This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/nhrDaclFaRShLgLf_I3XmXTrHvg.cer File: nhrDaclFaRShLgLf_I3XmXTrHvg.cer (raw, json) Hash identifier: /pF3Po5vF2NY0pz36GqDE92iOBP0u3+OfHUrq3hGqVk= Subject key identifier: 9E:1A:C3:69:C9:45:69:14:A1:2E:02:DF:FC:8D:D7:99:74:EB:1E:F8 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7BA3FCE7F016E5B7508F499A9FBEC037 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/nhrDaclFaRShLgLf_I3XmXTrHvg.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 22:18:23 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 12693 IP: 82.193.224.0/19 IP: 85.199.64.0/18 IP: 92.42.224.0/21 IP: 149.249.48.0/21 IP: 153.92.72.0/21 IP: 156.67.144.0/20 IP: 156.67.224.0/21 IP: 185.90.156.0/22 IP: 212.204.32.0/19 IP: 2a01:a380::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:fc:e7:f0:16:e5:b7:50:8f:49:9a:9f:be:c0:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 22:18:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9e1ac369c9456914a12e02dffc8dd79974eb1ef8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:ec:7d:7b:36:2d:e0:cc:90:55:b0:5e:05:c4: 1f:04:57:14:f1:92:94:3d:02:27:7d:d9:7c:96:64: 06:4f:9a:93:3f:c2:e8:83:df:c6:12:7a:35:7d:bf: 9b:fa:f7:3a:1e:45:e0:a0:7f:8e:9b:69:45:f4:ca: a6:a6:63:55:e6:61:6d:24:bb:9c:47:5c:e8:72:24: 35:af:4b:f8:4e:cf:0c:66:d3:98:fa:58:7b:f4:89: 20:5e:ea:e9:3d:51:66:58:58:04:88:ed:23:13:cc: 5c:23:6d:ef:17:eb:7a:68:53:b9:13:eb:5d:57:cf: d9:98:23:d0:54:5e:53:c6:d3:3c:a6:b1:9c:4e:56: b1:79:d9:0f:32:48:b7:1d:16:e4:09:64:7a:72:2e: e5:be:72:20:ab:78:51:f0:54:0c:bf:1f:8d:a2:a8: 80:89:5d:e1:ff:e4:a3:7d:fd:50:6f:ca:74:fa:38: b5:11:e1:d2:5e:98:7c:8a:c2:4c:60:56:7e:41:1e: 97:b3:3a:ed:a1:fc:13:ed:20:57:72:76:26:3c:7d: 78:f8:a8:5e:3e:11:df:00:c7:91:3b:9d:d3:b0:b8: 85:cf:7b:fe:7c:ea:3b:24:23:b8:6d:5f:8a:7a:13: 72:31:48:ed:df:7a:8c:df:2c:43:e7:bf:ec:5c:0b: e8:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:1A:C3:69:C9:45:69:14:A1:2E:02:DF:FC:8D:D7:99:74:EB:1E:F8 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/nhrDaclFaRShLgLf_I3XmXTrHvg.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.193.224.0/19 85.199.64.0/18 92.42.224.0/21 149.249.48.0/21 153.92.72.0/21 156.67.144.0/20 156.67.224.0/21 185.90.156.0/22 212.204.32.0/19 IPv6: 2a01:a380::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 12693 Signature Algorithm: sha256WithRSAEncryption 73:1e:68:fb:84:31:94:30:b5:4c:bf:e6:14:ec:8a:c7:ed:e8: 7a:21:d7:5a:28:a5:72:dd:8c:4f:6e:20:c3:e8:32:d3:9d:aa: a9:af:2d:3b:07:9d:18:40:0d:ce:a6:ce:fc:99:af:58:3f:5a: 3a:ca:3f:12:f1:9e:28:ba:6a:3a:3c:c4:32:22:6b:b7:fa:2d: 64:b0:c2:6b:29:bf:17:d9:dc:a4:41:61:c6:9e:30:68:2d:ac: cf:0a:39:15:4c:92:77:a1:4a:44:c4:07:3a:05:88:98:78:c3: 98:5b:98:c1:3f:7e:71:cd:29:47:af:8a:1d:ad:d7:d6:8c:b8: 5e:ab:23:5a:8d:be:4e:b2:b4:ce:61:6b:23:f4:6e:b5:80:fa: a5:89:3b:12:b7:59:5a:56:97:96:32:ec:dc:0f:26:52:59:88: ae:79:be:65:15:10:bd:f9:bb:5f:2b:88:83:43:7d:20:f0:1d: 17:30:ae:eb:37:c6:a1:d5:f0:df:0e:59:c3:4e:0f:38:03:8c: 7b:88:39:7a:5a:08:66:f2:66:a6:16:73:3e:8f:cd:73:e3:4e: 76:cb:64:1b:09:c7:d5:71:7e:bf:5e:6b:93:47:ff:e1:01:10: e1:6f:a2:dd:17:38:ea:10:1b:75:69:95:52:99:0d:18:d6:26: c9:71:21:1e -----BEGIN CERTIFICATE----- MIIF0jCCBLqgAwIBAgISAZt7o/zn8Bblt1CPSZqfvsA3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjIxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZTFhYzM2OWM5NDU2OTE0YTEyZTAyZGZmYzhkZDc5OTc0ZWIxZWY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOx9ezYt4MyQVbBeBcQfBFcU8ZKU PQInfdl8lmQGT5qTP8Log9/GEno1fb+b+vc6HkXgoH+Om2lF9MqmpmNV5mFtJLuc R1zociQ1r0v4Ts8MZtOY+lh79IkgXurpPVFmWFgEiO0jE8xcI23vF+t6aFO5E+td V8/ZmCPQVF5TxtM8prGcTlaxedkPMki3HRbkCWR6ci7lvnIgq3hR8FQMvx+NoqiA iV3h/+Sjff1Qb8p0+ji1EeHSXph8isJMYFZ+QR6XszrtofwT7SBXcnYmPH14+Khe PhHfAMeRO53TsLiFz3v+fOo7JCO4bV+KehNyMUjt33qM3yxD57/sXAvoKwIDAQAB o4IC3jCCAtowHQYDVR0OBBYEFJ4aw2nJRWkUoS4C3/yN15l06x74MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M4LzA5MWJk MC0yZjY3LTQ3Y2UtYWUxNy1kNjhjNTdkYjRjYWUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgvMDkxYmQw LTJmNjctNDdjZS1hZTE3LWQ2OGM1N2RiNGNhZS8xL25ockRhY2xGYVJTaExnTGZf STNYbVhUckh2Zy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF4GCCsGAQUF BwEHAQH/BE8wTTA8BAIAATA2AwQFUsHgAwQGVcdAAwQDXCrgAwQDlfkwAwQDmVxI AwQEnEOQAwQDnEPgAwQCuVqcAwQF1MwgMA0EAgACMAcDBQAqAaOAMBkGCCsGAQUF BwEIAQH/BAowCKAGMAQCAjGVMA0GCSqGSIb3DQEBCwUAA4IBAQBzHmj7hDGUMLVM v+YU7IrH7eh6IddaKKVy3YxPbiDD6DLTnaqpry07B50YQA3Ops78ma9YP1o6yj8S 8Z4oumo6PMQyImu3+i1ksMJrKb8X2dykQWHGnjBoLazPCjkVTJJ3oUpExAc6BYiY eMOYW5jBP35xzSlHr4odrdfWjLheqyNajb5OsrTOYWsj9G61gPqliTsSt1laVpeW MuzcDyZSWYiueb5lFRC9+btfK4iDQ30g8B0XMK7rN8ah1fDfDlnDTg84A4x7iDl6 Wghm8mamFnM+j81z4052y2QbCcfVcX6/XmuTR//hARDhb6LdFzjqEBt1aZVSmQ0Y 1ibJcSEe -----END CERTIFICATE-----Generated at Mon Feb 9 18:25:23 2026 by rpki-client