This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lCbTCdDbAt8dfgS7s5MTvR3xM1g.cer File: lCbTCdDbAt8dfgS7s5MTvR3xM1g.cer (raw, json) Hash identifier: fvQj2pgWAipMWvq65blW54S+8S0D6vqDULodaUb7WXY= Subject key identifier: 94:26:D3:09:D0:DB:02:DF:1D:7E:04:BB:B3:93:13:BD:1D:F1:33:58 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7C80B62B97F63D313D8A8470D0B6A89C Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/8f/91431a-b50d-4d50-a6d6-f17f095dd3af/1/lCbTCdDbAt8dfgS7s5MTvR3xM1g.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/8f/91431a-b50d-4d50-a6d6-f17f095dd3af/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 02:19:28 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 42934 IP: 91.209.255.0/24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:b6:2b:97:f6:3d:31:3d:8a:84:70:d0:b6:a8:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 02:19:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9426d309d0db02df1d7e04bbb39313bd1df13358 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:17:c3:ef:6e:4d:ce:41:50:f6:0c:b4:7e:bb: cf:72:f3:93:86:3c:05:73:bf:b1:02:a8:26:c9:45: 21:f6:91:5d:24:3b:66:03:57:a3:07:0b:fc:0b:75: 07:e7:97:20:c5:49:ce:f5:4c:f3:ea:b9:93:fd:9c: 94:de:39:14:49:ce:45:e2:14:d3:76:d4:f3:2d:ba: 44:b4:a9:02:d1:01:b7:8b:a1:53:11:7d:27:2a:0d: e5:23:8b:35:ab:db:a1:4d:f4:45:09:68:ea:4b:b6: d8:08:c7:dd:57:9a:2d:82:3a:8c:17:d2:8c:46:84: a5:c4:55:66:9e:e9:45:0f:58:8c:96:27:fc:b9:48: 08:02:21:29:c5:2b:bc:d5:5b:8e:92:65:38:12:5e: 5f:2d:a7:6c:40:f6:ba:27:c6:1a:02:35:4e:60:06: 3c:9b:45:8f:8e:09:01:da:04:5e:46:8d:ca:29:cc: 66:2b:71:b3:f6:ae:1e:0f:73:4b:98:5a:59:12:42: 06:56:0c:1a:ed:b4:44:4f:c1:74:2d:8f:a9:d7:83: 10:90:ca:cf:b3:19:2e:36:ec:a3:06:ca:5b:d2:17: 3d:e3:78:95:61:83:f6:96:34:a0:a8:0d:c8:0c:34: fa:83:80:ba:79:8b:c6:73:ef:bf:bc:d4:ce:d1:16: af:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:26:D3:09:D0:DB:02:DF:1D:7E:04:BB:B3:93:13:BD:1D:F1:33:58 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/91431a-b50d-4d50-a6d6-f17f095dd3af/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/91431a-b50d-4d50-a6d6-f17f095dd3af/1/lCbTCdDbAt8dfgS7s5MTvR3xM1g.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.209.255.0/24 sbgp-autonomousSysNum: critical Autonomous System Numbers: 42934 Signature Algorithm: sha256WithRSAEncryption 08:2f:08:90:0f:a3:a2:26:64:69:4a:00:fa:9d:43:20:b7:43: bd:bb:94:fc:81:e5:b5:17:5a:0e:c4:4f:08:8e:0a:ea:f7:3d: c0:d4:d7:bc:fb:3b:da:79:a7:20:78:b3:52:85:db:89:94:aa: 97:ad:c8:59:c8:55:47:98:c1:96:08:12:58:59:fa:d9:74:d7: 85:6b:53:28:c3:b3:f6:07:84:64:d0:57:c4:60:f5:cc:0d:0e: 4a:08:c5:d7:9c:83:dc:58:31:44:9e:35:35:7c:04:1d:38:1f: 1b:36:d6:ba:8a:0a:bd:dd:00:8a:35:17:35:8b:e5:5c:73:68: 1c:b2:51:e2:6a:e7:45:98:5b:4a:ee:f3:2f:cf:10:5e:b3:5a: c1:0a:64:c1:e4:bb:60:29:92:47:f1:bc:00:d5:cf:da:f1:67: 56:6c:a3:98:e6:b2:be:bc:2d:4b:f6:e8:37:43:1d:84:a8:0e: 13:a3:fa:2f:e7:ee:ed:a5:a6:8b:8c:33:d3:26:0a:7d:05:de: 15:d4:ec:3e:c0:db:45:c2:69:5e:d7:fa:f9:c1:4b:7f:d0:06: 7f:48:ca:2a:97:95:5d:3f:b7:b2:3c:e8:52:ac:7a:4b:1b:8a: ba:63:d1:80:3a:59:f6:5e:1a:d7:57:cb:1b:40:2a:56:6f:00: 8e:d8:4a:56 -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgISAZt8gLYrl/Y9MT2KhHDQtqicMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDIxOTI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NDI2ZDMwOWQwZGIwMmRmMWQ3ZTA0YmJiMzkzMTNiZDFkZjEzMzU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRfD725NzkFQ9gy0frvPcvOThjwF c7+xAqgmyUUh9pFdJDtmA1ejBwv8C3UH55cgxUnO9Uzz6rmT/ZyU3jkUSc5F4hTT dtTzLbpEtKkC0QG3i6FTEX0nKg3lI4s1q9uhTfRFCWjqS7bYCMfdV5otgjqMF9KM RoSlxFVmnulFD1iMlif8uUgIAiEpxSu81VuOkmU4El5fLadsQPa6J8YaAjVOYAY8 m0WPjgkB2gReRo3KKcxmK3Gz9q4eD3NLmFpZEkIGVgwa7bRET8F0LY+p14MQkMrP sxkuNuyjBspb0hc943iVYYP2ljSgqA3IDDT6g4C6eYvGc++/vNTO0RavTQIDAQAB o4ICoDCCApwwHQYDVR0OBBYEFJQm0wnQ2wLfHX4Eu7OTE70d8TNYMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhmLzkxNDMx YS1iNTBkLTRkNTAtYTZkNi1mMTdmMDk1ZGQzYWYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYvOTE0MzFh LWI1MGQtNGQ1MC1hNmQ2LWYxN2YwOTVkZDNhZi8xL2xDYlRDZERiQXQ4ZGZnUzdz NU1UdlIzeE0xZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQAW9H/MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC AwCntjANBgkqhkiG9w0BAQsFAAOCAQEACC8IkA+joiZkaUoA+p1DILdDvbuU/IHl tRdaDsRPCI4K6vc9wNTXvPs72nmnIHizUoXbiZSql63IWchVR5jBlggSWFn62XTX hWtTKMOz9geEZNBXxGD1zA0OSgjF15yD3FgxRJ41NXwEHTgfGzbWuooKvd0AijUX NYvlXHNoHLJR4mrnRZhbSu7zL88QXrNawQpkweS7YCmSR/G8ANXP2vFnVmyjmOay vrwtS/boN0MdhKgOE6P6L+fu7aWmi4wz0yYKfQXeFdTsPsDbRcJpXtf6+cFLf9AG f0jKKpeVXT+3sjzoUqx6SxuKumPRgDpZ9l4a11fLG0AqVm8AjthKVg== -----END CERTIFICATE-----Generated at Mon Feb 9 18:23:57 2026 by rpki-client