This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/kIeMOWJK7eOSnhfM2Vh4wpKy81E.cer File: kIeMOWJK7eOSnhfM2Vh4wpKy81E.cer (raw, json) Hash identifier: jiA+jLZdp3J8eBoDnnzDCFYl/KibyUK1uZTRIxDv8ug= Subject key identifier: 90:87:8C:39:62:4A:ED:E3:92:9E:17:CC:D9:58:78:C2:92:B2:F3:51 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7F1588E2431B9F555AEB90B8C49B6D10 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/0f/5d31cb-46c6-4b58-8279-d5aefccc9522/1/kIeMOWJK7eOSnhfM2Vh4wpKy81E.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/0f/5d31cb-46c6-4b58-8279-d5aefccc9522/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 14:21:16 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 41135 IP: 81.201.80.0/20 IP: 185.47.148.0/22 IP: 2a03:b500::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:10:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:88:e2:43:1b:9f:55:5a:eb:90:b8:c4:9b:6d:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 14:21:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=90878c39624aede3929e17ccd95878c292b2f351 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:32:7a:97:c7:b6:c5:3b:01:25:be:e5:b9:c7: 63:23:65:c1:fd:aa:16:5c:83:ce:46:65:07:30:e0: bc:7b:91:cf:9f:38:d3:ec:66:3e:14:c7:9a:a7:06: b5:6b:10:72:3f:10:83:cb:68:c3:34:4d:6e:7c:52: 21:f1:cc:86:ed:ac:72:fc:10:ef:27:57:87:6d:7f: 26:ed:1a:c8:03:ea:8b:31:dd:52:24:06:ce:c3:bb: f1:97:a5:94:dc:d2:e9:b4:db:9c:68:cc:31:03:b7: 88:62:d4:ca:a6:e0:eb:70:c3:bd:3d:53:67:67:36: cf:19:a7:25:68:32:45:f4:a9:4f:a2:b0:05:74:a2: 2a:3d:91:8d:eb:66:c0:bf:24:81:06:d7:f4:4a:43: cf:9a:14:6a:87:d3:87:28:25:13:49:9b:0e:06:69: 9d:a0:a5:4b:91:40:c4:55:b4:4e:ee:7b:24:d4:2a: 70:64:9f:0f:23:89:22:60:0e:ba:b4:be:07:cf:e3: 01:33:2d:5b:1b:2e:fb:e7:dd:53:cb:f7:76:f4:c0: 57:f0:ba:7c:fd:2a:fc:60:9f:3b:74:4a:4a:09:24: 7f:ff:99:cd:b6:da:cb:cd:e7:57:6b:f1:cd:c1:97: 49:cd:93:e9:97:76:13:b9:98:49:71:26:20:d0:af: 80:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:87:8C:39:62:4A:ED:E3:92:9E:17:CC:D9:58:78:C2:92:B2:F3:51 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5d31cb-46c6-4b58-8279-d5aefccc9522/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5d31cb-46c6-4b58-8279-d5aefccc9522/1/kIeMOWJK7eOSnhfM2Vh4wpKy81E.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.201.80.0/20 185.47.148.0/22 IPv6: 2a03:b500::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 41135 Signature Algorithm: sha256WithRSAEncryption 9d:65:d5:45:67:07:7b:13:a0:0b:a1:48:8e:b6:c7:8b:c4:14: 02:ef:5e:a5:6d:02:08:18:b1:4f:1d:d7:19:bd:c8:fb:90:d7: f1:2b:8a:ff:b0:e5:9a:a3:0b:04:1c:56:84:f8:ac:51:aa:6b: c6:55:21:76:8e:ff:7b:ca:e7:42:3b:78:91:17:93:c6:f6:fc: 75:f1:27:d3:7d:48:a7:6c:53:37:b8:71:b2:84:04:de:72:64: cf:43:eb:30:1d:63:c9:b4:e0:ec:7b:1f:73:f1:ac:9b:e0:ca: a8:93:03:40:52:26:b6:56:c9:a2:b9:5f:5f:d8:b7:d4:02:79: aa:8f:60:23:ef:fd:60:c9:34:91:62:1d:ae:d6:cc:bb:7b:e0: 42:df:c7:bd:62:7d:97:47:8b:e5:33:d5:d2:72:86:50:d9:72: b3:a4:6a:40:35:88:fc:89:cd:59:fc:b6:3a:1c:64:4f:b3:a9: 60:92:aa:a0:a2:9f:e0:bb:f2:98:85:06:2b:9a:96:ee:d4:3a: 5b:11:19:78:f3:3a:4f:07:30:7c:80:06:0a:ca:3a:84:72:8a: 4c:13:c9:0f:20:96:67:c1:47:ae:ea:61:35:c9:b9:c4:16:10: 3d:7c:12:ba:df:bd:b7:a2:1a:db:09:de:2d:58:f2:e8:37:32: 4f:b2:5c:7b -----BEGIN CERTIFICATE----- MIIFqTCCBJGgAwIBAgISAZt/FYjiQxufVVrrkLjEm20QMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTQyMTE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MDg3OGMzOTYyNGFlZGUzOTI5ZTE3Y2NkOTU4NzhjMjkyYjJmMzUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjJ6l8e2xTsBJb7lucdjI2XB/aoW XIPORmUHMOC8e5HPnzjT7GY+FMeapwa1axByPxCDy2jDNE1ufFIh8cyG7axy/BDv J1eHbX8m7RrIA+qLMd1SJAbOw7vxl6WU3NLptNucaMwxA7eIYtTKpuDrcMO9PVNn ZzbPGaclaDJF9KlPorAFdKIqPZGN62bAvySBBtf0SkPPmhRqh9OHKCUTSZsOBmmd oKVLkUDEVbRO7nsk1CpwZJ8PI4kiYA66tL4Hz+MBMy1bGy77591Ty/d29MBX8Lp8 /Sr8YJ87dEpKCSR//5nNttrLzedXa/HNwZdJzZPpl3YTuZhJcSYg0K+AnQIDAQAB o4ICtTCCArEwHQYDVR0OBBYEFJCHjDliSu3jkp4XzNlYeMKSsvNRMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBmLzVkMzFj Yi00NmM2LTRiNTgtODI3OS1kNWFlZmNjYzk1MjIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYvNWQzMWNi LTQ2YzYtNGI1OC04Mjc5LWQ1YWVmY2NjOTUyMi8xL2tJZU1PV0pLN2VPU25oZk0y Vmg0d3BLeTgxRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF BwEHAQH/BCUwIzASBAIAATAMAwQEUclQAwQCuS+UMA0EAgACMAcDBQAqA7UAMBoG CCsGAQUFBwEIAQH/BAswCaAHMAUCAwCgrzANBgkqhkiG9w0BAQsFAAOCAQEAnWXV RWcHexOgC6FIjrbHi8QUAu9epW0CCBixTx3XGb3I+5DX8SuK/7DlmqMLBBxWhPis UaprxlUhdo7/e8rnQjt4kReTxvb8dfEn031Ip2xTN7hxsoQE3nJkz0PrMB1jybTg 7Hsfc/Gsm+DKqJMDQFImtlbJorlfX9i31AJ5qo9gI+/9YMk0kWIdrtbMu3vgQt/H vWJ9l0eL5TPV0nKGUNlys6RqQDWI/InNWfy2OhxkT7OpYJKqoKKf4LvymIUGK5qW 7tQ6WxEZePM6TwcwfIAGCso6hHKKTBPJDyCWZ8FHruphNcm5xBYQPXwSut+9t6Ia 2wneLVjy6DcyT7Jcew== -----END CERTIFICATE-----Generated at Mon Feb 9 16:48:48 2026 by rpki-client