This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/kkQvHPx17REAE4d5MKKdhvieu7Y.cer File: kkQvHPx17REAE4d5MKKdhvieu7Y.cer (raw, json) Hash identifier: RNJ80RD4m84Sh0xARatlcO7kbxl/T2apPbdYTllO5D0= Subject key identifier: 92:44:2F:1C:FC:75:ED:11:00:13:87:79:30:A2:9D:86:F8:9E:BB:B6 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7EA6FA6E1DAF0CFF2AF3641365924013 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/42/9af881-ba0d-451d-a69b-00f96ffcf734/1/kkQvHPx17REAE4d5MKKdhvieu7Y.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/42/9af881-ba0d-451d-a69b-00f96ffcf734/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 12:20:30 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 201248 IP: 185.80.240.0/22 IP: 2a05:83c0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:fa:6e:1d:af:0c:ff:2a:f3:64:13:65:92:40:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 12:20:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=92442f1cfc75ed110013877930a29d86f89ebbb6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:dc:b6:04:64:ec:3a:f0:4c:c6:c3:a2:ab:12: 30:97:14:da:b4:d3:12:8c:7b:a6:26:97:7b:5f:fb: 76:fd:de:3b:a6:95:00:fa:90:6c:45:2b:76:6c:ce: e3:9e:02:82:7e:80:0c:3c:93:7f:ff:a7:a8:7d:82: bc:5c:5e:e4:84:23:21:79:b3:a0:96:36:b1:69:91: fb:d9:5f:0f:84:65:e7:69:9f:5c:2d:c0:28:61:77: f5:23:62:91:fd:ca:98:84:d6:5d:8f:9f:eb:22:4c: 2d:87:a6:8a:42:33:5d:ef:0b:8c:f8:95:d8:de:e2: 65:56:69:05:40:3e:c5:02:ee:4f:43:04:3d:b4:92: e4:59:17:3f:91:cb:55:99:d3:d1:c6:9a:c0:58:88: ee:34:bb:17:40:0a:72:9a:f9:d7:5c:d0:de:07:e5: f5:b4:17:ec:bb:3b:9e:fa:ab:e1:b3:92:e6:4f:58: 9b:aa:55:5c:65:3a:88:47:e3:3a:9b:9e:8e:2e:a8: 86:61:74:ea:8b:b3:04:de:83:43:22:9b:44:51:31: 3a:53:8b:8d:29:e8:cd:2a:d7:d9:be:cc:b1:99:5e: 2b:74:7d:f9:ae:0f:08:c4:53:6d:7e:2f:56:26:cd: 6e:ee:a4:57:02:f0:f6:26:7e:dc:27:d7:17:e2:c2: 9c:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:44:2F:1C:FC:75:ED:11:00:13:87:79:30:A2:9D:86:F8:9E:BB:B6 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9af881-ba0d-451d-a69b-00f96ffcf734/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9af881-ba0d-451d-a69b-00f96ffcf734/1/kkQvHPx17REAE4d5MKKdhvieu7Y.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.80.240.0/22 IPv6: 2a05:83c0::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 201248 Signature Algorithm: sha256WithRSAEncryption 3e:e7:d9:17:88:d4:bf:fe:b8:04:29:82:a1:ba:67:48:62:b2: 5a:ec:8a:95:91:0b:41:f9:5b:7e:eb:f2:be:7f:e3:60:d3:72: 03:f6:96:46:82:70:57:cd:bc:b2:31:48:28:14:58:35:99:c3: bd:a2:ce:c1:17:06:de:cb:7e:a2:5c:fc:2e:8e:00:4f:ae:cf: 85:1b:fa:cc:c5:0b:da:da:9b:67:b7:9f:99:80:3c:90:a5:69: 6c:4f:b0:e4:01:c2:d6:48:bd:e8:2f:fd:88:5f:ff:76:db:46: 68:20:fa:91:b0:b4:68:dd:3b:2c:0f:89:ae:67:09:3d:01:24: 4c:55:08:2f:98:ba:19:8b:50:08:2c:b1:c0:80:c5:3a:65:8e: 23:25:ee:1c:a4:05:b8:77:11:16:b8:ab:8e:5f:e2:05:98:9c: 33:a3:4a:76:f0:be:f3:12:91:e8:cb:02:4c:02:81:5e:55:c9: 50:96:9e:cd:9e:4a:2d:16:8d:db:24:3c:52:6f:e0:eb:4c:49: 2e:10:ce:8b:3f:f1:30:b6:9b:c6:8d:ce:76:7f:4e:b0:50:59: f2:7d:f6:12:63:b8:22:de:43:7e:06:6b:37:67:1e:6f:e1:6b: 9b:90:99:98:e4:20:42:84:d0:ca:83:94:2b:94:58:3e:be:f0: e5:47:65:89 -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt+pvpuHa8M/yrzZBNlkkATMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTIyMDMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MjQ0MmYxY2ZjNzVlZDExMDAxMzg3NzkzMGEyOWQ4NmY4OWViYmI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dy2BGTsOvBMxsOiqxIwlxTatNMS jHumJpd7X/t2/d47ppUA+pBsRSt2bM7jngKCfoAMPJN//6eofYK8XF7khCMhebOg ljaxaZH72V8PhGXnaZ9cLcAoYXf1I2KR/cqYhNZdj5/rIkwth6aKQjNd7wuM+JXY 3uJlVmkFQD7FAu5PQwQ9tJLkWRc/kctVmdPRxprAWIjuNLsXQApymvnXXNDeB+X1 tBfsuzue+qvhs5LmT1ibqlVcZTqIR+M6m56OLqiGYXTqi7ME3oNDIptEUTE6U4uN KejNKtfZvsyxmV4rdH35rg8IxFNtfi9WJs1u7qRXAvD2Jn7cJ9cX4sKchwIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFJJELxz8de0RABOHeTCinYb4nru2MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQyLzlhZjg4 MS1iYTBkLTQ1MWQtYTY5Yi0wMGY5NmZmY2Y3MzQvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDIvOWFmODgx LWJhMGQtNDUxZC1hNjliLTAwZjk2ZmZjZjczNC8xL2trUXZIUHgxN1JFQUU0ZDVN S0tkaHZpZXU3WS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCuVDwMA0EAgACMAcDBQMqBYPAMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwMSIDANBgkqhkiG9w0BAQsFAAOCAQEAPufZF4jUv/64 BCmCobpnSGKyWuyKlZELQflbfuvyvn/jYNNyA/aWRoJwV828sjFIKBRYNZnDvaLO wRcG3st+olz8Lo4AT67PhRv6zMUL2tqbZ7efmYA8kKVpbE+w5AHC1ki96C/9iF// dttGaCD6kbC0aN07LA+JrmcJPQEkTFUIL5i6GYtQCCyxwIDFOmWOIyXuHKQFuHcR Frirjl/iBZicM6NKdvC+8xKR6MsCTAKBXlXJUJaezZ5KLRaN2yQ8Um/g60xJLhDO iz/xMLabxo3Odn9OsFBZ8n32EmO4It5DfgZrN2ceb+Frm5CZmOQgQoTQyoOUK5RY Pr7w5UdliQ== -----END CERTIFICATE-----Generated at Mon Feb 9 15:07:24 2026 by rpki-client