This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/wbBQIRIZ0Y6Zbghst_YwkXiASGA.cer File: wbBQIRIZ0Y6Zbghst_YwkXiASGA.cer (raw, json) Hash identifier: 2Olv1DdMrrI0ivDcmVLEENxsJNDuIKEqWu7/fmuspUE= Subject key identifier: C1:B0:50:21:12:19:D1:8E:99:6E:08:6C:B7:F6:30:91:78:80:48:60 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7E373D2F73E1431A5C61CC6B2B086CA3 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/wbBQIRIZ0Y6Zbghst_YwkXiASGA.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 10:18:28 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 31126 IP: 5.8.128.0/19 IP: 89.108.128.0/18 IP: 93.126.128.0/17 IP: 185.122.92.0/22 IP: 212.40.128.0/19 IP: 212.101.224.0/19 IP: 2a03:5900::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 09:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:3d:2f:73:e1:43:1a:5c:61:cc:6b:2b:08:6c:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 10:18:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c1b050211219d18e996e086cb7f6309178804860 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:b0:2a:6c:c2:55:d8:7a:35:14:eb:ff:e2:7a: ef:37:b5:5d:65:b0:0f:2e:c7:af:ec:e7:9a:55:55: ac:df:4f:bd:8e:63:31:b6:c7:d6:b1:88:5d:60:89: fd:03:88:dc:e2:f9:c2:46:94:85:14:08:d5:19:2e: bd:8f:38:1c:9b:a9:be:ec:d4:e6:33:01:f9:50:f0: 30:90:1a:a2:eb:c0:d0:7c:32:97:ba:a7:bc:f5:26: bd:c8:6b:f0:46:38:bd:c3:14:87:fb:2d:74:3d:53: 95:14:29:c2:b2:e5:c8:90:79:13:cd:36:40:37:ae: 42:4e:53:40:28:60:d9:62:83:99:ba:2a:30:cc:bc: 0a:0b:df:55:b2:14:34:81:6d:1d:c7:a5:f5:a1:d1: 8d:1a:c7:0f:1e:2c:2a:38:72:3e:7d:29:d9:fd:40: bf:8d:ca:7c:d8:f2:87:df:53:a5:5d:3c:3a:23:26: f3:b4:ea:25:3a:a9:66:aa:c4:e4:6a:a5:d5:e0:a3: 42:04:57:f6:d5:a7:ef:dc:94:65:da:94:98:89:53: 42:b6:8a:fb:ea:4c:25:e2:ca:57:e7:8e:0b:93:01: b2:fb:bb:3e:d5:40:27:3c:65:a8:87:e3:93:0e:96: 71:a0:66:92:f9:b2:07:cf:88:12:ea:77:96:86:df: 8d:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:B0:50:21:12:19:D1:8E:99:6E:08:6C:B7:F6:30:91:78:80:48:60 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/wbBQIRIZ0Y6Zbghst_YwkXiASGA.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.8.128.0/19 89.108.128.0/18 93.126.128.0/17 185.122.92.0/22 212.40.128.0/19 212.101.224.0/19 IPv6: 2a03:5900::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 31126 Signature Algorithm: sha256WithRSAEncryption 38:cc:a0:81:f3:22:de:d2:ae:8f:d6:79:a8:18:11:b9:20:07: b7:1e:25:8b:9d:5b:73:47:7b:52:7b:c1:08:85:d3:f0:cd:7e: 4a:ee:e7:3b:84:b4:65:36:45:33:c4:f0:c7:9d:64:7e:74:67: 91:e2:46:6b:8e:bc:36:9b:54:09:60:62:00:bf:57:83:32:5f: b9:a7:84:eb:5d:cc:51:7a:c3:e4:86:a8:52:87:1a:01:69:d7: 8e:ec:12:ae:2d:0e:84:ae:81:d3:27:34:2f:85:c2:ff:eb:4b: 35:d4:27:bf:00:2f:59:af:2e:2e:22:3c:74:92:7c:91:72:22: 4a:fe:06:d2:c8:59:55:f3:52:61:37:a4:a0:59:d3:38:cc:16: 64:e4:30:6e:0c:7a:bd:d4:5d:93:f8:cb:c3:07:5e:37:5b:12: 4e:6c:33:a9:4f:62:1f:9b:94:05:d1:3f:65:cd:41:8c:c8:19: 17:2a:75:43:67:ea:ee:66:87:33:b2:9e:92:34:04:2c:a7:c9: 8f:bc:e9:12:56:fa:e5:56:38:1c:34:b5:3c:2e:c7:bb:b0:1a: 58:32:c0:a1:18:ac:cb:a3:ec:2f:03:96:15:69:59:96:69:ed: 8e:c7:f5:51:84:55:49:d5:f6:8f:b8:e0:9d:1b:ef:c8:12:11: e3:1d:88:b1 -----BEGIN CERTIFICATE----- MIIFwDCCBKigAwIBAgISAZt+Nz0vc+FDGlxhzGsrCGyjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTAxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjMWIwNTAyMTEyMTlkMThlOTk2ZTA4NmNiN2Y2MzA5MTc4ODA0ODYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLAqbMJV2Ho1FOv/4nrvN7VdZbAP Lsev7OeaVVWs30+9jmMxtsfWsYhdYIn9A4jc4vnCRpSFFAjVGS69jzgcm6m+7NTm MwH5UPAwkBqi68DQfDKXuqe89Sa9yGvwRji9wxSH+y10PVOVFCnCsuXIkHkTzTZA N65CTlNAKGDZYoOZuiowzLwKC99VshQ0gW0dx6X1odGNGscPHiwqOHI+fSnZ/UC/ jcp82PKH31OlXTw6IybztOolOqlmqsTkaqXV4KNCBFf21afv3JRl2pSYiVNCtor7 6kwl4spX544LkwGy+7s+1UAnPGWoh+OTDpZxoGaS+bIHz4gS6neWht+NUQIDAQAB o4ICzDCCAsgwHQYDVR0OBBYEFMGwUCESGdGOmW4IbLf2MJF4gEhgMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NkLzI4YThm My04ODllLTQ1NDktYTQ0ZS1jZTIyNTE4N2ZjMzgvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2QvMjhhOGYz LTg4OWUtNDU0OS1hNDRlLWNlMjI1MTg3ZmMzOC8xL3diQlFJUklaMFk2WmJnaHN0 X1l3a1hpQVNHQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEwGCCsGAQUF BwEHAQH/BD0wOzAqBAIAATAkAwQFBQiAAwQGWWyAAwQHXX6AAwQCuXpcAwQF1CiA AwQF1GXgMA0EAgACMAcDBQMqA1kAMBkGCCsGAQUFBwEIAQH/BAowCKAGMAQCAnmW MA0GCSqGSIb3DQEBCwUAA4IBAQA4zKCB8yLe0q6P1nmoGBG5IAe3HiWLnVtzR3tS e8EIhdPwzX5K7uc7hLRlNkUzxPDHnWR+dGeR4kZrjrw2m1QJYGIAv1eDMl+5p4Tr XcxResPkhqhShxoBadeO7BKuLQ6EroHTJzQvhcL/60s11Ce/AC9Zry4uIjx0knyR ciJK/gbSyFlV81JhN6SgWdM4zBZk5DBuDHq91F2T+MvDB143WxJObDOpT2Ifm5QF 0T9lzUGMyBkXKnVDZ+ruZoczsp6SNAQsp8mPvOkSVvrlVjgcNLU8Lse7sBpYMsCh GKzLo+wvA5YVaVmWae2Ox/VRhFVJ1faPuOCdG+/IEhHjHYix -----END CERTIFICATE-----Generated at Wed Jan 21 15:49:11 2026 by rpki-client