This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yri42pzNTSYbcq2gNKCHVmWmRIc.cer File: yri42pzNTSYbcq2gNKCHVmWmRIc.cer (raw, json) Hash identifier: 2OmL9e/od1ozK3DwJYfWgTrJ5+AShG+H7od4iZ5mjD4= Subject key identifier: CA:B8:B8:DA:9C:CD:4D:26:1B:72:AD:A0:34:A0:87:56:65:A6:44:87 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7910CCC8B19D41680FD609F89EAD8ADF Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9c/db41c9-e8a0-4f90-a0d5-887509c4602a/1/yri42pzNTSYbcq2gNKCHVmWmRIc.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9c/db41c9-e8a0-4f90-a0d5-887509c4602a/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 10:18:22 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 209492 IP: 81.172.60.0/22 IP: 171.22.84.0/22 IP: 2a09:3c40::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:cc:c8:b1:9d:41:68:0f:d6:09:f8:9e:ad:8a:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 10:18:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cab8b8da9ccd4d261b72ada034a0875665a64487 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:34:d1:5d:5b:89:25:30:4b:1f:28:e6:cc:56: f1:c0:6d:29:8a:ea:d6:ac:d7:64:63:f8:f1:0a:1a: 20:9b:8d:72:8a:4b:6e:83:ce:2d:56:fa:41:90:2b: 44:50:70:5a:7a:8d:20:79:b4:e9:83:40:73:28:eb: f8:69:f1:b6:d7:4d:b8:69:49:42:5c:d5:69:bc:0b: 14:9c:ae:a8:ab:d4:ae:bc:48:d3:04:e5:f9:ce:75: b7:4a:ba:e1:d0:a6:9e:3c:b1:cb:91:2e:e8:86:69: d2:ab:4e:e7:59:93:23:33:22:50:d0:5f:75:b8:38: 65:f7:c4:82:6b:d7:4d:0e:7d:fe:b5:b0:a9:8d:87: 39:19:b9:9e:95:c7:50:2b:a1:ae:33:8d:c9:f1:2c: 9d:5c:f4:31:17:d9:2e:14:96:05:79:7f:12:23:27: 96:18:c0:68:2f:7d:49:0a:d6:63:cd:69:a0:8a:aa: 79:fd:bb:46:11:25:74:7b:a9:cd:16:24:a8:d1:17: 66:28:81:5f:24:28:77:32:db:53:28:d6:e7:27:22: 95:24:78:6a:56:40:4f:7e:ee:ed:aa:d9:16:ca:ec: c5:8d:58:69:c3:19:b6:de:28:fc:6b:34:bf:d1:aa: 93:89:ed:a0:47:2a:c2:8d:1f:7d:cd:cc:2b:1a:3e: ae:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:B8:B8:DA:9C:CD:4D:26:1B:72:AD:A0:34:A0:87:56:65:A6:44:87 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/db41c9-e8a0-4f90-a0d5-887509c4602a/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/db41c9-e8a0-4f90-a0d5-887509c4602a/1/yri42pzNTSYbcq2gNKCHVmWmRIc.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.172.60.0/22 171.22.84.0/22 IPv6: 2a09:3c40::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 209492 Signature Algorithm: sha256WithRSAEncryption ae:c9:e9:57:f8:9d:a8:c7:82:fb:f7:ef:f7:43:ef:4c:b6:ee: 74:b0:07:80:9b:3c:2f:71:5c:c0:46:ce:c1:7d:25:13:29:3a: 02:6b:79:70:29:f0:49:ad:bd:3b:2c:a0:f8:c0:02:d8:2d:6a: 67:15:3d:6e:99:38:0e:54:b6:e3:bf:e6:b1:d4:50:93:3d:f5: 55:38:5d:47:7c:00:ee:ae:ed:1d:05:54:e6:f7:c0:a5:5d:e5: 10:07:f4:8e:c5:cc:36:3a:e2:8b:97:c6:97:68:aa:dd:e6:f0: e2:9a:5b:8f:36:56:04:27:ea:f7:44:c6:0c:48:4f:b4:78:b2: e7:8f:83:12:3d:6c:ca:45:5d:c1:c8:02:29:c8:c7:68:6c:8a: 20:c9:0f:f9:d9:04:75:23:68:9f:0b:b6:fe:00:82:46:ff:73: 69:81:3d:17:01:30:9b:78:76:ad:04:37:a8:06:60:e4:d6:01: db:fd:4b:ea:9c:9d:fd:b9:06:f8:15:ea:00:01:fe:39:ad:cf: dd:f7:cd:ab:d5:6f:cc:d6:f5:c0:9d:e7:d7:14:49:0e:08:69: 30:87:54:d6:79:8b:47:dd:ec:cb:02:fa:28:95:6c:bf:82:49: 74:ef:f3:14:e2:15:68:50:5f:b0:d8:c5:81:3b:fa:76:1f:80: bb:a6:37:fe -----BEGIN CERTIFICATE----- MIIFqTCCBJGgAwIBAgISAZt5EMzIsZ1BaA/WCfierYrfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTAxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYWI4YjhkYTljY2Q0ZDI2MWI3MmFkYTAzNGEwODc1NjY1YTY0NDg3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DTRXVuJJTBLHyjmzFbxwG0piurW rNdkY/jxChogm41yiktug84tVvpBkCtEUHBaeo0gebTpg0BzKOv4afG21024aUlC XNVpvAsUnK6oq9SuvEjTBOX5znW3Srrh0KaePLHLkS7ohmnSq07nWZMjMyJQ0F91 uDhl98SCa9dNDn3+tbCpjYc5GbmelcdQK6GuM43J8SydXPQxF9kuFJYFeX8SIyeW GMBoL31JCtZjzWmgiqp5/btGESV0e6nNFiSo0RdmKIFfJCh3MttTKNbnJyKVJHhq VkBPfu7tqtkWyuzFjVhpwxm23ij8azS/0aqTie2gRyrCjR99zcwrGj6ugwIDAQAB o4ICtTCCArEwHQYDVR0OBBYEFMq4uNqczU0mG3KtoDSgh1ZlpkSHMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzljL2RiNDFj OS1lOGEwLTRmOTAtYTBkNS04ODc1MDljNDYwMmEvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMvZGI0MWM5 LWU4YTAtNGY5MC1hMGQ1LTg4NzUwOWM0NjAyYS8xL3lyaTQycHpOVFNZYmNxMmdO S0NIVm1XbVJJYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF BwEHAQH/BCUwIzASBAIAATAMAwQCUaw8AwQCqxZUMA0EAgACMAcDBQMqCTxAMBoG CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMyVDANBgkqhkiG9w0BAQsFAAOCAQEArsnp V/idqMeC+/fv90PvTLbudLAHgJs8L3FcwEbOwX0lEyk6Amt5cCnwSa29Oyyg+MAC 2C1qZxU9bpk4DlS247/msdRQkz31VThdR3wA7q7tHQVU5vfApV3lEAf0jsXMNjri i5fGl2iq3ebw4ppbjzZWBCfq90TGDEhPtHiy54+DEj1sykVdwcgCKcjHaGyKIMkP +dkEdSNonwu2/gCCRv9zaYE9FwEwm3h2rQQ3qAZg5NYB2/1L6pyd/bkG+BXqAAH+ Oa3P3ffNq9VvzNb1wJ3n1xRJDghpMIdU1nmLR93sywL6KJVsv4JJdO/zFOIVaFBf sNjFgTv6dh+Au6Y3/g== -----END CERTIFICATE-----Generated at Mon Feb 9 18:28:28 2026 by rpki-client