This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer File: ydV0R-NCC4U4dbb6QDcqreMZLKI.cer (raw, json) Hash identifier: EYx71/NGL4tD7A6ZgcQc5AzHAnXyZ1eFdx8E0tcHX4I= Subject key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B79104553C004D0D87FE47C1AA9B25E20 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 10:17:48 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 60683 IP: 31.210.34.0 -- 31.210.55.255 IP: 77.92.130.0/23 IP: 77.92.142.0 -- 77.92.148.255 IP: 77.92.150.0 -- 77.92.154.255 IP: 78.135.64.0 -- 78.135.78.255 IP: 78.135.80.0 -- 78.135.107.255 IP: 78.135.109.0 -- 78.135.111.255 IP: 185.17.136.0/22 IP: 185.181.208.0/22 IP: 185.219.132.0/22 IP: 185.241.10.0/24 IP: 188.132.128.0 -- 188.132.133.255 IP: 188.132.136.0 -- 188.132.141.255 IP: 188.132.143.0 -- 188.132.146.255 IP: 188.132.149.0 -- 188.132.156.255 IP: 188.132.159.0 -- 188.132.168.255 IP: 188.132.170.0/23 IP: 188.132.173.0 -- 188.132.174.255 IP: 188.132.178.0/24 IP: 188.132.181.0 -- 188.132.193.255 IP: 188.132.196.0 -- 188.132.203.255 IP: 188.132.206.0 -- 188.132.243.255 IP: 188.132.247.0 -- 188.132.251.255 IP: 212.68.34.0 -- 212.68.39.255 IP: 212.68.48.0/23 IP: 212.68.53.0 -- 212.68.56.255 IP: 212.68.58.0 -- 212.68.60.255 IP: 212.68.62.0/23 IP: 2a10:9440::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 06:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:45:53:c0:04:d0:d8:7f:e4:7c:1a:a9:b2:5e:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 10:17:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c9d57447e3420b853875b6fa40372aade3192ca2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:25:0c:00:3b:b8:ef:55:f0:d6:1a:e4:92:f3: f4:93:a3:d4:17:da:5e:86:58:de:f5:ac:51:2f:4b: de:23:6c:be:35:23:0c:d3:25:ac:88:c4:74:c9:c9: 81:0e:7c:42:88:46:82:0f:81:6f:87:74:4f:b3:8c: cb:af:28:03:b4:9f:31:3b:3f:f0:63:58:21:a7:43: f6:79:a1:99:9f:79:45:52:1a:f0:54:a3:92:1b:78: 3a:d6:9b:85:67:bb:ea:c5:2d:da:3a:92:7f:13:fc: c5:59:24:93:0c:26:f6:27:b5:33:60:6b:3c:03:d9: a5:2a:08:24:8f:6d:85:9f:a8:88:3c:95:10:01:d9: 31:f9:80:96:70:58:b9:27:c9:84:42:33:35:67:05: 82:9b:96:5d:24:c1:53:87:33:bc:b2:9e:b9:05:f9: 2d:26:f0:f7:f3:7a:56:db:fc:88:a2:32:f6:0f:c7: 18:22:32:e8:21:2d:64:4b:aa:bb:5a:de:dd:24:de: 3e:09:9c:cd:30:73:ca:c7:6e:05:07:67:97:0e:df: d3:35:93:2f:74:3a:80:94:ef:56:46:45:68:7e:5c: 1c:22:8f:2b:09:ff:8f:87:ed:26:53:85:e3:26:08: 7f:fe:2a:51:17:ca:36:1a:ff:af:c0:f6:fe:40:66: 1f:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.210.34.0-31.210.55.255 77.92.130.0/23 77.92.142.0-77.92.148.255 77.92.150.0-77.92.154.255 78.135.64.0-78.135.78.255 78.135.80.0-78.135.107.255 78.135.109.0-78.135.111.255 185.17.136.0/22 185.181.208.0/22 185.219.132.0/22 185.241.10.0/24 188.132.128.0-188.132.133.255 188.132.136.0-188.132.141.255 188.132.143.0-188.132.146.255 188.132.149.0-188.132.156.255 188.132.159.0-188.132.168.255 188.132.170.0/23 188.132.173.0-188.132.174.255 188.132.178.0/24 188.132.181.0-188.132.193.255 188.132.196.0-188.132.203.255 188.132.206.0-188.132.243.255 188.132.247.0-188.132.251.255 212.68.34.0-212.68.39.255 212.68.48.0/23 212.68.53.0-212.68.56.255 212.68.58.0-212.68.60.255 212.68.62.0/23 IPv6: 2a10:9440::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 60683 Signature Algorithm: sha256WithRSAEncryption 1c:ad:8c:cc:a6:d5:00:c9:fe:27:e2:a4:29:92:17:a3:df:32: 55:76:22:ce:4b:06:75:24:66:2e:52:cc:9a:c0:35:f3:0c:82: 5f:b8:1b:74:d4:7d:24:ba:3a:f0:b5:0d:2a:07:f7:17:c0:b1: 75:0a:79:18:64:58:64:4d:5c:a8:28:62:7e:21:32:84:5a:65: 2e:4b:e9:57:c4:9e:04:e5:0f:82:84:2a:73:c1:1a:42:42:88: 89:3e:e4:b7:90:8a:c0:27:01:5b:9f:8e:ea:65:b7:92:f0:bf: 25:d0:7a:74:34:fb:6b:aa:38:63:a3:5f:2c:e1:d5:f2:e6:6a: 98:7b:43:6d:1e:6f:b1:a2:a8:00:6c:a0:98:dd:92:21:b9:4c: fe:6d:89:07:c3:93:a9:88:e9:4f:33:ed:7d:9b:31:db:1e:c0: 03:a0:7c:31:c6:78:80:52:f8:07:a5:fa:4f:b9:57:f0:b7:d9: 4f:d8:c3:da:23:ca:00:49:3c:ec:53:76:c1:a1:fb:a5:55:f2: 4e:8a:fb:d1:91:33:74:3f:d4:a4:4c:15:40:1e:0b:f7:4b:e1: 68:58:6b:f2:2e:79:7b:13:3c:f0:38:8a:46:de:16:a2:be:53: 08:5b:d5:ae:f6:d1:01:64:d1:4d:49:d9:43:2a:2c:aa:bf:9a: 28:92:12:4e -----BEGIN CERTIFICATE----- MIIG5zCCBc+gAwIBAgISAZt5EEVTwATQ2H/kfBqpsl4gMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTAxNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjOWQ1NzQ0N2UzNDIwYjg1Mzg3NWI2ZmE0MDM3MmFhZGUzMTkyY2EyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSUMADu471Xw1hrkkvP0k6PUF9pe hlje9axRL0veI2y+NSMM0yWsiMR0ycmBDnxCiEaCD4Fvh3RPs4zLrygDtJ8xOz/w Y1ghp0P2eaGZn3lFUhrwVKOSG3g61puFZ7vqxS3aOpJ/E/zFWSSTDCb2J7UzYGs8 A9mlKggkj22Fn6iIPJUQAdkx+YCWcFi5J8mEQjM1ZwWCm5ZdJMFThzO8sp65Bfkt JvD383pW2/yIojL2D8cYIjLoIS1kS6q7Wt7dJN4+CZzNMHPKx24FB2eXDt/TNZMv dDqAlO9WRkVoflwcIo8rCf+Ph+0mU4XjJgh//ipRF8o2Gv+vwPb+QGYfKwIDAQAB o4ID8zCCA+8wHQYDVR0OBBYEFMnVdEfjQguFOHW2+kA3Kq3jGSyiMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRkLzE1ODZm ZC1mZDJjLTQxZjgtOGZlOS00ZTE5OGYwYTYwMTMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQvMTU4NmZk LWZkMmMtNDFmOC04ZmU5LTRlMTk4ZjBhNjAxMy8xL3lkVjBSLU5DQzRVNGRiYjZR RGNxcmVNWkxLSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBcAYIKwYB BQUHAQcBAf8EggFfMIIBWzCCAUgEAgABMIIBQDAMAwQBH9IiAwQDH9IwAwQBTVyC MAwDBAFNXI4DBABNXJQwDAMEAU1clgMEAE1cmjAMAwQGTodAAwQATodOMAwDBARO h1ADBAJOh2gwDAMEAE6HbQMEBE6HYAMEArkRiAMEArm10AMEArnbhAMEALnxCjAM AwQHvISAAwQBvISEMAwDBAO8hIgDBAG8hIwwDAMEALyEjwMEALyEkjAMAwQAvISV AwQAvIScMAwDBAC8hJ8DBAC8hKgDBAG8hKowDAMEALyErQMEALyErgMEALyEsjAM AwQAvIS1AwQBvITAMAwDBAK8hMQDBAK8hMgwDAMEAbyEzgMEAryE8DAMAwQAvIT3 AwQCvIT4MAwDBAHURCIDBAPURCADBAHURDAwDAMEANRENQMEANREODAMAwQB1EQ6 AwQA1EQ8AwQB1EQ+MA0EAgACMAcDBQMqEJRAMBoGCCsGAQUFBwEIAQH/BAswCaAH MAUCAwDtCzANBgkqhkiG9w0BAQsFAAOCAQEAHK2MzKbVAMn+J+KkKZIXo98yVXYi zksGdSRmLlLMmsA18wyCX7gbdNR9JLo68LUNKgf3F8CxdQp5GGRYZE1cqChifiEy hFplLkvpV8SeBOUPgoQqc8EaQkKIiT7kt5CKwCcBW5+O6mW3kvC/JdB6dDT7a6o4 Y6NfLOHV8uZqmHtDbR5vsaKoAGygmN2SIblM/m2JB8OTqYjpTzPtfZsx2x7AA6B8 McZ4gFL4B6X6T7lX8LfZT9jD2iPKAEk87FN2waH7pVXyTor70ZEzdD/UpEwVQB4L 90vhaFhr8i55exM88DiKRt4Wor5TCFvVrvbRAWTRTUnZQyosqr+aKJISTg== -----END CERTIFICATE-----Generated at Mon Feb 9 15:06:27 2026 by rpki-client