This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/x6TS9okT6s5sn1CSvcfdIPV09Dg.cer File: x6TS9okT6s5sn1CSvcfdIPV09Dg.cer (raw, json) Hash identifier: 25GzCLzWghAdE7XqAnTPhPikupGiElNMv8IBP9bYoh8= Subject key identifier: C7:A4:D2:F6:89:13:EA:CE:6C:9F:50:92:BD:C7:DD:20:F5:74:F4:38 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7D5CBA5E0FF0F44E929701615A152B6A Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/58/f03ca1-726b-4de9-b419-f9a1bbc36845/1/x6TS9okT6s5sn1CSvcfdIPV09Dg.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/58/f03ca1-726b-4de9-b419-f9a1bbc36845/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 06:19:47 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 202632 IP: 31.47.0.0/19 IP: 185.12.168.0/22 IP: 185.173.28.0/22 IP: 185.210.180.0/22 IP: 209.162.200.0/24 IP: 213.91.64.0/21 IP: 213.91.112.0/20 IP: 217.71.48.0/24 IP: 217.71.56.0/21 IP: 2a03:9240::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:10:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:ba:5e:0f:f0:f4:4e:92:97:01:61:5a:15:2b:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 06:19:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c7a4d2f68913eace6c9f5092bdc7dd20f574f438 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:d8:ef:ef:f6:19:b0:9f:cd:93:59:b8:35:99: c0:ec:a9:78:f6:bb:b3:0c:46:0d:fa:da:ac:41:c0: 26:5d:a4:63:00:9f:29:14:ba:1c:40:af:a0:35:da: 0b:23:d3:39:0f:38:1d:4e:48:7d:64:04:6b:98:15: 92:aa:f8:bf:42:fd:5c:7d:da:ff:ef:3d:00:5d:7f: 27:44:cb:70:c2:5d:62:e7:b6:61:91:cd:76:1a:91: 56:c3:8d:1c:8e:ec:e5:49:07:26:31:5d:c2:e9:12: cc:99:ef:e4:dd:1a:dc:c4:6b:89:ba:dc:4d:ef:86: 10:86:d8:be:92:c8:38:30:09:39:71:3b:b0:38:65: 0b:0b:0d:f9:15:9b:a4:ac:53:00:7a:a1:8f:f8:a8: d8:f2:da:6b:ba:24:c8:43:3b:1a:c8:89:14:e9:29: 85:fb:ba:04:0f:de:98:2f:bc:52:5e:a3:c0:2d:d6: ee:ad:52:f8:69:1f:e8:2b:45:6f:02:72:8d:5a:14: 91:87:d2:e4:fb:3a:62:b9:68:e8:a1:9b:bb:9e:ad: c9:95:5c:f8:ab:8a:92:3d:99:9a:18:f2:8f:7b:4a: b7:6d:41:c2:a6:16:ec:19:22:f1:c3:cd:ba:2f:f3: f9:4f:15:d5:1f:d6:be:23:a0:b0:30:18:84:66:90: c6:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:A4:D2:F6:89:13:EA:CE:6C:9F:50:92:BD:C7:DD:20:F5:74:F4:38 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/f03ca1-726b-4de9-b419-f9a1bbc36845/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/f03ca1-726b-4de9-b419-f9a1bbc36845/1/x6TS9okT6s5sn1CSvcfdIPV09Dg.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.47.0.0/19 185.12.168.0/22 185.173.28.0/22 185.210.180.0/22 209.162.200.0/24 213.91.64.0/21 213.91.112.0/20 217.71.48.0/24 217.71.56.0/21 IPv6: 2a03:9240::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 202632 Signature Algorithm: sha256WithRSAEncryption 32:79:a9:26:05:31:dd:59:e5:9e:33:17:fe:79:b6:26:5d:c4: 63:f6:b5:0d:3d:28:0b:4b:31:8d:3c:dc:02:6d:31:ac:9d:77: 9a:74:69:c8:6e:9f:31:a2:b6:cf:7b:44:94:78:b2:c9:84:0b: fe:be:95:08:87:5c:b2:36:a6:f2:43:1a:97:99:b8:98:86:55: 8d:fe:3f:66:26:04:5c:77:54:5e:1a:21:9c:95:f6:80:3d:62: 41:39:85:d4:4f:37:2e:00:24:1a:de:39:ea:f9:d8:67:c4:40: 79:6a:93:74:8f:b8:a3:5e:4b:c9:16:85:3b:4c:5f:75:82:4e: 05:db:af:b3:ae:62:ad:8d:ec:2e:5f:5b:ea:bc:fa:e4:1d:52: eb:36:f0:ac:e5:34:54:ea:8d:ba:13:d0:af:5b:c9:d8:33:69: 83:66:9e:8a:14:41:61:33:0f:11:22:36:aa:17:cb:01:c0:00: 01:7a:cf:b0:0e:ae:c4:b9:36:a4:c0:49:c4:e9:7f:07:47:cb: 17:0b:dd:b6:96:25:22:77:80:e0:9f:58:63:0d:72:e7:2e:16: c7:6e:4c:eb:67:7d:30:89:4b:b1:9d:22:10:a2:93:eb:ef:23: 98:43:83:c5:6f:a8:65:06:bf:60:93:3f:2a:83:60:e0:21:c7: 2a:2f:aa:f9 -----BEGIN CERTIFICATE----- MIIF0zCCBLugAwIBAgISAZt9XLpeD/D0TpKXAWFaFStqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDYxOTQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjN2E0ZDJmNjg5MTNlYWNlNmM5ZjUwOTJiZGM3ZGQyMGY1NzRmNDM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6djv7/YZsJ/Nk1m4NZnA7Kl49ruz DEYN+tqsQcAmXaRjAJ8pFLocQK+gNdoLI9M5DzgdTkh9ZARrmBWSqvi/Qv1cfdr/ 7z0AXX8nRMtwwl1i57Zhkc12GpFWw40cjuzlSQcmMV3C6RLMme/k3RrcxGuJutxN 74YQhti+ksg4MAk5cTuwOGULCw35FZukrFMAeqGP+KjY8tpruiTIQzsayIkU6SmF +7oED96YL7xSXqPALdburVL4aR/oK0VvAnKNWhSRh9Lk+zpiuWjooZu7nq3JlVz4 q4qSPZmaGPKPe0q3bUHCphbsGSLxw826L/P5TxXVH9a+I6CwMBiEZpDGIwIDAQAB o4IC3zCCAtswHQYDVR0OBBYEFMek0vaJE+rObJ9Qkr3H3SD1dPQ4MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU4L2YwM2Nh MS03MjZiLTRkZTktYjQxOS1mOWExYmJjMzY4NDUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgvZjAzY2Ex LTcyNmItNGRlOS1iNDE5LWY5YTFiYmMzNjg0NS8xL3g2VFM5b2tUNnM1c24xQ1N2 Y2ZkSVBWMDlEZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF4GCCsGAQUF BwEHAQH/BE8wTTA8BAIAATA2AwQFHy8AAwQCuQyoAwQCua0cAwQCudK0AwQA0aLI AwQD1VtAAwQE1VtwAwQA2UcwAwQD2Uc4MA0EAgACMAcDBQAqA5JAMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwMXiDANBgkqhkiG9w0BAQsFAAOCAQEAMnmpJgUx3Vnl njMX/nm2Jl3EY/a1DT0oC0sxjTzcAm0xrJ13mnRpyG6fMaK2z3tElHiyyYQL/r6V CIdcsjam8kMal5m4mIZVjf4/ZiYEXHdUXhohnJX2gD1iQTmF1E83LgAkGt456vnY Z8RAeWqTdI+4o15LyRaFO0xfdYJOBduvs65irY3sLl9b6rz65B1S6zbwrOU0VOqN uhPQr1vJ2DNpg2aeihRBYTMPESI2qhfLAcAAAXrPsA6uxLk2pMBJxOl/B0fLFwvd tpYlIneA4J9YYw1y5y4Wx25M62d9MIlLsZ0iEKKT6+8jmEODxW+oZQa/YJM/KoNg 4CHHKi+q+Q== -----END CERTIFICATE-----Generated at Mon Feb 9 16:48:54 2026 by rpki-client