This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/q06x4MU6aA6qQLjHzT8hzJYEPoo.cer File: q06x4MU6aA6qQLjHzT8hzJYEPoo.cer (raw, json) Hash identifier: dFW00fM+fpUiJBC93lld2umx38K3bZrSupiTJAh7x44= Subject key identifier: AB:4E:B1:E0:C5:3A:68:0E:AA:40:B8:C7:CD:3F:21:CC:96:04:3E:8A Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7EA46681D15A753ECECAC744D38A54E9 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c3/6e02e8-7e05-4fcf-8a6a-37c2342c5c2f/1/q06x4MU6aA6qQLjHzT8hzJYEPoo.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c3/6e02e8-7e05-4fcf-8a6a-37c2342c5c2f/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 12:17:42 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 201983 IP: 91.132.52.0/22 IP: 139.28.236.0/22 IP: 185.57.104.0/22 IP: 185.177.164.0/22 IP: 194.0.225.0/24 IP: 194.0.227.0 -- 194.0.228.255 IP: 194.0.231.0/24 IP: 212.237.200.0/21 IP: 2a04:dcc0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:66:81:d1:5a:75:3e:ce:ca:c7:44:d3:8a:54:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 12:17:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ab4eb1e0c53a680eaa40b8c7cd3f21cc96043e8a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:a3:70:7e:c2:33:e0:e9:47:12:2f:f2:3d:b4: a8:a2:9d:be:94:e1:9b:1e:d5:5f:a8:4c:e7:54:e9: a3:95:19:e4:f8:1b:5a:7a:aa:0c:7d:cb:7b:34:27: 4a:a3:62:32:15:64:95:e3:1e:ef:c5:7c:35:33:e4: 2d:be:8d:7c:90:b3:54:c4:85:ef:f1:59:2b:78:b3: 79:86:f9:2c:4f:91:85:ce:e3:23:da:20:b9:05:0a: ff:a0:2d:10:f0:cb:ce:6c:8c:ec:56:9c:35:44:a6: 0a:5b:67:28:4c:2c:b8:18:42:5c:c3:14:88:af:25: 41:8f:75:cd:48:f6:88:d8:c7:ca:c3:5c:dc:1d:18: df:fd:64:ad:9b:41:a8:de:30:e2:9a:fc:85:26:70: c3:71:67:b8:0d:0b:13:a4:8a:e9:31:21:c7:4a:bf: 33:33:33:53:46:8c:85:15:41:15:b3:62:b4:d5:29: c1:8a:d0:ea:79:2a:47:73:2b:1a:7d:55:54:eb:d2: 2e:9c:3b:aa:41:21:17:6a:57:17:92:53:e5:da:71: a9:cd:ee:5e:03:d2:a5:1d:1f:44:eb:c3:35:f0:a7: df:2c:63:88:2c:1c:8e:48:4e:1c:31:12:e5:15:f3: ab:28:4f:5a:a0:f1:c3:d9:85:9f:ea:ab:7c:1d:49: bf:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:4E:B1:E0:C5:3A:68:0E:AA:40:B8:C7:CD:3F:21:CC:96:04:3E:8A X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/6e02e8-7e05-4fcf-8a6a-37c2342c5c2f/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/6e02e8-7e05-4fcf-8a6a-37c2342c5c2f/1/q06x4MU6aA6qQLjHzT8hzJYEPoo.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.132.52.0/22 139.28.236.0/22 185.57.104.0/22 185.177.164.0/22 194.0.225.0/24 194.0.227.0-194.0.228.255 194.0.231.0/24 212.237.200.0/21 IPv6: 2a04:dcc0::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 201983 Signature Algorithm: sha256WithRSAEncryption 60:10:f4:fd:34:73:dd:86:75:d5:8a:5b:93:49:99:e7:fe:b0: 1e:09:73:d0:8c:70:4a:e9:63:2f:6a:5d:a9:a7:32:3d:ad:21: 7b:7c:ac:bb:1c:fa:3c:8f:cf:12:1d:a2:d0:83:f7:d6:2f:4f: 4b:5c:5d:5b:69:19:76:81:67:50:ca:a2:0d:d8:83:c2:f0:2d: 09:3f:33:2c:b8:22:5d:4a:d5:c2:7e:4b:f0:20:21:be:a6:64: df:5d:b6:5a:8c:06:5c:a5:1e:76:c9:c7:b5:16:4d:55:50:15: 07:da:e9:35:7b:d2:28:fa:90:bc:29:84:86:81:7a:f9:5f:1e: 1b:42:5e:d7:45:6a:df:01:f4:d1:e1:59:6b:71:fe:e3:22:5c: d2:23:c9:4f:20:66:56:c2:2b:9f:80:75:9b:eb:4d:fb:3a:7d: 22:90:4f:44:d2:3f:04:26:e1:bb:c1:e6:72:f6:b4:29:7b:b7: 56:bc:56:0a:da:32:91:1d:e5:37:81:71:0a:20:8a:bb:1b:bb: b9:b9:55:2f:dc:45:d3:70:c5:f1:4e:f8:0d:18:5c:91:5d:34: d0:32:25:2f:7b:e3:fa:62:27:e3:52:df:31:39:e8:76:31:a4: 74:fa:da:89:88:4b:9f:7c:3b:1b:3c:45:e5:aa:29:1a:dd:93: 90:e3:39:e7 -----BEGIN CERTIFICATE----- MIIF1TCCBL2gAwIBAgISAZt+pGaB0Vp1Ps7Kx0TTilTpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTIxNzQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYjRlYjFlMGM1M2E2ODBlYWE0MGI4YzdjZDNmMjFjYzk2MDQzZThhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKNwfsIz4OlHEi/yPbSoop2+lOGb HtVfqEznVOmjlRnk+BtaeqoMfct7NCdKo2IyFWSV4x7vxXw1M+Qtvo18kLNUxIXv 8VkreLN5hvksT5GFzuMj2iC5BQr/oC0Q8MvObIzsVpw1RKYKW2coTCy4GEJcwxSI ryVBj3XNSPaI2MfKw1zcHRjf/WStm0Go3jDimvyFJnDDcWe4DQsTpIrpMSHHSr8z MzNTRoyFFUEVs2K01SnBitDqeSpHcysafVVU69IunDuqQSEXalcXklPl2nGpze5e A9KlHR9E68M18KffLGOILByOSE4cMRLlFfOrKE9aoPHD2YWf6qt8HUm/7QIDAQAB o4IC4TCCAt0wHQYDVR0OBBYEFKtOseDFOmgOqkC4x80/IcyWBD6KMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzLzZlMDJl OC03ZTA1LTRmY2YtOGE2YS0zN2MyMzQyYzVjMmYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMvNmUwMmU4 LTdlMDUtNGZjZi04YTZhLTM3YzIzNDJjNWMyZi8xL3EwNng0TVU2YUE2cVFMakh6 VDhoekpZRVBvby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGAGCCsGAQUF BwEHAQH/BFEwTzA+BAIAATA4AwQCW4Q0AwQCixzsAwQCuTloAwQCubGkAwQAwgDh MAwDBADCAOMDBADCAOQDBADCAOcDBAPU7cgwDQQCAAIwBwMFAyoE3MAwGgYIKwYB BQUHAQgBAf8ECzAJoAcwBQIDAxT/MA0GCSqGSIb3DQEBCwUAA4IBAQBgEPT9NHPd hnXViluTSZnn/rAeCXPQjHBK6WMval2ppzI9rSF7fKy7HPo8j88SHaLQg/fWL09L XF1baRl2gWdQyqIN2IPC8C0JPzMsuCJdStXCfkvwICG+pmTfXbZajAZcpR52yce1 Fk1VUBUH2uk1e9Io+pC8KYSGgXr5Xx4bQl7XRWrfAfTR4Vlrcf7jIlzSI8lPIGZW wiufgHWb6037On0ikE9E0j8EJuG7weZy9rQpe7dWvFYK2jKRHeU3gXEKIIq7G7u5 uVUv3EXTcMXxTvgNGFyRXTTQMiUve+P6YifjUt8xOeh2MaR0+tqJiEuffDsbPEXl qika3ZOQ4znn -----END CERTIFICATE-----Generated at Mon Feb 9 15:07:35 2026 by rpki-client