This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer File: tyWIwA7vcVgJ61_dbWcXzCjA36w.cer (raw, json) Hash identifier: 9hI+FYDeeny0RW+R+cLRpTOtvMBWhD6IoL5UU4XuqpE= Subject key identifier: B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B76EB91BC3AA5144285A31E0EFACD2B50 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 00:18:28 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 204489 IP: 5.149.155.0 -- 5.149.158.255 IP: 31.207.64.0 -- 31.207.73.255 IP: 152.89.132.0/22 IP: 178.236.128.0/20 IP: 185.39.192.0/22 IP: 192.145.16.0/22 IP: 193.32.200.0/22 IP: 2a02:1710::/32 IP: 2a09:3240::/32 IP: 2a09:5380::/32 IP: 2a0d:d4c0::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:91:bc:3a:a5:14:42:85:a3:1e:0e:fa:cd:2b:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 00:18:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:a1:05:ca:67:8a:b1:04:53:9f:e0:ae:cc:69: d4:ec:b0:a7:d0:f4:be:c4:5e:c4:c7:c2:d2:13:44: 4d:bd:20:f8:46:c0:af:ec:ad:8e:7d:8f:5f:1b:3a: c9:e6:39:33:ae:19:4e:5e:d8:2c:78:de:43:39:f3: ab:64:3b:48:d6:d5:2b:4f:c1:64:a8:dc:88:b7:4e: e1:fe:eb:21:be:dc:53:a1:a3:c6:b6:40:0d:1a:a8: 75:c8:fd:59:90:b4:2f:12:da:e5:15:87:c8:fd:1f: 2c:34:c2:67:c8:da:a5:7c:65:46:f7:a0:c3:56:cf: 60:75:a9:37:c7:79:3e:d2:5a:67:9a:e0:08:04:24: ad:a6:20:a3:48:12:2c:b0:d5:69:99:00:c9:e0:a4: 72:78:26:44:57:0b:ca:5c:31:de:2c:92:0c:05:dc: 7f:ea:ba:df:80:2d:31:53:86:9b:a7:e9:39:2f:99: 9b:d4:65:a7:cd:e2:c7:e8:46:b8:75:00:4c:72:88: 9a:64:14:23:4d:45:6c:2f:ef:58:bb:fb:ff:ea:e1: d9:f0:e7:91:2b:65:eb:28:5e:a0:30:5a:8b:f8:da: 16:af:6a:bf:45:2d:e7:a6:f3:ae:90:3b:08:96:46: e7:29:af:e9:13:36:1f:40:a5:10:50:fa:58:ae:cc: f3:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.149.155.0-5.149.158.255 31.207.64.0-31.207.73.255 152.89.132.0/22 178.236.128.0/20 185.39.192.0/22 192.145.16.0/22 193.32.200.0/22 IPv6: 2a02:1710::/32 2a09:3240::/32 2a09:5380::/32 2a0d:d4c0::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 204489 Signature Algorithm: sha256WithRSAEncryption a7:69:de:32:8c:55:23:dd:5e:3a:83:e5:cd:de:34:07:a6:32: af:da:4d:89:31:ae:fc:f4:9b:bb:90:ca:82:87:cb:97:a6:a1: b5:6a:ce:89:be:c1:52:f5:a8:97:d9:85:8d:f6:3c:1a:e2:49: d7:f2:f7:fd:4f:17:b5:01:15:28:3d:65:93:91:17:fc:30:cc: 89:ae:d3:a8:63:3b:38:6e:e1:08:c4:61:01:10:5c:8d:64:94: ec:2e:22:ea:53:91:a5:20:12:cb:2d:1c:18:2f:09:90:66:62: 20:fc:6e:43:06:d8:59:c2:77:bc:db:ce:93:ad:50:10:a1:90: 7a:65:e1:d1:80:de:b7:d1:81:e0:41:b6:55:fb:49:53:c3:c9: 2f:92:01:f2:a6:ea:97:60:98:e6:ab:4f:a7:d0:1e:10:7e:f4: 9e:7e:84:62:a0:09:89:78:34:2d:74:de:41:c3:39:06:2f:52: 19:86:d4:32:bb:8f:a8:b4:05:d2:73:94:ad:4c:a8:a5:fa:53: ad:45:f8:bb:f9:d2:a6:a1:1e:07:61:9f:c9:79:8b:14:f8:8a: 75:3e:9c:b7:63:58:e5:cc:2e:b7:97:01:e2:ff:06:48:a6:7b: 07:18:51:08:7b:da:90:29:37:eb:a4:37:f4:e3:7d:c7:02:74: 1d:aa:2b:a6 -----BEGIN CERTIFICATE----- MIIF7DCCBNSgAwIBAgISAZt265G8OqUUQoWjHg76zStQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDAxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNzI1ODhjMDBlZWY3MTU4MDllYjVmZGQ2ZDY3MTdjYzI4YzBkZmFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKEFymeKsQRTn+CuzGnU7LCn0PS+ xF7Ex8LSE0RNvSD4RsCv7K2OfY9fGzrJ5jkzrhlOXtgseN5DOfOrZDtI1tUrT8Fk qNyIt07h/ushvtxToaPGtkANGqh1yP1ZkLQvEtrlFYfI/R8sNMJnyNqlfGVG96DD Vs9gdak3x3k+0lpnmuAIBCStpiCjSBIssNVpmQDJ4KRyeCZEVwvKXDHeLJIMBdx/ 6rrfgC0xU4abp+k5L5mb1GWnzeLH6Ea4dQBMcoiaZBQjTUVsL+9Yu/v/6uHZ8OeR K2XrKF6gMFqL+NoWr2q/RS3npvOukDsIlkbnKa/pEzYfQKUQUPpYrszznwIDAQAB o4IC+DCCAvQwHQYDVR0OBBYEFLcliMAO73FYCetf3W1nF8wowN+sMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI4L2ViYmFj OS1mZWU3LTRmM2ItOGNkNS03YTQxMjU0ZWFhY2EvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgvZWJiYWM5 LWZlZTctNGYzYi04Y2Q1LTdhNDEyNTRlYWFjYS8xL3R5V0l3QTd2Y1ZnSjYxX2Ri V2NYekNqQTM2dy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHcGCCsGAQUF BwEHAQH/BGgwZjBABAIAATA6MAwDBAAFlZsDBAAFlZ4wDAMEBh/PQAMEAR/PSAME AphZhAMEBLLsgAMEArknwAMEAsCREAMEAsEgyDAiBAIAAjAcAwUAKgIXEAMFACoJ MkADBQAqCVOAAwUAKg3UwDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDHskwDQYJ KoZIhvcNAQELBQADggEBAKdp3jKMVSPdXjqD5c3eNAemMq/aTYkxrvz0m7uQyoKH y5emobVqzom+wVL1qJfZhY32PBriSdfy9/1PF7UBFSg9ZZORF/wwzImu06hjOzhu 4QjEYQEQXI1klOwuIupTkaUgEsstHBgvCZBmYiD8bkMG2FnCd7zbzpOtUBChkHpl 4dGA3rfRgeBBtlX7SVPDyS+SAfKm6pdgmOarT6fQHhB+9J5+hGKgCYl4NC103kHD OQYvUhmG1DK7j6i0BdJzlK1MqKX6U61F+Lv50qahHgdhn8l5ixT4inU+nLdjWOXM LreXAeL/BkimewcYUQh72pApN+ukN/TjfccCdB2qK6Y= -----END CERTIFICATE-----Generated at Mon Jan 26 12:24:25 2026 by rpki-client