This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/y2Ys7rcmd0sbRMUf8fwN-Qi967w.cer File: y2Ys7rcmd0sbRMUf8fwN-Qi967w.cer (raw, json) Hash identifier: xOVpHOpGLWJM3qN4BxGXzfE5cYxGfNEBcwOS5psHWOg= Subject key identifier: CB:66:2C:EE:B7:26:77:4B:1B:44:C5:1F:F1:FC:0D:F9:08:BD:EB:BC Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7EA4C823403A3270171114A49A02700F Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/43/a962a9-abff-4495-86cc-b56c8ccb2935/1/y2Ys7rcmd0sbRMUf8fwN-Qi967w.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/43/a962a9-abff-4495-86cc-b56c8ccb2935/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 12:18:06 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 12969 AS: 21268 AS: 31441 IP: 5.23.64.0/19 IP: 46.239.192.0/18 IP: 62.145.128.0/19 IP: 81.15.0.0/17 IP: 83.173.0.0/18 IP: 85.197.192.0/18 IP: 88.149.0.0/17 IP: 89.160.128.0/17 IP: 185.21.16.0/22 IP: 185.24.0.0/22 IP: 185.245.172.0/22 IP: 193.4.0.0 -- 193.4.57.255 IP: 193.4.60.0 -- 193.4.255.255 IP: 194.144.0.0/16 IP: 213.176.128.0/19 IP: 213.213.128.0/19 IP: 213.220.64.0/18 IP: 217.9.128.0/20 IP: 217.151.160.0/19 IP: 2a01:44c0::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:10:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:c8:23:40:3a:32:70:17:11:14:a4:9a:02:70:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 12:18:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cb662ceeb726774b1b44c51ff1fc0df908bdebbc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:95:fa:e3:42:a6:05:da:c9:f8:db:1f:72:e9: 01:3c:0d:1e:3d:45:31:ca:d7:ad:cd:ff:c3:be:20: 5c:d6:78:94:fe:4b:81:c3:46:e3:5f:df:98:77:6b: 7c:9e:50:8e:9c:fa:79:4f:e6:d1:f7:a2:3b:be:77: a5:96:e0:fa:dc:d2:32:8c:96:3a:6d:9a:83:85:09: c8:9b:50:2c:09:ed:b4:14:d7:97:9f:8a:fa:5c:81: 29:d8:a9:d2:7e:b3:fc:54:c2:af:fa:93:82:bc:76: d8:a3:af:74:05:ea:da:5e:d8:17:86:b0:d7:7e:be: 08:84:57:e3:66:a7:61:9a:21:7d:bd:bd:d3:d2:7a: 80:3e:ef:4e:7f:07:36:4e:10:84:dc:69:32:36:64: 21:33:f7:f1:c0:9f:c9:b2:1f:22:d4:b8:d1:f5:a1: 3b:f7:bc:b5:ba:03:90:3e:9c:34:17:f8:c7:a8:0d: 5f:32:61:b7:9d:ed:ad:3a:c3:05:50:50:ed:21:c8: ee:6b:2e:f7:96:e0:88:66:a5:f7:f0:74:00:a8:0d: ba:7c:22:01:63:8a:43:c0:2f:cb:98:a2:be:a9:ed: c8:29:76:0b:82:ee:3b:7b:98:49:4a:bc:f1:43:83: 60:d3:75:e1:ff:a4:eb:30:8c:bd:f8:93:42:4e:26: 50:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:66:2C:EE:B7:26:77:4B:1B:44:C5:1F:F1:FC:0D:F9:08:BD:EB:BC X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a962a9-abff-4495-86cc-b56c8ccb2935/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a962a9-abff-4495-86cc-b56c8ccb2935/1/y2Ys7rcmd0sbRMUf8fwN-Qi967w.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.23.64.0/19 46.239.192.0/18 62.145.128.0/19 81.15.0.0/17 83.173.0.0/18 85.197.192.0/18 88.149.0.0/17 89.160.128.0/17 185.21.16.0/22 185.24.0.0/22 185.245.172.0/22 193.4.0.0-193.4.57.255 193.4.60.0-193.4.255.255 194.144.0.0/16 213.176.128.0/19 213.213.128.0/19 213.220.64.0/18 217.9.128.0/20 217.151.160.0/19 IPv6: 2a01:44c0::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 12969 21268 31441 Signature Algorithm: sha256WithRSAEncryption 08:de:71:f4:ee:db:0c:e9:01:ed:ab:32:80:be:e8:30:96:61: a4:f4:04:4d:0d:cc:dc:d9:ac:fe:e6:62:d3:87:f6:88:04:61: 47:a2:13:c8:d8:df:6e:45:0e:ce:98:17:af:d7:ec:db:4f:5d: 79:7f:8e:b7:7a:7f:81:85:95:33:66:4f:7b:91:98:6c:06:6e: c0:55:f2:58:87:96:53:44:e5:0b:c6:9a:b6:23:a9:d6:f3:13: 89:24:80:60:ff:ef:eb:d6:70:36:49:fe:a2:90:5d:74:10:4e: f7:77:cd:34:65:b2:ff:e4:13:fa:cb:d1:d5:81:d5:29:44:3e: 15:90:12:20:58:93:df:b0:db:c1:f4:7f:8d:bc:e7:78:88:aa: f1:6d:e9:48:bd:82:4e:07:92:5a:95:85:92:81:ff:e7:23:c9: 98:9b:be:b4:0d:30:16:9c:59:57:58:79:a9:2d:1e:e2:95:f5: dd:08:95:8e:65:b7:63:01:3a:0d:68:7f:03:36:0f:34:e2:11: 43:1b:fe:12:19:17:af:35:68:dc:ad:d4:fc:f6:e2:54:2e:68: 48:fd:55:d8:66:11:c3:6c:72:53:a6:68:22:1b:ef:77:ad:90: 6e:c4:da:bf:cd:43:c1:3e:b2:db:00:0e:19:e1:8a:2e:63:80: 55:ba:62:d8 -----BEGIN CERTIFICATE----- MIIGJzCCBQ+gAwIBAgISAZt+pMgjQDoycBcRFKSaAnAPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTIxODA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYjY2MmNlZWI3MjY3NzRiMWI0NGM1MWZmMWZjMGRmOTA4YmRlYmJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJX640KmBdrJ+NsfcukBPA0ePUUx ytetzf/DviBc1niU/kuBw0bjX9+Yd2t8nlCOnPp5T+bR96I7vnelluD63NIyjJY6 bZqDhQnIm1AsCe20FNeXn4r6XIEp2KnSfrP8VMKv+pOCvHbYo690BeraXtgXhrDX fr4IhFfjZqdhmiF9vb3T0nqAPu9Ofwc2ThCE3GkyNmQhM/fxwJ/Jsh8i1LjR9aE7 97y1ugOQPpw0F/jHqA1fMmG3ne2tOsMFUFDtIcjuay73luCIZqX38HQAqA26fCIB Y4pDwC/LmKK+qe3IKXYLgu47e5hJSrzxQ4Ng03Xh/6TrMIy9+JNCTiZQHQIDAQAB o4IDMzCCAy8wHQYDVR0OBBYEFMtmLO63JndLG0TFH/H8DfkIveu8MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQzL2E5NjJh OS1hYmZmLTQ0OTUtODZjYy1iNTZjOGNjYjI5MzUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDMvYTk2MmE5 LWFiZmYtNDQ5NS04NmNjLWI1NmM4Y2NiMjkzNS8xL3kyWXM3cmNtZDBzYlJNVWY4 ZndOLVFpOTY3dy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGqBggrBgEF BQcBBwEB/wSBmjCBlzCBhQQCAAEwfwMEBQUXQAMEBi7vwAMEBT6RgAMEB1EPAAME BlOtAAMEBlXFwAMEB1iVAAMEB1mggAMEArkVEAMEArkYAAMEArn1rDALAwMCwQQD BAHBBDgwCwMEAsEEPAMDAMEEAwMAwpADBAXVsIADBAXV1YADBAbV3EADBATZCYAD BAXZl6AwDQQCAAIwBwMFACoBRMAwIQYIKwYBBQUHAQgBAf8EEjAQoA4wDAICMqkC AlMUAgJ60TANBgkqhkiG9w0BAQsFAAOCAQEACN5x9O7bDOkB7asygL7oMJZhpPQE TQ3M3Nms/uZi04f2iARhR6ITyNjfbkUOzpgXr9fs209deX+Ot3p/gYWVM2ZPe5GY bAZuwFXyWIeWU0TlC8aatiOp1vMTiSSAYP/v69ZwNkn+opBddBBO93fNNGWy/+QT +svR1YHVKUQ+FZASIFiT37DbwfR/jbzneIiq8W3pSL2CTgeSWpWFkoH/5yPJmJu+ tA0wFpxZV1h5qS0e4pX13QiVjmW3YwE6DWh/AzYPNOIRQxv+EhkXrzVo3K3U/Pbi VC5oSP1V2GYRw2xyU6ZoIhvvd62QbsTav81DwT6y2wAOGeGKLmOAVbpi2A== -----END CERTIFICATE-----Generated at Mon Feb 9 16:52:20 2026 by rpki-client