This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/nHLoTFLlxJCdvHAqodIS1HiHX60.cer File: nHLoTFLlxJCdvHAqodIS1HiHX60.cer (raw, json) Hash identifier: KZPyVH1EoMPhjpRVoTjSa2+F1QfXcNBq0fbsu1ijILg= Subject key identifier: 9C:72:E8:4C:52:E5:C4:90:9D:BC:70:2A:A1:D2:12:D4:78:87:5F:AD Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7F81604127677132BA84E5C06566BD3F Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/29/daccc4-36c8-4d4c-8c4e-5760b5d54df9/1/nHLoTFLlxJCdvHAqodIS1HiHX60.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/29/daccc4-36c8-4d4c-8c4e-5760b5d54df9/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 16:19:03 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 49924 IP: 91.109.192.0/21 IP: 109.73.176.0/20 IP: 176.101.171.0/24 IP: 185.123.232.0/22 IP: 2a06:be40::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:81:60:41:27:67:71:32:ba:84:e5:c0:65:66:bd:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 16:19:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9c72e84c52e5c4909dbc702aa1d212d478875fad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:50:5b:66:02:2e:c6:c5:89:d0:40:9b:a2:96: d0:5a:93:f8:3e:98:01:76:b6:50:1d:c7:83:c1:16: b4:eb:6d:41:9d:13:0a:18:12:ab:f7:3a:3d:d8:c4: dc:af:05:1e:7c:7b:2f:3d:96:3f:9b:e3:92:cf:3e: ff:4e:ac:94:49:8b:1b:73:a5:75:36:83:a8:3d:6e: fd:1d:47:6b:98:48:be:14:4f:0a:a6:f8:46:c0:ff: e4:db:4c:1c:e0:82:7e:fa:7b:24:b9:16:fb:ae:e6: 7f:29:fd:9f:a7:6c:7a:af:e5:4f:a9:ae:a2:2a:8d: b0:37:5a:9f:ec:1a:6a:dc:74:aa:40:63:22:fd:18: 9e:a2:36:1b:d6:89:1d:f6:78:ac:aa:6d:53:c5:ec: 99:4f:02:7d:33:82:1f:d7:2c:eb:3d:11:85:d8:ba: 6c:68:f3:9a:98:8c:b4:18:14:02:d6:f0:61:e5:02: ef:d6:31:c0:d9:09:3f:1b:23:bd:5c:1c:06:08:3c: 55:ef:51:2f:15:40:06:de:ba:8e:65:da:e2:dc:29: 7a:6c:04:9c:97:ca:da:05:15:ff:13:e1:ac:2f:d8: 00:77:62:b4:51:74:f0:a7:f2:27:86:33:62:db:62: ec:78:2b:0a:0d:d7:10:15:4a:fb:a9:16:29:3a:1b: 6d:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:72:E8:4C:52:E5:C4:90:9D:BC:70:2A:A1:D2:12:D4:78:87:5F:AD X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/daccc4-36c8-4d4c-8c4e-5760b5d54df9/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/daccc4-36c8-4d4c-8c4e-5760b5d54df9/1/nHLoTFLlxJCdvHAqodIS1HiHX60.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.109.192.0/21 109.73.176.0/20 176.101.171.0/24 185.123.232.0/22 IPv6: 2a06:be40::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 49924 Signature Algorithm: sha256WithRSAEncryption 14:ee:36:cb:43:5e:b4:c4:bb:e8:2f:50:2f:bc:98:b9:6b:53: aa:8c:6e:fa:f9:d0:b9:b2:89:b1:e4:84:fe:0a:e9:62:67:42: 6e:67:52:23:a0:44:f8:53:50:5b:6c:2f:0d:33:c7:0f:04:fb: 61:5e:cc:59:8b:54:94:e1:11:02:6b:7a:84:1e:6c:00:1c:2f: 5c:84:53:f3:6e:cf:8a:f8:3e:43:89:1b:15:73:e0:4e:f5:da: 71:fd:4a:83:58:41:25:1b:ce:0e:7b:26:73:e0:17:eb:c9:85: dc:53:84:eb:62:e4:1d:d7:45:b1:c9:72:f3:69:08:37:df:25: 2a:9e:0f:6f:cf:59:4e:78:c3:31:d7:12:c7:84:d1:16:05:82: 64:80:6b:da:a4:0e:97:6f:06:ec:78:b2:ae:8b:dc:00:cd:ea: e8:6c:06:5e:79:93:83:40:79:5d:af:c4:4a:dd:e9:60:d4:27: 10:39:48:05:d1:17:12:10:c1:0b:6f:ca:c8:9f:86:7a:ea:fc: 6a:bb:5d:c3:40:08:14:30:b0:75:e5:3e:0e:1d:13:c4:bf:1c: 97:82:f4:98:f8:2c:3d:c5:55:ae:1c:f3:dd:c8:5c:14:8c:8c: 82:98:16:76:68:29:1f:1b:ba:f2:c4:fe:c2:7f:c9:d1:89:09: 41:0e:8a:21 -----BEGIN CERTIFICATE----- MIIFtTCCBJ2gAwIBAgISAZt/gWBBJ2dxMrqE5cBlZr0/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTYxOTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5YzcyZTg0YzUyZTVjNDkwOWRiYzcwMmFhMWQyMTJkNDc4ODc1ZmFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFBbZgIuxsWJ0ECbopbQWpP4PpgB drZQHceDwRa0621BnRMKGBKr9zo92MTcrwUefHsvPZY/m+OSzz7/TqyUSYsbc6V1 NoOoPW79HUdrmEi+FE8KpvhGwP/k20wc4IJ++nskuRb7ruZ/Kf2fp2x6r+VPqa6i Ko2wN1qf7Bpq3HSqQGMi/RieojYb1okd9nisqm1TxeyZTwJ9M4If1yzrPRGF2Lps aPOamIy0GBQC1vBh5QLv1jHA2Qk/GyO9XBwGCDxV71EvFUAG3rqOZdri3Cl6bASc l8raBRX/E+GsL9gAd2K0UXTwp/InhjNi22LseCsKDdcQFUr7qRYpOhtt2QIDAQAB o4ICwTCCAr0wHQYDVR0OBBYEFJxy6ExS5cSQnbxwKqHSEtR4h1+tMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI5L2RhY2Nj NC0zNmM4LTRkNGMtOGM0ZS01NzYwYjVkNTRkZjkvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkvZGFjY2M0 LTM2YzgtNGQ0Yy04YzRlLTU3NjBiNWQ1NGRmOS8xL25ITG9URkxseEpDZHZIQXFv ZElTMUhpSFg2MC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUF BwEHAQH/BDEwLzAeBAIAATAYAwQDW23AAwQEbUmwAwQAsGWrAwQCuXvoMA0EAgAC MAcDBQMqBr5AMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwDDBDANBgkqhkiG9w0B AQsFAAOCAQEAFO42y0NetMS76C9QL7yYuWtTqoxu+vnQubKJseSE/grpYmdCbmdS I6BE+FNQW2wvDTPHDwT7YV7MWYtUlOERAmt6hB5sABwvXIRT827Pivg+Q4kbFXPg TvXacf1Kg1hBJRvODnsmc+AX68mF3FOE62LkHddFscly82kIN98lKp4Pb89ZTnjD MdcSx4TRFgWCZIBr2qQOl28G7HiyrovcAM3q6GwGXnmTg0B5Xa/ESt3pYNQnEDlI BdEXEhDBC2/KyJ+Geur8artdw0AIFDCwdeU+Dh0TxL8cl4L0mPgsPcVVrhzz3chc FIyMgpgWdmgpHxu68sT+wn/J0YkJQQ6KIQ== -----END CERTIFICATE-----Generated at Mon Feb 9 15:06:27 2026 by rpki-client