This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/rFjrfGF1DM4zPNACbHfJPL5GXZg.cer File: rFjrfGF1DM4zPNACbHfJPL5GXZg.cer (raw, json) Hash identifier: fGokFipcEJq+/3bxa3ZTQXaCfcBUPhh1hC0RzowzCWY= Subject key identifier: AC:58:EB:7C:61:75:0C:CE:33:3C:D0:02:6C:77:C9:3C:BE:46:5D:98 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7E38DC036E6C74ABDEC77E73D2C06171 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/4d/ebd0c9-7a36-4036-8658-1de00bd8912c/1/rFjrfGF1DM4zPNACbHfJPL5GXZg.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/4d/ebd0c9-7a36-4036-8658-1de00bd8912c/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 10:20:14 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 205449 IP: 185.218.88.0/22 IP: 2a0c:f400::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:dc:03:6e:6c:74:ab:de:c7:7e:73:d2:c0:61:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 10:20:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ac58eb7c61750cce333cd0026c77c93cbe465d98 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:2e:70:37:3e:2c:0f:68:76:d5:94:42:89:48: 63:63:45:ee:ad:77:95:4c:a3:8f:46:43:f8:82:dd: f0:0c:a9:b2:0d:53:56:47:04:e3:7f:da:86:1a:c6: 4d:05:2f:fd:98:1d:71:9f:fe:72:2f:5e:9a:e9:c1: 58:55:e8:8f:ed:18:1d:09:b2:88:c0:3e:79:1f:1f: fa:fb:b1:48:c0:2c:a6:08:ba:38:a2:47:63:2e:2c: 6c:2b:ee:54:65:d2:16:7b:29:7d:fe:c5:5e:3b:fd: f7:dd:b2:18:b5:01:7f:f4:58:0a:c8:33:a3:54:a6: c2:79:ed:67:74:f4:bd:29:30:8f:08:d1:01:3e:39: 77:a5:d3:0b:a9:eb:82:44:3c:ff:0a:96:99:1e:76: 32:a6:bd:c0:37:e0:57:44:fc:59:df:13:43:ae:ae: 51:c2:5a:10:5d:28:bf:1c:ec:be:ae:82:69:1b:0e: f1:a0:23:ed:14:57:64:70:fa:73:2b:8b:49:59:b6: ab:cb:73:fb:da:cf:cf:ca:27:28:80:c4:ae:d1:c0: 8a:12:d3:b3:ee:e4:e2:85:66:89:6a:27:0f:7c:49: 31:73:96:f0:f4:f6:af:d1:b4:b3:9b:52:e0:76:74: 1b:11:54:45:8d:42:d1:02:f7:37:24:db:26:40:08: e6:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:58:EB:7C:61:75:0C:CE:33:3C:D0:02:6C:77:C9:3C:BE:46:5D:98 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/ebd0c9-7a36-4036-8658-1de00bd8912c/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/ebd0c9-7a36-4036-8658-1de00bd8912c/1/rFjrfGF1DM4zPNACbHfJPL5GXZg.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.218.88.0/22 IPv6: 2a0c:f400::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 205449 Signature Algorithm: sha256WithRSAEncryption 5f:9b:5e:89:74:c4:fc:53:08:79:13:d5:7d:55:0b:44:77:9f: 61:5b:d5:f7:d0:68:f4:0a:68:83:8d:94:33:af:e3:6d:d8:de: 94:24:2f:e6:83:1a:56:a0:58:b1:f5:7d:bf:05:10:ee:1d:7b: 10:6e:3d:3c:a6:ad:67:97:75:8b:bc:a5:2f:11:b0:ff:01:71: f6:7f:08:de:63:93:ee:d8:29:01:64:74:8a:5f:71:76:ce:00: 75:70:eb:5e:ee:1f:95:d6:c9:43:b9:2d:ac:9d:54:c9:46:43: da:5a:37:4c:0f:a3:04:5a:c8:49:41:b4:63:19:8f:f6:1c:db: 98:67:7a:bd:9d:c7:14:81:80:f9:84:d6:e6:76:b7:50:79:20: 3a:bf:4c:30:36:ac:cb:c8:fb:e2:29:d6:5a:bc:3b:d6:91:42: a7:f7:19:c3:2b:22:96:9a:9f:0a:84:e4:78:3d:5d:6e:a3:08: 6b:de:83:a1:a7:6c:7d:d4:c5:a8:d1:cc:b1:04:11:0e:10:ac: ac:13:f4:12:7b:3b:75:06:9a:7f:39:b6:59:a8:81:13:f0:2e: 71:45:a8:e8:e5:20:3f:be:e5:d6:a3:82:0b:33:99:e0:a5:c9: c2:9b:0a:52:9a:66:c2:f1:17:ce:ef:15:c0:69:da:c7:fb:50: 76:c0:f3:a5 -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt+ONwDbmx0q97HfnPSwGFxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTAyMDE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYzU4ZWI3YzYxNzUwY2NlMzMzY2QwMDI2Yzc3YzkzY2JlNDY1ZDk4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAri5wNz4sD2h21ZRCiUhjY0XurXeV TKOPRkP4gt3wDKmyDVNWRwTjf9qGGsZNBS/9mB1xn/5yL16a6cFYVeiP7RgdCbKI wD55Hx/6+7FIwCymCLo4okdjLixsK+5UZdIWeyl9/sVeO/333bIYtQF/9FgKyDOj VKbCee1ndPS9KTCPCNEBPjl3pdMLqeuCRDz/CpaZHnYypr3AN+BXRPxZ3xNDrq5R wloQXSi/HOy+roJpGw7xoCPtFFdkcPpzK4tJWbary3P72s/PyicogMSu0cCKEtOz 7uTihWaJaicPfEkxc5bw9Pav0bSzm1LgdnQbEVRFjULRAvc3JNsmQAjmRwIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFKxY63xhdQzOMzzQAmx3yTy+Rl2YMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRkL2ViZDBj OS03YTM2LTQwMzYtODY1OC0xZGUwMGJkODkxMmMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQvZWJkMGM5 LTdhMzYtNDAzNi04NjU4LTFkZTAwYmQ4OTEyYy8xL3JGanJmR0YxRE00elBOQUNi SGZKUEw1R1haZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCudpYMA0EAgACMAcDBQMqDPQAMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwMiiTANBgkqhkiG9w0BAQsFAAOCAQEAX5teiXTE/FMI eRPVfVULRHefYVvV99Bo9Apog42UM6/jbdjelCQv5oMaVqBYsfV9vwUQ7h17EG49 PKatZ5d1i7ylLxGw/wFx9n8I3mOT7tgpAWR0il9xds4AdXDrXu4fldbJQ7ktrJ1U yUZD2lo3TA+jBFrISUG0YxmP9hzbmGd6vZ3HFIGA+YTW5na3UHkgOr9MMDasy8j7 4inWWrw71pFCp/cZwysilpqfCoTkeD1dbqMIa96DoadsfdTFqNHMsQQRDhCsrBP0 Ens7dQaafzm2WaiBE/AucUWo6OUgP77l1qOCCzOZ4KXJwpsKUppmwvEXzu8VwGna x/tQdsDzpQ== -----END CERTIFICATE-----Generated at Mon Feb 9 18:24:49 2026 by rpki-client