This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/qCRriLgptKOq3CgNoUW2PpnpKg4.cer File: qCRriLgptKOq3CgNoUW2PpnpKg4.cer (raw, json) Hash identifier: PJhiT8NBqPYt9PUmUv2rzDbvUnR7I1OKpV/vwTjYt5M= Subject key identifier: A8:24:6B:88:B8:29:B4:A3:AA:DC:28:0D:A1:45:B6:3E:99:E9:2A:0E Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B76EB02CBFFC90799CE7F0A815F617A8B Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b8/a36fb2-e60d-4f8b-9c8a-490c88301fce/1/qCRriLgptKOq3CgNoUW2PpnpKg4.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b8/a36fb2-e60d-4f8b-9c8a-490c88301fce/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 00:17:51 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 2.57.52.0/22 IP: 91.236.104.0/24 IP: 91.236.115.0/24 IP: 91.236.213.0/24 IP: 91.237.53.0/24 IP: 2a09:d140::/29 IP: 2a0f:68c0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:02:cb:ff:c9:07:99:ce:7f:0a:81:5f:61:7a:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 00:17:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a8246b88b829b4a3aadc280da145b63e99e92a0e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:40:3d:07:55:cc:12:69:75:2a:d2:23:46:2e: 1c:d3:d2:75:0f:89:61:ca:37:c7:06:74:82:29:e8: 81:dd:a0:3b:78:88:d7:84:29:78:5b:72:a3:0c:ae: 7e:a9:e2:10:1c:f6:18:c4:2c:ee:26:5f:f3:c4:1c: 58:eb:01:36:70:0e:17:4f:d2:7a:3c:c6:4b:bc:9f: 78:23:ec:f4:c6:ac:77:30:41:70:5a:57:06:b0:5b: ac:d9:ad:85:46:ed:f1:9c:e4:d7:c5:92:7e:e5:a0: dc:58:0c:0c:a9:e2:c5:a0:09:56:6f:ea:af:1d:20: 9b:40:98:1b:21:4c:3f:cd:8b:50:38:79:2b:e0:27: 54:51:4c:97:48:cc:a8:3b:58:c1:2f:cb:0e:54:1d: 8a:e1:37:11:fd:ea:5f:4e:b4:de:51:f8:99:87:72: c9:72:5a:13:fd:d7:5e:e1:28:58:39:ff:e4:86:69: 32:ad:a2:7e:05:d5:22:f3:40:4b:d1:2e:e2:20:60: 29:2e:67:26:8e:ad:8c:cb:95:bf:e3:99:15:30:3e: fd:16:1d:ea:d5:b6:b5:72:07:55:67:b2:7c:95:26: 19:0f:e5:17:4e:49:85:a9:46:3a:cf:f7:13:e2:06: 3d:87:20:d2:bb:34:3a:c1:a8:40:85:ac:10:a5:5f: 8e:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:24:6B:88:B8:29:B4:A3:AA:DC:28:0D:A1:45:B6:3E:99:E9:2A:0E X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/a36fb2-e60d-4f8b-9c8a-490c88301fce/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/a36fb2-e60d-4f8b-9c8a-490c88301fce/1/qCRriLgptKOq3CgNoUW2PpnpKg4.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.57.52.0/22 91.236.104.0/24 91.236.115.0/24 91.236.213.0/24 91.237.53.0/24 IPv6: 2a09:d140::/29 2a0f:68c0::/29 Signature Algorithm: sha256WithRSAEncryption 76:77:03:51:44:23:0e:96:ce:99:3c:b4:1a:f3:1a:6d:6d:d3: 1d:f0:30:0d:47:46:ab:45:75:4a:47:ac:2a:12:65:4a:cc:de: 10:3a:32:5b:dd:71:b2:48:09:ba:c0:7e:f2:7c:a8:8a:be:9c: 07:57:f2:da:39:fa:f4:99:80:52:5e:c7:9b:6b:69:25:65:5e: 80:87:8b:43:b5:d2:8c:96:b8:67:3d:b3:3e:4e:2c:22:9d:b9: 2e:f5:2c:cd:e4:a0:52:de:b8:c7:37:fd:59:13:6c:07:c4:d2: de:6f:68:99:34:5c:5e:9f:24:6a:8c:3f:e1:c9:38:78:a2:99: 68:c0:be:16:01:7e:16:22:b1:d7:1a:a0:6a:55:e1:ab:3f:25: f5:38:38:56:66:88:8d:8c:45:10:65:a8:d7:3e:73:53:48:2d: b2:09:f7:3d:d0:20:35:03:ca:dd:ca:19:56:0f:2d:d7:ff:6e: e8:29:4b:41:e9:08:32:f3:ee:77:bb:c5:05:74:5e:c8:70:d5: f4:b8:1f:2b:f8:14:45:0c:ca:b4:45:d2:ee:14:27:13:a5:fc: be:8a:a9:77:f4:f5:d9:a7:21:a0:65:e3:2c:b7:b4:9c:ef:33: cc:d2:b8:cd:8d:48:28:c5:c5:35:4b:5d:64:2c:07:f3:7b:23: 54:01:1d:cc -----BEGIN CERTIFICATE----- MIIFpjCCBI6gAwIBAgISAZt26wLL/8kHmc5/CoFfYXqLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDAxNzUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhODI0NmI4OGI4MjliNGEzYWFkYzI4MGRhMTQ1YjYzZTk5ZTkyYTBlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kA9B1XMEml1KtIjRi4c09J1D4lh yjfHBnSCKeiB3aA7eIjXhCl4W3KjDK5+qeIQHPYYxCzuJl/zxBxY6wE2cA4XT9J6 PMZLvJ94I+z0xqx3MEFwWlcGsFus2a2FRu3xnOTXxZJ+5aDcWAwMqeLFoAlWb+qv HSCbQJgbIUw/zYtQOHkr4CdUUUyXSMyoO1jBL8sOVB2K4TcR/epfTrTeUfiZh3LJ cloT/dde4ShYOf/khmkyraJ+BdUi80BL0S7iIGApLmcmjq2My5W/45kVMD79Fh3q 1ba1cgdVZ7J8lSYZD+UXTkmFqUY6z/cT4gY9hyDSuzQ6wahAhawQpV+OZQIDAQAB o4ICsjCCAq4wHQYDVR0OBBYEFKgka4i4KbSjqtwoDaFFtj6Z6SoOMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I4L2EzNmZi Mi1lNjBkLTRmOGItOWM4YS00OTBjODgzMDFmY2UvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgvYTM2ZmIy LWU2MGQtNGY4Yi05YzhhLTQ5MGM4ODMwMWZjZS8xL3FDUnJpTGdwdEtPcTNDZ05v VVcyUHBucEtnNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CME0GCCsGAQUF BwEHAQH/BD4wPDAkBAIAATAeAwQCAjk0AwQAW+xoAwQAW+xzAwQAW+zVAwQAW+01 MBQEAgACMA4DBQMqCdFAAwUDKg9owDANBgkqhkiG9w0BAQsFAAOCAQEAdncDUUQj DpbOmTy0GvMabW3THfAwDUdGq0V1SkesKhJlSszeEDoyW91xskgJusB+8nyoir6c B1fy2jn69JmAUl7Hm2tpJWVegIeLQ7XSjJa4Zz2zPk4sIp25LvUszeSgUt64xzf9 WRNsB8TS3m9omTRcXp8kaow/4ck4eKKZaMC+FgF+FiKx1xqgalXhqz8l9Tg4VmaI jYxFEGWo1z5zU0gtsgn3PdAgNQPK3coZVg8t1/9u6ClLQekIMvPud7vFBXReyHDV 9LgfK/gURQzKtEXS7hQnE6X8voqpd/T12achoGXjLLe0nO8zzNK4zY1IKMXFNUtd ZCwH83sjVAEdzA== -----END CERTIFICATE-----Generated at Mon Jan 19 18:29:14 2026 by rpki-client