This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer File: rSQ9z_DLOCEff-fbP5ExabRM9FY.cer (raw, json) Hash identifier: VKcRH3OQef07Y4OTw4lB3T4p0WlQM5aaFfKifMAk668= Subject key identifier: AD:24:3D:CF:F0:CB:38:21:1F:7F:E7:DB:3F:91:31:69:B4:4C:F4:56 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7E38D0DFFF9506347D3F32190B0C682A Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/rSQ9z_DLOCEff-fbP5ExabRM9FY.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 10:20:11 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 12929 AS: 25400 AS: 41164 AS: 41483 AS: 47853 AS: 49455 AS: 51135 AS: 198309 IP: 46.15.0.0/16 IP: 46.212.0.0/16 IP: 46.249.224.0/19 IP: 62.73.192.0/18 IP: 62.97.160.0/19 IP: 62.113.128.0/19 IP: 62.141.128.0/19 IP: 78.156.0.0/19 IP: 80.232.0.0/17 IP: 80.239.0.0/17 IP: 82.194.192.0/19 IP: 84.38.144.0/20 IP: 84.208.0.0/13 IP: 85.19.0.0/16 IP: 89.8.0.0/15 IP: 89.254.64.0/18 IP: 93.124.128.0/17 IP: 109.108.192.0/19 IP: 109.163.0.0/17 IP: 158.58.152.0/21 IP: 176.11.0.0/16 IP: 176.74.208.0/21 IP: 178.17.144.0/20 IP: 178.232.0.0/16 IP: 185.46.224.0/22 IP: 185.71.208.0/22 IP: 185.72.96.0/22 IP: 185.97.84.0/22 IP: 185.138.32.0/22 IP: 185.201.120.0/22 IP: 188.113.64.0/18 IP: 188.124.128.0/19 IP: 188.126.192.0/19 IP: 193.109.210.0/24 IP: 195.70.160.0/19 IP: 195.191.116.0/23 IP: 212.20.192.0/19 IP: 212.37.224.0/19 IP: 212.45.160.0/19 IP: 212.125.192.0/18 IP: 212.169.64.0/18 IP: 213.188.0.0/19 IP: 213.225.64.0/18 IP: 213.236.128.0/17 IP: 217.68.96.0/19 IP: 2a00:a240::/29 IP: 2a00:a540::/32 IP: 2a02:228::/29 IP: 2a02:fe0::/29 IP: 2a02:2200::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:d0:df:ff:95:06:34:7d:3f:32:19:0b:0c:68:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 10:20:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ad243dcff0cb38211f7fe7db3f913169b44cf456 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:a2:15:75:aa:43:c2:47:6f:80:67:0f:6b:43: 9e:4d:0b:07:e2:19:49:2c:6c:d8:3f:db:cd:c8:0c: 2e:f6:18:95:00:cf:8d:30:0a:c5:52:8c:c3:37:27: a9:29:14:5b:db:a7:b8:ff:c5:4a:37:d3:65:23:e4: ce:99:7a:b2:ec:ec:4e:3d:26:98:2e:80:25:34:2d: 73:d0:65:bb:04:fd:f4:61:97:d8:6f:d4:b2:03:b3: 2c:e9:c6:f5:0b:e6:30:28:ff:2f:5a:b0:cf:48:db: 4f:e7:2e:12:84:1a:08:96:20:ed:5c:46:9f:c6:dc: cb:4f:0c:a4:a7:49:c5:37:25:fe:b8:61:30:2c:9e: 5b:10:1e:78:ce:c6:ea:18:7f:53:d4:94:e8:88:08: c7:32:90:04:d2:6d:de:81:7e:04:ab:57:18:f0:9d: a3:b2:3f:ba:fb:68:f3:ff:2f:06:01:57:f2:bc:ff: 7f:8c:f3:a8:53:1e:fd:61:c2:fd:3e:94:23:1a:be: c8:9e:45:a6:ba:f4:40:75:4c:65:95:3b:2a:8a:76: d5:d9:eb:c2:f6:60:20:71:7e:c2:ee:a0:b1:75:13: 38:5a:22:b1:ca:c8:b7:c8:a9:e5:3a:09:e5:b4:ce: b3:fe:43:b8:45:06:13:25:8c:39:af:ad:20:d9:20: 95:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:24:3D:CF:F0:CB:38:21:1F:7F:E7:DB:3F:91:31:69:B4:4C:F4:56 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/rSQ9z_DLOCEff-fbP5ExabRM9FY.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.15.0.0/16 46.212.0.0/16 46.249.224.0/19 62.73.192.0/18 62.97.160.0/19 62.113.128.0/19 62.141.128.0/19 78.156.0.0/19 80.232.0.0/17 80.239.0.0/17 82.194.192.0/19 84.38.144.0/20 84.208.0.0/13 85.19.0.0/16 89.8.0.0/15 89.254.64.0/18 93.124.128.0/17 109.108.192.0/19 109.163.0.0/17 158.58.152.0/21 176.11.0.0/16 176.74.208.0/21 178.17.144.0/20 178.232.0.0/16 185.46.224.0/22 185.71.208.0/22 185.72.96.0/22 185.97.84.0/22 185.138.32.0/22 185.201.120.0/22 188.113.64.0/18 188.124.128.0/19 188.126.192.0/19 193.109.210.0/24 195.70.160.0/19 195.191.116.0/23 212.20.192.0/19 212.37.224.0/19 212.45.160.0/19 212.125.192.0/18 212.169.64.0/18 213.188.0.0/19 213.225.64.0/18 213.236.128.0/17 217.68.96.0/19 IPv6: 2a00:a240::/29 2a00:a540::/32 2a02:228::/29 2a02:fe0::/29 2a02:2200::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 12929 25400 41164 41483 47853 49455 51135 198309 Signature Algorithm: sha256WithRSAEncryption 82:06:88:38:01:07:0e:51:23:64:0f:90:7d:9d:f5:ba:13:d6: f9:0b:1f:9a:0d:93:8f:b0:e6:86:f0:c4:18:e2:ef:60:01:89: 75:87:2a:a8:44:a5:1d:d3:1b:ad:4e:80:dd:21:43:25:02:24: c8:15:9b:8c:50:e3:6a:a1:8e:ab:90:a0:da:f2:9f:9a:d9:80: ee:dd:17:6c:88:24:3d:89:b6:db:03:d5:12:ed:80:6a:81:3e: fa:28:21:d4:24:c6:18:06:4a:8b:6e:fd:c3:98:c7:26:e6:71: ef:07:50:20:13:62:e1:36:8a:7e:47:db:bc:d8:80:f5:5f:72: f4:1e:12:27:0a:4d:73:ff:f5:4c:32:bd:de:30:f2:ab:92:61: 7f:b8:97:43:0a:3b:8a:33:1b:5e:93:fd:91:41:e3:f7:ea:b6: 73:30:f0:5a:fd:85:3e:ef:b4:dd:7e:e8:92:f4:76:c4:69:f8: db:26:39:e0:1e:50:02:df:29:27:26:9d:aa:95:00:41:ed:a7: 09:0e:3e:e0:74:69:57:9f:1b:d5:c6:77:2a:df:44:9d:d4:d2: d6:29:3f:47:68:c3:37:4f:f0:03:34:ed:0e:ea:ae:75:32:cc: 42:94:84:b2:07:05:03:65:98:82:77:79:ad:fe:52:f8:97:45: 02:92:ae:88 -----BEGIN CERTIFICATE----- MIIG6zCCBdOgAwIBAgISAZt+ONDf/5UGNH0/MhkLDGgqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTAyMDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZDI0M2RjZmYwY2IzODIxMWY3ZmU3ZGIzZjkxMzE2OWI0NGNmNDU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqIVdapDwkdvgGcPa0OeTQsH4hlJ LGzYP9vNyAwu9hiVAM+NMArFUozDNyepKRRb26e4/8VKN9NlI+TOmXqy7OxOPSaY LoAlNC1z0GW7BP30YZfYb9SyA7Ms6cb1C+YwKP8vWrDPSNtP5y4ShBoIliDtXEaf xtzLTwykp0nFNyX+uGEwLJ5bEB54zsbqGH9T1JToiAjHMpAE0m3egX4Eq1cY8J2j sj+6+2jz/y8GAVfyvP9/jPOoUx79YcL9PpQjGr7InkWmuvRAdUxllTsqinbV2evC 9mAgcX7C7qCxdRM4WiKxysi3yKnlOgnltM6z/kO4RQYTJYw5r60g2SCVPQIDAQAB o4ID9zCCA/MwHQYDVR0OBBYEFK0kPc/wyzghH3/n2z+RMWm0TPRWMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE3L2E1ZDI3 Yi0yNmMwLTRlYjMtODliYy1iOWYyOThhNzk4ZTQvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcvYTVkMjdi LTI2YzAtNGViMy04OWJjLWI5ZjI5OGE3OThlNC8xL3JTUTl6X0RMT0NFZmYtZmJQ NUV4YWJSTTlGWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBUwYIKwYB BQUHAQcBAf8EggFCMIIBPjCCAQ8EAgABMIIBBwMDAC4PAwMALtQDBAUu+eADBAY+ ScADBAU+YaADBAU+cYADBAU+jYADBAVOnAADBAdQ6AADBAdQ7wADBAVSwsADBARU JpADAwNU0AMDAFUTAwMBWQgDBAZZ/kADBAddfIADBAVtbMADBAdtowADBAOeOpgD AwCwCwMEA7BK0AMEBLIRkAMDALLoAwQCuS7gAwQCuUfQAwQCuUhgAwQCuWFUAwQC uYogAwQCucl4AwQGvHFAAwQFvHyAAwQFvH7AAwQAwW3SAwQFw0agAwQBw790AwQF 1BTAAwQF1CXgAwQF1C2gAwQG1H3AAwQG1KlAAwQF1bwAAwQG1eFAAwQH1eyAAwQF 2URgMCkEAgACMCMDBQMqAKJAAwUAKgClQAMFAyoCAigDBQMqAg/gAwUAKgIiADA7 BggrBgEFBQcBCAEB/wQsMCqgKDAmAgIygQICYzgCAwCgzAIDAKILAgMAuu0CAwDB LwIDAMe/AgMDBqUwDQYJKoZIhvcNAQELBQADggEBAIIGiDgBBw5RI2QPkH2d9boT 1vkLH5oNk4+w5obwxBji72ABiXWHKqhEpR3TG61OgN0hQyUCJMgVm4xQ42qhjquQ oNryn5rZgO7dF2yIJD2JttsD1RLtgGqBPvooIdQkxhgGSotu/cOYxybmce8HUCAT YuE2in5H27zYgPVfcvQeEicKTXP/9Uwyvd4w8quSYX+4l0MKO4ozG16T/ZFB4/fq tnMw8Fr9hT7vtN1+6JL0dsRp+NsmOeAeUALfKScmnaqVAEHtpwkOPuB0aVefG9XG dyrfRJ3U0tYpP0dowzdP8AM07Q7qrnUyzEKUhLIHBQNlmIJ3ea3+UviXRQKSrog= -----END CERTIFICATE-----Generated at Mon Jan 26 14:07:13 2026 by rpki-client