This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yTfS9vC3jA7XW478KACdeXlhQAM.cer File: yTfS9vC3jA7XW478KACdeXlhQAM.cer (raw, json) Hash identifier: jTpmAHpFHWD+KYngqsOqs1adrsNvOkYjNcCHZou+Sx0= Subject key identifier: C9:37:D2:F6:F0:B7:8C:0E:D7:5B:8E:FC:28:00:9D:79:79:61:40:03 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B79109A8BDBA9F2AD0A8EBA15845128BB Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/08/b9bd06-96c8-4e71-ba12-937754cbb505/1/yTfS9vC3jA7XW478KACdeXlhQAM.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/08/b9bd06-96c8-4e71-ba12-937754cbb505/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 10:18:09 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 62134 IP: 185.46.120.0/22 IP: 2a01:8720::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:9a:8b:db:a9:f2:ad:0a:8e:ba:15:84:51:28:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 10:18:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c937d2f6f0b78c0ed75b8efc28009d7979614003 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:11:41:2b:31:5a:da:13:09:ab:8f:a0:be:81: ab:06:86:8e:6e:81:19:34:b6:c6:ef:97:11:5c:48: bb:a6:1a:d7:dc:c1:0c:e0:50:34:70:3c:f7:b8:02: b9:ab:63:0f:0a:d4:2b:15:da:3b:7c:06:63:59:1a: b6:35:fe:64:ad:8f:aa:3d:21:a3:d5:2a:67:4e:5e: c8:05:3f:85:01:96:b2:46:6f:eb:41:26:89:27:e9: 04:02:77:73:2c:30:b6:10:57:d2:33:93:76:4e:53: 5f:42:ea:6f:36:78:29:ec:52:7f:4f:cb:bc:5b:3d: 4d:68:74:eb:68:6c:9a:35:f7:04:49:81:a0:49:d4: df:f1:55:9f:21:d2:30:3b:72:78:f8:d0:ad:70:2a: ca:a4:f0:28:27:ad:3a:9a:5c:3f:6f:ed:df:d6:7d: cc:f1:9c:94:3b:9b:29:95:0e:e4:90:38:89:cd:41: 51:14:03:f6:99:36:bb:78:ac:f6:09:07:50:db:f6: be:24:b7:f4:1e:45:88:c9:ac:88:1e:13:3e:80:30: f0:df:0e:68:aa:d4:e9:5c:5b:a5:b4:d2:ad:92:8b: 3d:78:4d:75:4f:93:54:f3:8e:6d:fc:82:ba:bd:df: a3:14:b6:a9:19:ca:29:a5:21:4f:b7:0a:77:1d:32: 13:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:37:D2:F6:F0:B7:8C:0E:D7:5B:8E:FC:28:00:9D:79:79:61:40:03 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/b9bd06-96c8-4e71-ba12-937754cbb505/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/b9bd06-96c8-4e71-ba12-937754cbb505/1/yTfS9vC3jA7XW478KACdeXlhQAM.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.46.120.0/22 IPv6: 2a01:8720::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 62134 Signature Algorithm: sha256WithRSAEncryption 43:d5:21:d2:fa:4f:62:af:36:f6:5f:78:5a:1e:58:82:ba:38: 6d:84:32:e4:bc:db:17:a8:c5:64:10:82:02:a9:3b:be:8b:c2: 7c:90:85:71:8a:13:08:b6:8f:7e:81:ea:8d:82:21:87:06:7b: 7f:69:57:e6:6c:26:44:b6:a8:b4:39:fe:51:09:8a:cc:e8:7e: fd:49:c7:6b:e0:fd:8f:56:bd:fe:57:62:42:55:f6:ca:68:c4: b4:07:7d:d5:da:13:b1:e5:77:ff:55:38:64:18:8f:4e:09:2a: 2f:41:6d:93:da:26:4f:31:6c:2e:89:f9:ef:6b:20:a6:36:bb: a2:16:ce:1e:05:65:f5:b9:7a:6d:71:ed:f8:37:68:13:d9:10: 8a:aa:82:01:5d:1e:f7:db:b1:57:86:b5:15:84:d0:92:f0:ba: 84:bf:fc:85:97:33:57:11:ea:50:7e:ea:c2:bc:04:4d:99:b8: a1:93:7b:99:f6:74:10:92:56:23:40:60:1b:be:a9:bd:32:7a: 32:0d:d2:8f:33:54:74:d8:7d:b4:ac:78:ed:6c:1f:31:26:1a: 16:7f:75:dd:2b:e7:e5:89:22:27:16:ec:97:d7:a9:73:a5:a6: 78:ab:da:c6:ad:05:9f:ba:a2:00:07:68:d3:95:54:e9:e4:a2: 3c:65:f8:13 -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt5EJqL26nyrQqOuhWEUSi7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTAxODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjOTM3ZDJmNmYwYjc4YzBlZDc1YjhlZmMyODAwOWQ3OTc5NjE0MDAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBFBKzFa2hMJq4+gvoGrBoaOboEZ NLbG75cRXEi7phrX3MEM4FA0cDz3uAK5q2MPCtQrFdo7fAZjWRq2Nf5krY+qPSGj 1SpnTl7IBT+FAZayRm/rQSaJJ+kEAndzLDC2EFfSM5N2TlNfQupvNngp7FJ/T8u8 Wz1NaHTraGyaNfcESYGgSdTf8VWfIdIwO3J4+NCtcCrKpPAoJ606mlw/b+3f1n3M 8ZyUO5splQ7kkDiJzUFRFAP2mTa7eKz2CQdQ2/a+JLf0HkWIyayIHhM+gDDw3w5o qtTpXFultNKtkos9eE11T5NU845t/IK6vd+jFLapGcoppSFPtwp3HTITnQIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFMk30vbwt4wO11uO/CgAnXl5YUADMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA4L2I5YmQw Ni05NmM4LTRlNzEtYmExMi05Mzc3NTRjYmI1MDUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgvYjliZDA2 LTk2YzgtNGU3MS1iYTEyLTkzNzc1NGNiYjUwNS8xL3lUZlM5dkMzakE3WFc0NzhL QUNkZVhsaFFBTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCuS54MA0EAgACMAcDBQAqAYcgMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwDytjANBgkqhkiG9w0BAQsFAAOCAQEAQ9Uh0vpPYq82 9l94Wh5Ygro4bYQy5LzbF6jFZBCCAqk7vovCfJCFcYoTCLaPfoHqjYIhhwZ7f2lX 5mwmRLaotDn+UQmKzOh+/UnHa+D9j1a9/ldiQlX2ymjEtAd91doTseV3/1U4ZBiP TgkqL0Ftk9omTzFsLon572sgpja7ohbOHgVl9bl6bXHt+DdoE9kQiqqCAV0e99ux V4a1FYTQkvC6hL/8hZczVxHqUH7qwrwETZm4oZN7mfZ0EJJWI0BgG76pvTJ6Mg3S jzNUdNh9tKx47WwfMSYaFn913Svn5YkiJxbsl9epc6WmeKvaxq0Fn7qiAAdo05VU 6eSiPGX4Ew== -----END CERTIFICATE-----Generated at Mon Feb 9 19:42:01 2026 by rpki-client