This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/qQYfL0mm16-epna60D3xzi9QJg0.cer File: qQYfL0mm16-epna60D3xzi9QJg0.cer (raw, json) Hash identifier: qZdPF6ZL44e4eOqMM+czgYsLa/2iQfcORJ9CQoeuI6s= Subject key identifier: A9:06:1F:2F:49:A6:D7:AF:9E:A6:76:BA:D0:3D:F1:CE:2F:50:26:0D Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7D5CF5E4C3D895B6C51EB3541B0A8367 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/18/ba9be1-1fa2-4253-bf01-f6c268612fc7/1/qQYfL0mm16-epna60D3xzi9QJg0.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/18/ba9be1-1fa2-4253-bf01-f6c268612fc7/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 06:20:02 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 29056 IP: 37.143.176.0/20 IP: 85.237.0.0/19 IP: 91.143.96.0/20 IP: 109.73.144.0/20 IP: 185.15.236.0/22 IP: 185.220.252.0/22 IP: 185.222.128.0/22 IP: 185.225.144.0/22 IP: 185.228.128.0/22 IP: 185.233.144.0/22 IP: 185.236.72.0/22 IP: 193.46.248.0/24 IP: 217.29.144.0/20 IP: 2a02:758::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:10:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:f5:e4:c3:d8:95:b6:c5:1e:b3:54:1b:0a:83:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 06:20:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a9061f2f49a6d7af9ea676bad03df1ce2f50260d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:63:d9:22:cb:d5:c7:69:99:ac:77:22:c5:74: 89:f5:97:10:8c:f7:28:27:b9:86:ce:f4:eb:44:05: 22:b8:e1:de:94:8c:11:8c:6b:52:56:06:d6:1d:18: 32:79:96:2b:e6:b0:69:37:f8:bf:f4:e8:ec:10:3c: 2a:4a:91:c9:42:67:20:10:2e:29:bc:54:b0:c8:b4: 03:41:7c:88:3a:17:6a:90:22:72:87:60:9b:02:00: f7:31:ba:f8:79:cc:50:a3:17:ca:60:ad:79:ca:a0: e4:4d:46:77:b4:17:10:9a:04:bf:23:50:d0:5c:67: d8:e4:18:14:b9:08:38:5f:42:fc:dc:a8:8b:12:f2: 41:e9:18:b9:48:d1:90:97:5f:25:f4:46:16:58:67: d2:4e:85:50:1d:1c:8a:76:3b:1d:31:e9:9a:24:f3: b3:51:25:12:39:6b:f0:e5:b8:e8:a5:27:65:b8:10: b6:1c:ef:b5:43:8d:d8:85:cf:2b:67:ae:3c:28:70: cd:5d:9f:d5:ab:fa:03:19:4d:cf:5d:62:0e:12:08: 4d:6c:c5:5c:f4:f9:d0:cb:67:dd:ce:f2:4f:c6:43: 2b:6e:f5:3b:3d:5e:88:89:68:22:6a:f4:22:0b:b3: 7a:f7:a8:89:07:57:07:7e:e4:46:19:0b:19:38:67: 75:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:06:1F:2F:49:A6:D7:AF:9E:A6:76:BA:D0:3D:F1:CE:2F:50:26:0D X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba9be1-1fa2-4253-bf01-f6c268612fc7/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba9be1-1fa2-4253-bf01-f6c268612fc7/1/qQYfL0mm16-epna60D3xzi9QJg0.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.143.176.0/20 85.237.0.0/19 91.143.96.0/20 109.73.144.0/20 185.15.236.0/22 185.220.252.0/22 185.222.128.0/22 185.225.144.0/22 185.228.128.0/22 185.233.144.0/22 185.236.72.0/22 193.46.248.0/24 217.29.144.0/20 IPv6: 2a02:758::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 29056 Signature Algorithm: sha256WithRSAEncryption 0c:a6:08:b6:c6:e0:c4:d9:6f:47:bd:4d:15:b0:71:34:bc:fd: 16:f3:6c:24:13:b5:13:b2:53:fe:b5:ca:48:e1:4f:26:b9:1b: 69:1d:ca:8b:7f:e6:c6:e2:71:6f:98:b2:d8:a2:a6:ff:9c:99: e8:54:33:2d:2c:e9:e1:c8:26:65:99:44:41:0b:17:a0:8d:d7: 09:f9:39:b8:80:c0:75:ef:4b:00:04:c1:58:d0:44:da:e5:42: 57:a9:f3:f3:1d:b1:eb:5f:8d:1d:68:a8:64:bd:7f:aa:2b:84: 5f:7b:00:0f:6e:8c:82:5e:76:a8:fd:b3:9f:ce:50:46:67:06: 01:e6:0b:75:a8:8d:bd:23:52:a4:67:a3:ee:40:73:8e:b5:3f: a1:8f:f8:f0:2c:53:ff:07:97:50:b1:8b:b9:96:77:98:ae:c0: 30:5c:8a:06:73:48:be:49:4c:be:26:98:dd:56:00:66:3e:c2: 4f:12:9b:4a:a0:b8:f8:41:78:01:ee:23:23:5e:fe:1e:a8:fd: 01:77:9d:50:ed:13:fb:8e:41:9b:8f:82:ad:76:b7:13:4d:76: 2c:6c:6b:fd:0c:33:7b:63:f8:e9:fb:bb:e7:79:31:89:92:6b: ad:29:0f:78:c8:c8:84:a0:80:25:c9:8f:1b:74:33:ab:ac:af: 49:d1:30:3c -----BEGIN CERTIFICATE----- MIIF6jCCBNKgAwIBAgISAZt9XPXkw9iVtsUes1QbCoNnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDYyMDAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhOTA2MWYyZjQ5YTZkN2FmOWVhNjc2YmFkMDNkZjFjZTJmNTAyNjBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWPZIsvVx2mZrHcixXSJ9ZcQjPco J7mGzvTrRAUiuOHelIwRjGtSVgbWHRgyeZYr5rBpN/i/9OjsEDwqSpHJQmcgEC4p vFSwyLQDQXyIOhdqkCJyh2CbAgD3Mbr4ecxQoxfKYK15yqDkTUZ3tBcQmgS/I1DQ XGfY5BgUuQg4X0L83KiLEvJB6Ri5SNGQl18l9EYWWGfSToVQHRyKdjsdMemaJPOz USUSOWvw5bjopSdluBC2HO+1Q43Yhc8rZ648KHDNXZ/Vq/oDGU3PXWIOEghNbMVc 9PnQy2fdzvJPxkMrbvU7PV6IiWgiavQiC7N696iJB1cHfuRGGQsZOGd1TQIDAQAB o4IC9jCCAvIwHQYDVR0OBBYEFKkGHy9JptevnqZ2utA98c4vUCYNMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE4L2JhOWJl MS0xZmEyLTQyNTMtYmYwMS1mNmMyNjg2MTJmYzcvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgvYmE5YmUx LTFmYTItNDI1My1iZjAxLWY2YzI2ODYxMmZjNy8xL3FRWWZMMG1tMTYtZXBuYTYw RDN4emk5UUpnMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHYGCCsGAQUF BwEHAQH/BGcwZTBUBAIAATBOAwQEJY+wAwQFVe0AAwQEW49gAwQEbUmQAwQCuQ/s AwQCudz8AwQCud6AAwQCueGQAwQCueSAAwQCuemQAwQCuexIAwQAwS74AwQE2R2Q MA0EAgACMAcDBQMqAgdYMBkGCCsGAQUFBwEIAQH/BAowCKAGMAQCAnGAMA0GCSqG SIb3DQEBCwUAA4IBAQAMpgi2xuDE2W9HvU0VsHE0vP0W82wkE7UTslP+tcpI4U8m uRtpHcqLf+bG4nFvmLLYoqb/nJnoVDMtLOnhyCZlmURBCxegjdcJ+Tm4gMB170sA BMFY0ETa5UJXqfPzHbHrX40daKhkvX+qK4RfewAPboyCXnao/bOfzlBGZwYB5gt1 qI29I1KkZ6PuQHOOtT+hj/jwLFP/B5dQsYu5lneYrsAwXIoGc0i+SUy+JpjdVgBm PsJPEptKoLj4QXgB7iMjXv4eqP0Bd51Q7RP7jkGbj4KtdrcTTXYsbGv9DDN7Y/jp +7vneTGJkmutKQ94yMiEoIAlyY8bdDOrrK9J0TA8 -----END CERTIFICATE-----Generated at Mon Feb 9 16:53:11 2026 by rpki-client