This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/mFS9ioY6MYlcxsuSLzAIs_CKra4.cer File: mFS9ioY6MYlcxsuSLzAIs_CKra4.cer (raw, json) Hash identifier: TYdsKIiAg7llvImZxUUQcR0t39lT457G5F0G+AXjrJk= Subject key identifier: 98:54:BD:8A:86:3A:31:89:5C:C6:CB:92:2F:30:08:B3:F0:8A:AD:AE Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019BE5035750397AFE966BAF6C80B6E1C1F2 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/mFS9ioY6MYlcxsuSLzAIs_CKra4.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 22 Jan 2026 09:22:40 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 204359 AS: 212774 IP: 64.239.60.0/23 IP: 161.108.210.0/24 IP: 193.46.58.0/23 IP: 193.186.252.0/24 IP: 2001:678:10c8::/48 IP: 2001:678:1150::/48 IP: 2001:67c:478::/48 IP: 2001:67c:934::/48 IP: 2001:67c:960::/48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:e5:03:57:50:39:7a:fe:96:6b:af:6c:80:b6:e1:c1:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 22 09:22:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9854bd8a863a31895cc6cb922f3008b3f08aadae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:32:a0:64:7f:af:26:00:4b:bd:d3:7e:72:72: fe:fa:a2:30:cc:05:dc:2f:3c:bb:2e:3d:31:68:57: 9d:62:72:01:20:e1:bd:2b:99:ce:b9:df:32:5e:58: 40:57:fd:30:bd:bf:f8:0b:f7:70:5e:e0:4e:d8:a1: 72:bf:30:e2:d5:3d:55:f8:63:1f:05:90:42:8a:c6: 77:9e:97:4a:e2:4d:35:0e:cf:55:47:34:34:f6:ca: 87:db:85:39:34:60:6c:f3:8e:2b:c3:c4:bb:59:ad: be:9b:09:74:2a:d1:80:d1:cc:11:25:3c:99:21:57: 92:63:d7:35:4e:f9:a2:c0:4d:76:c3:6c:be:63:b0: 7c:79:c9:44:25:39:3c:83:48:1d:1c:c4:20:51:8b: 1d:c3:ce:14:dc:4e:64:78:61:7e:df:82:ec:fc:4c: a0:67:12:ea:9a:5f:78:6d:54:32:27:b3:c3:30:0e: 64:89:23:1f:f4:fc:dc:c8:2e:c7:48:c9:82:9b:a8: 45:c7:ec:2f:c9:e2:8c:f3:88:2d:a0:63:e6:0a:3e: 24:ea:e3:e3:b4:30:30:17:f3:0a:10:c5:a4:8e:3a: 29:49:e9:22:8d:83:e2:4a:3b:79:14:da:a1:fd:5c: 41:bb:67:2c:70:17:7b:b9:c1:56:04:6b:40:0c:e1: b5:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:54:BD:8A:86:3A:31:89:5C:C6:CB:92:2F:30:08:B3:F0:8A:AD:AE X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/mFS9ioY6MYlcxsuSLzAIs_CKra4.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 64.239.60.0/23 161.108.210.0/24 193.46.58.0/23 193.186.252.0/24 IPv6: 2001:678:10c8::/48 2001:678:1150::/48 2001:67c:478::/48 2001:67c:934::/48 2001:67c:960::/48 sbgp-autonomousSysNum: critical Autonomous System Numbers: 204359 212774 Signature Algorithm: sha256WithRSAEncryption ae:f9:45:67:5e:08:a0:c3:02:25:b7:df:3e:d2:5d:d1:5d:a2: da:5c:24:f0:1b:fe:d3:1e:15:06:22:60:22:b0:03:c8:97:5c: 1e:4f:e3:96:58:10:de:1d:23:df:91:4d:94:33:2a:58:eb:94: 47:6b:00:ad:bb:d1:86:31:d8:00:f7:f0:19:f1:f7:e0:15:db: ae:a3:64:98:57:be:2d:bf:b6:d8:4b:af:d7:ed:1d:bc:bc:85: c1:e5:56:62:eb:b3:6a:0e:fd:aa:a0:30:66:1b:66:fd:6d:4b: cf:c5:07:47:cb:70:b5:98:90:8f:7a:5a:a1:0c:93:98:7b:d8: 3f:c1:f1:ef:ab:36:af:a6:a1:4c:e9:a7:02:4d:84:78:f2:39: 9b:83:13:20:19:6d:43:50:b3:f8:fa:13:e7:22:48:55:6f:5c: 08:95:70:93:0d:ce:dc:75:ab:62:f6:3d:4a:53:3b:f7:a5:62: e7:13:f7:e7:8d:e1:cd:a7:cc:7a:c3:97:0b:8b:86:0e:2e:64: 89:d3:14:2f:84:44:a8:3e:c9:96:af:01:ff:0c:04:38:13:2d: 2d:49:a0:b8:e5:ff:15:c4:2e:30:d8:5e:5f:2a:90:4e:0b:45: 52:65:88:53:b0:cd:7e:d1:81:ed:db:d0:26:e4:d0:11:57:7a: 27:26:e8:09 -----BEGIN CERTIFICATE----- MIIF4DCCBMigAwIBAgISAZvlA1dQOXr+lmuvbIC24cHyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTIyMDkyMjQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ODU0YmQ4YTg2M2EzMTg5NWNjNmNiOTIyZjMwMDhiM2YwOGFhZGFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jKgZH+vJgBLvdN+cnL++qIwzAXc Lzy7Lj0xaFedYnIBIOG9K5nOud8yXlhAV/0wvb/4C/dwXuBO2KFyvzDi1T1V+GMf BZBCisZ3npdK4k01Ds9VRzQ09sqH24U5NGBs844rw8S7Wa2+mwl0KtGA0cwRJTyZ IVeSY9c1TvmiwE12w2y+Y7B8eclEJTk8g0gdHMQgUYsdw84U3E5keGF+34Ls/Eyg ZxLqml94bVQyJ7PDMA5kiSMf9PzcyC7HSMmCm6hFx+wvyeKM84gtoGPmCj4k6uPj tDAwF/MKEMWkjjopSekijYPiSjt5FNqh/VxBu2cscBd7ucFWBGtADOG1bQIDAQAB o4IC7DCCAugwHQYDVR0OBBYEFJhUvYqGOjGJXMbLki8wCLPwiq2uMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFkLzJlZDEw Yy0wNGIwLTQ4NjYtOWI4Mi1jNTIyYjc0ZGRjZmQvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWQvMmVkMTBj LTA0YjAtNDg2Ni05YjgyLWM1MjJiNzRkZGNmZC8xL21GUzlpb1k2TVlsY3hzdVNM ekFJc19DS3JhNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGCCsGAQUF BwEHAQH/BFcwVTAeBAIAATAYAwQBQO88AwQAoWzSAwQBwS46AwQAwbr8MDMEAgAC MC0DBwAgAQZ4EMgDBwAgAQZ4EVADBwAgAQZ8BHgDBwAgAQZ8CTQDBwAgAQZ8CWAw HwYIKwYBBQUHAQgBAf8EEDAOoAwwCgIDAx5HAgMDPyYwDQYJKoZIhvcNAQELBQAD ggEBAK75RWdeCKDDAiW33z7SXdFdotpcJPAb/tMeFQYiYCKwA8iXXB5P45ZYEN4d I9+RTZQzKljrlEdrAK270YYx2AD38Bnx9+AV266jZJhXvi2/tthLr9ftHby8hcHl VmLrs2oO/aqgMGYbZv1tS8/FB0fLcLWYkI96WqEMk5h72D/B8e+rNq+moUzppwJN hHjyOZuDEyAZbUNQs/j6E+ciSFVvXAiVcJMNztx1q2L2PUpTO/elYucT9+eN4c2n zHrDlwuLhg4uZInTFC+ERKg+yZavAf8MBDgTLS1JoLjl/xXELjDYXl8qkE4LRVJl iFOwzX7Rge3b0Cbk0BFXeicm6Ak= -----END CERTIFICATE-----Generated at Tue Feb 10 06:27:22 2026 by rpki-client