This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/kw4KO7COSsZzY-MLqDsHFjLQqkM.cer File: kw4KO7COSsZzY-MLqDsHFjLQqkM.cer (raw, json) Hash identifier: eBUnGTezdA18HcH3aNeTiZx0wgsPHpGzMBsWMadJ18A= Subject key identifier: 93:0E:0A:3B:B0:8E:4A:C6:73:63:E3:0B:A8:3B:07:16:32:D0:AA:43 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B76EADC67584C43E9D2D0279BDAAE6A02 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/7c/5950c9-97ec-40dc-9b11-0295a1c11feb/1/kw4KO7COSsZzY-MLqDsHFjLQqkM.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/7c/5950c9-97ec-40dc-9b11-0295a1c11feb/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 00:17:41 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 214064 IP: 2001:67c:f30::/48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:dc:67:58:4c:43:e9:d2:d0:27:9b:da:ae:6a:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 00:17:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=930e0a3bb08e4ac67363e30ba83b071632d0aa43 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:c9:87:26:fb:df:a9:47:86:25:57:11:9c:e4: d2:bd:a7:6d:d5:53:3a:da:08:17:89:10:97:a7:27: 3a:81:0e:9d:bc:45:26:a1:11:a3:0d:fd:7c:0d:83: 72:9c:36:b1:10:c8:cf:cc:53:1b:cc:35:88:a9:3e: bc:9b:0f:99:10:46:8e:95:e4:e7:be:80:3e:d9:49: e0:36:6f:b2:47:0b:ba:bb:46:9e:be:09:2f:2f:9f: fd:32:29:11:a8:6c:46:1b:65:2a:ce:48:a8:23:2d: a8:9c:c1:44:2f:92:e7:9f:73:a7:9d:11:3f:d9:f9: e0:e6:6b:c7:36:d3:ed:10:9c:ef:a4:1f:2c:dc:c5: 7c:3d:f8:bc:dd:fb:bb:dd:64:cc:2b:c1:69:87:21: e8:c1:c3:f5:6c:38:df:7b:8c:82:69:23:d0:47:9c: f5:22:17:77:f7:2b:8f:69:6d:0a:b2:da:dc:96:cf: 8c:4a:0e:15:5e:34:f8:90:f9:5a:39:58:db:06:21: e0:d5:73:e7:2e:a8:5c:f5:ca:8b:69:f9:df:fd:f0: 4a:29:8a:aa:d2:02:3e:35:8a:2d:53:c9:43:90:24: 13:c1:28:fe:4c:2f:2f:80:21:fc:16:70:45:54:35: fc:a8:b0:33:6d:b1:22:c8:77:86:08:16:e3:8e:2d: f6:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:0E:0A:3B:B0:8E:4A:C6:73:63:E3:0B:A8:3B:07:16:32:D0:AA:43 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/5950c9-97ec-40dc-9b11-0295a1c11feb/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/5950c9-97ec-40dc-9b11-0295a1c11feb/1/kw4KO7COSsZzY-MLqDsHFjLQqkM.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:f30::/48 sbgp-autonomousSysNum: critical Autonomous System Numbers: 214064 Signature Algorithm: sha256WithRSAEncryption 3a:aa:c6:17:3e:b6:13:8c:c8:f8:3d:58:61:d0:8b:93:4f:3e: d5:72:4e:79:1c:3b:2c:e3:72:80:99:ac:7e:c6:cc:aa:08:2d: 63:eb:14:37:0f:a5:4d:48:60:a1:5c:2e:11:28:e1:7f:53:3a: 47:40:bb:8e:76:7d:50:be:f8:6d:45:8d:e3:e0:15:6f:2b:6f: fd:ba:e3:82:25:b0:aa:4d:e9:64:db:38:60:cd:3b:3b:fe:0f: 4e:49:d4:8f:c9:67:65:e3:27:b0:42:c5:56:79:c2:0c:91:92: 9b:7c:74:f1:c4:45:f7:6c:03:b2:b8:06:20:8e:3a:81:55:a0: 28:dc:c0:9a:18:26:3a:fd:bc:bc:0f:58:e3:e4:ce:3d:2c:90: d7:49:2e:29:cc:bd:e9:71:d1:82:26:12:7f:ab:4b:9d:e5:d7: e4:88:b5:c9:8b:71:24:8f:75:1e:ca:6b:e9:e9:be:98:d7:3f: 0e:c3:30:ac:1e:84:31:d0:03:1a:aa:0d:8e:14:ab:ad:f7:3f: f8:6e:e2:40:02:6b:5c:36:7e:26:47:81:17:92:69:7c:9c:6a: fd:2e:fa:47:1c:98:41:8a:9d:a9:67:4b:6f:61:7d:c0:9f:43: 3c:12:86:87:da:84:f8:c5:3b:14:ed:b9:58:27:74:5c:a8:95: 96:c7:f1:7e -----BEGIN CERTIFICATE----- MIIFlzCCBH+gAwIBAgISAZt26txnWExD6dLQJ5varmoCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDAxNzQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MzBlMGEzYmIwOGU0YWM2NzM2M2UzMGJhODNiMDcxNjMyZDBhYTQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8mHJvvfqUeGJVcRnOTSvadt1VM6 2ggXiRCXpyc6gQ6dvEUmoRGjDf18DYNynDaxEMjPzFMbzDWIqT68mw+ZEEaOleTn voA+2UngNm+yRwu6u0aevgkvL5/9MikRqGxGG2UqzkioIy2onMFEL5Lnn3OnnRE/ 2fng5mvHNtPtEJzvpB8s3MV8Pfi83fu73WTMK8FphyHowcP1bDjfe4yCaSPQR5z1 Ihd39yuPaW0Kstrcls+MSg4VXjT4kPlaOVjbBiHg1XPnLqhc9cqLafnf/fBKKYqq 0gI+NYotU8lDkCQTwSj+TC8vgCH8FnBFVDX8qLAzbbEiyHeGCBbjji32FwIDAQAB o4ICozCCAp8wHQYDVR0OBBYEFJMOCjuwjkrGc2PjC6g7BxYy0KpDMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdjLzU5NTBj OS05N2VjLTQwZGMtOWIxMS0wMjk1YTFjMTFmZWIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2MvNTk1MGM5 LTk3ZWMtNDBkYy05YjExLTAyOTVhMWMxMWZlYi8xL2t3NEtPN0NPU3NaelktTUxx RHNIRmpMUXFrTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfA8wMBoGCCsGAQUFBwEIAQH/BAswCaAH MAUCAwNEMDANBgkqhkiG9w0BAQsFAAOCAQEAOqrGFz62E4zI+D1YYdCLk08+1XJO eRw7LONygJmsfsbMqggtY+sUNw+lTUhgoVwuESjhf1M6R0C7jnZ9UL74bUWN4+AV bytv/brjgiWwqk3pZNs4YM07O/4PTknUj8lnZeMnsELFVnnCDJGSm3x08cRF92wD srgGII46gVWgKNzAmhgmOv28vA9Y4+TOPSyQ10kuKcy96XHRgiYSf6tLneXX5Ii1 yYtxJI91Hspr6em+mNc/DsMwrB6EMdADGqoNjhSrrfc/+G7iQAJrXDZ+JkeBF5Jp fJxq/S76RxyYQYqdqWdLb2F9wJ9DPBKGh9qE+MU7FO25WCd0XKiVlsfxfg== -----END CERTIFICATE-----Generated at Tue Jan 27 03:57:13 2026 by rpki-client