This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer File: wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer (raw, json) Hash identifier: A1EuzCprBq9oEMn+/+IGfbBbxfSojjr3rq5jJNIvUU4= Subject key identifier: C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7E383641F6E486299D525C7F148A8355 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/wOjlaxjUXGRvA8tvkGnaDIs8dK0.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 10:19:31 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 51984 AS: 208909 IP: 2.57.128.0/22 IP: 5.183.220.0/22 IP: 45.15.136.0/22 IP: 46.253.32.0/21 IP: 91.204.124.0/22 IP: 162.213.64.0/22 IP: 185.38.128.0/22 IP: 185.41.96.0/22 IP: 185.58.172.0/22 IP: 185.87.188.0/22 IP: 185.132.90.0/24 IP: 185.219.136.0/22 IP: 195.211.168.0/22 IP: 212.22.32.0/19 IP: 2a00:fde0::/32 IP: 2a01:57a0::/32 IP: 2a09:d940::/29 IP: 2a0e:3c80::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:10:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:36:41:f6:e4:86:29:9d:52:5c:7f:14:8a:83:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 10:19:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c0e8e56b18d45c646f03cb6f9069da0c8b3c74ad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:3c:c3:ea:b7:a5:86:46:aa:db:b4:59:1a:b1: c1:9e:ed:a6:96:65:a2:4e:d5:a8:a6:7e:95:11:0f: d7:f5:7d:60:db:13:6c:6a:0a:e2:4f:60:cb:59:a7: 25:15:29:66:c8:d7:4a:dd:16:57:7b:4d:34:34:ca: 13:db:35:9a:7d:b7:06:fb:88:1c:e3:a8:ef:19:cb: 16:04:6d:75:fe:75:b5:0f:d8:2e:81:bc:c0:a8:3b: 08:68:b3:db:8a:46:c9:a2:6e:fe:97:b0:0b:b5:52: c1:15:24:97:6a:09:55:0c:42:99:5e:93:22:cd:0c: 22:54:5f:f8:ca:3c:88:39:a3:44:ae:3f:53:6a:e2: e0:ce:51:51:ea:e2:d2:41:cb:6d:31:50:e6:62:ca: 85:58:d9:42:57:17:08:84:8e:a8:4e:cc:db:a8:f1: 7c:4d:a8:c5:d4:af:cb:4c:ad:ec:fe:c6:f6:32:a1: 49:35:88:76:10:3d:07:10:26:43:7b:49:90:2b:05: 0c:ce:bd:db:9b:1f:9f:21:f5:54:9a:5e:9a:00:41: 12:77:9a:eb:de:95:ce:4b:65:5a:81:3d:24:34:36: 9a:fc:df:5a:4e:c0:da:c0:ff:61:fc:e6:99:df:8c: 37:fa:e3:8f:c9:88:39:df:9d:ea:67:d1:43:2b:16: b3:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/wOjlaxjUXGRvA8tvkGnaDIs8dK0.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.57.128.0/22 5.183.220.0/22 45.15.136.0/22 46.253.32.0/21 91.204.124.0/22 162.213.64.0/22 185.38.128.0/22 185.41.96.0/22 185.58.172.0/22 185.87.188.0/22 185.132.90.0/24 185.219.136.0/22 195.211.168.0/22 212.22.32.0/19 IPv6: 2a00:fde0::/32 2a01:57a0::/32 2a09:d940::/29 2a0e:3c80::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 51984 208909 Signature Algorithm: sha256WithRSAEncryption 8e:6a:24:c3:76:78:68:27:7b:54:d4:af:e2:e6:e3:2b:d7:49: 8b:3d:68:2d:cc:e0:a5:90:27:38:c4:62:71:a8:4e:80:79:52: d9:d5:b1:be:f9:35:9c:35:60:a4:d9:da:b8:f3:46:6c:d6:ea: dd:88:63:5c:dd:c3:15:9b:4f:71:14:5c:55:b0:f0:43:34:ad: e1:62:b7:d9:f0:b2:6f:fb:3d:ae:29:da:5c:ab:e7:0f:71:55: e5:80:6b:e0:df:27:50:0c:49:88:60:40:20:f7:5e:f2:c6:92: 42:ec:c6:ad:8a:3e:5d:33:33:67:31:b9:23:7f:64:d4:66:47: 59:62:c4:5c:a7:b3:ce:f0:c3:83:6e:23:b1:af:30:14:3d:f3: 41:5a:c8:46:66:a8:e7:96:22:ca:b3:3b:79:03:7f:a9:20:2a: d8:83:57:a8:ab:95:f5:52:77:c4:de:34:13:0b:c9:1f:e8:20: 7b:96:fc:d9:50:d8:72:cf:b5:c1:25:7e:10:4a:86:8c:bc:a6: 6d:f3:0d:16:cf:a5:60:f5:b5:1c:35:84:c7:a8:e4:d2:dd:bb: 2f:1a:fa:b2:4b:13:7c:b6:1d:84:9a:7b:05:cd:43:ec:89:a9: 79:d4:45:bd:03:a2:73:83:32:98:83:0b:67:9c:04:78:c6:af: 79:5a:4b:0b -----BEGIN CERTIFICATE----- MIIGDjCCBPagAwIBAgISAZt+ODZB9uSGKZ1SXH8UioNVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTAxOTMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjMGU4ZTU2YjE4ZDQ1YzY0NmYwM2NiNmY5MDY5ZGEwYzhiM2M3NGFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTzD6relhkaq27RZGrHBnu2mlmWi TtWopn6VEQ/X9X1g2xNsagriT2DLWaclFSlmyNdK3RZXe000NMoT2zWafbcG+4gc 46jvGcsWBG11/nW1D9gugbzAqDsIaLPbikbJom7+l7ALtVLBFSSXaglVDEKZXpMi zQwiVF/4yjyIOaNErj9TauLgzlFR6uLSQcttMVDmYsqFWNlCVxcIhI6oTszbqPF8 TajF1K/LTK3s/sb2MqFJNYh2ED0HECZDe0mQKwUMzr3bmx+fIfVUml6aAEESd5rr 3pXOS2VagT0kNDaa/N9aTsDawP9h/OaZ34w3+uOPyYg5353qZ9FDKxazuQIDAQAB o4IDGjCCAxYwHQYDVR0OBBYEFMDo5WsY1FxkbwPLb5Bp2gyLPHStMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzljLzJhYmVh Mi0zMGQwLTQ2NTQtYTgzNC03NDViY2UzMDYwYzkvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMvMmFiZWEy LTMwZDAtNDY1NC1hODM0LTc0NWJjZTMwNjBjOS8xL3dPamxheGpVWEdSdkE4dHZr R25hRElzOGRLMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGTBggrBgEF BQcBBwEB/wSBgzCBgDBaBAIAATBUAwQCAjmAAwQCBbfcAwQCLQ+IAwQDLv0gAwQC W8x8AwQCotVAAwQCuSaAAwQCuSlgAwQCuTqsAwQCuVe8AwQAuYRaAwQCuduIAwQC w9OoAwQF1BYgMCIEAgACMBwDBQAqAP3gAwUAKgFXoAMFAyoJ2UADBQMqDjyAMB8G CCsGAQUFBwEIAQH/BBAwDqAMMAoCAwDLEAIDAzANMA0GCSqGSIb3DQEBCwUAA4IB AQCOaiTDdnhoJ3tU1K/i5uMr10mLPWgtzOClkCc4xGJxqE6AeVLZ1bG++TWcNWCk 2dq480Zs1urdiGNc3cMVm09xFFxVsPBDNK3hYrfZ8LJv+z2uKdpcq+cPcVXlgGvg 3ydQDEmIYEAg917yxpJC7Matij5dMzNnMbkjf2TUZkdZYsRcp7PO8MODbiOxrzAU PfNBWshGZqjnliLKszt5A3+pICrYg1eoq5X1UnfE3jQTC8kf6CB7lvzZUNhyz7XB JX4QSoaMvKZt8w0Wz6Vg9bUcNYTHqOTS3bsvGvqySxN8th2EmnsFzUPsial51EW9 A6JzgzKYgwtnnAR4xq95WksL -----END CERTIFICATE-----Generated at Mon Feb 9 16:51:15 2026 by rpki-client