This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer File: xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer (raw, json) Hash identifier: UwczqhcK/YBqumDqTQPxb92n6IuDnq0sarOu4U3BMDI= Subject key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7758A74D0A09938DF6763FFB6A7A0984 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 02:17:37 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 29262 AS: 201064 IP: 46.29.24.0/22 IP: 91.106.216.0/22 IP: 91.194.53.0/24 IP: 91.194.55.0/24 IP: 93.190.12.0/22 IP: 109.236.48.0/22 IP: 160.20.108.0/22 IP: 185.85.188.0/22 IP: 185.85.236.0/22 IP: 185.86.4.0/22 IP: 185.86.12.0/22 IP: 185.86.152.0/22 IP: 185.86.164.0/22 IP: 185.87.24.0/22 IP: 185.87.120.0/22 IP: 185.88.172.0/22 IP: 185.98.60.0/22 IP: 185.119.80.0/22 IP: 185.141.32.0/22 IP: 185.184.24.0/22 IP: 185.185.232.0/22 IP: 185.243.180.0/22 IP: 185.249.200.0/22 IP: 185.250.210.0/24 IP: 185.254.28.0/22 IP: 185.254.236.0/22 IP: 193.35.152.0/22 IP: 193.35.204.0/22 IP: 193.160.140.0/22 IP: 193.223.104.0/22 IP: 194.62.52.0/22 IP: 194.127.116.0/22 IP: 2a03:f3c0::/29 IP: 2a05:4f80::/29 IP: 2a05:bf00::/29 IP: 2a06:3440::/29 IP: 2a06:a700::/29 IP: 2a07:21c0::/29 IP: 2a07:d800::/29 IP: 2a07:e700::/29 IP: 2a07:fe40::/29 IP: 2a0b:2780::/29 IP: 2a0b:6780::/29 IP: 2a0c:1340::/29 IP: 2a0c:46c0::/29 IP: 2a0c:5c40::/29 IP: 2a0c:67c0::/29 IP: 2a0c:7a40::/29 IP: 2a0c:89c0::/29 IP: 2a0c:9dc0::/29 IP: 2a0c:acc0::/29 IP: 2a0d:7c0::/29 IP: 2a0d:49c0::/29 IP: 2a10:8b00::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:a7:4d:0a:09:93:8d:f6:76:3f:fb:6a:7a:09:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 02:17:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c616c4195152effedbf7b3afee2aa72e19090e4d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:36:6d:f9:3c:13:64:c3:c3:e5:36:e5:d4:2f: da:22:c9:ab:49:b8:12:d0:a7:0e:02:d9:53:09:b3: b9:89:f2:1d:72:29:f4:27:49:2c:50:14:ee:d7:93: e6:f6:ee:1f:66:29:31:1a:d3:95:51:e6:98:bf:9f: 75:ed:39:c1:4f:10:19:27:12:6b:d5:17:cf:11:b5: 29:70:a4:9b:af:86:ce:6d:93:d1:5c:7c:5b:80:1b: 71:f6:6a:42:03:44:25:7e:66:bb:5e:58:e1:19:f1: 0a:60:a0:3d:8f:eb:74:5f:c7:89:7e:d4:82:36:00: c9:db:06:58:e5:87:29:93:94:79:dd:d6:b4:0c:cb: 0c:71:38:f9:50:b1:b9:be:59:6d:51:31:84:86:61: 1e:0f:89:c5:be:e0:20:cc:6a:55:bd:89:07:0d:60: 3b:0d:4d:1e:4f:70:04:c0:fa:ad:fb:ef:81:cd:ab: 9e:76:a2:22:a3:de:45:e4:ce:6b:e7:bb:17:64:dc: cb:15:f5:66:53:0d:dd:5f:46:3e:c7:b9:14:1c:04: 1c:24:40:20:99:52:f9:12:ff:9e:c3:7f:fe:e9:34: 62:b1:07:35:ba:20:03:20:fe:33:80:28:1d:ae:87: f2:a3:91:e0:cf:10:60:39:31:fe:d9:fc:5c:ca:cc: d8:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.29.24.0/22 91.106.216.0/22 91.194.53.0/24 91.194.55.0/24 93.190.12.0/22 109.236.48.0/22 160.20.108.0/22 185.85.188.0/22 185.85.236.0/22 185.86.4.0/22 185.86.12.0/22 185.86.152.0/22 185.86.164.0/22 185.87.24.0/22 185.87.120.0/22 185.88.172.0/22 185.98.60.0/22 185.119.80.0/22 185.141.32.0/22 185.184.24.0/22 185.185.232.0/22 185.243.180.0/22 185.249.200.0/22 185.250.210.0/24 185.254.28.0/22 185.254.236.0/22 193.35.152.0/22 193.35.204.0/22 193.160.140.0/22 193.223.104.0/22 194.62.52.0/22 194.127.116.0/22 IPv6: 2a03:f3c0::/29 2a05:4f80::/29 2a05:bf00::/29 2a06:3440::/29 2a06:a700::/29 2a07:21c0::/29 2a07:d800::/29 2a07:e700::/29 2a07:fe40::/29 2a0b:2780::/29 2a0b:6780::/29 2a0c:1340::/29 2a0c:46c0::/29 2a0c:5c40::/29 2a0c:67c0::/29 2a0c:7a40::/29 2a0c:89c0::/29 2a0c:9dc0::/29 2a0c:acc0::/29 2a0d:7c0::/29 2a0d:49c0::/29 2a10:8b00::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 29262 201064 Signature Algorithm: sha256WithRSAEncryption 9f:7b:7e:d5:4b:5f:88:af:7d:1f:6f:16:c2:4f:12:fb:27:32: bb:a6:99:24:c5:f2:98:ed:41:f2:70:82:1d:73:fb:23:93:af: 08:c4:73:a4:77:1b:82:02:56:1a:2a:c5:a2:20:72:e9:0b:1f: 6d:8e:1f:f6:53:ac:5a:84:92:14:59:4c:c8:2b:c5:4f:0c:5b: 94:9d:ab:66:3c:88:89:c9:3d:4e:5c:3f:d6:3c:ec:8d:2b:41: ac:ef:ce:34:5c:94:e9:a2:48:fc:5d:a3:ff:15:5c:db:92:30: 7e:0c:36:17:5e:49:d1:10:9b:85:d6:75:2d:a8:2a:40:db:bb: ec:57:2b:d8:5b:58:c8:de:f7:31:b7:fd:46:4a:86:37:be:8f: d3:8e:52:94:3f:07:7d:d0:05:78:fe:96:f9:4e:02:bf:5b:55: 62:1b:0a:05:da:6c:6c:10:d3:ce:cb:e6:d7:45:d8:e9:1b:85: 98:ec:9c:85:b5:52:a3:12:a7:b1:82:6c:7a:3b:1e:3c:01:55: 07:22:c1:fe:be:4f:c6:02:09:a1:46:bd:47:ea:22:3b:f1:90: a9:9f:6c:86:5b:03:24:89:52:3d:57:8c:ec:20:d2:7f:bb:7d: 74:c8:cd:0c:b5:e5:22:55:c2:98:f2:e9:0b:99:a9:da:9e:69: ef:d3:51:91 -----BEGIN CERTIFICATE----- MIIG/jCCBeagAwIBAgISAZt3WKdNCgmTjfZ2P/tqegmEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDIxNzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNjE2YzQxOTUxNTJlZmZlZGJmN2IzYWZlZTJhYTcyZTE5MDkwZTRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDZt+TwTZMPD5Tbl1C/aIsmrSbgS 0KcOAtlTCbO5ifIdcin0J0ksUBTu15Pm9u4fZikxGtOVUeaYv5917TnBTxAZJxJr 1RfPEbUpcKSbr4bObZPRXHxbgBtx9mpCA0Qlfma7XljhGfEKYKA9j+t0X8eJftSC NgDJ2wZY5Ycpk5R53da0DMsMcTj5ULG5vlltUTGEhmEeD4nFvuAgzGpVvYkHDWA7 DU0eT3AEwPqt+++BzauedqIio95F5M5r57sXZNzLFfVmUw3dX0Y+x7kUHAQcJEAg mVL5Ev+ew3/+6TRisQc1uiADIP4zgCgdrofyo5HgzxBgOTH+2fxcyszYJwIDAQAB o4IECjCCBAYwHQYDVR0OBBYEFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ3L2FkNjUy MS1kM2E5LTRiMTMtYmU2OS0zOWZkYjk4NmYwNTkvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcvYWQ2NTIx LWQzYTktNGIxMy1iZTY5LTM5ZmRiOTg2ZjA1OS8xL3hoYkVHVkZTN183Yjk3T3Y3 aXFuTGhrSkRrMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBgwYIKwYB BQUHAQcBAf8EggFyMIIBbjCBxwQCAAEwgcADBAIuHRgDBAJbatgDBABbwjUDBABb wjcDBAJdvgwDBAJt7DADBAKgFGwDBAK5VbwDBAK5VewDBAK5VgQDBAK5VgwDBAK5 VpgDBAK5VqQDBAK5VxgDBAK5V3gDBAK5WKwDBAK5YjwDBAK5d1ADBAK5jSADBAK5 uBgDBAK5uegDBAK587QDBAK5+cgDBAC5+tIDBAK5/hwDBAK5/uwDBALBI5gDBALB I8wDBALBoIwDBALB32gDBALCPjQDBALCf3QwgaEEAgACMIGaAwUDKgPzwAMFAyoF T4ADBQMqBb8AAwUDKgY0QAMFAyoGpwADBQMqByHAAwUDKgfYAAMFAyoH5wADBQMq B/5AAwUDKgsngAMFAyoLZ4ADBQMqDBNAAwUDKgxGwAMFAyoMXEADBQMqDGfAAwUD Kgx6QAMFAyoMicADBQMqDJ3AAwUDKgyswAMFAyoNB8ADBQMqDUnAAwUDKhCLADAe BggrBgEFBQcBCAEB/wQPMA2gCzAJAgJyTgIDAxFoMA0GCSqGSIb3DQEBCwUAA4IB AQCfe37VS1+Ir30fbxbCTxL7JzK7ppkkxfKY7UHycIIdc/sjk68IxHOkdxuCAlYa KsWiIHLpCx9tjh/2U6xahJIUWUzIK8VPDFuUnatmPIiJyT1OXD/WPOyNK0Gs7840 XJTpokj8XaP/FVzbkjB+DDYXXknREJuF1nUtqCpA27vsVyvYW1jI3vcxt/1GSoY3 vo/TjlKUPwd90AV4/pb5TgK/W1ViGwoF2mxsENPOy+bXRdjpG4WY7JyFtVKjEqex gmx6Ox48AVUHIsH+vk/GAgmhRr1H6iI78ZCpn2yGWwMkiVI9V4zsINJ/u310yM0M teUiVcKY8ukLmananmnv01GR -----END CERTIFICATE-----Generated at Mon Jan 19 18:23:31 2026 by rpki-client