This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/kYngbIh9P-3oj3F7_6Q8jMhmx6U.cer File: kYngbIh9P-3oj3F7_6Q8jMhmx6U.cer (raw, json) Hash identifier: ty930hL3h7JRHlEjVSSFLV6Ox6KY3DZ5shy/O1U9Q3w= Subject key identifier: 91:89:E0:6C:88:7D:3F:ED:E8:8F:71:7B:FF:A4:3C:8C:C8:66:C7:A5 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7F135065491C4AD3AB3E4CFCBFA4F155 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ee/3d3a33-61d9-4996-819c-d97a54cb39e1/1/kYngbIh9P-3oj3F7_6Q8jMhmx6U.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ee/3d3a33-61d9-4996-819c-d97a54cb39e1/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 14:18:50 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 198.212.39.0/24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:13:50:65:49:1c:4a:d3:ab:3e:4c:fc:bf:a4:f1:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 14:18:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9189e06c887d3fede88f717bffa43c8cc866c7a5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:b9:42:c3:f8:a5:16:66:65:5a:cf:24:7a:21: 05:12:43:cc:a0:f8:be:2d:37:36:42:27:d6:31:3d: 6d:41:b5:20:1b:fa:3e:52:48:eb:55:3d:39:84:51: 96:e0:fe:d1:2d:c6:0b:3b:1b:6f:d8:d7:94:73:f9: 03:da:4d:15:c5:c5:13:aa:cc:ae:44:0e:0b:19:40: 74:2f:58:a6:62:f2:a4:63:cd:22:de:ca:9a:65:2e: 1e:7d:e9:61:83:07:c9:7e:2c:c2:17:9a:15:03:1b: 0e:cb:4d:7e:b9:3d:19:1c:b1:e0:04:14:a5:69:cd: 30:cb:55:70:e5:9d:4f:7b:64:8e:32:9f:53:85:82: e7:fd:35:d8:d1:53:ef:80:c5:ef:b9:47:49:c9:21: 6c:4a:07:7f:d8:90:7b:28:23:3c:68:51:00:cb:c3: 45:04:d5:fc:ee:54:66:85:42:60:15:b5:4d:96:a6: f4:02:33:6e:9c:1c:65:5e:b9:da:27:95:c6:e5:5c: e2:1b:f0:df:73:f7:6f:7e:94:b4:75:6f:ed:8f:74: cc:d7:21:bd:10:4f:4b:ea:ae:c5:06:39:c5:ba:c6: b5:3f:7b:07:dd:c1:6e:aa:0f:09:c3:0a:16:4a:20: a3:4e:1e:fc:2d:0f:f6:5c:1a:63:74:e4:e1:b9:43: c4:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:89:E0:6C:88:7D:3F:ED:E8:8F:71:7B:FF:A4:3C:8C:C8:66:C7:A5 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3d3a33-61d9-4996-819c-d97a54cb39e1/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3d3a33-61d9-4996-819c-d97a54cb39e1/1/kYngbIh9P-3oj3F7_6Q8jMhmx6U.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 198.212.39.0/24 Signature Algorithm: sha256WithRSAEncryption 68:6d:58:ea:7c:97:a0:c3:30:e1:ef:54:a9:83:a8:0f:ce:c8: 3f:1d:27:4a:5b:82:1b:16:8b:e6:15:2e:44:b0:9f:cc:01:81: 8d:40:72:62:d8:8c:05:06:b3:ac:58:a0:aa:9d:3e:c1:36:9a: 08:70:5b:83:e8:35:42:f9:f6:64:f3:6e:32:43:6d:d9:c1:9f: f4:81:8a:d2:f9:4b:00:42:55:fd:1c:ac:b2:9e:0e:bf:db:ac: c6:a3:ab:ea:1e:57:02:c4:c8:ba:bb:29:9f:ff:48:da:01:4e: 23:11:4d:11:dd:90:14:9b:9f:56:4b:75:f3:91:ca:bf:fd:ae: b9:1f:fb:4c:10:7c:b5:74:aa:67:1f:7a:b2:fe:c8:f7:9d:d6: ea:51:8f:3f:81:9c:42:38:74:e1:4c:1b:00:f5:b9:b9:e6:ad: 2a:1b:6d:e7:f2:e4:4d:ca:87:2a:31:4a:47:b3:d4:3f:0c:d0: 2d:87:98:8d:b6:2d:8b:a1:5d:ea:18:cc:63:0c:07:f2:37:30: 76:b5:07:fe:68:61:85:43:dd:32:99:df:c8:00:a4:89:be:5c: 53:00:19:ee:eb:c9:90:f1:5a:b1:ca:73:2b:73:b7:b9:56:bc: 3a:9e:18:a6:de:eb:c7:d6:7e:0e:cc:a6:94:dc:d0:dd:5f:36: 44:3b:87:dd -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgISAZt/E1BlSRxK06s+TPy/pPFVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTQxODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MTg5ZTA2Yzg4N2QzZmVkZTg4ZjcxN2JmZmE0M2M4Y2M4NjZjN2E1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7lCw/ilFmZlWs8keiEFEkPMoPi+ LTc2QifWMT1tQbUgG/o+UkjrVT05hFGW4P7RLcYLOxtv2NeUc/kD2k0VxcUTqsyu RA4LGUB0L1imYvKkY80i3sqaZS4efelhgwfJfizCF5oVAxsOy01+uT0ZHLHgBBSl ac0wy1Vw5Z1Pe2SOMp9ThYLn/TXY0VPvgMXvuUdJySFsSgd/2JB7KCM8aFEAy8NF BNX87lRmhUJgFbVNlqb0AjNunBxlXrnaJ5XG5VziG/Dfc/dvfpS0dW/tj3TM1yG9 EE9L6q7FBjnFusa1P3sH3cFuqg8JwwoWSiCjTh78LQ/2XBpjdOThuUPElQIDAQAB o4IChDCCAoAwHQYDVR0OBBYEFJGJ4GyIfT/t6I9xe/+kPIzIZselMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VlLzNkM2Ez My02MWQ5LTQ5OTYtODE5Yy1kOTdhNTRjYjM5ZTEvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWUvM2QzYTMz LTYxZDktNDk5Ni04MTljLWQ5N2E1NGNiMzllMS8xL2tZbmdiSWg5UC0zb2ozRjdf NlE4ak1obXg2VS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQAxtQnMA0GCSqGSIb3DQEBCwUAA4IBAQBobVjq fJegwzDh71Spg6gPzsg/HSdKW4IbFovmFS5EsJ/MAYGNQHJi2IwFBrOsWKCqnT7B NpoIcFuD6DVC+fZk824yQ23ZwZ/0gYrS+UsAQlX9HKyyng6/26zGo6vqHlcCxMi6 uymf/0jaAU4jEU0R3ZAUm59WS3Xzkcq//a65H/tMEHy1dKpnH3qy/sj3ndbqUY8/ gZxCOHThTBsA9bm55q0qG23n8uRNyocqMUpHs9Q/DNAth5iNti2LoV3qGMxjDAfy NzB2tQf+aGGFQ90ymd/IAKSJvlxTABnu68mQ8VqxynMrc7e5Vrw6nhim3uvH1n4O zKaU3NDdXzZEO4fd -----END CERTIFICATE-----Generated at Tue Jan 27 09:13:14 2026 by rpki-client