This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lhzPqdAsvwWWDjovkHmFnM1urW0.cer File: lhzPqdAsvwWWDjovkHmFnM1urW0.cer (raw, json) Hash identifier: iK6O0GXFu/ZlvmNvu8Z/ykKBr3mDgAvsG/l5R4olFDI= Subject key identifier: 96:1C:CF:A9:D0:2C:BF:05:96:0E:3A:2F:90:79:85:9C:CD:6E:AD:6D Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7CEE174DDA00CE3623B7237845526A41 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/lhzPqdAsvwWWDjovkHmFnM1urW0.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 04:18:56 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 34895 IP: 83.138.64.0/18 IP: 185.171.136.0/22 IP: 2a01:4da0::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ee:17:4d:da:00:ce:36:23:b7:23:78:45:52:6a:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 04:18:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=961ccfa9d02cbf05960e3a2f9079859ccd6ead6d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:0c:00:b9:c1:31:04:c6:90:e3:d5:6d:86:9f: 58:ab:6c:56:ae:fd:0d:e3:f4:68:cb:c9:53:ce:e2: 34:32:4d:1f:e4:48:26:38:34:e8:53:5d:c0:90:9b: 09:9f:73:5f:30:66:69:79:37:bc:26:5e:3f:f1:e1: 68:62:5f:fd:79:21:42:73:06:cf:74:03:21:d3:bb: 3c:0b:12:c4:4d:e1:e6:f8:68:8e:dc:5c:05:6a:e5: 65:ce:a8:b3:a8:ab:16:5a:a0:1e:6c:04:f6:6b:5c: 63:48:b4:50:75:8a:1d:82:9d:a0:80:75:e0:e2:3b: e0:e8:c4:36:6e:ba:57:d7:7e:30:9c:09:c6:bc:92: b9:32:fc:d4:e0:c1:84:45:b4:5d:5e:9f:ac:b0:9c: 3f:ef:89:80:97:2d:46:cc:b4:fd:bf:a9:9f:d8:3d: 96:d1:45:0a:37:ec:e7:2f:a3:45:0a:6b:18:5c:24: a7:6c:90:93:17:e2:b7:4e:af:b7:49:b0:d6:69:a8: b0:0b:8b:ba:90:56:23:83:26:2b:d1:fb:7a:6a:ed: 09:eb:1c:14:74:5a:44:2a:84:3c:0d:85:94:08:3f: 41:29:1d:e5:89:df:9b:c5:e4:31:cc:30:5c:a9:34: 29:62:d6:83:11:a6:03:2d:f6:21:2f:6f:0c:97:86: ec:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:1C:CF:A9:D0:2C:BF:05:96:0E:3A:2F:90:79:85:9C:CD:6E:AD:6D X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/lhzPqdAsvwWWDjovkHmFnM1urW0.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 83.138.64.0/18 185.171.136.0/22 IPv6: 2a01:4da0::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 34895 Signature Algorithm: sha256WithRSAEncryption 51:8c:87:bc:db:1a:69:55:0f:b1:07:b7:5f:8c:e0:8d:f9:a8: 2c:22:09:ab:16:98:8c:73:38:1c:3e:3d:1a:a5:bb:a4:4b:f9: a4:18:8b:a3:7b:5c:ab:eb:2e:e2:05:59:44:80:15:28:20:fa: 55:bd:02:da:7a:2b:a7:27:ee:77:b0:6b:74:0d:03:21:2f:0d: f5:82:62:c5:d7:24:61:e9:5c:8a:c6:09:0a:29:ea:9e:cc:0f: a9:b6:f3:7f:29:ae:67:71:db:06:b2:a8:05:91:a4:ad:05:b3: cb:f7:02:6f:3c:3f:1b:bd:cd:64:0c:0a:be:fb:ff:38:41:1c: dd:2b:11:9e:f4:a8:52:b3:e2:0e:13:d5:23:d4:de:e2:b3:c2: 95:81:41:af:6d:14:21:73:cc:7b:38:4e:3e:97:e2:eb:95:8a: cf:64:4b:34:8e:c3:c9:ac:14:ce:18:53:fd:43:08:73:9c:de: 0a:7e:db:10:c1:bb:3f:35:d1:3c:cd:2b:0b:93:b5:59:78:35: 39:11:a0:29:7e:dc:bb:a5:72:78:99:d0:28:b0:63:05:b5:4d: 15:3d:a6:e7:21:6d:e2:5d:92:bb:ce:c7:1a:61:f0:3f:36:4a: a9:ab:f8:e0:15:d8:b0:69:c4:44:94:0d:33:c9:6b:12:67:ec: 65:39:fd:f3 -----BEGIN CERTIFICATE----- MIIFqTCCBJGgAwIBAgISAZt87hdN2gDONiO3I3hFUmpBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDQxODU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NjFjY2ZhOWQwMmNiZjA1OTYwZTNhMmY5MDc5ODU5Y2NkNmVhZDZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QwAucExBMaQ49Vthp9Yq2xWrv0N 4/Roy8lTzuI0Mk0f5EgmODToU13AkJsJn3NfMGZpeTe8Jl4/8eFoYl/9eSFCcwbP dAMh07s8CxLETeHm+GiO3FwFauVlzqizqKsWWqAebAT2a1xjSLRQdYodgp2ggHXg 4jvg6MQ2brpX134wnAnGvJK5MvzU4MGERbRdXp+ssJw/74mAly1GzLT9v6mf2D2W 0UUKN+znL6NFCmsYXCSnbJCTF+K3Tq+3SbDWaaiwC4u6kFYjgyYr0ft6au0J6xwU dFpEKoQ8DYWUCD9BKR3lid+bxeQxzDBcqTQpYtaDEaYDLfYhL28Ml4bsHwIDAQAB o4ICtTCCArEwHQYDVR0OBBYEFJYcz6nQLL8Flg46L5B5hZzNbq1tMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVmLzU1NTdm Yy03NjUzLTQwYTktOTljMy03ZWE5OTA1YzNmYmQvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYvNTU1N2Zj LTc2NTMtNDBhOS05OWMzLTdlYTk5MDVjM2ZiZC8xL2xoelBxZEFzdndXV0Rqb3Zr SG1Gbk0xdXJXMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF BwEHAQH/BCUwIzASBAIAATAMAwQGU4pAAwQCuauIMA0EAgACMAcDBQAqAU2gMBoG CCsGAQUFBwEIAQH/BAswCaAHMAUCAwCITzANBgkqhkiG9w0BAQsFAAOCAQEAUYyH vNsaaVUPsQe3X4zgjfmoLCIJqxaYjHM4HD49GqW7pEv5pBiLo3tcq+su4gVZRIAV KCD6Vb0C2norpyfud7BrdA0DIS8N9YJixdckYelcisYJCinqnswPqbbzfymuZ3Hb BrKoBZGkrQWzy/cCbzw/G73NZAwKvvv/OEEc3SsRnvSoUrPiDhPVI9Te4rPClYFB r20UIXPMezhOPpfi65WKz2RLNI7DyawUzhhT/UMIc5zeCn7bEMG7PzXRPM0rC5O1 WXg1ORGgKX7cu6VyeJnQKLBjBbVNFT2m5yFt4l2Su87HGmHwPzZKqav44BXYsGnE RJQNM8lrEmfsZTn98w== -----END CERTIFICATE-----Generated at Mon Feb 9 15:10:08 2026 by rpki-client