This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ndVRnFTz4jtOEhKogIM58pXaSzQ.cer File: ndVRnFTz4jtOEhKogIM58pXaSzQ.cer (raw, json) Hash identifier: a9E/oOjjd1Y7H2+AbXaQ/2Dj2e2zZlYhPLq3ZykE5rc= Subject key identifier: 9D:D5:51:9C:54:F3:E2:3B:4E:12:12:A8:80:83:39:F2:95:DA:4B:34 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B797F0D553F12978057F85BFD4A5A8CC7 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 12:18:48 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 89.107.24.0/22 IP: 2a06:2440::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:0d:55:3f:12:97:80:57:f8:5b:fd:4a:5a:8c:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 12:18:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9dd5519c54f3e23b4e1212a8808339f295da4b34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:83:5a:4f:1a:05:6a:05:4c:4f:b7:3f:73:c0:91: 6a:74:77:42:fc:12:11:1d:fd:aa:8e:73:f5:89:2d: 24:c0:93:9c:48:ad:c5:ff:0a:f3:75:f0:6a:fd:77: c4:2b:de:a2:8d:78:e4:9c:f5:8d:69:2f:14:8f:29: bf:07:96:64:bf:2b:49:86:0d:14:76:24:bc:8d:d7: b7:4c:84:15:2f:f9:95:c7:67:86:51:f4:19:ab:5c: d0:8e:6c:2f:ff:78:19:ce:86:f1:05:f3:6d:11:31: 48:45:73:05:04:2f:35:e9:ce:ba:ca:06:ec:4f:d4: 23:f7:65:2e:7b:b3:88:67:6e:f2:f4:b6:f5:cc:11: f1:e0:89:1e:86:77:13:70:cd:ca:d4:ba:c0:1d:ee: db:25:75:57:09:fc:01:99:23:fa:64:c2:b5:dc:be: a7:c4:6b:98:13:40:2a:79:b1:25:eb:9d:db:07:47: 60:93:73:d0:09:3c:f9:ff:c4:26:db:64:fa:6c:06: f9:58:83:71:90:29:23:57:1d:f7:70:22:2e:15:b6: 4f:8b:ba:e0:6f:31:43:f5:ea:3c:84:a5:82:b3:03: 80:66:f3:66:06:13:22:e3:c3:7f:ab:21:30:37:45: 83:fd:dd:46:58:28:e7:3c:0c:33:86:46:c0:c9:30: 46:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:D5:51:9C:54:F3:E2:3B:4E:12:12:A8:80:83:39:F2:95:DA:4B:34 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.107.24.0/22 IPv6: 2a06:2440::/29 Signature Algorithm: sha256WithRSAEncryption a4:c7:2a:4b:c8:89:6b:41:b6:8c:d9:99:ca:6f:e7:c4:35:75: a5:e6:fd:88:6f:9c:ed:c7:19:7e:00:85:2a:67:16:2d:2c:5e: 66:80:7b:e1:49:bb:ae:94:f0:be:26:8b:ea:f4:9b:c1:36:8f: a8:54:db:02:5d:5d:57:fb:e9:23:81:77:61:e7:bd:23:b3:7b: b6:0c:b7:75:55:eb:2d:a9:c5:38:d7:9f:e8:16:f9:c7:b4:1d: b8:60:79:6e:0b:6b:12:42:e3:5c:b4:e6:a3:23:14:75:da:79: 13:41:44:a4:19:22:f9:12:ea:74:fd:68:11:75:2e:7d:11:ed: d6:fb:80:88:f4:75:80:85:c3:db:94:84:b2:ef:b6:2a:75:0e: 74:0b:33:a2:c3:bb:60:dc:ca:5d:a2:0f:99:e4:79:ba:07:01: 77:3e:74:3a:25:e4:5b:2b:32:3a:de:59:df:e9:fd:97:cf:65: 73:f4:bc:ac:4f:60:f5:12:09:42:3a:1b:dc:cf:b9:e7:93:3c: a6:e6:f4:0a:27:fc:90:9d:12:f1:d7:ec:22:d3:2d:2b:cf:ee: f2:5f:73:df:01:18:13:8c:b2:57:d8:be:01:e4:49:21:47:bd: a7:0c:10:cb:70:11:0c:0b:64:15:5f:dd:f6:30:ea:1e:50:3c: b3:af:72:94 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgISAZt5fw1VPxKXgFf4W/1KWozHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTIxODQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZGQ1NTE5YzU0ZjNlMjNiNGUxMjEyYTg4MDgzMzlmMjk1ZGE0YjM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1pPGgVqBUxPtz9zwJFqdHdC/BIR Hf2qjnP1iS0kwJOcSK3F/wrzdfBq/XfEK96ijXjknPWNaS8Ujym/B5ZkvytJhg0U diS8jde3TIQVL/mVx2eGUfQZq1zQjmwv/3gZzobxBfNtETFIRXMFBC816c66ygbs T9Qj92Uue7OIZ27y9Lb1zBHx4IkehncTcM3K1LrAHe7bJXVXCfwBmSP6ZMK13L6n xGuYE0AqebEl653bB0dgk3PQCTz5/8Qm22T6bAb5WINxkCkjVx33cCIuFbZPi7rg bzFD9eo8hKWCswOAZvNmBhMi48N/qyEwN0WD/d1GWCjnPAwzhkbAyTBGvQIDAQAB o4ICkzCCAo8wHQYDVR0OBBYEFJ3VUZxU8+I7ThISqICDOfKV2ks0MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc5LzE1MDlh MS05NDRmLTQ4OGQtOTE0Zi04ZjhhNzcxMTcxN2YvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkvMTUwOWEx LTk0NGYtNDg4ZC05MTRmLThmOGE3NzExNzE3Zi8xL25kVlJuRlR6NGp0T0VoS29n SU01OHBYYVN6US5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCWWsYMA0EAgACMAcDBQMqBiRAMA0GCSqGSIb3 DQEBCwUAA4IBAQCkxypLyIlrQbaM2ZnKb+fENXWl5v2Ib5ztxxl+AIUqZxYtLF5m gHvhSbuulPC+Jovq9JvBNo+oVNsCXV1X++kjgXdh570js3u2DLd1VestqcU415/o FvnHtB24YHluC2sSQuNctOajIxR12nkTQUSkGSL5Eup0/WgRdS59Ee3W+4CI9HWA hcPblISy77YqdQ50CzOiw7tg3Mpdog+Z5Hm6BwF3PnQ6JeRbKzI63lnf6f2Xz2Vz 9LysT2D1EglCOhvcz7nnkzym5vQKJ/yQnRLx1+wi0y0rz+7yX3PfARgTjLJX2L4B 5EkhR72nDBDLcBEMC2QVX932MOoeUDyzr3KU -----END CERTIFICATE-----Generated at Mon Feb 9 18:26:45 2026 by rpki-client