This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5LqR1iZQTMvGTYl0C2PLLrQjT3A.cer File: 5LqR1iZQTMvGTYl0C2PLLrQjT3A.cer (raw, json) Hash identifier: ZvfoA3u88cS5lTp+25I2y07JLNr4ClswqqwBIrbM5BQ= Subject key identifier: E4:BA:91:D6:26:50:4C:CB:C6:4D:89:74:0B:63:CB:2E:B4:23:4F:70 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B797F39509FD895E11E0FA69D58AB7443 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2c/887e94-eb97-4109-9da8-cbf18d2d66c3/1/5LqR1iZQTMvGTYl0C2PLLrQjT3A.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2c/887e94-eb97-4109-9da8-cbf18d2d66c3/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 12:18:59 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 138.248.0.0/20 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:39:50:9f:d8:95:e1:1e:0f:a6:9d:58:ab:74:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 12:18:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e4ba91d626504ccbc64d89740b63cb2eb4234f70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:79:e2:00:53:ce:d8:b8:5e:20:26:da:0b:f9: 7a:86:3f:ee:19:07:7c:3f:0a:36:4a:fb:12:1f:21: c7:6e:53:88:04:f8:c8:24:b7:27:14:1c:b8:c1:4f: 49:4c:26:05:8d:16:b8:39:bf:a9:9a:c9:d0:de:9f: 32:c7:c9:c1:0f:cc:ce:e5:1e:22:62:ed:19:9e:91: c6:db:6a:54:56:de:df:c3:5b:75:b1:8a:b5:c8:91: 2a:f4:b3:5f:16:50:0c:a1:54:ce:ca:01:65:08:9d: a5:89:5c:f5:df:c0:84:89:e7:25:4d:e9:29:7a:7a: 14:dd:8d:8e:65:32:f4:11:e2:af:3d:b4:8d:97:90: 08:29:0c:75:61:62:47:9d:c2:90:a2:70:23:2a:b2: b4:e7:ba:7b:6c:53:0a:e2:f7:f4:5c:2e:7e:5d:d4: 3e:9d:06:d0:49:0a:1f:15:34:e8:49:96:9d:a8:c5: 11:11:ae:e8:84:a3:25:64:7c:1d:11:18:0b:5a:ff: 98:e9:f6:0a:84:ff:ba:b9:64:c2:dd:a6:b7:8d:29: fa:4b:80:48:01:0c:ce:44:9f:77:9c:e5:ce:d0:e2: a3:ac:ef:21:d9:6e:86:c8:ed:30:71:e7:b2:14:9c: ac:9c:47:6f:e1:88:f8:9f:12:b6:b3:1e:17:ad:22: 0e:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:BA:91:D6:26:50:4C:CB:C6:4D:89:74:0B:63:CB:2E:B4:23:4F:70 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/887e94-eb97-4109-9da8-cbf18d2d66c3/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/887e94-eb97-4109-9da8-cbf18d2d66c3/1/5LqR1iZQTMvGTYl0C2PLLrQjT3A.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.248.0.0/20 Signature Algorithm: sha256WithRSAEncryption 62:f3:6c:e5:a1:56:3a:2a:3e:7c:bd:53:d8:c5:e8:46:54:87: 99:3d:0a:19:85:36:62:9e:da:5e:15:cb:18:cc:05:20:27:bb: 2f:02:f7:91:ce:6d:e9:1f:32:7d:65:b4:fb:65:6f:02:04:e7: 9c:d0:a5:dc:9d:8c:6f:ed:de:72:42:e1:c5:f2:ea:b1:37:2f: 10:9a:67:01:b8:61:12:53:19:73:b0:d7:48:a9:60:2c:62:5f: 3a:74:ca:e4:69:05:bb:88:6a:db:0d:1d:7e:ba:39:5c:b2:e4: f6:ac:30:d6:cf:0e:14:db:84:2b:86:ed:f7:b2:43:14:49:38: 60:91:fa:b1:9f:69:8c:2c:e1:74:de:81:44:18:96:f0:78:79: 98:a6:58:16:6f:8c:d0:1e:a5:ed:c9:29:3d:e8:4c:25:18:6e: 49:a1:4a:04:48:6a:70:c3:22:f2:59:40:1e:41:e9:37:b5:1b: 91:a4:96:a9:93:e4:36:66:67:3f:ac:64:a5:cf:0c:cb:f5:75: 9b:85:e7:81:4e:47:0a:66:63:c6:48:b7:6e:a3:99:40:3e:51: 39:38:cd:4f:0f:f9:89:68:7b:cf:5c:18:0b:08:ef:1e:92:fc: f1:e6:fe:ee:89:d7:e2:0d:86:1f:a2:7b:3a:0a:8c:6f:23:b9: 20:01:44:2a -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgISAZt5fzlQn9iV4R4Ppp1Yq3RDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTIxODU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlNGJhOTFkNjI2NTA0Y2NiYzY0ZDg5NzQwYjYzY2IyZWI0MjM0ZjcwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnniAFPO2LheICbaC/l6hj/uGQd8 Pwo2SvsSHyHHblOIBPjIJLcnFBy4wU9JTCYFjRa4Ob+pmsnQ3p8yx8nBD8zO5R4i Yu0ZnpHG22pUVt7fw1t1sYq1yJEq9LNfFlAMoVTOygFlCJ2liVz138CEieclTekp enoU3Y2OZTL0EeKvPbSNl5AIKQx1YWJHncKQonAjKrK057p7bFMK4vf0XC5+XdQ+ nQbQSQofFTToSZadqMUREa7ohKMlZHwdERgLWv+Y6fYKhP+6uWTC3aa3jSn6S4BI AQzORJ93nOXO0OKjrO8h2W6GyO0wceeyFJysnEdv4Yj4nxK2sx4XrSIOswIDAQAB o4IChDCCAoAwHQYDVR0OBBYEFOS6kdYmUEzLxk2JdAtjyy60I09wMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJjLzg4N2U5 NC1lYjk3LTQxMDktOWRhOC1jYmYxOGQyZDY2YzMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMvODg3ZTk0 LWViOTctNDEwOS05ZGE4LWNiZjE4ZDJkNjZjMy8xLzVMcVIxaVpRVE12R1RZbDBD MlBMTHJRalQzQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQEivgAMA0GCSqGSIb3DQEBCwUAA4IBAQBi82zl oVY6Kj58vVPYxehGVIeZPQoZhTZintpeFcsYzAUgJ7svAveRzm3pHzJ9ZbT7ZW8C BOec0KXcnYxv7d5yQuHF8uqxNy8QmmcBuGESUxlzsNdIqWAsYl86dMrkaQW7iGrb DR1+ujlcsuT2rDDWzw4U24Qrhu33skMUSThgkfqxn2mMLOF03oFEGJbweHmYplgW b4zQHqXtySk96EwlGG5JoUoESGpwwyLyWUAeQek3tRuRpJapk+Q2Zmc/rGSlzwzL 9XWbheeBTkcKZmPGSLduo5lAPlE5OM1PD/mJaHvPXBgLCO8ekvzx5v7uidfiDYYf ons6CoxvI7kgAUQq -----END CERTIFICATE-----Generated at Mon Jan 26 03:30:24 2026 by rpki-client