This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/sxxM5mPh7CRedHzYRvGmnduDSzs.cer File: sxxM5mPh7CRedHzYRvGmnduDSzs.cer (raw, json) Hash identifier: BxFFxgtJ76mkQcyrDI1mqRza/XUyOqz+kJaKALYUEe8= Subject key identifier: B3:1C:4C:E6:63:E1:EC:24:5E:74:7C:D8:46:F1:A6:9D:DB:83:4B:3B Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7BA4830734C3CD494085C4C1D87FEF6D Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/7c/84d476-3233-4131-8ffc-465adc2959f2/1/sxxM5mPh7CRedHzYRvGmnduDSzs.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/7c/84d476-3233-4131-8ffc-465adc2959f2/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 22:18:57 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 91.216.71.0/24 IP: 2a14:1cc0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a4:83:07:34:c3:cd:49:40:85:c4:c1:d8:7f:ef:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 22:18:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b31c4ce663e1ec245e747cd846f1a69ddb834b3b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:3f:2e:5d:61:b9:ac:03:71:c6:78:3b:d7:12: 20:a6:a0:2f:ed:3b:38:3f:ee:b6:aa:9a:3d:dd:aa: 20:dc:c2:56:d2:0b:42:c1:e8:9c:4d:75:e9:04:e8: fc:60:64:7c:49:26:d0:37:41:fd:50:04:61:24:ee: a7:13:9f:bd:be:36:9d:78:36:b5:ad:07:8d:50:03: 89:e8:33:4e:ec:14:9f:2c:7e:1a:70:72:18:d0:b6: e4:7e:2f:2a:71:0c:a3:5b:14:97:9e:f7:bb:de:cf: 0c:84:6b:53:64:f7:51:c6:80:1d:07:5d:20:8c:f5: 76:5b:f1:b8:e7:64:d5:44:9f:df:49:b5:5f:f5:5e: 13:f2:dc:8a:c7:3e:22:09:83:d2:38:ed:a8:c6:3e: 75:53:ca:d5:22:f0:a9:9f:a1:dd:e9:7b:d6:2a:28: 15:37:2c:7d:8c:4a:2c:8a:11:1b:67:9b:28:8f:9a: 36:72:2c:42:3a:c1:c3:2d:45:86:02:cd:14:35:1f: 93:ce:22:af:ec:bf:72:f7:bb:ba:5b:65:bf:a0:70: 47:bd:e0:15:68:fa:f1:48:4a:c6:d4:a2:89:93:d0: 51:b3:fb:9e:45:5a:17:fe:f6:e5:e7:95:14:52:12: bf:fb:35:bb:77:14:b0:88:92:23:3f:ac:3f:28:9a: 3b:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:1C:4C:E6:63:E1:EC:24:5E:74:7C:D8:46:F1:A6:9D:DB:83:4B:3B X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/84d476-3233-4131-8ffc-465adc2959f2/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/84d476-3233-4131-8ffc-465adc2959f2/1/sxxM5mPh7CRedHzYRvGmnduDSzs.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.216.71.0/24 IPv6: 2a14:1cc0::/29 Signature Algorithm: sha256WithRSAEncryption 04:5c:07:32:82:1a:d6:3f:16:27:b1:63:ec:9a:96:e7:54:40: 49:0a:82:cb:64:84:0f:c8:2c:0c:63:5c:a5:b7:a5:b9:f4:d3: 98:1a:a4:2a:84:76:12:87:eb:6a:eb:3a:56:76:c3:00:cb:c4: 8f:18:6e:60:c7:d5:ec:f3:c9:0f:36:d5:52:f9:87:c2:b3:33: 42:15:30:da:cf:56:f8:06:94:1b:5c:a2:d2:75:45:8f:16:88: fe:31:f4:14:bc:e1:bb:f7:ca:a3:cf:9f:9c:40:5a:04:c9:7d: e1:75:01:d6:4a:0f:39:51:90:52:02:f6:5b:9d:bc:c6:a8:b9: 94:bd:40:3d:59:c3:5a:a9:85:e8:e7:0f:36:9f:c0:4d:f5:1f: 97:ea:df:06:c6:58:1e:0f:06:53:d0:29:23:bf:e5:2e:30:ac: 5e:6c:66:b2:58:64:88:fe:f6:29:da:57:3f:71:42:c7:e1:06: dc:c8:53:66:ba:e5:f7:af:56:a7:45:ed:ed:d6:26:a4:63:60: 99:98:9b:4c:f7:11:b5:a2:e0:d6:7e:f6:77:3d:e7:dc:c2:44: 1b:bd:1d:83:f5:8c:a5:d4:db:4b:ab:6f:ce:21:a2:76:48:d5: c2:c9:41:df:eb:2c:56:6e:fc:78:e6:2b:18:7d:07:c7:26:34: 71:78:22:5a -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgISAZt7pIMHNMPNSUCFxMHYf+9tMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjIxODU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMzFjNGNlNjYzZTFlYzI0NWU3NDdjZDg0NmYxYTY5ZGRiODM0YjNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmT8uXWG5rANxxng71xIgpqAv7Ts4 P+62qpo93aog3MJW0gtCweicTXXpBOj8YGR8SSbQN0H9UARhJO6nE5+9vjadeDa1 rQeNUAOJ6DNO7BSfLH4acHIY0Lbkfi8qcQyjWxSXnve73s8MhGtTZPdRxoAdB10g jPV2W/G452TVRJ/fSbVf9V4T8tyKxz4iCYPSOO2oxj51U8rVIvCpn6Hd6XvWKigV Nyx9jEosihEbZ5soj5o2cixCOsHDLUWGAs0UNR+TziKv7L9y97u6W2W/oHBHveAV aPrxSErG1KKJk9BRs/ueRVoX/vbl55UUUhK/+zW7dxSwiJIjP6w/KJo7VQIDAQAB o4ICkzCCAo8wHQYDVR0OBBYEFLMcTOZj4ewkXnR82Ebxpp3bg0s7MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdjLzg0ZDQ3 Ni0zMjMzLTQxMzEtOGZmYy00NjVhZGMyOTU5ZjIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2MvODRkNDc2 LTMyMzMtNDEzMS04ZmZjLTQ2NWFkYzI5NTlmMi8xL3N4eE01bVBoN0NSZWRIellS dkdtbmR1RFN6cy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQAW9hHMA0EAgACMAcDBQMqFBzAMA0GCSqGSIb3 DQEBCwUAA4IBAQAEXAcyghrWPxYnsWPsmpbnVEBJCoLLZIQPyCwMY1ylt6W59NOY GqQqhHYSh+tq6zpWdsMAy8SPGG5gx9Xs88kPNtVS+YfCszNCFTDaz1b4BpQbXKLS dUWPFoj+MfQUvOG798qjz5+cQFoEyX3hdQHWSg85UZBSAvZbnbzGqLmUvUA9WcNa qYXo5w82n8BN9R+X6t8GxlgeDwZT0Ckjv+UuMKxebGayWGSI/vYp2lc/cULH4Qbc yFNmuuX3r1anRe3t1iakY2CZmJtM9xG1ouDWfvZ3PefcwkQbvR2D9Yyl1NtLq2/O IaJ2SNXCyUHf6yxWbvx45isYfQfHJjRxeCJa -----END CERTIFICATE-----Generated at Wed Jan 21 08:57:35 2026 by rpki-client