This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer File: lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer (raw, json) Hash identifier: KIBfr6kRfkhqN9Cqw7Z132W1rLRP9ivhhOci5rcjFC4= Subject key identifier: 95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7F1572C0E671CE2EC25A1AC51F4D5E48 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 14:21:10 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 45.112.192.0/22 IP: 103.102.228.0/22 IP: 185.37.103.0/24 IP: 203.13.20.0/24 IP: 203.55.81.0/24 IP: 2a13:c7c0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:72:c0:e6:71:ce:2e:c2:5a:1a:c5:1f:4d:5e:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 14:21:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:cc:50:a4:53:a6:ff:a0:1b:dc:b6:d4:c0:eb: 35:d4:21:23:af:c8:56:fd:e5:98:cf:c3:53:5e:51: 4d:66:2a:ef:19:31:55:74:b5:72:e8:5b:64:0a:bd: 63:44:ee:38:30:e3:42:33:a2:34:29:17:a5:0d:9e: 21:ae:9a:bf:3e:87:3a:ea:ce:60:e4:01:1c:b6:f6: 4c:77:1e:2b:99:ae:db:9e:4e:36:ec:ff:8f:1c:fd: b9:4a:49:dd:73:ba:26:4f:5c:79:0d:4c:7c:7c:0d: bb:3a:03:4e:80:a4:5f:1c:7a:61:42:5e:49:9a:b3: 9d:c3:2a:ea:8e:6c:00:57:9a:8e:23:7d:bf:71:67: d1:c2:30:f1:d1:23:c9:1f:be:71:77:db:1b:30:47: 26:eb:87:46:24:a4:11:c8:79:85:1f:cd:98:65:62: c3:94:fd:7a:b7:bc:eb:02:6a:66:0f:fc:ad:13:03: ea:96:e1:50:de:3b:aa:19:5f:18:b3:42:fa:ee:7e: 24:78:1d:b7:75:be:7d:a9:68:9d:00:4c:4a:56:d3: db:c1:d0:c8:a0:9a:3f:d2:88:4d:52:ef:47:93:33: 18:23:38:03:25:b6:4b:3f:17:e7:01:7a:92:4d:98: 2b:23:6f:ed:77:3e:50:91:50:d3:21:ab:ff:27:c3: ec:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.112.192.0/22 103.102.228.0/22 185.37.103.0/24 203.13.20.0/24 203.55.81.0/24 IPv6: 2a13:c7c0::/29 Signature Algorithm: sha256WithRSAEncryption 76:08:59:3c:89:78:79:b2:8d:2d:77:5a:93:58:55:b7:2e:7a: 90:2f:e9:12:7f:26:9f:c2:c0:a3:a6:10:17:39:01:bc:ed:25: 73:62:f4:21:d5:08:14:be:c8:79:66:61:e3:98:90:92:2c:ea: 39:cd:15:29:d3:33:db:91:f3:45:f4:2c:84:e2:c2:f9:d8:49: bc:bf:e9:6f:a6:02:84:7e:49:d4:b5:c7:b8:b9:9a:a6:43:ce: 11:7b:d3:08:ef:d8:fb:89:f1:66:ed:49:05:96:cd:55:e7:68: 98:50:87:55:ee:95:37:91:95:25:63:76:ea:36:e6:4e:05:55: 1b:c2:6f:00:3d:16:b1:06:0b:c2:cd:49:ba:ce:51:34:ae:aa: 1f:c9:34:be:69:93:ce:b2:b1:a0:8a:90:58:a5:de:36:82:cd: f9:c6:65:73:a2:df:96:ab:ed:42:1c:27:3a:d1:6d:83:20:4f: d5:fd:ff:d1:9f:4b:6e:30:a3:0f:a7:ea:b2:96:bd:3f:4d:11: 49:0a:8b:13:ea:b1:c4:72:29:91:29:59:a8:d4:87:79:11:98: ab:aa:a3:87:60:d8:de:08:80:9d:6a:1d:09:68:f0:6a:c7:fa: 9a:af:63:b2:da:b9:11:1c:a7:3c:02:d3:c0:7a:34:92:8a:da: 2e:95:05:58 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgISAZt/FXLA5nHOLsJaGsUfTV5IMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTQyMTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NTIyYWI2NzkyMmNlMDI3NWU4YzYxYWJmYTgyZDJhNzU0YWY2ZGM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8xQpFOm/6Ab3LbUwOs11CEjr8hW /eWYz8NTXlFNZirvGTFVdLVy6FtkCr1jRO44MONCM6I0KRelDZ4hrpq/Poc66s5g 5AEctvZMdx4rma7bnk427P+PHP25Skndc7omT1x5DUx8fA27OgNOgKRfHHphQl5J mrOdwyrqjmwAV5qOI32/cWfRwjDx0SPJH75xd9sbMEcm64dGJKQRyHmFH82YZWLD lP16t7zrAmpmD/ytEwPqluFQ3juqGV8Ys0L67n4keB23db59qWidAExKVtPbwdDI oJo/0ohNUu9HkzMYIzgDJbZLPxfnAXqSTZgrI2/tdz5QkVDTIav/J8Ps7QIDAQAB o4ICqzCCAqcwHQYDVR0OBBYEFJUiq2eSLOAnXoxhq/qC0qdUr23EMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YzLzY4OTE4 ZS1lOWRhLTQwNmItOTkzMS1lNTI2YTk0MDlmYjgvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMvNjg5MThl LWU5ZGEtNDA2Yi05OTMxLWU1MjZhOTQwOWZiOC8xL2xTS3JaNUlzNENkZWpHR3It b0xTcDFTdmJjUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEYGCCsGAQUF BwEHAQH/BDcwNTAkBAIAATAeAwQCLXDAAwQCZ2bkAwQAuSVnAwQAyw0UAwQAyzdR MA0EAgACMAcDBQMqE8fAMA0GCSqGSIb3DQEBCwUAA4IBAQB2CFk8iXh5so0td1qT WFW3LnqQL+kSfyafwsCjphAXOQG87SVzYvQh1QgUvsh5ZmHjmJCSLOo5zRUp0zPb kfNF9CyE4sL52Em8v+lvpgKEfknUtce4uZqmQ84Re9MI79j7ifFm7UkFls1V52iY UIdV7pU3kZUlY3bqNuZOBVUbwm8APRaxBgvCzUm6zlE0rqofyTS+aZPOsrGgipBY pd42gs35xmVzot+Wq+1CHCc60W2DIE/V/f/Rn0tuMKMPp+qylr0/TRFJCosT6rHE cimRKVmo1Id5EZirqqOHYNjeCICdah0JaPBqx/qar2Oy2rkRHKc8AtPAejSSitou lQVY -----END CERTIFICATE-----Generated at Mon Jan 26 10:51:31 2026 by rpki-client