This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/npWhGdnBpdbj8-Ifb6hj2HouSw0.cer File: npWhGdnBpdbj8-Ifb6hj2HouSw0.cer (raw, json) Hash identifier: CTDIfxovHC3hTff/TCGjEEvC0F9dG95Lr3J/o3K6ZBc= Subject key identifier: 9E:95:A1:19:D9:C1:A5:D6:E3:F3:E2:1F:6F:A8:63:D8:7A:2E:4B:0D Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7C7FF230E9AEE15AE776D711647B722D Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/npWhGdnBpdbj8-Ifb6hj2HouSw0.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 02:18:38 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 56478 IP: 31.14.248.0/22 IP: 37.156.72.0/22 IP: 68.168.32.0/19 IP: 88.98.192.0/18 IP: 89.32.120.0/22 IP: 89.34.164.0/22 IP: 89.35.196.0/22 IP: 89.36.64.0/21 IP: 89.39.136.0/21 IP: 89.44.40.0/22 IP: 93.115.192.0/22 IP: 137.220.64.0/18 IP: 140.228.32.0 -- 140.228.95.255 IP: 141.0.144.0/20 IP: 143.58.128.0/17 IP: 152.37.64.0/18 IP: 185.24.120.0/22 IP: 188.172.144.0/20 IP: 188.210.208.0/21 IP: 188.211.160.0/22 IP: 188.213.136.0/22 IP: 188.214.8.0/21 IP: 209.35.64.0/19 IP: 2a01:4b00::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:f2:30:e9:ae:e1:5a:e7:76:d7:11:64:7b:72:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 02:18:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9e95a119d9c1a5d6e3f3e21f6fa863d87a2e4b0d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:6c:87:c4:5e:4b:fb:6d:4e:87:22:17:b0:c9: e1:13:03:0b:df:4d:24:82:fe:32:b4:0f:98:d3:6b: 9d:52:21:f2:f6:61:e8:0d:2b:a8:89:ee:93:1b:0a: 20:08:f0:d6:1f:3c:37:e7:8b:e6:64:74:60:71:47: 98:20:26:9a:6e:3d:6e:35:23:fd:15:f4:bf:4e:ec: 51:e1:d0:ba:b8:ac:c2:eb:78:cd:da:ed:3f:cb:63: 4f:25:2c:f3:be:67:87:9d:27:9f:b9:17:bb:f1:74: af:b2:d4:7c:3f:18:c3:74:d2:75:d8:c7:a6:90:d8: c9:bb:95:e7:36:f4:e6:b0:b8:5d:07:ba:57:84:37: 66:01:4e:13:72:f5:c1:74:9d:04:70:ed:9d:0b:ba: ab:ec:12:71:0f:28:a5:34:04:ca:20:ba:fe:36:f8: 06:44:34:23:36:94:fb:da:cc:be:3f:a0:49:f2:6b: 51:4e:6b:e9:86:67:b2:bf:88:6e:d2:48:40:eb:36: aa:c6:4e:b0:22:6d:4e:eb:48:34:58:34:9e:d6:ef: 28:06:f8:d1:3d:fb:16:e5:99:5f:a1:ec:7e:4f:e1: 9b:cf:36:a4:8d:4d:af:95:ca:87:f9:21:b2:4b:91: 78:4a:03:73:7b:6e:2c:15:68:76:ed:95:94:87:a6: 35:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:95:A1:19:D9:C1:A5:D6:E3:F3:E2:1F:6F:A8:63:D8:7A:2E:4B:0D X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/npWhGdnBpdbj8-Ifb6hj2HouSw0.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.14.248.0/22 37.156.72.0/22 68.168.32.0/19 88.98.192.0/18 89.32.120.0/22 89.34.164.0/22 89.35.196.0/22 89.36.64.0/21 89.39.136.0/21 89.44.40.0/22 93.115.192.0/22 137.220.64.0/18 140.228.32.0-140.228.95.255 141.0.144.0/20 143.58.128.0/17 152.37.64.0/18 185.24.120.0/22 188.172.144.0/20 188.210.208.0/21 188.211.160.0/22 188.213.136.0/22 188.214.8.0/21 209.35.64.0/19 IPv6: 2a01:4b00::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 56478 Signature Algorithm: sha256WithRSAEncryption 30:f8:a2:00:6c:a8:76:85:54:82:e3:4b:c4:2f:97:7a:4a:8d: bd:f3:7a:15:fd:44:15:8c:49:9a:58:d5:1b:8f:80:2f:3a:06: d6:df:ba:8e:b8:55:b6:66:37:eb:f7:21:e9:d1:34:37:0d:48: 24:cb:9c:ca:19:d9:6a:08:5e:8a:97:00:4d:88:39:85:6a:86: 5d:58:b2:88:7a:06:9f:33:20:7f:0a:07:28:c9:26:f8:58:e2: 34:d8:4d:3c:e5:9d:8b:fe:6c:57:15:79:bc:2b:b7:4e:3b:8b: f0:5e:6a:93:62:83:5e:79:2f:ac:58:6a:9a:31:c9:37:bb:43: 0b:83:5d:d5:4d:08:35:b8:b0:85:85:28:94:dd:63:14:9c:8e: 7d:92:e3:69:ff:5f:ca:5c:f8:79:39:68:1b:bd:43:5a:e4:aa: 95:ee:5a:20:7c:91:a9:0b:21:70:93:4e:cf:50:32:0b:aa:c2: 93:6f:9b:b5:ab:41:d4:fa:8c:e2:ab:ca:4e:39:ed:22:d1:cd: bc:0a:bb:28:cd:d1:ac:71:34:1c:03:0f:c9:38:53:4b:81:ec: 5a:0f:76:06:12:63:2c:9d:ce:f0:94:de:1b:ce:a8:a4:83:3a: fb:ad:93:25:26:b8:ec:98:b1:6e:a5:bf:4f:5d:10:e6:25:55: 48:e3:fd:a8 -----BEGIN CERTIFICATE----- MIIGNDCCBRygAwIBAgISAZt8f/Iw6a7hWud21xFke3ItMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDIxODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZTk1YTExOWQ5YzFhNWQ2ZTNmM2UyMWY2ZmE4NjNkODdhMmU0YjBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWyHxF5L+21OhyIXsMnhEwML300k gv4ytA+Y02udUiHy9mHoDSuoie6TGwogCPDWHzw354vmZHRgcUeYICaabj1uNSP9 FfS/TuxR4dC6uKzC63jN2u0/y2NPJSzzvmeHnSefuRe78XSvstR8PxjDdNJ12Mem kNjJu5XnNvTmsLhdB7pXhDdmAU4TcvXBdJ0EcO2dC7qr7BJxDyilNATKILr+NvgG RDQjNpT72sy+P6BJ8mtRTmvphmeyv4hu0khA6zaqxk6wIm1O60g0WDSe1u8oBvjR PfsW5Zlfoex+T+GbzzakjU2vlcqH+SGyS5F4SgNze24sFWh27ZWUh6Y18wIDAQAB o4IDQDCCAzwwHQYDVR0OBBYEFJ6VoRnZwaXW4/PiH2+oY9h6LksNMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc0L2E5MzUy ZS05YTNhLTQ5YWEtYWQ3Ny03YmU2ZWI2YmNlODcvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQvYTkzNTJl LTlhM2EtNDlhYS1hZDc3LTdiZTZlYjZiY2U4Ny8xL25wV2hHZG5CcGRiajgtSWZi NmhqMkhvdVN3MC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIG+BggrBgEF BQcBBwEB/wSBrjCBqzCBmQQCAAEwgZIDBAIfDvgDBAIlnEgDBAVEqCADBAZYYsAD BAJZIHgDBAJZIqQDBAJZI8QDBANZJEADBANZJ4gDBAJZLCgDBAJdc8ADBAaJ3EAw DAMEBYzkIAMEBYzkQAMEBI0AkAMEB486gAMEBpglQAMEArkYeAMEBLyskAMEA7zS 0AMEArzToAMEArzViAMEA7zWCAMEBdEjQDANBAIAAjAHAwUAKgFLADAaBggrBgEF BQcBCAEB/wQLMAmgBzAFAgMA3J4wDQYJKoZIhvcNAQELBQADggEBADD4ogBsqHaF VILjS8Qvl3pKjb3zehX9RBWMSZpY1RuPgC86Btbfuo64VbZmN+v3IenRNDcNSCTL nMoZ2WoIXoqXAE2IOYVqhl1Ysoh6Bp8zIH8KByjJJvhY4jTYTTzlnYv+bFcVebwr t047i/BeapNig155L6xYapoxyTe7QwuDXdVNCDW4sIWFKJTdYxScjn2S42n/X8pc +Hk5aBu9Q1rkqpXuWiB8kakLIXCTTs9QMguqwpNvm7WrQdT6jOKryk457SLRzbwK uyjN0axxNBwDD8k4U0uB7FoPdgYSYyydzvCU3hvOqKSDOvutkyUmuOyYsW6lv09d EOYlVUjj/ag= -----END CERTIFICATE-----Generated at Mon Feb 9 15:05:10 2026 by rpki-client