This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/sx0cKJHYgEaaINi38Y5M2GVDAEY.cer File: sx0cKJHYgEaaINi38Y5M2GVDAEY.cer (raw, json) Hash identifier: asukT4HOBCDgfxC2XEq6JO9obDazQm4DDGwq0Aqt3hM= Subject key identifier: B3:1D:1C:28:91:D8:80:46:9A:20:D8:B7:F1:8E:4C:D8:65:43:00:46 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7F15CA6EF4B2BF6BBED9D1987C1EC73F Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/23/775017-a45b-4637-a3a0-af1a0e00f823/1/sx0cKJHYgEaaINi38Y5M2GVDAEY.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/23/775017-a45b-4637-a3a0-af1a0e00f823/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 14:21:33 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 92.51.224.0/21 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:ca:6e:f4:b2:bf:6b:be:d9:d1:98:7c:1e:c7:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 14:21:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b31d1c2891d880469a20d8b7f18e4cd865430046 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:01:c8:cf:c0:58:c8:90:f3:e9:88:be:88:73: 24:2c:d9:11:8d:a3:04:76:84:76:2b:d9:8d:d4:ac: 90:e6:68:50:4a:f5:55:66:8d:39:45:9c:4e:29:6b: 3b:e8:a3:9c:14:82:ac:a4:d2:ca:7c:ea:ed:f0:fa: 8b:77:01:ce:e5:5d:10:bc:ed:03:af:38:3d:0d:c9: 7b:82:5b:9c:de:9c:98:cb:46:26:4b:e7:eb:0b:5b: 20:c9:16:0d:ec:93:95:b0:fd:93:48:58:a6:49:d8: c7:bb:bd:41:b7:9e:b6:47:bd:51:c5:f7:05:5b:aa: 44:79:34:4e:2b:db:30:1c:d3:69:b5:d3:a5:8a:37: e7:e7:2b:ad:b5:8e:ca:d0:81:0c:80:7c:2b:8d:bb: 75:00:88:f0:50:a7:a2:21:05:23:95:f2:db:f0:6c: dc:f2:8e:1f:71:92:96:ae:6e:4f:a6:fd:c5:28:00: 1f:a4:a5:7e:55:12:35:b7:30:15:62:4b:21:e2:57: b1:78:d4:8f:10:f0:1f:c7:f7:35:fd:3d:fe:1b:a2: 7f:b7:a3:10:f8:a6:1a:c0:d4:ab:7d:76:97:59:ef: 55:47:7a:1f:ba:96:c4:cd:a5:7b:8c:32:4b:b7:9f: 86:ae:16:ee:f5:f1:ea:5c:7d:93:65:5c:d8:1c:e7: e0:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:1D:1C:28:91:D8:80:46:9A:20:D8:B7:F1:8E:4C:D8:65:43:00:46 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/775017-a45b-4637-a3a0-af1a0e00f823/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/775017-a45b-4637-a3a0-af1a0e00f823/1/sx0cKJHYgEaaINi38Y5M2GVDAEY.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 92.51.224.0/21 Signature Algorithm: sha256WithRSAEncryption 1c:6c:fa:60:f7:20:bc:61:5e:c6:5e:05:38:23:57:8f:58:18: 5a:79:dc:7c:19:a4:fc:26:08:ad:93:d8:a6:e4:e2:93:d8:ce: e0:80:25:e3:fd:2a:3a:82:d5:50:34:3c:18:66:bf:d3:d3:b9: 10:af:68:05:96:bd:1d:b4:fd:a2:c6:92:34:fa:2c:6c:d7:e5: 1f:55:50:88:0e:2d:20:26:68:eb:12:5f:3a:12:d6:34:89:25: 08:7f:d4:7f:b9:a9:70:65:4f:c9:a0:ae:01:ce:73:78:7a:84: f9:f8:99:fa:f2:87:67:61:86:72:e6:c5:60:8c:31:6e:9c:f9: b4:4a:23:74:a5:7f:bb:88:4e:e3:85:6a:5f:e4:6f:d9:7c:9e: d3:de:b4:3a:36:20:43:36:fb:e9:55:d1:5e:7b:1c:16:c2:35: d5:cb:7c:a6:3a:d3:c3:d5:38:1d:fd:ec:c7:fe:e4:b1:2e:1c: ca:22:bf:a2:b4:0c:f6:f8:d9:58:87:59:a8:75:36:6d:62:19: 3b:b8:51:26:6a:19:f0:11:a6:6c:7a:06:58:ee:95:98:35:f5: 6a:e8:61:70:0c:76:4a:b2:d0:15:d7:b9:dd:65:40:03:42:b8: 2e:a3:23:2f:c7:0a:4b:29:ab:8a:70:6d:07:07:40:a0:3e:50: b9:32:4c:b1 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgISAZt/Fcpu9LK/a77Z0Zh8Hsc/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTQyMTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMzFkMWMyODkxZDg4MDQ2OWEyMGQ4YjdmMThlNGNkODY1NDMwMDQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAHIz8BYyJDz6Yi+iHMkLNkRjaME doR2K9mN1KyQ5mhQSvVVZo05RZxOKWs76KOcFIKspNLKfOrt8PqLdwHO5V0QvO0D rzg9Dcl7gluc3pyYy0YmS+frC1sgyRYN7JOVsP2TSFimSdjHu71Bt562R71RxfcF W6pEeTROK9swHNNptdOlijfn5yuttY7K0IEMgHwrjbt1AIjwUKeiIQUjlfLb8Gzc 8o4fcZKWrm5Ppv3FKAAfpKV+VRI1tzAVYksh4lexeNSPEPAfx/c1/T3+G6J/t6MQ +KYawNSrfXaXWe9VR3ofupbEzaV7jDJLt5+Grhbu9fHqXH2TZVzYHOfgKQIDAQAB o4IChDCCAoAwHQYDVR0OBBYEFLMdHCiR2IBGmiDYt/GOTNhlQwBGMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIzLzc3NTAx Ny1hNDViLTQ2MzctYTNhMC1hZjFhMGUwMGY4MjMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMvNzc1MDE3 LWE0NWItNDYzNy1hM2EwLWFmMWEwZTAwZjgyMy8xL3N4MGNLSkhZZ0VhYUlOaTM4 WTVNMkdWREFFWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQDXDPgMA0GCSqGSIb3DQEBCwUAA4IBAQAcbPpg 9yC8YV7GXgU4I1ePWBhaedx8GaT8Jgitk9im5OKT2M7ggCXj/So6gtVQNDwYZr/T 07kQr2gFlr0dtP2ixpI0+ixs1+UfVVCIDi0gJmjrEl86EtY0iSUIf9R/ualwZU/J oK4BznN4eoT5+Jn68odnYYZy5sVgjDFunPm0SiN0pX+7iE7jhWpf5G/ZfJ7T3rQ6 NiBDNvvpVdFeexwWwjXVy3ymOtPD1Tgd/ezH/uSxLhzKIr+itAz2+NlYh1modTZt Yhk7uFEmahnwEaZsegZY7pWYNfVq6GFwDHZKstAV17ndZUADQrguoyMvxwpLKauK cG0HB0CgPlC5Mkyx -----END CERTIFICATE-----Generated at Mon Feb 9 19:46:38 2026 by rpki-client