This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer File: st8A84zO2SGXmTB2yzaFvzK8Xmk.cer (raw, json) Hash identifier: kT34UJvYsGJcRElXW4Kg+xqBwJyqb/twGqtqIm3uPdY= Subject key identifier: B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7F15B0E28AD1123ECC3AFA7461E7FDCF Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 14:21:26 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 28941 AS: 57111 IP: 185.103.112.0/22 IP: 185.199.24.0/22 IP: 185.204.132.0/22 IP: 2a0a:9440::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:10:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:b0:e2:8a:d1:12:3e:cc:3a:fa:74:61:e7:fd:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 14:21:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b2df00f38cced92197993076cb3685bf32bc5e69 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:a3:07:fa:48:c7:ba:97:e7:0b:05:b4:0f:aa: 8d:c9:95:c6:08:cf:ba:5a:4b:be:97:e0:31:4c:82: 7f:12:4f:ad:c8:aa:eb:58:d3:2d:5b:e1:4c:00:96: 90:35:43:70:5c:5a:8f:77:e4:57:36:cf:13:9d:ba: 61:48:0a:69:9f:fe:da:7e:94:02:45:51:c5:b5:b1: 7b:f1:db:f7:b0:fe:32:f8:c5:45:79:5f:65:42:59: eb:3a:d3:40:8b:e8:d7:f3:4c:97:07:4e:c5:de:02: ef:55:d1:2b:12:ba:d0:30:ea:fe:80:ee:b2:2e:16: 38:84:30:17:d1:a1:2c:3a:55:59:d5:86:1b:6c:b5: 84:99:26:7d:b7:39:0f:80:aa:04:83:03:8a:a7:6c: fa:a8:0c:3a:18:d9:82:39:6a:59:82:79:8d:6b:65: 18:53:44:b0:e7:26:df:4b:2b:88:5d:27:20:45:dc: 52:7c:85:b5:af:88:30:72:00:e2:1e:37:15:10:7a: 70:f5:ab:90:10:cb:72:ae:5d:80:1f:e5:a1:f0:2a: 9d:af:16:31:2a:be:8a:6e:72:ea:18:d3:d5:67:47: 76:84:06:b2:44:b4:e4:30:81:22:ba:7e:08:0f:e9: 63:c5:9c:2f:d9:bb:44:69:19:67:7e:0a:3e:34:53: 58:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.103.112.0/22 185.199.24.0/22 185.204.132.0/22 IPv6: 2a0a:9440::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 28941 57111 Signature Algorithm: sha256WithRSAEncryption 4f:41:f0:9d:11:16:c4:97:8e:0b:72:0b:f0:e9:33:7c:95:a3: f1:58:0d:17:9e:93:1f:4b:7a:a5:46:ed:3d:f3:fd:3c:a7:80: ab:3c:99:ed:41:df:76:2f:83:47:45:0d:dc:b4:9b:04:34:af: 3f:cc:c9:a9:fc:3c:ca:ce:b8:0b:f2:11:3c:39:96:45:d4:72: f9:73:6b:aa:00:98:25:a3:c2:b3:c2:c0:f9:3b:79:b7:f5:91: 96:78:26:92:dd:1b:9f:4e:8f:9f:6e:1e:fa:ab:8a:3b:9c:a1: 6b:db:15:fd:d8:c7:55:ca:a3:ff:5c:e8:01:2a:31:1c:40:b0: 33:c9:7b:92:19:bc:dc:8d:e0:ce:3d:e0:1c:4e:75:b4:d7:8d: 8b:9b:bc:cf:a6:87:a3:06:a5:da:e2:7e:fe:74:ef:c2:58:14: b9:71:43:70:12:4e:3e:dd:9e:18:f4:93:aa:4e:09:ff:26:d4: d9:e5:72:a4:3b:b1:6b:b2:b1:49:f1:86:a7:54:76:b7:60:0d: 11:0c:90:b6:3e:0a:c6:bd:0e:1e:7f:cd:d1:6d:44:0b:f2:3d: e7:dc:8b:c6:47:3f:de:08:7a:88:a7:a5:f7:c3:18:74:1f:d6: 24:68:af:6a:13:d4:9c:8b:a5:8c:bd:fa:65:c6:62:e0:83:5a: 9e:de:f8:39 -----BEGIN CERTIFICATE----- MIIFszCCBJugAwIBAgISAZt/FbDiitESPsw6+nRh5/3PMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTQyMTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMmRmMDBmMzhjY2VkOTIxOTc5OTMwNzZjYjM2ODViZjMyYmM1ZTY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6MH+kjHupfnCwW0D6qNyZXGCM+6 Wku+l+AxTIJ/Ek+tyKrrWNMtW+FMAJaQNUNwXFqPd+RXNs8TnbphSAppn/7afpQC RVHFtbF78dv3sP4y+MVFeV9lQlnrOtNAi+jX80yXB07F3gLvVdErErrQMOr+gO6y LhY4hDAX0aEsOlVZ1YYbbLWEmSZ9tzkPgKoEgwOKp2z6qAw6GNmCOWpZgnmNa2UY U0Sw5ybfSyuIXScgRdxSfIW1r4gwcgDiHjcVEHpw9auQEMtyrl2AH+Wh8CqdrxYx Kr6KbnLqGNPVZ0d2hAayRLTkMIEiun4ID+ljxZwv2btEaRlnfgo+NFNYKwIDAQAB o4ICvzCCArswHQYDVR0OBBYEFLLfAPOMztkhl5kwdss2hb8yvF5pMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JmLzcwNmZh OC01MmEyLTRlZDItYTJlMS0wNGU0ZTRkYzVmYmEvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYvNzA2ZmE4 LTUyYTItNGVkMi1hMmUxLTA0ZTRlNGRjNWZiYS8xL3N0OEE4NHpPMlNHWG1UQjJ5 emFGdnpLOFhtay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF BwEHAQH/BCswKTAYBAIAATASAwQCuWdwAwQCuccYAwQCucyEMA0EAgACMAcDBQMq CpRAMB4GCCsGAQUFBwEIAQH/BA8wDaALMAkCAnENAgMA3xcwDQYJKoZIhvcNAQEL BQADggEBAE9B8J0RFsSXjgtyC/DpM3yVo/FYDReekx9LeqVG7T3z/TyngKs8me1B 33Yvg0dFDdy0mwQ0rz/Myan8PMrOuAvyETw5lkXUcvlza6oAmCWjwrPCwPk7ebf1 kZZ4JpLdG59Oj59uHvqrijucoWvbFf3Yx1XKo/9c6AEqMRxAsDPJe5IZvNyN4M49 4BxOdbTXjYubvM+mh6MGpdrifv5078JYFLlxQ3ASTj7dnhj0k6pOCf8m1NnlcqQ7 sWuysUnxhqdUdrdgDREMkLY+Csa9Dh5/zdFtRAvyPefci8ZHP94IeoinpffDGHQf 1iRor2oT1JyLpYy9+mXGYuCDWp7e+Dk= -----END CERTIFICATE-----Generated at Mon Feb 9 16:49:09 2026 by rpki-client