This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/u5tW2NluvLX8-H3i7CtSwZTM-fk.cer File: u5tW2NluvLX8-H3i7CtSwZTM-fk.cer (raw, json) Hash identifier: oMX1m0tOvrXAy0RMeSbVbdbfuGr5R+GNi/pkHdfkS7M= Subject key identifier: BB:9B:56:D8:D9:6E:BC:B5:FC:F8:7D:E2:EC:2B:52:C1:94:CC:F9:F9 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7C80D3CF7E871F7384851B965D5AAF06 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2a/8f3942-17f7-493c-bc6b-4f4fe803b015/1/u5tW2NluvLX8-H3i7CtSwZTM-fk.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2a/8f3942-17f7-493c-bc6b-4f4fe803b015/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 02:19:36 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 57461 IP: 91.232.72.0/22 IP: 185.222.120.0/22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:d3:cf:7e:87:1f:73:84:85:1b:96:5d:5a:af:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 02:19:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=bb9b56d8d96ebcb5fcf87de2ec2b52c194ccf9f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:9e:68:a3:01:24:0e:ea:b0:2b:00:09:56:47: 7b:6a:8e:24:32:e7:a1:9f:80:7d:db:70:b0:21:11: 01:b7:7b:50:ad:50:97:ec:fc:66:d3:24:0a:78:6d: dd:94:c6:8e:c7:e9:a3:35:dc:09:a2:9d:8e:c8:e8: bd:44:27:1a:81:52:3b:95:a2:80:de:c1:e8:ae:05: 7c:1f:b1:fa:e7:8c:f6:91:8c:1f:db:a7:25:09:d1: a1:e0:48:34:b4:f6:c5:d3:03:8e:54:11:b3:e0:90: b5:6f:24:73:11:24:ef:2c:8d:fc:0e:2c:ca:4a:e6: 55:6c:e5:55:39:43:2b:6c:26:3a:68:cb:ff:2d:0d: b7:5e:35:0c:ce:e7:9a:8e:f7:b5:9d:19:e4:85:3f: f0:16:87:d6:73:0f:a5:0d:76:24:12:f0:f0:86:06: 4b:1e:a1:e5:7a:62:96:83:19:ee:2f:f9:ac:3b:7f: 9a:0c:67:65:c8:65:61:9d:b7:ab:3c:37:f7:03:d5: 21:c9:2d:b5:0d:ec:01:0c:a7:b2:31:24:aa:f9:1f: 1f:b1:84:15:95:0a:52:aa:66:96:89:7b:6e:ea:84: 7c:9c:93:6e:0c:19:ed:2b:10:39:9f:5d:93:4c:0e: 12:58:72:25:b5:29:08:62:93:76:43:fc:bd:a8:7a: 2d:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:9B:56:D8:D9:6E:BC:B5:FC:F8:7D:E2:EC:2B:52:C1:94:CC:F9:F9 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8f3942-17f7-493c-bc6b-4f4fe803b015/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8f3942-17f7-493c-bc6b-4f4fe803b015/1/u5tW2NluvLX8-H3i7CtSwZTM-fk.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.232.72.0/22 185.222.120.0/22 sbgp-autonomousSysNum: critical Autonomous System Numbers: 57461 Signature Algorithm: sha256WithRSAEncryption 55:9f:33:3d:4c:f5:0a:b3:3c:a5:59:68:a3:51:04:ba:96:8d: cc:88:b7:1b:1d:c8:d6:49:13:af:01:87:93:1b:6c:af:97:c7: 0f:55:ea:0a:2c:19:6b:99:3d:43:85:73:03:0c:ce:00:86:ff: 27:43:63:2a:ad:d3:ba:32:3f:a3:47:0e:ea:7d:d1:ed:1e:78: 05:34:7c:2d:81:ea:2a:14:c9:95:90:06:58:c9:b6:38:af:f0: a6:b2:fc:a5:18:3f:3b:21:b2:ec:6e:75:4e:c2:e8:a3:05:0d: 0e:2b:87:b0:34:80:40:1b:b2:9b:8d:71:32:5d:db:77:7e:4a: e3:3b:2f:08:0b:b3:36:47:65:81:bc:0b:35:e9:e8:96:9f:be: 28:6c:47:83:82:a6:bf:a4:e4:b4:d9:72:b9:48:3c:93:c8:cc: 83:db:ac:8b:2d:38:d0:fa:0c:f2:08:ce:af:9c:60:af:fe:8c: d3:cf:66:6f:30:6a:d1:96:32:90:9b:71:4c:83:f5:85:3c:d9: 73:ae:af:86:90:23:1c:e7:f4:5d:f6:1a:f3:0f:a6:a8:b7:0f: 75:11:2c:45:b9:d9:25:c7:31:42:04:75:d3:76:51:4e:c2:f8: 52:ce:52:d5:73:18:fe:8c:dc:57:a6:b7:b2:9f:ab:e3:eb:96: c9:41:dc:70 -----BEGIN CERTIFICATE----- MIIFmjCCBIKgAwIBAgISAZt8gNPPfocfc4SFG5ZdWq8GMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDIxOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiYjliNTZkOGQ5NmViY2I1ZmNmODdkZTJlYzJiNTJjMTk0Y2NmOWY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA455oowEkDuqwKwAJVkd7ao4kMueh n4B923CwIREBt3tQrVCX7Pxm0yQKeG3dlMaOx+mjNdwJop2OyOi9RCcagVI7laKA 3sHorgV8H7H654z2kYwf26clCdGh4Eg0tPbF0wOOVBGz4JC1byRzESTvLI38DizK SuZVbOVVOUMrbCY6aMv/LQ23XjUMzueajve1nRnkhT/wFofWcw+lDXYkEvDwhgZL HqHlemKWgxnuL/msO3+aDGdlyGVhnberPDf3A9UhyS21DewBDKeyMSSq+R8fsYQV lQpSqmaWiXtu6oR8nJNuDBntKxA5n12TTA4SWHIltSkIYpN2Q/y9qHotbQIDAQAB o4ICpjCCAqIwHQYDVR0OBBYEFLubVtjZbry1/Ph94uwrUsGUzPn5MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJhLzhmMzk0 Mi0xN2Y3LTQ5M2MtYmM2Yi00ZjRmZTgwM2IwMTUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEvOGYzOTQy LTE3ZjctNDkzYy1iYzZiLTRmNGZlODAzYjAxNS8xL3U1dFcyTmx1dkxYOC1IM2k3 Q3RTd1pUTS1may5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF BwEHAQH/BBYwFDASBAIAATAMAwQCW+hIAwQCud54MBoGCCsGAQUFBwEIAQH/BAsw CaAHMAUCAwDgdTANBgkqhkiG9w0BAQsFAAOCAQEAVZ8zPUz1CrM8pVloo1EEupaN zIi3Gx3I1kkTrwGHkxtsr5fHD1XqCiwZa5k9Q4VzAwzOAIb/J0NjKq3TujI/o0cO 6n3R7R54BTR8LYHqKhTJlZAGWMm2OK/wprL8pRg/OyGy7G51TsLoowUNDiuHsDSA QBuym41xMl3bd35K4zsvCAuzNkdlgbwLNenolp++KGxHg4Kmv6TktNlyuUg8k8jM g9usiy040PoM8gjOr5xgr/6M089mbzBq0ZYykJtxTIP1hTzZc66vhpAjHOf0XfYa 8w+mqLcPdREsRbnZJccxQgR103ZRTsL4Us5S1XMY/ozcV6a3sp+r4+uWyUHccA== -----END CERTIFICATE-----Generated at Tue Jan 27 00:09:56 2026 by rpki-client