This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3WQWapEXkwjyU6kXVhbMxoKMRGM.cer File: 3WQWapEXkwjyU6kXVhbMxoKMRGM.cer (raw, json) Hash identifier: g8buZfrfk5pEySnGjEep3Jndi962Pr1cFU/3W5L73G0= Subject key identifier: DD:64:16:6A:91:17:93:08:F2:53:A9:17:56:16:CC:C6:82:8C:44:63 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019ACA160CC318C92BBD4265A7B07C12C937 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/3WQWapEXkwjyU6kXVhbMxoKMRGM.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 28 Nov 2025 10:50:34 +0000 Certificate not after: Wed 01 Jul 2026 00:00:00 +0000 Subordinate resources: AS: 34250 AS: 197486 AS: 201767 AS: 202175 IP: 5.133.120.0/22 IP: 45.150.24.0/22 IP: 83.222.6.0/23 IP: 84.54.64.0/18 IP: 86.62.0.0/22 IP: 87.192.224.0/19 IP: 89.104.102.0/24 IP: 89.126.208.0/20 IP: 89.223.3.0/24 IP: 89.249.60.0/22 IP: 90.156.160.0/21 IP: 90.156.192.0/21 IP: 92.63.204.0/22 IP: 93.188.80.0/21 IP: 94.230.225.0 -- 94.230.226.255 IP: 94.230.228.0/22 IP: 94.230.233.0 -- 94.230.239.255 IP: 109.94.172.0/22 IP: 144.124.192.0/20 IP: 185.0.23.0/24 IP: 185.4.160.0/22 IP: 185.100.52.0/22 IP: 185.203.236.0/22 IP: 194.93.24.0/22 IP: 198.163.192.0/20 IP: 213.206.39.0 -- 213.206.42.255 IP: 213.206.44.0 -- 213.206.63.255 IP: 2001:7f8:110::/48 IP: 2a09:6700::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:ca:16:0c:c3:18:c9:2b:bd:42:65:a7:b0:7c:12:c9:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Nov 28 10:50:34 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=dd64166a91179308f253a9175616ccc6828c4463 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:86:52:2b:52:56:5d:a9:57:fc:72:e4:0b:db: b9:bb:14:e9:2e:97:68:16:5c:c6:bb:a7:9d:5c:9a: 84:6d:f3:bf:62:98:1f:5d:0f:e2:34:7b:ff:fc:e7: 90:66:2f:40:f2:6e:80:50:0e:aa:95:3b:f8:ba:dd: 3d:b2:64:cf:a8:5a:ae:31:e7:91:52:71:96:a2:77: 40:10:4a:cb:8c:f9:37:a7:aa:42:90:15:b2:54:17: 12:3f:97:02:60:a3:05:b0:cb:41:0b:4a:a0:57:9a: ad:10:6f:82:e1:bc:9f:ef:77:1a:f4:6c:a4:31:fb: 8c:ed:fc:ca:4b:73:22:03:e2:b9:16:ba:03:e9:29: 60:c8:84:85:97:16:e3:35:1c:2c:17:d1:c3:56:26: fd:a1:9f:bb:89:d1:69:4c:1c:04:64:43:db:c6:65: d2:93:63:cc:69:ca:50:ee:29:66:3e:e7:60:f4:aa: 6d:21:1c:94:1d:07:e1:28:67:9f:a9:86:02:77:9b: a8:c5:e9:61:66:0d:30:0a:dd:1a:98:52:d4:fb:e0: 1d:54:dc:b9:3f:01:ad:03:0e:01:69:17:b2:1f:03: 52:d6:14:43:3a:4d:8a:4a:d3:95:e8:ce:61:d3:c4: 08:c4:da:33:f1:43:96:a3:cc:7a:df:b4:c7:a5:3e: cb:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:64:16:6A:91:17:93:08:F2:53:A9:17:56:16:CC:C6:82:8C:44:63 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/3WQWapEXkwjyU6kXVhbMxoKMRGM.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.133.120.0/22 45.150.24.0/22 83.222.6.0/23 84.54.64.0/18 86.62.0.0/22 87.192.224.0/19 89.104.102.0/24 89.126.208.0/20 89.223.3.0/24 89.249.60.0/22 90.156.160.0/21 90.156.192.0/21 92.63.204.0/22 93.188.80.0/21 94.230.225.0-94.230.226.255 94.230.228.0/22 94.230.233.0-94.230.239.255 109.94.172.0/22 144.124.192.0/20 185.0.23.0/24 185.4.160.0/22 185.100.52.0/22 185.203.236.0/22 194.93.24.0/22 198.163.192.0/20 213.206.39.0-213.206.42.255 213.206.44.0-213.206.63.255 IPv6: 2001:7f8:110::/48 2a09:6700::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 34250 197486 201767 202175 Signature Algorithm: sha256WithRSAEncryption 2f:8d:d2:0d:61:18:ee:8c:b5:b2:ac:a8:86:ec:ae:c0:9e:43: 92:f0:43:11:79:5d:65:04:db:99:9c:d4:2f:d9:f2:bd:ec:fa: 39:cf:1f:17:5b:27:a1:ac:39:cc:a7:bf:c4:0c:eb:ec:40:4e: cb:88:6f:84:31:0b:eb:26:4a:d6:6e:d6:55:39:35:62:f4:23: 2a:20:4e:93:b4:54:37:66:60:78:db:9f:8a:0b:37:6b:2d:74: 74:91:d0:e2:91:27:b2:c0:85:bb:eb:cb:2c:4d:67:f5:ed:ed: 5d:bf:ad:5e:59:0f:19:56:70:15:84:fc:b7:c6:b1:98:5c:bb: 20:d8:b7:f9:f3:03:c3:b0:ab:ab:60:6c:87:a3:98:ae:ca:dc: 14:43:70:20:70:9f:64:c0:cf:35:cf:d4:92:7a:a1:73:76:85: 95:9e:1a:87:67:cf:68:55:b5:42:c9:2e:8b:d6:3f:a4:0b:ed: 6d:51:84:d2:0e:42:15:90:c8:ab:93:97:8b:76:74:7c:2f:32: 84:92:1e:cb:56:46:67:f1:dd:39:04:96:95:85:78:27:e7:2f: db:75:65:fb:d4:34:73:b4:86:9e:c7:c4:cd:8f:75:57:95:80: d0:00:bb:3b:8d:2c:49:00:eb:f8:af:44:4f:73:5d:1d:bd:cb: bc:21:9f:6d -----BEGIN CERTIFICATE----- MIIGfDCCBWSgAwIBAgISAZrKFgzDGMkrvUJlp7B8Esk3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjUxMTI4MTA1MDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZDY0MTY2YTkxMTc5MzA4ZjI1M2E5MTc1NjE2Y2NjNjgyOGM0NDYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYZSK1JWXalX/HLkC9u5uxTpLpdo FlzGu6edXJqEbfO/YpgfXQ/iNHv//OeQZi9A8m6AUA6qlTv4ut09smTPqFquMeeR UnGWondAEErLjPk3p6pCkBWyVBcSP5cCYKMFsMtBC0qgV5qtEG+C4byf73ca9Gyk MfuM7fzKS3MiA+K5FroD6SlgyISFlxbjNRwsF9HDVib9oZ+7idFpTBwEZEPbxmXS k2PMacpQ7ilmPudg9KptIRyUHQfhKGefqYYCd5uoxelhZg0wCt0amFLU++AdVNy5 PwGtAw4BaReyHwNS1hRDOk2KStOV6M5h08QIxNoz8UOWo8x637THpT7L+wIDAQAB o4IDiDCCA4QwHQYDVR0OBBYEFN1kFmqRF5MI8lOpF1YWzMaCjERjMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZkLzBhNDg5 Yi05ZDllLTRmNmEtODdjNy03NGRlMjU4YTc2ZjgvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQvMGE0ODli LTlkOWUtNGY2YS04N2M3LTc0ZGUyNThhNzZmOC8xLzNXUVdhcEVYa3dqeVU2a1hW aGJNeG9LTVJHTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIH3BggrBgEF BQcBBwEB/wSB5zCB5DCByQQCAAEwgcIDBAIFhXgDBAItlhgDBAFT3gYDBAZUNkAD BAJWPgADBAVXwOADBABZaGYDBARZftADBABZ3wMDBAJZ+TwDBANanKADBANanMAD BAJcP8wDBANdvFAwDAMEAF7m4QMEAF7m4gMEAl7m5DAMAwQAXubpAwQEXubgAwQC bV6sAwQEkHzAAwQAuQAXAwQCuQSgAwQCuWQ0AwQCucvsAwQCwl0YAwQExqPAMAwD BADVzicDBADVziowDAMEAtXOLAMEBtXOADAWBAIAAjAQAwcAIAEH+AEQAwUDKgln ADApBggrBgEFBQcBCAEB/wQaMBigFjAUAgMAhcoCAwMDbgIDAxQnAgMDFb8wDQYJ KoZIhvcNAQELBQADggEBAC+N0g1hGO6MtbKsqIbsrsCeQ5LwQxF5XWUE25mc1C/Z 8r3s+jnPHxdbJ6GsOcynv8QM6+xATsuIb4QxC+smStZu1lU5NWL0IyogTpO0VDdm YHjbn4oLN2stdHSR0OKRJ7LAhbvryyxNZ/Xt7V2/rV5ZDxlWcBWE/LfGsZhcuyDY t/nzA8Owq6tgbIejmK7K3BRDcCBwn2TAzzXP1JJ6oXN2hZWeGodnz2hVtULJLovW P6QL7W1RhNIOQhWQyKuTl4t2dHwvMoSSHstWRmfx3TkElpWFeCfnL9t1ZfvUNHO0 hp7HxM2PdVeVgNAAuzuNLEkA6/ivRE9zXR29y7whn20= -----END CERTIFICATE-----Generated at Sat Dec 6 07:09:28 2025 by rpki-client