This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/kFHan04DQdDI3l6sVMY6EenvW18.cer File: kFHan04DQdDI3l6sVMY6EenvW18.cer (raw, json) Hash identifier: ZHJoEqbTyB5+k4skZlI9WBkoK37f2olpBsuSeq7NOjg= Subject key identifier: 90:51:DA:9F:4E:03:41:D0:C8:DE:5E:AC:54:C6:3A:11:E9:EF:5B:5F Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B78347C0913C7B0D4B74FDF2D3C394169 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/26/3bc1c4-2b7b-40ee-9181-9b34428ed424/1/kFHan04DQdDI3l6sVMY6EenvW18.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/26/3bc1c4-2b7b-40ee-9181-9b34428ed424/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 06:17:44 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 193.41.71.0/24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:10:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:7c:09:13:c7:b0:d4:b7:4f:df:2d:3c:39:41:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 06:17:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9051da9f4e0341d0c8de5eac54c63a11e9ef5b5f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:4f:17:5b:47:e7:bf:06:a1:a6:d8:da:ae:56: eb:1e:ed:3d:b2:9b:49:28:cd:20:70:19:9c:da:4e: 8b:c5:1e:50:9f:ba:8b:41:52:ed:09:6f:17:d0:8a: 92:0d:21:71:c1:61:bc:2e:d9:16:40:89:60:3c:3d: 43:94:25:b3:48:d6:a9:a2:21:f0:ae:57:fe:5c:63: a3:15:52:7d:b2:ac:3f:90:24:8d:e7:1e:8a:64:25: b6:e6:5a:70:b6:94:69:f0:8f:30:5f:a6:b3:a7:6e: 9c:30:f2:92:1b:15:4c:91:a0:3f:aa:fb:9e:6f:c4: 25:62:a9:76:4a:c7:c1:ec:51:a9:44:b9:70:ac:bd: 29:1a:55:02:99:45:5e:ba:26:e4:2a:7e:40:29:7d: 4c:96:1e:ee:d8:e6:e2:3d:e6:eb:6d:01:e6:f3:37: 7f:16:9f:f7:08:c5:39:1a:88:ea:cf:2a:8b:cf:cc: 6e:a8:89:56:20:45:7a:b5:ed:62:08:54:c4:cb:11: 2f:67:82:fc:be:55:ce:b8:a5:ca:58:b5:c8:0d:cf: 64:e1:42:c1:25:6e:9e:76:7c:0e:93:e9:6c:22:57: c4:08:8c:94:70:0d:90:b4:e5:fa:8c:e1:5f:91:c6: 4f:ef:2a:f1:e5:ec:25:7a:9a:37:05:ab:9b:46:a0: 7a:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:51:DA:9F:4E:03:41:D0:C8:DE:5E:AC:54:C6:3A:11:E9:EF:5B:5F X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bc1c4-2b7b-40ee-9181-9b34428ed424/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bc1c4-2b7b-40ee-9181-9b34428ed424/1/kFHan04DQdDI3l6sVMY6EenvW18.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.41.71.0/24 Signature Algorithm: sha256WithRSAEncryption 63:c8:a0:08:13:bf:7c:20:c2:53:af:b7:3c:4e:b2:bd:35:23: 15:3e:bd:9e:04:d4:ba:05:9b:8c:bc:05:b3:64:b3:d7:ad:6b: 4d:b1:d0:2f:98:41:d5:e8:24:6b:9e:2e:e1:54:52:b4:8a:5f: a4:b4:f7:0c:60:be:d8:cd:73:82:5c:6a:d7:f2:c7:f7:b8:d4: b7:75:ba:30:c5:7d:ff:72:89:eb:77:c6:fb:cb:26:7f:41:c8: 7f:dc:7b:9a:2f:e7:9e:b8:c9:f5:90:69:6a:2c:98:3c:da:a5: 86:4a:1f:d6:bd:c0:97:61:8f:0b:f6:d3:6f:70:df:32:e5:51: fa:22:f5:bc:7b:a3:f9:6b:76:c2:70:d3:b6:d6:3a:40:69:bd: df:4c:0d:fb:71:49:d3:fa:74:b9:01:e1:b6:f9:a9:b5:2a:05: 26:a1:c1:22:c6:8f:6c:8f:6f:d4:bf:35:0b:78:90:37:2d:21: bf:18:29:bb:f2:85:a1:71:af:76:6a:36:d9:35:64:8c:86:95: d8:47:35:ed:d6:af:1b:1b:53:6d:28:d9:e5:c2:1f:8b:dc:ba: 24:7f:bf:ea:37:ec:c8:ab:52:86:17:87:15:f8:00:62:d8:b5: b7:33:a9:79:17:47:88:ca:91:2a:47:b2:77:9b:b9:77:f0:d0: 09:b7:0f:e1 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgISAZt4NHwJE8ew1LdP3y08OUFpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDYxNzQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MDUxZGE5ZjRlMDM0MWQwYzhkZTVlYWM1NGM2M2ExMWU5ZWY1YjVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu08XW0fnvwahptjarlbrHu09sptJ KM0gcBmc2k6LxR5Qn7qLQVLtCW8X0IqSDSFxwWG8LtkWQIlgPD1DlCWzSNapoiHw rlf+XGOjFVJ9sqw/kCSN5x6KZCW25lpwtpRp8I8wX6azp26cMPKSGxVMkaA/qvue b8QlYql2SsfB7FGpRLlwrL0pGlUCmUVeuibkKn5AKX1Mlh7u2ObiPebrbQHm8zd/ Fp/3CMU5GojqzyqLz8xuqIlWIEV6te1iCFTEyxEvZ4L8vlXOuKXKWLXIDc9k4ULB JW6ednwOk+lsIlfECIyUcA2QtOX6jOFfkcZP7yrx5ewlepo3BaubRqB6fwIDAQAB o4IChDCCAoAwHQYDVR0OBBYEFJBR2p9OA0HQyN5erFTGOhHp71tfMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI2LzNiYzFj NC0yYjdiLTQwZWUtOTE4MS05YjM0NDI4ZWQ0MjQvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYvM2JjMWM0 LTJiN2ItNDBlZS05MTgxLTliMzQ0MjhlZDQyNC8xL2tGSGFuMDREUWRESTNsNnNW TVk2RWVudlcxOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQAwSlHMA0GCSqGSIb3DQEBCwUAA4IBAQBjyKAI E798IMJTr7c8TrK9NSMVPr2eBNS6BZuMvAWzZLPXrWtNsdAvmEHV6CRrni7hVFK0 il+ktPcMYL7YzXOCXGrX8sf3uNS3dbowxX3/conrd8b7yyZ/Qch/3HuaL+eeuMn1 kGlqLJg82qWGSh/WvcCXYY8L9tNvcN8y5VH6IvW8e6P5a3bCcNO21jpAab3fTA37 cUnT+nS5AeG2+am1KgUmocEixo9sj2/UvzULeJA3LSG/GCm78oWhca92ajbZNWSM hpXYRzXt1q8bG1NtKNnlwh+L3Lokf7/qN+zIq1KGF4cV+ABi2LW3M6l5F0eIypEq R7J3m7l38NAJtw/h -----END CERTIFICATE-----Generated at Mon Feb 9 16:48:55 2026 by rpki-client