This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/r3P_HsVfSSlt1zQDn6AoTMQA6yY.cer File: r3P_HsVfSSlt1zQDn6AoTMQA6yY.cer (raw, json) Hash identifier: dYgjR2kmxWPEFnRPUKe06kHSqOtgILOf+w9NZ1YE7c8= Subject key identifier: AF:73:FF:1E:C5:5F:49:29:6D:D7:34:03:9F:A0:28:4C:C4:00:EB:26 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7C124B9EB22AB2FDE3113F5601C91AF8 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/00/cea581-5cde-4574-ba0a-2c62de7b3e45/1/r3P_HsVfSSlt1zQDn6AoTMQA6yY.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/00/cea581-5cde-4574-ba0a-2c62de7b3e45/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 00:18:52 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 24864 AS: 211099 IP: 2.58.144.0/23 IP: 89.188.64.0/21 IP: 94.177.116.0/23 IP: 185.159.56.0/22 IP: 188.241.124.0/23 IP: 193.110.28.0/22 IP: 194.156.235.0/24 IP: 195.234.157.0/24 IP: 217.13.176.0/20 IP: 2a02:7c8::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:10:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:4b:9e:b2:2a:b2:fd:e3:11:3f:56:01:c9:1a:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 00:18:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=af73ff1ec55f49296dd734039fa0284cc400eb26 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:96:5e:09:c1:e4:9f:0c:d2:fe:92:12:c5:53: d3:6f:e9:14:e1:3b:6b:e7:75:2f:31:13:bc:02:bc: b2:e4:6a:b9:24:a1:ea:55:e7:c2:d5:2e:eb:8c:ea: 98:d3:51:10:66:0f:91:15:ad:48:8f:d6:5b:07:d0: ee:5b:e0:97:47:1e:d4:5c:e8:e2:a2:31:40:a9:ea: 6d:a2:7d:ff:8c:fa:a2:39:5f:bb:90:2c:64:1c:0d: d5:60:47:cb:00:27:f5:8a:58:45:3e:34:40:20:b3: 6e:a1:d1:9a:4d:06:c9:43:0e:bc:3d:cd:93:5a:65: bb:6f:0a:27:2c:e8:08:e6:29:60:f2:b9:5a:da:ad: 61:3a:c7:ce:52:96:8e:ce:a6:6c:ff:90:65:39:7f: 7f:4e:6f:be:b3:9f:73:8b:e9:63:31:a2:a3:e6:4a: 2d:f2:aa:26:ab:d9:4f:8a:f1:b6:64:82:80:6f:e4: 0d:e8:a7:c7:42:8a:0f:d6:a9:2f:49:9a:6a:2b:79: 62:55:11:5c:73:77:2a:69:f6:f1:f0:8d:2e:73:18: 69:c7:c9:a8:30:68:ec:98:39:53:09:cf:5b:b3:62: 54:e2:ae:e7:39:22:e6:20:f3:5c:bf:8b:a1:58:12: d1:02:97:2c:0d:42:5b:dc:dd:33:fe:df:47:6f:d6: 0b:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:73:FF:1E:C5:5F:49:29:6D:D7:34:03:9F:A0:28:4C:C4:00:EB:26 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cea581-5cde-4574-ba0a-2c62de7b3e45/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cea581-5cde-4574-ba0a-2c62de7b3e45/1/r3P_HsVfSSlt1zQDn6AoTMQA6yY.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.58.144.0/23 89.188.64.0/21 94.177.116.0/23 185.159.56.0/22 188.241.124.0/23 193.110.28.0/22 194.156.235.0/24 195.234.157.0/24 217.13.176.0/20 IPv6: 2a02:7c8::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 24864 211099 Signature Algorithm: sha256WithRSAEncryption 56:e7:95:87:5c:b0:9e:31:7e:ff:a0:c7:5a:45:e1:cb:aa:a5: 61:76:0e:78:66:d3:ea:de:41:3b:a2:5d:86:14:25:42:f8:4e: 06:ca:fc:08:08:a6:21:19:d5:6b:ee:fe:1d:15:22:2a:3c:57: c6:c4:b2:86:43:5a:db:dd:35:55:01:9e:ab:89:90:dd:c7:5f: f9:f3:cc:6e:b1:30:42:d3:1c:4d:b7:12:36:e6:7f:8a:ef:62: a5:51:4c:f5:1d:12:b9:d4:d0:8c:d3:59:20:e0:54:93:2d:54: fe:4f:00:68:a2:55:a0:19:d2:fc:8c:05:06:be:23:21:e7:4d: ae:8a:5a:d3:28:22:3f:4a:0f:7e:6f:5e:8d:a1:64:92:b9:23: 3a:f7:b2:9b:05:49:78:57:c2:ad:78:9d:7f:d9:7e:4c:b7:64: 1e:d0:b2:31:27:ff:e8:22:1c:37:d8:c2:a7:14:f9:dd:03:91: 3f:d2:20:b7:d4:e6:86:30:f8:1b:33:db:0c:57:f0:22:99:d3: 78:cb:c3:52:26:55:2c:b3:83:a0:1a:cf:85:cd:f4:78:d4:d9: a4:92:c1:c2:9e:3c:f3:4f:bc:d3:71:6c:96:03:8f:3b:bf:87: d8:99:27:33:45:ed:99:bc:bc:7b:de:fc:b9:0f:eb:45:5f:f7: e6:a8:db:5c -----BEGIN CERTIFICATE----- MIIF1zCCBL+gAwIBAgISAZt8Ekuesiqy/eMRP1YByRr4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDAxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZjczZmYxZWM1NWY0OTI5NmRkNzM0MDM5ZmEwMjg0Y2M0MDBlYjI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5ZeCcHknwzS/pISxVPTb+kU4Ttr 53UvMRO8Aryy5Gq5JKHqVefC1S7rjOqY01EQZg+RFa1Ij9ZbB9DuW+CXRx7UXOji ojFAqepton3/jPqiOV+7kCxkHA3VYEfLACf1ilhFPjRAILNuodGaTQbJQw68Pc2T WmW7bwonLOgI5ilg8rla2q1hOsfOUpaOzqZs/5BlOX9/Tm++s59zi+ljMaKj5kot 8qomq9lPivG2ZIKAb+QN6KfHQooP1qkvSZpqK3liVRFcc3cqafbx8I0ucxhpx8mo MGjsmDlTCc9bs2JU4q7nOSLmIPNcv4uhWBLRApcsDUJb3N0z/t9Hb9YL9wIDAQAB o4IC4zCCAt8wHQYDVR0OBBYEFK9z/x7FX0kpbdc0A5+gKEzEAOsmMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAwL2NlYTU4 MS01Y2RlLTQ1NzQtYmEwYS0yYzYyZGU3YjNlNDUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAvY2VhNTgx LTVjZGUtNDU3NC1iYTBhLTJjNjJkZTdiM2U0NS8xL3IzUF9Ic1ZmU1NsdDF6UURu NkFvVE1RQTZ5WS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF4GCCsGAQUF BwEHAQH/BE8wTTA8BAIAATA2AwQBAjqQAwQDWbxAAwQBXrF0AwQCuZ84AwQBvPF8 AwQCwW4cAwQAwpzrAwQAw+qdAwQE2Q2wMA0EAgACMAcDBQMqAgfIMB4GCCsGAQUF BwEIAQH/BA8wDaALMAkCAmEgAgMDOJswDQYJKoZIhvcNAQELBQADggEBAFbnlYdc sJ4xfv+gx1pF4cuqpWF2Dnhm0+reQTuiXYYUJUL4TgbK/AgIpiEZ1Wvu/h0VIio8 V8bEsoZDWtvdNVUBnquJkN3HX/nzzG6xMELTHE23Ejbmf4rvYqVRTPUdErnU0IzT WSDgVJMtVP5PAGiiVaAZ0vyMBQa+IyHnTa6KWtMoIj9KD35vXo2hZJK5Izr3spsF SXhXwq14nX/Zfky3ZB7QsjEn/+giHDfYwqcU+d0DkT/SILfU5oYw+Bsz2wxX8CKZ 03jLw1ImVSyzg6Aaz4XN9HjU2aSSwcKePPNPvNNxbJYDjzu/h9iZJzNF7Zm8vHve /LkP60Vf9+ao21w= -----END CERTIFICATE-----Generated at Mon Feb 9 16:51:27 2026 by rpki-client