQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5M2NmNGU3OTI3ZTEwNDk2NGU0Yzk2ZjQ0MTY0OWNlMzQxNzRjZTNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9pT8bxaW1fIacmNw9fFNsWLFr7n ZK0X3AlsLW/gcvXG/uyRv4vtYSWlsf0LClJ8e28Q/ys4votFAeYG1/js9rsx93GB /lr5E+7ZJSzUF/7ivGwCdQETXZC119bXLsdhH90ZvrS/0/jypKo3PE41mes9Q0E1 Ru6VDl61JmPk6BC/B3MnyPAVJpKctPUmhjv3PSasizMPz2mxENOxdLWGTPDaVeen D/94LrRe6WDdzllFYVXhWtG0a2H0VnNYc4lZqxy/QAseaqbojUonY6WolNuY8nmu /jJlaGQPJB6/9rCRQzb2seCMNENqQZQ+l6FC8wDCHngVWpt3P9VHOOGirwIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFJPPTnkn4QSWTkyW9EFknONBdM46MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ2LzBiMDAw Ny1kMzBhLTQ5OTQtYWIwMC1iZDViNGU1NDcxMmIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYvMGIwMDA3 LWQzMGEtNDk5NC1hYjAwLWJkNWI0ZTU0NzEyYi8xL2s4OU9lU2ZoQkpaT1RKYjBR V1NjNDBGMHpqby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQDLuOwMA0EAgACMAcDBQAqAmOAMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwDcHTANBgkqhkiG9w0BAQsFAAOCAQEAhs4obuLsOz7y kmljxKgYaBiuMwr9hc7rUIv69vexypiFtz/izN4FkIOpf6tDRBcB3jR3SN66oGw/ ucggmDsRRcFwosaw3gJ/VcRqu5FOkzTFJVMVqbXi3j+0DJbAptENDbvzlbqSliyK XPQDce6kFA0f8L/h5i2SPaLh137Bym1q8tj/RUXVwNTK7KzaTlbwqnLJlFWpGyDK 8mG4OitlZCTng631jTpTxSVwoADKMlEW4vg4yT2hGBoMUw453Jk3Q8J3mgiCBpyA TQsFci1FFjjuwaEgcypT2SEcAK7HwoGp3Lhddo8D7dGFednjzuaE2ycXsxdSUe88 hJ7nRR6VxQ== -----END CERTIFICATE-----Generated at Mon Feb 9 18:27:58 2026 by rpki-client