This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1mc4qNrawtDTrt25NPggBmufX-s.cer File: 1mc4qNrawtDTrt25NPggBmufX-s.cer (raw, json) Hash identifier: gMgBK3mfvKVBDKELs8nP+I1+9pdAgwHfFqKMSVnVt34= Subject key identifier: D6:67:38:A8:DA:DA:C2:D0:D3:AE:DD:B9:34:F8:20:06:6B:9F:5F:EB Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7BA4EE05FAD7BCA5A4875BA64A844A7E Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/fb/c57727-9396-4bf8-b25d-6a1e0ec71da8/1/1mc4qNrawtDTrt25NPggBmufX-s.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/fb/c57727-9396-4bf8-b25d-6a1e0ec71da8/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 22:19:25 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 20771 AS: 28751 IP: 37.233.128.0/17 IP: 78.139.128.0/18 IP: 80.241.176.0/20 IP: 80.241.244.0/22 IP: 80.241.252.0/24 IP: 85.117.32.0/19 IP: 88.210.192.0/18 IP: 89.232.0.0/19 IP: 134.90.0.0/17 IP: 176.73.0.0/16 IP: 185.19.96.0/22 IP: 212.72.130.0/24 IP: 212.72.155.0/24 IP: 2a02:23f0::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a4:ee:05:fa:d7:bc:a5:a4:87:5b:a6:4a:84:4a:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 22:19:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d66738a8dadac2d0d3aeddb934f820066b9f5feb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:6a:6a:67:f7:8d:5d:78:25:68:5a:70:a2:94: 96:0f:c2:85:f1:70:f9:4a:29:37:ce:d9:d9:67:2b: 1e:9e:35:53:9f:82:f7:21:cf:2e:e6:3d:c3:74:3b: c9:ba:6f:37:0b:d3:a5:3b:50:dd:29:0d:40:e1:c4: 4e:07:51:24:6f:06:35:19:fa:26:e4:66:ed:c5:18: a6:f0:73:ba:09:12:e7:fc:56:08:74:68:4d:51:a3: e5:7d:36:bd:99:03:84:3d:9c:be:98:67:f1:8b:73: 7b:c0:8e:8b:63:7f:71:09:78:5d:d6:2f:37:a7:b5: e7:1a:8b:eb:00:9e:00:58:de:dc:23:f9:2c:12:3a: 37:5c:c8:06:9e:3c:d8:ed:1d:06:90:6a:4d:af:9a: 36:6c:e9:06:80:4e:0d:5d:07:c2:57:74:aa:c0:b9: bf:21:3e:14:40:25:29:c9:ba:30:92:22:cc:47:93: d6:25:1c:43:43:c9:17:3b:be:dc:e2:e9:fa:86:c6: 2c:06:ce:ee:ad:7f:da:86:5c:37:b6:3e:d4:07:62: 47:37:84:4c:12:09:d4:0d:cd:18:a8:0d:10:60:8d: 9a:ea:43:59:fe:4b:c9:70:36:31:a4:ad:02:7e:a2: f9:a2:31:e3:14:99:10:35:96:f2:20:be:9b:e4:97: 52:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:67:38:A8:DA:DA:C2:D0:D3:AE:DD:B9:34:F8:20:06:6B:9F:5F:EB X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c57727-9396-4bf8-b25d-6a1e0ec71da8/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c57727-9396-4bf8-b25d-6a1e0ec71da8/1/1mc4qNrawtDTrt25NPggBmufX-s.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.233.128.0/17 78.139.128.0/18 80.241.176.0/20 80.241.244.0/22 80.241.252.0/24 85.117.32.0/19 88.210.192.0/18 89.232.0.0/19 134.90.0.0/17 176.73.0.0/16 185.19.96.0/22 212.72.130.0/24 212.72.155.0/24 IPv6: 2a02:23f0::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 20771 28751 Signature Algorithm: sha256WithRSAEncryption 53:b0:ef:22:6a:92:fe:85:85:50:ca:c2:88:e5:88:1a:9e:fd: 14:33:9e:1d:bc:66:17:f8:a1:f4:ba:06:9e:c4:b2:de:70:a1: a9:9c:ff:c3:b8:2a:e3:df:74:15:f4:24:3f:d0:66:e5:a4:c6: 8f:64:40:8a:29:27:bc:81:f6:2a:e9:f3:21:08:4a:11:de:86: 58:c0:25:36:c8:bf:49:03:ce:e6:a4:4f:24:95:d4:ef:54:2b: c1:46:c9:d4:72:cf:6a:b7:03:ad:56:14:e6:3c:b2:75:1f:27: 97:90:3f:d4:20:ac:6c:ee:4a:2f:82:66:e8:f2:df:40:65:39: 18:07:3a:1f:55:f1:f3:d5:40:10:94:5b:5a:b8:bd:ca:9d:06: ea:ad:b0:d6:62:d5:d3:60:40:40:f1:4c:f3:32:57:02:7c:7a: 72:3a:08:70:17:aa:11:56:d4:18:a3:42:f5:52:28:ae:f8:3a: ed:e3:fc:3a:95:46:b7:42:57:af:db:93:19:c7:f6:84:c0:09: a4:7d:dc:e8:85:c6:fd:91:90:30:ae:3c:d4:df:3a:c6:85:ba: 66:c3:14:78:69:12:d5:3e:bc:8d:64:4d:bd:71:7d:4e:28:a5: 2a:8e:3a:ee:2e:80:1a:36:3c:2f:b7:40:27:33:22:76:36:aa: 36:28:93:b6 -----BEGIN CERTIFICATE----- MIIF7TCCBNWgAwIBAgISAZt7pO4F+te8paSHW6ZKhEp+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjIxOTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNjY3MzhhOGRhZGFjMmQwZDNhZWRkYjkzNGY4MjAwNjZiOWY1ZmViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWpqZ/eNXXglaFpwopSWD8KF8XD5 Sik3ztnZZysenjVTn4L3Ic8u5j3DdDvJum83C9OlO1DdKQ1A4cROB1EkbwY1Gfom 5GbtxRim8HO6CRLn/FYIdGhNUaPlfTa9mQOEPZy+mGfxi3N7wI6LY39xCXhd1i83 p7XnGovrAJ4AWN7cI/ksEjo3XMgGnjzY7R0GkGpNr5o2bOkGgE4NXQfCV3SqwLm/ IT4UQCUpybowkiLMR5PWJRxDQ8kXO77c4un6hsYsBs7urX/ahlw3tj7UB2JHN4RM EgnUDc0YqA0QYI2a6kNZ/kvJcDYxpK0CfqL5ojHjFJkQNZbyIL6b5JdS9QIDAQAB o4IC+TCCAvUwHQYDVR0OBBYEFNZnOKja2sLQ067duTT4IAZrn1/rMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZiL2M1Nzcy Ny05Mzk2LTRiZjgtYjI1ZC02YTFlMGVjNzFkYTgvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIvYzU3NzI3 LTkzOTYtNGJmOC1iMjVkLTZhMWUwZWM3MWRhOC8xLzFtYzRxTnJhd3REVHJ0MjVO UGdnQm11Zlgtcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHUGCCsGAQUF BwEHAQH/BGYwZDBTBAIAATBNAwQHJemAAwQGTouAAwQEUPGwAwQCUPH0AwQAUPH8 AwQFVXUgAwQGWNLAAwQFWegAAwQHhloAAwMAsEkDBAK5E2ADBADUSIIDBADUSJsw DQQCAAIwBwMFACoCI/AwHQYIKwYBBQUHAQgBAf8EDjAMoAowCAICUSMCAnBPMA0G CSqGSIb3DQEBCwUAA4IBAQBTsO8iapL+hYVQysKI5Yganv0UM54dvGYX+KH0ugae xLLecKGpnP/DuCrj33QV9CQ/0GblpMaPZECKKSe8gfYq6fMhCEoR3oZYwCU2yL9J A87mpE8kldTvVCvBRsnUcs9qtwOtVhTmPLJ1HyeXkD/UIKxs7kovgmbo8t9AZTkY BzofVfHz1UAQlFtauL3KnQbqrbDWYtXTYEBA8UzzMlcCfHpyOghwF6oRVtQYo0L1 Uiiu+Drt4/w6lUa3Qlev25MZx/aEwAmkfdzohcb9kZAwrjzU3zrGhbpmwxR4aRLV PryNZE29cX1OKKUqjjruLoAaNjwvt0AnMyJ2Nqo2KJO2 -----END CERTIFICATE-----Generated at Sun Jan 25 23:54:07 2026 by rpki-client