This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/kyAhKZaVds41f64mycfPmKglDqY.cer File: kyAhKZaVds41f64mycfPmKglDqY.cer (raw, json) Hash identifier: FHVwaPvqrasoubS/jo9g+WGtiWHAovyV6B6uQ2SuqgI= Subject key identifier: 93:20:21:29:96:95:76:CE:35:7F:AE:26:C9:C7:CF:98:A8:25:0E:A6 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7C7EDADDE91610E7B72FC9C01C735D5C Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/kyAhKZaVds41f64mycfPmKglDqY.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 02:17:26 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 6677 AS: 203566 IP: 31.209.144.0/20 IP: 31.209.192.0/18 IP: 85.220.0.0/17 IP: 157.157.0.0/16 IP: 192.147.34.0/24 IP: 194.105.224.0/19 IP: 212.30.192.0/19 IP: 213.167.128.0/19 IP: 2001:1a98::/29 IP: 2a0c:c5c0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7e:da:dd:e9:16:10:e7:b7:2f:c9:c0:1c:73:5d:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 02:17:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=93202129969576ce357fae26c9c7cf98a8250ea6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:b6:4b:63:84:d5:58:ce:dd:58:d6:9d:ec:9b: e3:b4:ad:ba:c1:5d:1e:d8:1b:8e:0a:a4:a4:c0:04: d0:18:c9:21:21:7b:9b:76:d9:f3:3d:7e:bd:31:c8: 3e:a4:73:2c:73:98:e1:c8:df:a3:a9:41:8e:6d:e3: 77:f1:83:1a:28:74:79:a2:a7:42:d3:ce:44:4b:64: 34:0c:8b:b5:cc:75:9a:9f:f9:81:8e:d2:f6:f9:7f: 5d:db:d7:e6:e7:a4:d8:a5:f8:ed:90:c7:4f:29:74: 40:08:5d:9f:33:0a:8e:43:f2:35:84:79:f3:07:9d: 49:f9:e5:1c:d8:43:f7:0c:87:55:1d:f3:8e:93:64: 51:c9:c6:5b:2f:00:8c:0c:4a:e7:0d:a7:ec:e6:44: b3:a8:36:fd:7b:4f:6a:52:30:2c:9a:64:cb:95:77: 71:01:76:78:e4:02:3f:ca:a5:73:fe:03:c2:60:10: c8:63:04:58:6f:61:52:c5:f2:1b:22:d2:6f:65:1f: f4:8b:e0:c8:78:e3:08:a0:10:f5:76:26:ab:87:10: 80:ca:f6:c5:43:0b:8f:60:81:cc:61:86:96:16:91: 27:41:5c:87:f7:22:8a:90:40:cd:ca:78:07:ff:cd: 92:ad:df:e7:28:07:6a:0c:10:38:19:d3:88:8a:f7: 73:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:20:21:29:96:95:76:CE:35:7F:AE:26:C9:C7:CF:98:A8:25:0E:A6 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/kyAhKZaVds41f64mycfPmKglDqY.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.209.144.0/20 31.209.192.0/18 85.220.0.0/17 157.157.0.0/16 192.147.34.0/24 194.105.224.0/19 212.30.192.0/19 213.167.128.0/19 IPv6: 2001:1a98::/29 2a0c:c5c0::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 6677 203566 Signature Algorithm: sha256WithRSAEncryption 6e:ca:1c:70:08:6c:6e:f3:8c:10:53:e0:b5:2b:78:54:a8:c5: be:62:c0:46:53:dc:b9:37:4e:61:eb:a8:8b:ba:00:8f:cd:95: de:9f:23:96:e4:14:70:08:f5:aa:c1:18:5f:2a:6d:09:5b:98: 3e:8a:c1:26:41:6d:dc:ef:de:30:7d:54:89:3f:45:f5:cc:eb: 24:50:cf:b9:8b:a1:84:71:39:79:69:2f:19:08:47:3b:00:14: b1:13:37:7a:ae:11:26:e2:2d:ba:c1:92:e7:2f:5a:37:9a:eb: 9c:f6:8c:28:df:8c:b2:bd:32:4a:59:6e:4c:d8:c8:b3:15:11: 67:10:dd:20:95:f9:55:6b:c1:36:6b:5c:b0:01:67:5a:d4:7b: 7e:d7:48:d4:4f:b3:12:46:f7:de:c7:fe:54:9f:2c:da:38:79: 3e:45:74:e3:a9:8e:6c:39:1d:1e:46:3d:78:b7:5b:15:65:42: dd:b9:5d:cc:a2:d5:77:c7:4d:6a:3e:7f:24:3c:1f:fb:8c:b2: fd:d2:dd:89:42:0e:f1:bf:4e:47:92:5b:c2:9d:60:41:23:9b: b7:56:1f:f8:f2:91:5f:03:22:cc:9d:d2:22:84:ae:f4:f6:29: 2a:a2:0b:45:20:89:e7:7f:c1:36:a2:1b:ef:5b:cc:49:cc:d0: d2:56:ac:3c -----BEGIN CERTIFICATE----- MIIF1zCCBL+gAwIBAgISAZt8ftrd6RYQ57cvycAcc11cMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDIxNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MzIwMjEyOTk2OTU3NmNlMzU3ZmFlMjZjOWM3Y2Y5OGE4MjUwZWE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7ZLY4TVWM7dWNad7JvjtK26wV0e 2BuOCqSkwATQGMkhIXubdtnzPX69Mcg+pHMsc5jhyN+jqUGObeN38YMaKHR5oqdC 085ES2Q0DIu1zHWan/mBjtL2+X9d29fm56TYpfjtkMdPKXRACF2fMwqOQ/I1hHnz B51J+eUc2EP3DIdVHfOOk2RRycZbLwCMDErnDafs5kSzqDb9e09qUjAsmmTLlXdx AXZ45AI/yqVz/gPCYBDIYwRYb2FSxfIbItJvZR/0i+DIeOMIoBD1diarhxCAyvbF QwuPYIHMYYaWFpEnQVyH9yKKkEDNyngH/82Srd/nKAdqDBA4GdOIivdzewIDAQAB o4IC4zCCAt8wHQYDVR0OBBYEFJMgISmWlXbONX+uJsnHz5ioJQ6mMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I1L2Q2ZTc5 Ni0wZTE0LTQ1YjEtOWNmMy01YWQ1OGFiZmJiMWYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUvZDZlNzk2 LTBlMTQtNDViMS05Y2YzLTVhZDU4YWJmYmIxZi8xL2t5QWhLWmFWZHM0MWY2NG15 Y2ZQbUtnbERxWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF4GCCsGAQUF BwEHAQH/BE8wTTA1BAIAATAvAwQEH9GQAwQGH9HAAwQHVdwAAwMAnZ0DBADAkyID BAXCaeADBAXUHsADBAXVp4AwFAQCAAIwDgMFAyABGpgDBQMqDMXAMB4GCCsGAQUF BwEIAQH/BA8wDaALMAkCAhoVAgMDGy4wDQYJKoZIhvcNAQELBQADggEBAG7KHHAI bG7zjBBT4LUreFSoxb5iwEZT3Lk3TmHrqIu6AI/Nld6fI5bkFHAI9arBGF8qbQlb mD6KwSZBbdzv3jB9VIk/RfXM6yRQz7mLoYRxOXlpLxkIRzsAFLETN3quESbiLbrB kucvWjea65z2jCjfjLK9MkpZbkzYyLMVEWcQ3SCV+VVrwTZrXLABZ1rUe37XSNRP sxJG997H/lSfLNo4eT5FdOOpjmw5HR5GPXi3WxVlQt25Xcyi1XfHTWo+fyQ8H/uM sv3S3YlCDvG/TkeSW8KdYEEjm7dWH/jykV8DIsyd0iKErvT2KSqiC0Ugied/wTai G+9bzEnM0NJWrDw= -----END CERTIFICATE-----Generated at Wed Jan 21 08:57:35 2026 by rpki-client