This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/xiWvuc4zXu0-UxKLSp6yX8SV1uA.cer File: xiWvuc4zXu0-UxKLSp6yX8SV1uA.cer (raw, json) Hash identifier: 7CGlCvhXwXI0L2V3rKaPLX0sA9rbN0hKD9rmb1iW8bo= Subject key identifier: C6:25:AF:B9:CE:33:5E:ED:3E:53:12:8B:4A:9E:B2:5F:C4:95:D6:E0 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7CED80E55E789EEAEB12909F40AE1C0B Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9c/0f9b50-4689-4cd8-ae6d-100c3e1be3a2/1/xiWvuc4zXu0-UxKLSp6yX8SV1uA.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9c/0f9b50-4689-4cd8-ae6d-100c3e1be3a2/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 04:18:18 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 193.138.212.0/22 IP: 2001:67c:18c4::/48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:80:e5:5e:78:9e:ea:eb:12:90:9f:40:ae:1c:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 04:18:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c625afb9ce335eed3e53128b4a9eb25fc495d6e0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:ef:0a:f9:64:6d:21:52:8b:96:90:66:df:04: 10:b0:f7:2e:6f:a8:b2:fd:22:42:cf:b3:eb:57:05: d0:fb:4e:fb:36:23:b7:1c:a5:15:c3:3b:a3:71:dd: 63:3e:04:f7:62:1c:20:4f:68:f4:e5:5a:5a:f5:c2: 18:61:3f:33:5a:a6:06:ed:4c:7f:e5:5a:12:d7:d4: 98:8f:80:c4:32:4b:4f:a2:39:01:24:95:fd:8c:59: 76:4d:ab:e9:e7:bb:43:f0:96:dd:5e:46:74:f8:e9: 61:b7:7c:21:d8:e4:6f:0b:5a:65:d1:7f:f8:30:12: d8:21:d6:65:6e:da:da:e4:9e:60:91:ae:d0:10:11: bb:c5:34:13:30:a3:d8:be:b6:3e:63:94:bb:04:17: 71:e3:2b:cc:c0:a9:fb:78:c3:c1:b6:12:df:4b:8d: 33:34:dd:f6:17:8a:a3:e9:16:6b:a3:c8:ba:0a:a9: ba:a6:bc:1f:11:0f:10:fd:4f:a5:24:50:80:d8:b6: 19:55:f4:d8:b4:f7:c3:6f:04:91:13:9b:d1:83:f4: b2:d9:ec:cb:16:d4:2c:21:a2:32:3d:21:9d:b3:e0: 40:bc:ad:87:2d:cd:01:da:39:45:c3:cd:32:77:2d: 0d:84:96:44:f1:a8:40:96:f6:60:8b:78:03:89:36: e9:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:25:AF:B9:CE:33:5E:ED:3E:53:12:8B:4A:9E:B2:5F:C4:95:D6:E0 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/0f9b50-4689-4cd8-ae6d-100c3e1be3a2/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/0f9b50-4689-4cd8-ae6d-100c3e1be3a2/1/xiWvuc4zXu0-UxKLSp6yX8SV1uA.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.138.212.0/22 IPv6: 2001:67c:18c4::/48 Signature Algorithm: sha256WithRSAEncryption 7a:8c:34:19:78:78:a6:fe:1b:65:62:b1:b2:21:af:d6:41:98: 54:74:9c:ed:29:59:48:6b:33:e0:45:ab:62:7e:1c:52:c2:59: df:15:07:34:43:b8:3a:a5:cf:8e:4a:0a:0c:cc:39:9f:dc:57: 50:21:0a:a0:a9:53:e4:b9:1a:58:58:70:e2:a2:e5:13:48:82: 75:29:00:33:a3:3d:08:2d:fd:f5:99:33:e5:a1:a5:9e:af:bf: 6d:bd:0a:03:7d:0b:55:80:cb:b3:33:2c:2c:31:2d:d0:a6:5a: 41:8e:27:dc:d5:9c:fe:0a:f7:48:a4:4e:00:47:32:07:75:60: 11:7d:34:e6:87:61:39:9d:ac:90:89:ea:c5:8b:7c:71:f1:21: 2e:85:47:fb:6c:77:fc:e9:80:33:ea:78:2a:e0:a8:7e:26:82: a4:36:72:03:6b:90:45:70:e3:84:53:f2:1c:58:0c:1f:79:f1: 43:8d:28:2a:38:aa:99:59:83:1e:c3:a2:05:76:b5:09:d1:22: 2f:02:52:00:38:73:9a:34:9f:ee:fe:63:63:20:49:76:33:ed: e6:9b:32:4c:44:46:fe:a2:41:3b:a8:22:0f:85:32:18:f4:d0: eb:15:dc:9d:5a:bd:11:1b:89:79:d7:01:13:f9:f9:53:24:6b: 8e:d9:27:a5 -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgISAZt87YDlXnie6usSkJ9ArhwLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDQxODE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNjI1YWZiOWNlMzM1ZWVkM2U1MzEyOGI0YTllYjI1ZmM0OTVkNmUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6O8K+WRtIVKLlpBm3wQQsPcub6iy /SJCz7PrVwXQ+077NiO3HKUVwzujcd1jPgT3YhwgT2j05Vpa9cIYYT8zWqYG7Ux/ 5VoS19SYj4DEMktPojkBJJX9jFl2Tavp57tD8JbdXkZ0+Olht3wh2ORvC1pl0X/4 MBLYIdZlbtra5J5gka7QEBG7xTQTMKPYvrY+Y5S7BBdx4yvMwKn7eMPBthLfS40z NN32F4qj6RZro8i6Cqm6prwfEQ8Q/U+lJFCA2LYZVfTYtPfDbwSRE5vRg/Sy2ezL FtQsIaIyPSGds+BAvK2HLc0B2jlFw80ydy0NhJZE8ahAlvZgi3gDiTbpkQIDAQAB o4IClTCCApEwHQYDVR0OBBYEFMYlr7nOM17tPlMSi0qesl/EldbgMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzljLzBmOWI1 MC00Njg5LTRjZDgtYWU2ZC0xMDBjM2UxYmUzYTIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMvMGY5YjUw LTQ2ODktNGNkOC1hZTZkLTEwMGMzZTFiZTNhMi8xL3hpV3Z1YzR6WHUwLVV4S0xT cDZ5WDhTVjF1QS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUF BwEHAQH/BCEwHzAMBAIAATAGAwQCwYrUMA8EAgACMAkDBwAgAQZ8GMQwDQYJKoZI hvcNAQELBQADggEBAHqMNBl4eKb+G2VisbIhr9ZBmFR0nO0pWUhrM+BFq2J+HFLC Wd8VBzRDuDqlz45KCgzMOZ/cV1AhCqCpU+S5GlhYcOKi5RNIgnUpADOjPQgt/fWZ M+WhpZ6vv229CgN9C1WAy7MzLCwxLdCmWkGOJ9zVnP4K90ikTgBHMgd1YBF9NOaH YTmdrJCJ6sWLfHHxIS6FR/tsd/zpgDPqeCrgqH4mgqQ2cgNrkEVw44RT8hxYDB95 8UONKCo4qplZgx7DogV2tQnRIi8CUgA4c5o0n+7+Y2MgSXYz7eabMkxERv6iQTuo Ig+FMhj00OsV3J1avREbiXnXARP5+VMka47ZJ6U= -----END CERTIFICATE-----Generated at Mon Jan 26 20:49:28 2026 by rpki-client