This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yhg6ZpEwmnnW5mBbDVwR4_9-kZQ.cer File: yhg6ZpEwmnnW5mBbDVwR4_9-kZQ.cer (raw, json) Hash identifier: yTMKxERuyvYLo6wD6DIygG9afzl2q/iGjp9pTzAqT3Y= Subject key identifier: CA:18:3A:66:91:30:9A:79:D6:E6:60:5B:0D:5C:11:E3:FF:7E:91:94 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B79EC7DD0D412F7680D6060F4152BA5DB Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2e/0774bb-3b0b-4f47-b151-19e708469cee/1/yhg6ZpEwmnnW5mBbDVwR4_9-kZQ.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2e/0774bb-3b0b-4f47-b151-19e708469cee/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 14:18:20 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 130.192.0.0 -- 130.192.95.255 IP: 130.192.160.0/21 IP: 130.192.176.0/20 IP: 130.192.224.0/20 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:7d:d0:d4:12:f7:68:0d:60:60:f4:15:2b:a5:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 14:18:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ca183a6691309a79d6e6605b0d5c11e3ff7e9194 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:2a:7f:0f:4f:91:92:41:5c:38:1d:e1:85:ea: 70:12:4c:27:b5:a2:2f:19:6d:95:1c:aa:25:0f:f6: 17:9c:3f:e4:eb:4e:2e:eb:70:6e:59:99:79:30:e0: 54:76:5a:db:24:cd:ca:f5:60:41:c2:ad:e9:a8:0e: c6:3b:ee:c3:3b:b8:90:80:c6:1e:bd:05:4a:0e:4d: d2:62:0e:d2:43:6a:f2:36:85:7a:b2:1c:9c:e6:26: a9:c2:28:42:52:23:89:d6:a0:eb:67:02:65:89:13: e5:d5:1e:70:5c:4f:92:15:60:8a:75:ce:8a:05:f7: 06:43:d8:22:46:12:33:8e:a1:aa:e9:55:6e:d7:1b: 41:f5:bd:58:6d:46:9c:c2:5f:25:c9:a2:4b:5a:d4: 0b:38:57:28:67:b6:c0:76:30:95:d4:e4:f3:6a:36: f6:da:7a:57:45:ef:5e:6a:7d:6e:3e:0c:6f:3a:c3: 06:b8:e3:c3:35:1f:c8:60:a4:95:e2:93:8b:22:6d: eb:39:fc:31:d2:c4:d2:17:c9:7f:4d:c9:ff:46:16: dc:05:d5:a6:d3:ef:fe:f6:2b:0c:e2:f6:3c:c3:34: 7d:6b:6d:b2:b1:c4:78:a6:85:27:5e:f2:27:ba:c5: 09:34:d6:1c:69:9e:ea:0c:24:2f:0d:38:97:d0:d1: 0b:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:18:3A:66:91:30:9A:79:D6:E6:60:5B:0D:5C:11:E3:FF:7E:91:94 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0774bb-3b0b-4f47-b151-19e708469cee/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0774bb-3b0b-4f47-b151-19e708469cee/1/yhg6ZpEwmnnW5mBbDVwR4_9-kZQ.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 130.192.0.0-130.192.95.255 130.192.160.0/21 130.192.176.0/20 130.192.224.0/20 Signature Algorithm: sha256WithRSAEncryption 63:ce:45:62:a0:2e:d6:42:52:6b:99:b0:a9:66:4f:2b:1e:66: a4:57:48:3d:ac:33:c3:9e:78:8b:c7:f2:61:93:a0:e5:6e:9b: 9f:b1:b4:6e:04:3e:6c:8d:76:bb:e2:00:31:fd:57:4d:71:d3: 1f:b5:1d:6e:0e:65:b2:6a:11:64:88:47:fc:ee:8d:8a:87:67: 43:33:16:62:75:74:72:cc:69:70:31:f4:f4:ca:61:bf:5d:f9: f1:04:ec:e8:ba:6d:e9:34:ab:d5:05:b8:5e:95:9e:7d:c6:0a: 96:54:c7:2d:d3:c8:07:30:b5:2b:d7:c0:ac:08:7f:fa:1a:11: 10:a2:d0:2f:4d:50:80:ef:25:b9:79:f3:28:75:36:27:33:e9: 94:d2:b9:ef:b5:a4:25:46:8e:98:6d:a6:38:85:93:54:23:75: 6f:8e:3b:ec:aa:7b:b1:dc:9c:1e:31:eb:6e:d8:1b:80:5e:03: 96:5d:1d:f2:96:7e:27:6d:a4:31:c5:29:05:fc:5f:d3:1d:f7: 8c:32:ea:bb:4e:16:b0:26:8d:7c:ae:1e:96:b6:e7:bb:21:65: bb:0d:d3:7c:99:8a:f1:c6:c8:26:0d:e7:69:30:0a:c8:a7:48: a6:7d:7f:67:02:e8:2c:80:2a:f4:1e:a8:91:48:48:0f:7a:65: e2:ae:38:3b -----BEGIN CERTIFICATE----- MIIFkTCCBHmgAwIBAgISAZt57H3Q1BL3aA1gYPQVK6XbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTQxODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYTE4M2E2NjkxMzA5YTc5ZDZlNjYwNWIwZDVjMTFlM2ZmN2U5MTk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyp/D0+RkkFcOB3hhepwEkwntaIv GW2VHKolD/YXnD/k604u63BuWZl5MOBUdlrbJM3K9WBBwq3pqA7GO+7DO7iQgMYe vQVKDk3SYg7SQ2ryNoV6shyc5iapwihCUiOJ1qDrZwJliRPl1R5wXE+SFWCKdc6K BfcGQ9giRhIzjqGq6VVu1xtB9b1YbUacwl8lyaJLWtQLOFcoZ7bAdjCV1OTzajb2 2npXRe9ean1uPgxvOsMGuOPDNR/IYKSV4pOLIm3rOfwx0sTSF8l/Tcn/RhbcBdWm 0+/+9isM4vY8wzR9a22yscR4poUnXvInusUJNNYcaZ7qDCQvDTiX0NEL5wIDAQAB o4ICnTCCApkwHQYDVR0OBBYEFMoYOmaRMJp51uZgWw1cEeP/fpGUMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJlLzA3NzRi Yi0zYjBiLTRmNDctYjE1MS0xOWU3MDg0NjljZWUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmUvMDc3NGJi LTNiMGItNGY0Ny1iMTUxLTE5ZTcwODQ2OWNlZS8xL3loZzZacEV3bW5uVzVtQmJE VndSNF85LWtaUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDgGCCsGAQUF BwEHAQH/BCkwJzAlBAIAATAfMAsDAwaCwAMEBYLAQAMEA4LAoAMEBILAsAMEBILA 4DANBgkqhkiG9w0BAQsFAAOCAQEAY85FYqAu1kJSa5mwqWZPKx5mpFdIPawzw554 i8fyYZOg5W6bn7G0bgQ+bI12u+IAMf1XTXHTH7Udbg5lsmoRZIhH/O6NiodnQzMW YnV0csxpcDH09Mphv1358QTs6Lpt6TSr1QW4XpWefcYKllTHLdPIBzC1K9fArAh/ +hoREKLQL01QgO8luXnzKHU2JzPplNK577WkJUaOmG2mOIWTVCN1b4477Kp7sdyc HjHrbtgbgF4Dll0d8pZ+J22kMcUpBfxf0x33jDLqu04WsCaNfK4elrbnuyFluw3T fJmK8cbIJg3naTAKyKdIpn1/ZwLoLIAq9B6okUhID3pl4q44Ow== -----END CERTIFICATE-----Generated at Mon Feb 9 19:52:00 2026 by rpki-client