This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lA_4gDMK92KubMBQ3l80tfV7Cwk.cer File: lA_4gDMK92KubMBQ3l80tfV7Cwk.cer (raw, json) Hash identifier: xxtQue+UA+v/uG9PrGdNlNSYfMBbWdOrXF+LaXqE6rQ= Subject key identifier: 94:0F:F8:80:33:0A:F7:62:AE:6C:C0:50:DE:5F:34:B5:F5:7B:0B:09 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B783506F216E14C780FFCA6174F86EDFD Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d6/23e16e-943e-4595-9530-a82f658a2aa1/1/lA_4gDMK92KubMBQ3l80tfV7Cwk.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d6/23e16e-943e-4595-9530-a82f658a2aa1/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 06:18:19 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 20723 AS: 47868 IP: 31.177.24.0/21 IP: 79.170.248.0/21 IP: 94.125.216.0/21 IP: 131.117.208.0/21 IP: 178.20.136.0/21 IP: 185.84.232.0/22 IP: 217.112.160.0/20 IP: 217.115.240.0/20 IP: 2a00:6500::/29 IP: 2a00:db00::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:10:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:35:06:f2:16:e1:4c:78:0f:fc:a6:17:4f:86:ed:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 06:18:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=940ff880330af762ae6cc050de5f34b5f57b0b09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:27:4f:ab:ea:31:b9:00:98:ef:80:da:98:b2: 1e:33:c4:d4:e0:6b:b7:de:55:36:1b:1e:77:46:4a: 1b:0b:c7:99:1e:40:de:a2:d1:56:1f:57:80:b4:6c: 4b:38:b6:f6:91:e5:e1:da:a9:e3:54:ba:dd:5f:41: e8:01:48:d9:21:37:76:27:c4:c4:a6:89:99:18:d0: 16:22:c4:c6:44:da:21:34:f6:2c:1d:a6:2a:4b:35: 6c:2d:a5:28:79:3f:76:67:d8:8d:8c:2c:39:f4:00: 02:6a:d4:08:56:52:4d:d5:14:50:6a:78:93:74:69: f4:84:43:a3:c1:83:9e:13:ca:36:dc:eb:9a:db:44: 4f:21:7f:a5:d0:e7:96:a4:62:d5:e2:0e:21:49:6b: fa:b8:93:ad:f6:96:28:5a:ca:a5:10:9e:b6:8b:62: 05:d2:ac:d1:57:11:fa:c2:3f:aa:8d:90:3f:f8:68: 83:f2:a1:12:9d:3f:6b:50:62:43:13:90:01:a0:cf: 31:7a:8c:60:08:e7:21:f2:e6:72:95:a3:01:37:30: c9:df:b5:38:c1:77:8c:f0:1e:d5:19:0f:50:1a:f7: 40:c2:0c:98:80:08:88:83:e0:fd:1e:1b:e8:ce:15: 2d:a1:62:b0:b3:cf:85:93:2c:c4:b6:da:ac:5e:b9: 8a:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:0F:F8:80:33:0A:F7:62:AE:6C:C0:50:DE:5F:34:B5:F5:7B:0B:09 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/23e16e-943e-4595-9530-a82f658a2aa1/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/23e16e-943e-4595-9530-a82f658a2aa1/1/lA_4gDMK92KubMBQ3l80tfV7Cwk.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.177.24.0/21 79.170.248.0/21 94.125.216.0/21 131.117.208.0/21 178.20.136.0/21 185.84.232.0/22 217.112.160.0/20 217.115.240.0/20 IPv6: 2a00:6500::/29 2a00:db00::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 20723 47868 Signature Algorithm: sha256WithRSAEncryption 70:e5:fe:3e:cf:cd:06:0b:f7:76:5c:22:96:75:d8:7e:22:7c: 3f:03:6d:f0:3a:83:9a:96:bd:22:96:75:2b:6e:38:7c:58:86: 1a:c1:ca:17:d7:0c:f5:60:f3:0c:c3:ed:74:8b:ad:d6:ef:c9: 83:cc:c2:8b:d8:84:b9:d4:1c:9c:c4:c6:47:3a:c6:c4:cd:5d: 1e:44:53:9b:7a:8b:0a:bb:65:ce:60:74:a4:00:3f:19:9f:25: a1:62:e5:5a:71:6a:8e:58:19:4d:4a:6f:34:8a:d0:bf:23:45: e4:e7:3e:cf:dd:be:6a:6b:5e:4b:c1:8b:8b:2a:b7:bb:aa:f5: 73:4a:fb:0c:c7:f3:d1:c1:8c:f8:bf:ec:b1:a3:5c:88:58:70: ad:a8:e9:93:9c:df:66:c4:94:a8:13:5e:d6:f6:0f:d1:2f:62: bd:cb:bf:b6:de:87:3b:28:64:32:08:67:55:e0:dc:60:0c:1d: 4b:7c:7b:52:73:48:61:36:56:d2:5d:10:83:b3:e2:a1:88:10: 23:0b:f9:b5:08:15:0c:34:62:43:57:8b:f3:90:6b:31:6c:89: c1:79:0a:54:cf:f6:e0:dd:60:12:62:b4:c2:50:e1:5e:4e:ae: 87:72:b2:e1:df:5b:ed:6e:16:71:30:d4:32:a3:05:9b:e3:75: b4:22:22:04 -----BEGIN CERTIFICATE----- MIIF2DCCBMCgAwIBAgISAZt4NQbyFuFMeA/8phdPhu39MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDYxODE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NDBmZjg4MDMzMGFmNzYyYWU2Y2MwNTBkZTVmMzRiNWY1N2IwYjA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSdPq+oxuQCY74DamLIeM8TU4Gu3 3lU2Gx53RkobC8eZHkDeotFWH1eAtGxLOLb2keXh2qnjVLrdX0HoAUjZITd2J8TE pomZGNAWIsTGRNohNPYsHaYqSzVsLaUoeT92Z9iNjCw59AACatQIVlJN1RRQaniT dGn0hEOjwYOeE8o23Oua20RPIX+l0OeWpGLV4g4hSWv6uJOt9pYoWsqlEJ62i2IF 0qzRVxH6wj+qjZA/+GiD8qESnT9rUGJDE5ABoM8xeoxgCOch8uZylaMBNzDJ37U4 wXeM8B7VGQ9QGvdAwgyYgAiIg+D9HhvozhUtoWKws8+FkyzEttqsXrmKqQIDAQAB o4IC5DCCAuAwHQYDVR0OBBYEFJQP+IAzCvdirmzAUN5fNLX1ewsJMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q2LzIzZTE2 ZS05NDNlLTQ1OTUtOTUzMC1hODJmNjU4YTJhYTEvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDYvMjNlMTZl LTk0M2UtNDU5NS05NTMwLWE4MmY2NThhMmFhMS8xL2xBXzRnRE1LOTJLdWJNQlEz bDgwdGZWN0N3ay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF8GCCsGAQUF BwEHAQH/BFAwTjA2BAIAATAwAwQDH7EYAwQDT6r4AwQDXn3YAwQDg3XQAwQDshSI AwQCuVToAwQE2XCgAwQE2XPwMBQEAgACMA4DBQMqAGUAAwUAKgDbADAeBggrBgEF BQcBCAEB/wQPMA2gCzAJAgJQ8wIDALr8MA0GCSqGSIb3DQEBCwUAA4IBAQBw5f4+ z80GC/d2XCKWddh+Inw/A23wOoOalr0ilnUrbjh8WIYawcoX1wz1YPMMw+10i63W 78mDzMKL2IS51BycxMZHOsbEzV0eRFObeosKu2XOYHSkAD8ZnyWhYuVacWqOWBlN Sm80itC/I0Xk5z7P3b5qa15LwYuLKre7qvVzSvsMx/PRwYz4v+yxo1yIWHCtqOmT nN9mxJSoE17W9g/RL2K9y7+23oc7KGQyCGdV4NxgDB1LfHtSc0hhNlbSXRCDs+Kh iBAjC/m1CBUMNGJDV4vzkGsxbInBeQpUz/bg3WASYrTCUOFeTq6HcrLh31vtbhZx MNQyowWb43W0IiIE -----END CERTIFICATE-----Generated at Mon Feb 9 16:50:23 2026 by rpki-client