This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/zhxb6lldiQ8hMHwbM2UZ-w7cCJw.cer File: zhxb6lldiQ8hMHwbM2UZ-w7cCJw.cer (raw, json) Hash identifier: 5GeW9JGSPn7/NGQQYFkEzzqXo8gIY0uHXF7M6qWsBMI= Subject key identifier: CE:1C:5B:EA:59:5D:89:0F:21:30:7C:1B:33:65:19:FB:0E:DC:08:9C Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7E38E366509527720C44FBEB0CD1FFF6 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b2/92256d-b875-4762-b743-05b15f5ee8c3/1/zhxb6lldiQ8hMHwbM2UZ-w7cCJw.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b2/92256d-b875-4762-b743-05b15f5ee8c3/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 10:20:16 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 49605 IP: 31.13.136.0/21 IP: 185.8.148.0/22 IP: 185.87.240.0/22 IP: 217.112.96.0/20 IP: 2a02:e50::/32 IP: 2a05:c6c0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:e3:66:50:95:27:72:0c:44:fb:eb:0c:d1:ff:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 10:20:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ce1c5bea595d890f21307c1b336519fb0edc089c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:c1:40:09:f3:7f:3d:b4:16:03:b8:78:80:94: 5c:d8:e0:40:9a:7f:94:29:c5:98:b0:11:77:61:97: 64:3b:8f:ea:f7:64:28:2b:13:85:82:f6:f2:76:39: 66:e0:0b:e0:42:71:f0:fc:95:6b:4a:a1:59:7c:3c: f7:2d:0d:22:67:c2:e4:26:89:9c:6e:c1:26:ce:b5: 1f:fd:8b:eb:7c:30:fd:99:11:35:8f:fd:f5:1b:9f: 3d:cd:f4:32:07:4e:ae:af:18:fb:6e:a4:f1:39:e4: 4c:76:0f:b9:41:3a:52:26:6a:a4:84:a0:03:d4:a3: 80:a4:1e:c1:9b:24:a5:8b:59:09:28:ca:8f:8b:10: 13:02:01:b5:4b:32:0d:6d:62:ec:c0:1c:64:31:9e: 28:ae:9b:da:cd:24:f8:5c:f0:b8:da:46:06:9e:cf: 30:bb:cf:7f:f6:10:b1:f5:54:ee:19:a5:c9:1c:dc: 48:5d:b0:ca:01:5c:cb:a8:09:f9:d4:1e:1c:45:a5: e5:50:fe:b0:7e:0c:e6:a7:61:48:55:1c:53:9f:f0: 8b:d1:f1:76:be:7d:43:ec:84:89:09:68:8d:de:df: 03:d8:dc:e1:7e:15:be:8a:81:6d:fb:d0:31:ec:61: 2c:45:8f:21:74:2a:b0:ee:34:0f:b8:66:56:cf:fe: c0:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:1C:5B:EA:59:5D:89:0F:21:30:7C:1B:33:65:19:FB:0E:DC:08:9C X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/92256d-b875-4762-b743-05b15f5ee8c3/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/92256d-b875-4762-b743-05b15f5ee8c3/1/zhxb6lldiQ8hMHwbM2UZ-w7cCJw.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.13.136.0/21 185.8.148.0/22 185.87.240.0/22 217.112.96.0/20 IPv6: 2a02:e50::/32 2a05:c6c0::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 49605 Signature Algorithm: sha256WithRSAEncryption 79:af:aa:7f:d7:57:45:b2:77:3e:55:59:9c:62:58:c7:96:09: 05:ba:e9:2f:be:3c:00:57:b1:b4:d1:71:11:86:51:a4:60:ca: 77:31:98:b5:8f:8c:6a:87:59:3c:ff:05:7c:7a:21:db:74:19: 6e:6e:08:ce:d5:65:fd:55:bf:42:d2:f3:85:4d:7e:9c:73:7e: 6c:a7:93:e9:3f:59:a7:6f:46:49:34:53:e3:f7:76:26:cc:2f: 59:86:ad:ff:0f:96:62:98:18:dd:4e:41:42:62:a6:24:a0:ab: 74:c1:6a:b0:63:2b:54:a2:c2:34:53:12:cc:69:34:41:30:c8: 59:ab:99:2a:b4:21:5a:3b:21:04:41:93:80:06:ae:4f:85:5f: 18:4f:7a:74:e7:4e:c2:40:23:82:c1:17:b6:e6:1b:2b:43:06: dd:a7:68:ce:51:f7:da:42:79:76:f4:3d:f6:c0:a7:be:6f:13: 8f:f3:cf:a5:b7:60:10:c6:ca:65:16:64:2e:90:6d:ae:9f:fb: 3e:f0:10:c2:8a:88:13:7a:9c:66:df:17:52:8c:35:45:62:02: 28:f1:56:7e:34:f3:82:cf:7d:0c:29:7b:89:aa:16:f8:7f:7e: cc:75:2a:f2:0f:56:bd:24:0f:a7:75:fc:1b:14:4c:b0:65:48: 6c:47:9b:d0 -----BEGIN CERTIFICATE----- MIIFvDCCBKSgAwIBAgISAZt+OONmUJUncgxE++sM0f/2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTAyMDE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZTFjNWJlYTU5NWQ4OTBmMjEzMDdjMWIzMzY1MTlmYjBlZGMwODljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8FACfN/PbQWA7h4gJRc2OBAmn+U KcWYsBF3YZdkO4/q92QoKxOFgvbydjlm4AvgQnHw/JVrSqFZfDz3LQ0iZ8LkJomc bsEmzrUf/YvrfDD9mRE1j/31G589zfQyB06urxj7bqTxOeRMdg+5QTpSJmqkhKAD 1KOApB7BmySli1kJKMqPixATAgG1SzINbWLswBxkMZ4orpvazST4XPC42kYGns8w u89/9hCx9VTuGaXJHNxIXbDKAVzLqAn51B4cRaXlUP6wfgzmp2FIVRxTn/CL0fF2 vn1D7ISJCWiN3t8D2NzhfhW+ioFt+9Ax7GEsRY8hdCqw7jQPuGZWz/7ASQIDAQAB o4ICyDCCAsQwHQYDVR0OBBYEFM4cW+pZXYkPITB8GzNlGfsO3AicMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IyLzkyMjU2 ZC1iODc1LTQ3NjItYjc0My0wNWIxNWY1ZWU4YzMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIvOTIyNTZk LWI4NzUtNDc2Mi1iNzQzLTA1YjE1ZjVlZThjMy8xL3poeGI2bGxkaVE4aE1Id2JN MlVaLXc3Y0NKdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEcGCCsGAQUF BwEHAQH/BDgwNjAeBAIAATAYAwQDHw2IAwQCuQiUAwQCuVfwAwQE2XBgMBQEAgAC MA4DBQAqAg5QAwUDKgXGwDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMAwcUwDQYJ KoZIhvcNAQELBQADggEBAHmvqn/XV0Wydz5VWZxiWMeWCQW66S++PABXsbTRcRGG UaRgyncxmLWPjGqHWTz/BXx6Idt0GW5uCM7VZf1Vv0LS84VNfpxzfmynk+k/Wadv Rkk0U+P3dibML1mGrf8PlmKYGN1OQUJipiSgq3TBarBjK1SiwjRTEsxpNEEwyFmr mSq0IVo7IQRBk4AGrk+FXxhPenTnTsJAI4LBF7bmGytDBt2naM5R99pCeXb0PfbA p75vE4/zz6W3YBDGymUWZC6Qba6f+z7wEMKKiBN6nGbfF1KMNUViAijxVn4084LP fQwpe4mqFvh/fsx1KvIPVr0kD6d1/BsUTLBlSGxHm9A= -----END CERTIFICATE-----Generated at Mon Feb 9 19:56:19 2026 by rpki-client