This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/kkqX2RLXH4D9Nrc-_A_Hlpdi8zc.cer File: kkqX2RLXH4D9Nrc-_A_Hlpdi8zc.cer (raw, json) Hash identifier: 45S4euuCTksBUtobAD6NM8CzePfp83mH8kvEwvMWCRg= Subject key identifier: 92:4A:97:D9:12:D7:1F:80:FD:36:B7:3E:FC:0F:C7:96:97:62:F3:37 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7BA51576BA7E862005764CC8CE117F76 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/90/ad3586-a028-4746-b3da-814856e1b1f4/1/kkqX2RLXH4D9Nrc-_A_Hlpdi8zc.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/90/ad3586-a028-4746-b3da-814856e1b1f4/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 22:19:35 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 33955 IP: 217.194.16.0/20 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:15:76:ba:7e:86:20:05:76:4c:c8:ce:11:7f:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 22:19:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=924a97d912d71f80fd36b73efc0fc7969762f337 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:d7:39:45:82:7d:81:4e:cc:96:b8:50:86:38: f6:e5:48:9c:8f:da:8e:e0:34:78:39:c2:46:cb:61: bd:4d:7c:4b:67:9e:1d:a4:97:4c:d7:b1:2f:6c:7c: 56:a4:64:c0:c5:b4:a4:41:7c:f1:43:a5:07:20:e1: b9:38:35:00:ea:d3:2b:8b:95:ce:4d:45:cd:5b:2f: 60:36:7c:bb:e1:8d:ca:44:48:a6:60:4f:1d:3e:6d: f1:0e:97:f9:a5:4c:a9:64:e3:86:11:88:8a:59:ed: 74:3a:13:7a:0e:d8:cd:0b:e6:3c:dc:8d:6e:73:33: af:86:d0:c5:fa:83:5e:c1:c9:14:49:2a:55:2f:20: 2f:d5:be:69:51:3e:ad:76:7f:fc:e4:a6:b6:14:05: d7:33:9a:97:48:f2:10:63:bc:fe:8a:11:dd:f9:30: 99:04:ac:13:ff:4a:d3:af:ee:c9:cb:23:6e:c2:dd: df:d8:b3:f4:ea:8c:10:40:ef:d3:51:72:0f:11:c2: 6e:b9:79:15:cd:66:6b:0a:8d:cb:7a:34:d9:e0:cc: 72:cd:3c:15:d9:ec:fb:59:ea:ad:37:d8:f3:2a:86: e2:1c:14:ad:9a:b7:94:22:20:62:b1:8f:fd:03:64: 05:77:45:00:9f:42:bd:ec:d7:88:52:25:1d:60:da: b6:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:4A:97:D9:12:D7:1F:80:FD:36:B7:3E:FC:0F:C7:96:97:62:F3:37 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ad3586-a028-4746-b3da-814856e1b1f4/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ad3586-a028-4746-b3da-814856e1b1f4/1/kkqX2RLXH4D9Nrc-_A_Hlpdi8zc.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.194.16.0/20 sbgp-autonomousSysNum: critical Autonomous System Numbers: 33955 Signature Algorithm: sha256WithRSAEncryption 32:56:9d:13:de:e2:9c:a6:08:64:8e:f0:fa:4b:f7:df:35:f6: cd:b8:36:fe:df:b6:92:35:05:3d:97:b5:7a:35:0a:f2:d6:e3: 2f:a0:6f:a3:0a:d4:b7:2f:2d:7c:b0:29:2f:0c:64:9a:c0:91: d3:a4:87:06:20:97:ab:b8:b8:60:28:4c:17:93:a1:2d:e3:f6: b8:77:95:91:a4:69:bc:ac:86:0c:fc:1d:6e:3e:56:10:d6:b1: ea:b3:20:44:e4:79:d9:e9:b8:fe:a8:60:ae:89:2a:14:37:cc: 2c:ee:c6:fb:25:8b:0e:d0:7c:87:6b:44:e3:b4:8f:dc:d2:1d: 8b:bd:bc:da:9b:87:4f:13:a7:9e:c0:3b:35:82:67:c0:d1:2f: 68:51:bf:e1:81:66:5a:92:43:76:f5:8f:bd:bb:26:c5:99:12: 59:ca:37:98:c9:8a:b0:de:61:88:40:fc:81:e3:f3:84:08:5a: bc:5e:61:55:75:07:6f:18:6c:2d:da:86:07:c7:e2:64:f0:db: 7e:1e:0d:c6:ca:aa:3d:b5:d6:c2:fc:af:a6:26:ec:53:af:72: 0d:5f:1d:0b:1a:1c:29:7c:ae:d5:4d:5c:94:cf:4f:91:c7:22: 44:96:12:61:98:3b:b1:22:bd:d4:b0:ee:c4:bb:9a:6d:11:33: 6b:3f:1b:10 -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgISAZt7pRV2un6GIAV2TMjOEX92MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjIxOTM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MjRhOTdkOTEyZDcxZjgwZmQzNmI3M2VmYzBmYzc5Njk3NjJmMzM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdc5RYJ9gU7MlrhQhjj25Uicj9qO 4DR4OcJGy2G9TXxLZ54dpJdM17EvbHxWpGTAxbSkQXzxQ6UHIOG5ODUA6tMri5XO TUXNWy9gNny74Y3KREimYE8dPm3xDpf5pUypZOOGEYiKWe10OhN6DtjNC+Y83I1u czOvhtDF+oNewckUSSpVLyAv1b5pUT6tdn/85Ka2FAXXM5qXSPIQY7z+ihHd+TCZ BKwT/0rTr+7JyyNuwt3f2LP06owQQO/TUXIPEcJuuXkVzWZrCo3LejTZ4MxyzTwV 2ez7WeqtN9jzKobiHBStmreUIiBisY/9A2QFd0UAn0K97NeIUiUdYNq20wIDAQAB o4ICoDCCApwwHQYDVR0OBBYEFJJKl9kS1x+A/Ta3PvwPx5aXYvM3MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkwL2FkMzU4 Ni1hMDI4LTQ3NDYtYjNkYS04MTQ4NTZlMWIxZjQvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAvYWQzNTg2 LWEwMjgtNDc0Ni1iM2RhLTgxNDg1NmUxYjFmNC8xL2trcVgyUkxYSDREOU5yYy1f QV9IbHBkaTh6Yy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQE2cIQMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC AwCEozANBgkqhkiG9w0BAQsFAAOCAQEAMladE97inKYIZI7w+kv33zX2zbg2/t+2 kjUFPZe1ejUK8tbjL6BvowrUty8tfLApLwxkmsCR06SHBiCXq7i4YChMF5OhLeP2 uHeVkaRpvKyGDPwdbj5WENax6rMgROR52em4/qhgrokqFDfMLO7G+yWLDtB8h2tE 47SP3NIdi7282puHTxOnnsA7NYJnwNEvaFG/4YFmWpJDdvWPvbsmxZkSWco3mMmK sN5hiED8gePzhAhavF5hVXUHbxhsLdqGB8fiZPDbfh4NxsqqPbXWwvyvpibsU69y DV8dCxocKXyu1U1clM9PkcciRJYSYZg7sSK91LDuxLuabREzaz8bEA== -----END CERTIFICATE-----Generated at Tue Jan 27 03:54:45 2026 by rpki-client