This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer File: zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer (raw, json) Hash identifier: VHH5OjdxJked2jw6HxouGlkiXD/PlawY7YyubaybTv4= Subject key identifier: CD:DD:90:2A:12:71:27:00:27:E4:57:77:78:EA:35:88:3B:45:15:F6 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B76EAF36E2D754A90672CA358B667A081 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 00:17:47 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 42425 AS: 48577 IP: 2.59.4.0/22 IP: 94.125.232.0/21 IP: 178.255.184.0/21 IP: 185.28.80.0/22 IP: 2a00:1088::/32 IP: 2a09:ecc0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:10:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:f3:6e:2d:75:4a:90:67:2c:a3:58:b6:67:a0:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 00:17:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cddd902a1271270027e4577778ea35883b4515f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:02:a2:60:72:5f:b6:37:29:f6:a7:dc:7c:e1: e4:cf:44:36:df:37:38:6b:a4:20:d0:82:26:63:94: 2a:63:cb:e2:44:d5:e5:9d:3f:f9:83:b1:3b:58:6a: 5a:6f:4f:b5:68:90:30:7f:12:8f:e8:13:39:90:2f: a6:52:7d:53:30:00:52:e8:49:6e:f2:43:98:c7:64: 02:d8:11:b7:e0:35:0c:aa:fe:31:f1:c0:1d:ba:9c: 83:02:9d:12:cf:19:79:97:8d:7b:37:6d:9d:2c:31: 73:e5:ea:53:fe:5a:d6:ad:76:c6:6d:83:44:e1:18: b3:4e:30:03:96:96:8c:78:85:37:f8:8b:f9:7a:c8: d4:8b:fa:98:4c:61:5d:5f:88:f3:8a:9b:0d:4b:7f: 45:08:50:52:f9:b6:82:ac:bc:84:12:92:28:60:45: ff:5f:9f:50:da:ee:54:36:4f:e5:f5:0c:6d:fa:04: 10:bd:c7:bf:e9:80:08:89:09:48:cd:81:a5:9b:25: 20:bc:83:6c:2b:85:d3:d5:0e:c9:b1:16:04:a0:0e: fc:03:74:0b:20:fe:17:71:95:88:7e:b3:1d:99:21: 22:ca:e9:eb:74:5b:ec:13:5e:ad:56:7f:f1:7d:98: 07:61:7b:cc:dc:da:b6:29:58:bb:fb:7c:99:fa:02: e7:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:DD:90:2A:12:71:27:00:27:E4:57:77:78:EA:35:88:3B:45:15:F6 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.59.4.0/22 94.125.232.0/21 178.255.184.0/21 185.28.80.0/22 IPv6: 2a00:1088::/32 2a09:ecc0::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 42425 48577 Signature Algorithm: sha256WithRSAEncryption 08:6e:36:b1:7f:bb:be:13:fc:75:23:2f:e5:e3:25:2d:b4:be: 5d:fb:b1:ca:c7:be:43:5c:f3:d8:53:08:24:c9:45:02:0c:ff: 07:15:b2:64:21:69:86:b9:de:fb:c7:c0:b3:5e:b5:0c:1f:03: 5f:98:1d:41:67:10:b4:58:f5:0c:94:0e:3f:4e:8a:5e:30:e2: 5b:fb:5d:3b:2c:f9:cc:9d:2f:94:94:e4:23:f1:25:3d:67:5d: 24:62:c7:26:f2:e6:fd:8d:09:48:a3:4f:14:bb:ee:67:61:d5: af:34:b6:b7:50:72:d0:96:76:a9:ab:3a:e7:86:7a:b9:47:4b: d3:e3:e3:92:62:9a:61:d5:8f:75:3d:cb:b6:f9:08:1f:e1:82: 14:f1:c5:3e:9e:19:1e:20:a4:17:2d:1c:d8:cf:54:fb:ab:94: c7:7e:76:67:61:bf:c6:7c:a6:4e:8a:8d:81:d8:59:6a:de:f0: f9:0a:1e:26:07:9d:a3:49:9d:0d:62:22:1b:c5:15:02:a2:aa: c8:70:8e:39:24:26:63:55:8d:a4:35:78:a0:f0:b6:28:d2:3b: ce:cf:5d:df:44:df:f3:3e:86:b8:e4:e0:4f:8d:2e:ef:79:22: 96:32:62:aa:85:35:b5:4f:48:23:23:30:b7:3e:9c:09:b8:bd: da:a9:bf:64 -----BEGIN CERTIFICATE----- MIIFwTCCBKmgAwIBAgISAZt26vNuLXVKkGcso1i2Z6CBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDAxNzQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZGRkOTAyYTEyNzEyNzAwMjdlNDU3Nzc3OGVhMzU4ODNiNDUxNWY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAKiYHJftjcp9qfcfOHkz0Q23zc4 a6Qg0IImY5QqY8viRNXlnT/5g7E7WGpab0+1aJAwfxKP6BM5kC+mUn1TMABS6Elu 8kOYx2QC2BG34DUMqv4x8cAdupyDAp0Szxl5l417N22dLDFz5epT/lrWrXbGbYNE 4RizTjADlpaMeIU3+Iv5esjUi/qYTGFdX4jzipsNS39FCFBS+baCrLyEEpIoYEX/ X59Q2u5UNk/l9Qxt+gQQvce/6YAIiQlIzYGlmyUgvINsK4XT1Q7JsRYEoA78A3QL IP4XcZWIfrMdmSEiyunrdFvsE16tVn/xfZgHYXvM3Nq2KVi7+3yZ+gLnJwIDAQAB o4ICzTCCAskwHQYDVR0OBBYEFM3dkCoScScAJ+RXd3jqNYg7RRX2MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQxLzdhMWVi NC0yOTBhLTQ2ODYtOGJiYS1kYzc1NDIxMzg5NTIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEvN2ExZWI0 LTI5MGEtNDY4Ni04YmJhLWRjNzU0MjEzODk1Mi8xL3pkMlFLaEp4SndBbjVGZDNl T28xaUR0RkZmWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEcGCCsGAQUF BwEHAQH/BDgwNjAeBAIAATAYAwQCAjsEAwQDXn3oAwQDsv+4AwQCuRxQMBQEAgAC MA4DBQAqABCIAwUDKgnswDAfBggrBgEFBQcBCAEB/wQQMA6gDDAKAgMApbkCAwC9 wTANBgkqhkiG9w0BAQsFAAOCAQEACG42sX+7vhP8dSMv5eMlLbS+Xfuxyse+Q1zz 2FMIJMlFAgz/BxWyZCFphrne+8fAs161DB8DX5gdQWcQtFj1DJQOP06KXjDiW/td Oyz5zJ0vlJTkI/ElPWddJGLHJvLm/Y0JSKNPFLvuZ2HVrzS2t1By0JZ2qas654Z6 uUdL0+PjkmKaYdWPdT3LtvkIH+GCFPHFPp4ZHiCkFy0c2M9U+6uUx352Z2G/xnym ToqNgdhZat7w+QoeJgedo0mdDWIiG8UVAqKqyHCOOSQmY1WNpDV4oPC2KNI7zs9d 30Tf8z6GuOTgT40u73kiljJiqoU1tU9IIyMwtz6cCbi92qm/ZA== -----END CERTIFICATE-----Generated at Mon Feb 9 16:51:49 2026 by rpki-client