This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/rd0qgVBgqn5iGiCUNJdYsgNolvA.cer File: rd0qgVBgqn5iGiCUNJdYsgNolvA.cer (raw, json) Hash identifier: LICF1nug9P3qJBsbNPrMo9fFNWgVmaGopIGQuZ0OeEA= Subject key identifier: AD:DD:2A:81:50:60:AA:7E:62:1A:20:94:34:97:58:B2:03:68:96:F0 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7EA687D7BAFF4A34CAD39D272D0E0AEB Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/80/e4fa48-3be8-4fa3-a436-8a0d0bf0b577/1/rd0qgVBgqn5iGiCUNJdYsgNolvA.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/80/e4fa48-3be8-4fa3-a436-8a0d0bf0b577/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 12:20:01 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 21445 AS: 47203 AS: 201776 IP: 2.59.51.0/24 IP: 31.40.208.0/22 IP: 31.40.252.0/22 IP: 37.44.252.0/22 IP: 77.83.8.0/22 IP: 77.83.16.0/22 IP: 78.136.196.0 -- 78.136.207.255 IP: 78.153.137.0 -- 78.153.138.255 IP: 78.153.147.0/24 IP: 83.171.252.0/22 IP: 83.172.60.0/22 IP: 85.115.200.0/22 IP: 89.107.136.0/22 IP: 91.103.110.0/23 IP: 94.126.24.0/21 IP: 94.231.216.0/22 IP: 109.94.220.0/22 IP: 109.236.52.0/22 IP: 109.237.104.0/24 IP: 178.34.152.0/21 IP: 178.34.176.0/20 IP: 178.173.124.0/22 IP: 185.64.44.0/22 IP: 185.94.212.0/22 IP: 188.119.76.0/22 IP: 188.124.224.0/21 IP: 188.124.248.0/21 IP: 193.47.44.0/22 IP: 193.56.64.0/22 IP: 193.56.72.0/22 IP: 193.148.52.0/22 IP: 217.197.172.0/22 IP: 2a04:f800::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:87:d7:ba:ff:4a:34:ca:d3:9d:27:2d:0e:0a:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 12:20:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=addd2a815060aa7e621a2094349758b2036896f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:86:67:05:e5:e0:03:3e:77:7a:00:73:8d:f7:3d: 73:b0:49:61:97:78:7f:f2:bb:0a:cb:67:93:7a:6c: e5:81:93:3a:7a:9d:31:83:f4:83:7a:4d:18:fe:8b: b6:34:e1:3d:c2:f7:a9:f1:26:b5:21:5f:90:06:78: 37:19:1c:61:0b:d4:94:5a:0f:f1:0c:e5:ab:ed:d8: ae:8e:aa:86:cd:3d:6d:48:77:3e:1b:24:97:fd:82: 14:68:ad:00:4f:61:a5:dd:af:10:f8:15:d0:4b:80: 9a:81:52:41:b6:8a:02:1b:c1:a7:13:41:c5:35:fe: 56:e0:e6:e6:e7:93:d0:d9:d8:bc:4c:33:02:a3:fa: 2a:5c:3b:0c:13:f6:d7:03:34:ba:83:da:d0:4c:68: 67:38:45:d8:45:c1:f5:d6:53:76:1f:85:74:38:32: 30:54:09:6a:09:9d:a9:5e:5b:98:32:5a:d4:f7:96: 01:c9:e0:cd:24:94:c4:c4:74:73:f2:8f:12:b1:ce: 01:ab:5f:3f:eb:18:78:7a:6b:42:42:12:24:65:6d: b8:84:9b:23:10:c2:16:59:54:25:ff:62:58:46:11: d4:fc:7c:05:75:db:80:53:d0:33:09:7d:01:de:76: 59:0d:38:00:10:3d:8f:b3:7c:79:55:bc:7f:58:b6: 5b:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:DD:2A:81:50:60:AA:7E:62:1A:20:94:34:97:58:B2:03:68:96:F0 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4fa48-3be8-4fa3-a436-8a0d0bf0b577/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4fa48-3be8-4fa3-a436-8a0d0bf0b577/1/rd0qgVBgqn5iGiCUNJdYsgNolvA.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.59.51.0/24 31.40.208.0/22 31.40.252.0/22 37.44.252.0/22 77.83.8.0/22 77.83.16.0/22 78.136.196.0-78.136.207.255 78.153.137.0-78.153.138.255 78.153.147.0/24 83.171.252.0/22 83.172.60.0/22 85.115.200.0/22 89.107.136.0/22 91.103.110.0/23 94.126.24.0/21 94.231.216.0/22 109.94.220.0/22 109.236.52.0/22 109.237.104.0/24 178.34.152.0/21 178.34.176.0/20 178.173.124.0/22 185.64.44.0/22 185.94.212.0/22 188.119.76.0/22 188.124.224.0/21 188.124.248.0/21 193.47.44.0/22 193.56.64.0/22 193.56.72.0/22 193.148.52.0/22 217.197.172.0/22 IPv6: 2a04:f800::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 21445 47203 201776 Signature Algorithm: sha256WithRSAEncryption 0f:ee:2b:dc:64:21:d4:49:39:65:c2:e7:94:6c:1e:45:44:b0: e7:81:a6:99:f8:58:25:55:d6:5c:81:5a:00:86:57:c7:bd:c3: 2a:19:46:64:92:bb:83:93:da:a5:c7:25:fa:ed:1d:e1:42:ab: 50:02:39:71:05:3e:44:0f:b8:9b:4a:e7:47:04:08:b7:2f:55: da:60:3c:7f:1a:6f:13:d4:bc:9f:71:78:2e:f3:04:cb:d9:76: b5:35:96:7c:2b:e6:23:7a:08:03:94:ee:0a:af:c1:7b:ad:32: c2:6b:37:f1:bc:d5:17:28:68:1d:5a:d6:71:70:93:7d:2b:b4: f3:8f:60:ae:5a:0d:91:2d:cd:42:46:89:39:d7:1e:92:24:03: a8:00:b7:9c:af:f4:5d:57:4b:a7:2b:92:71:4f:ca:3d:08:55: 84:c8:b5:72:70:1b:ca:2b:03:77:9a:0c:f8:64:12:21:09:3b: c8:7a:ac:8d:75:93:a9:22:1a:f3:cd:70:25:a6:42:c2:ca:dc: ce:49:c1:31:58:72:97:7d:8a:45:3f:7b:cc:a7:a2:26:80:5b: a4:8a:33:58:41:59:21:2b:dc:63:eb:bb:30:ef:e3:54:ea:25: de:79:0d:47:d2:e2:13:34:db:69:91:1a:5d:7b:7a:ac:8a:2a: 57:70:89:95 -----BEGIN CERTIFICATE----- MIIGezCCBWOgAwIBAgISAZt+pofXuv9KNMrTnSctDgrrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTIyMDAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZGRkMmE4MTUwNjBhYTdlNjIxYTIwOTQzNDk3NThiMjAzNjg5NmYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmcF5eADPnd6AHON9z1zsElhl3h/ 8rsKy2eTemzlgZM6ep0xg/SDek0Y/ou2NOE9wvep8Sa1IV+QBng3GRxhC9SUWg/x DOWr7diujqqGzT1tSHc+GySX/YIUaK0AT2Gl3a8Q+BXQS4CagVJBtooCG8GnE0HF Nf5W4Obm55PQ2di8TDMCo/oqXDsME/bXAzS6g9rQTGhnOEXYRcH11lN2H4V0ODIw VAlqCZ2pXluYMlrU95YByeDNJJTExHRz8o8Ssc4Bq18/6xh4emtCQhIkZW24hJsj EMIWWVQl/2JYRhHU/HwFdduAU9AzCX0B3nZZDTgAED2Ps3x5Vbx/WLZbfwIDAQAB o4IDhzCCA4MwHQYDVR0OBBYEFK3dKoFQYKp+YhoglDSXWLIDaJbwMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgwL2U0ZmE0 OC0zYmU4LTRmYTMtYTQzNi04YTBkMGJmMGI1NzcvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAvZTRmYTQ4 LTNiZTgtNGZhMy1hNDM2LThhMGQwYmYwYjU3Ny8xL3JkMHFnVkJncW41aUdpQ1VO SmRZc2dOb2x2QS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIH8BggrBgEF BQcBBwEB/wSB7DCB6TCB1wQCAAEwgdADBAACOzMDBAIfKNADBAIfKPwDBAIlLPwD BAJNUwgDBAJNUxAwDAMEAk6IxAMEBE6IwDAMAwQATpmJAwQATpmKAwQATpmTAwQC U6v8AwQCU6w8AwQCVXPIAwQCWWuIAwQBW2duAwQDXn4YAwQCXufYAwQCbV7cAwQC bew0AwQAbe1oAwQDsiKYAwQEsiKwAwQCsq18AwQCuUAsAwQCuV7UAwQCvHdMAwQD vHzgAwQDvHz4AwQCwS8sAwQCwThAAwQCwThIAwQCwZQ0AwQC2cWsMA0EAgACMAcD BQMqBPgAMCMGCCsGAQUFBwEIAQH/BBQwEqAQMA4CAlPFAgMAuGMCAwMUMDANBgkq hkiG9w0BAQsFAAOCAQEAD+4r3GQh1Ek5ZcLnlGweRUSw54GmmfhYJVXWXIFaAIZX x73DKhlGZJK7g5Papccl+u0d4UKrUAI5cQU+RA+4m0rnRwQIty9V2mA8fxpvE9S8 n3F4LvMEy9l2tTWWfCvmI3oIA5TuCq/Be60ywms38bzVFyhoHVrWcXCTfSu0849g rloNkS3NQkaJOdcekiQDqAC3nK/0XVdLpyuScU/KPQhVhMi1cnAbyisDd5oM+GQS IQk7yHqsjXWTqSIa881wJaZCwsrczknBMVhyl32KRT97zKeiJoBbpIozWEFZISvc Y+u7MO/jVOol3nkNR9LiEzTbaZEaXXt6rIoqV3CJlQ== -----END CERTIFICATE-----Generated at Mon Feb 9 19:44:08 2026 by rpki-client