This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/tmxJhc1gZDIg4GSi4RTXj1sDnCs.cer File: tmxJhc1gZDIg4GSi4RTXj1sDnCs.cer (raw, json) Hash identifier: i60hN+f5oo4cN9paCJRligl6s5ti3/xVsTTAX7zfKPU= Subject key identifier: B6:6C:49:85:CD:60:64:32:20:E0:64:A2:E1:14:D7:8F:5B:03:9C:2B Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7C7F9F83265C06FE69032C12B5F0B18F Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/79/1d0c39-2555-468f-be66-ff9bab90af18/1/tmxJhc1gZDIg4GSi4RTXj1sDnCs.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/79/1d0c39-2555-468f-be66-ff9bab90af18/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 02:18:17 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 21009 IP: 91.220.158.0/24 IP: 193.8.216.0/22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:9f:83:26:5c:06:fe:69:03:2c:12:b5:f0:b1:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 02:18:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b66c4985cd60643220e064a2e114d78f5b039c2b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:9f:e8:13:74:f5:3d:98:6a:1c:f7:37:5f:55: ce:2e:ec:e1:38:29:de:90:98:31:1e:e1:d1:b6:8b: 10:bf:39:af:f3:de:8c:26:c8:4b:ab:cc:d2:79:6d: 8a:47:f6:1f:c2:4c:04:6b:de:fb:dc:2c:f1:2f:66: 17:59:eb:e8:ed:82:70:8c:9b:0e:3e:13:b6:0e:5d: f0:8c:ee:bd:ff:0b:94:d8:5e:93:d7:03:9a:88:e2: 27:e4:16:a4:ef:f4:bc:cc:d2:8a:76:8b:2d:dd:f7: 0d:be:33:ff:be:40:c8:54:3b:87:61:5c:6e:a3:15: 64:ad:a9:6c:60:4a:f9:58:be:92:c8:15:3f:d9:c7: 9c:84:25:b1:87:e8:44:69:58:e5:5a:1f:da:32:26: 95:dc:e0:a0:bf:6f:1e:62:03:3a:67:67:28:00:d6: d9:be:4b:a1:aa:f5:bf:20:de:bd:10:4f:03:92:84: 6c:f3:fb:c9:52:0f:f0:85:d4:05:32:69:c3:1f:c4: 40:4e:68:bb:62:e2:89:02:78:06:82:54:8f:1f:ae: 19:16:25:3e:19:44:3c:aa:2d:7f:26:31:85:2b:23: c3:f6:4a:7c:a3:d9:d9:2b:8e:1a:71:5e:cc:74:67: aa:bd:11:74:47:37:1c:09:b6:15:54:e7:1f:dc:e1: 3b:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:6C:49:85:CD:60:64:32:20:E0:64:A2:E1:14:D7:8F:5B:03:9C:2B X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1d0c39-2555-468f-be66-ff9bab90af18/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1d0c39-2555-468f-be66-ff9bab90af18/1/tmxJhc1gZDIg4GSi4RTXj1sDnCs.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.220.158.0/24 193.8.216.0/22 sbgp-autonomousSysNum: critical Autonomous System Numbers: 21009 Signature Algorithm: sha256WithRSAEncryption 42:26:9c:c2:94:c3:09:1b:98:48:ad:a4:4c:8b:53:06:f9:8e: a4:b2:03:e9:44:cd:68:c8:b0:b0:81:1e:7e:d1:a7:82:c8:ac: 36:2e:8a:d9:c5:ca:6b:ee:79:0e:ac:73:ae:7f:5c:4e:94:d8: 0f:0f:1c:aa:72:6b:d7:d7:97:c3:c4:c0:c1:cc:30:6a:ce:49: d7:02:fe:a8:35:cc:a1:37:de:e9:37:85:de:09:79:83:86:73: 43:5b:d2:f5:60:b1:b1:a0:c0:77:34:df:93:0c:4c:0c:a7:1d: cc:37:75:ac:53:ad:f3:62:22:4c:4f:23:81:bd:f9:29:b8:c0: 6a:d7:1d:c9:9b:3e:10:3a:88:2e:d0:c2:ec:3e:f6:bd:a0:07: 6e:32:0c:50:8c:39:08:91:86:0a:95:68:cf:a8:d2:6e:b6:a1: 6b:86:12:d6:da:9c:1f:b1:54:34:6f:67:a3:0e:ac:9e:7e:79: 9c:00:e9:3c:16:bc:22:a8:bf:ca:c6:73:7c:15:3e:76:d8:ce: dc:bb:74:8f:a5:d9:d4:16:56:d8:f3:ca:f6:b8:6d:fb:df:91: 4b:be:53:a2:52:5f:0f:f1:45:82:55:ea:83:7d:93:3b:27:a4: c1:87:ea:f9:fe:5c:ca:a5:8e:24:0b:cf:32:af:d4:6b:f6:ea: 60:28:9b:fd -----BEGIN CERTIFICATE----- MIIFmTCCBIGgAwIBAgISAZt8f5+DJlwG/mkDLBK18LGPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDIxODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNjZjNDk4NWNkNjA2NDMyMjBlMDY0YTJlMTE0ZDc4ZjViMDM5YzJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtp/oE3T1PZhqHPc3X1XOLuzhOCne kJgxHuHRtosQvzmv896MJshLq8zSeW2KR/YfwkwEa9773CzxL2YXWevo7YJwjJsO PhO2Dl3wjO69/wuU2F6T1wOaiOIn5Bak7/S8zNKKdost3fcNvjP/vkDIVDuHYVxu oxVkralsYEr5WL6SyBU/2cechCWxh+hEaVjlWh/aMiaV3OCgv28eYgM6Z2coANbZ vkuhqvW/IN69EE8DkoRs8/vJUg/whdQFMmnDH8RATmi7YuKJAngGglSPH64ZFiU+ GUQ8qi1/JjGFKyPD9kp8o9nZK44acV7MdGeqvRF0RzccCbYVVOcf3OE7FQIDAQAB o4ICpTCCAqEwHQYDVR0OBBYEFLZsSYXNYGQyIOBkouEU149bA5wrMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc5LzFkMGMz OS0yNTU1LTQ2OGYtYmU2Ni1mZjliYWI5MGFmMTgvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkvMWQwYzM5 LTI1NTUtNDY4Zi1iZTY2LWZmOWJhYjkwYWYxOC8xL3RteEpoYzFnWkRJZzRHU2k0 UlRYajFzRG5Dcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF BwEHAQH/BBYwFDASBAIAATAMAwQAW9yeAwQCwQjYMBkGCCsGAQUFBwEIAQH/BAow CKAGMAQCAlIRMA0GCSqGSIb3DQEBCwUAA4IBAQBCJpzClMMJG5hIraRMi1MG+Y6k sgPpRM1oyLCwgR5+0aeCyKw2LorZxcpr7nkOrHOuf1xOlNgPDxyqcmvX15fDxMDB zDBqzknXAv6oNcyhN97pN4XeCXmDhnNDW9L1YLGxoMB3NN+TDEwMpx3MN3WsU63z YiJMTyOBvfkpuMBq1x3Jmz4QOogu0MLsPva9oAduMgxQjDkIkYYKlWjPqNJutqFr hhLW2pwfsVQ0b2ejDqyefnmcAOk8FrwiqL/KxnN8FT522M7cu3SPpdnUFlbY88r2 uG3735FLvlOiUl8P8UWCVeqDfZM7J6TBh+r5/lzKpY4kC88yr9Rr9upgKJv9 -----END CERTIFICATE-----Generated at Mon Feb 9 15:04:49 2026 by rpki-client