This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5cfDmlkS3cIen2tRmJZyV2ISeDM.cer File: 5cfDmlkS3cIen2tRmJZyV2ISeDM.cer (raw, json) Hash identifier: dpWjZ9cacuSXAZKB+s7IukBvwyHtuevb1xwJRZGTfrY= Subject key identifier: E5:C7:C3:9A:59:12:DD:C2:1E:9F:6B:51:98:96:72:57:62:12:78:33 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019ACAF1BFE6A93888A9A7AB4119BF107DA8 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 28 Nov 2025 14:50:32 +0000 Certificate not after: Wed 01 Jul 2026 00:00:00 +0000 Subordinate resources: AS: 60765 AS: 196640 IP: 185.25.168.0/22 IP: 185.162.152.0/22 IP: 188.65.184.0/21 IP: 195.72.36.0/22 IP: 2a00:5280::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:ca:f1:bf:e6:a9:38:88:a9:a7:ab:41:19:bf:10:7d:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Nov 28 14:50:32 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=e5c7c39a5912ddc21e9f6b519896725762127833 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:d0:05:8f:41:e3:8d:fe:f6:e6:e6:9a:87:64: a0:cb:2b:bf:b1:6b:df:e5:69:3a:1b:ae:b5:77:f5: c9:a8:5d:d8:ef:8e:b3:b6:c7:1c:55:83:a6:1b:fd: 56:3b:c5:b4:cf:4b:a8:3b:cf:b2:3b:8b:51:30:51: 46:32:25:c5:aa:d1:a2:c7:22:1c:d4:d3:64:e9:40: e1:d2:94:04:75:92:7d:b1:3c:32:38:38:a1:92:fa: cd:9d:2a:ed:3c:61:46:7b:f8:2f:a3:d4:7b:e2:a1: ba:16:4b:e4:cf:74:a5:dd:af:bb:90:8c:84:74:d8: 69:28:7d:da:bb:41:47:07:3a:a3:e4:38:30:93:ef: 3f:29:df:02:99:de:91:7d:7b:78:01:5a:65:42:37: 26:8f:27:d3:85:1a:7c:40:6d:ff:eb:d8:26:d4:dc: e6:83:ae:a7:c8:3b:54:d0:3b:98:98:e6:21:17:a7: d6:0f:46:61:58:2b:a7:25:06:37:8d:c1:e3:a4:7d: 26:f9:cc:48:0b:b3:32:72:0e:ce:f5:61:8c:aa:0e: 63:23:40:7e:bf:d9:63:4d:05:3c:a0:1e:63:0a:4d: a0:34:84:9d:76:55:ad:3f:86:e1:50:18:d7:c0:db: 6c:7b:55:98:44:3c:0d:e1:4b:ac:2a:fd:6d:8a:a9: 43:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:C7:C3:9A:59:12:DD:C2:1E:9F:6B:51:98:96:72:57:62:12:78:33 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/10af83-08f5-4919-ba1d-38f864a34b78/1/5cfDmlkS3cIen2tRmJZyV2ISeDM.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.25.168.0/22 185.162.152.0/22 188.65.184.0/21 195.72.36.0/22 IPv6: 2a00:5280::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 60765 196640 Signature Algorithm: sha256WithRSAEncryption 35:8f:19:c8:6d:af:f6:4d:6f:50:a4:e9:c9:dc:1f:ff:8a:bc: 60:65:ee:88:2a:87:ff:4b:08:e9:8f:a5:c1:c4:42:95:8d:01: d7:0c:02:19:f0:29:11:79:a3:f0:f7:5e:68:ce:14:7a:86:44: 85:cd:74:fb:bf:61:a5:11:2e:0b:d1:39:49:50:f5:06:66:fb: 7e:84:eb:15:13:55:df:56:73:7e:70:9e:7a:23:26:28:d5:3d: 44:97:26:c0:25:00:ba:69:bd:32:19:d1:08:b6:a0:4e:df:f6: f6:51:14:03:ab:60:f2:d7:1d:55:88:71:4a:82:c2:26:72:9b: c7:32:fc:f1:b1:5a:ba:65:4b:b0:a8:f6:a5:09:3d:84:8f:90: e8:4e:ab:69:f8:8d:af:f3:75:3a:4b:8d:21:a2:47:08:e1:8a: b8:79:e4:93:2b:7d:27:9a:3a:61:df:d7:ba:a8:c5:60:2c:6e: b8:6c:30:7c:d0:c0:6e:2b:d5:4f:73:e6:7c:34:16:29:9a:d1: 09:24:7d:6d:fa:00:7b:18:d9:4b:58:11:6b:22:66:69:64:11: 78:2b:f3:94:f8:b0:c4:0e:b9:79:47:cf:26:9d:6a:63:2d:4e: 8c:9a:74:da:ff:67:aa:d9:75:a7:85:c1:ea:3e:b6:30:0b:dd: 68:0d:4e:dc -----BEGIN CERTIFICATE----- MIIFujCCBKKgAwIBAgISAZrK8b/mqTiIqaerQRm/EH2oMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjUxMTI4MTQ1MDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlNWM3YzM5YTU5MTJkZGMyMWU5ZjZiNTE5ODk2NzI1NzYyMTI3ODMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6tAFj0Hjjf725uaah2Sgyyu/sWvf 5Wk6G661d/XJqF3Y746ztsccVYOmG/1WO8W0z0uoO8+yO4tRMFFGMiXFqtGixyIc 1NNk6UDh0pQEdZJ9sTwyODihkvrNnSrtPGFGe/gvo9R74qG6Fkvkz3Sl3a+7kIyE dNhpKH3au0FHBzqj5Dgwk+8/Kd8Cmd6RfXt4AVplQjcmjyfThRp8QG3/69gm1Nzm g66nyDtU0DuYmOYhF6fWD0ZhWCunJQY3jcHjpH0m+cxIC7Mycg7O9WGMqg5jI0B+ v9ljTQU8oB5jCk2gNISddlWtP4bhUBjXwNtse1WYRDwN4UusKv1tiqlDGwIDAQAB o4ICxjCCAsIwHQYDVR0OBBYEFOXHw5pZEt3CHp9rUZiWcldiEngzMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA1LzEwYWY4 My0wOGY1LTQ5MTktYmExZC0zOGY4NjRhMzRiNzgvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUvMTBhZjgz LTA4ZjUtNDkxOS1iYTFkLTM4Zjg2NGEzNGI3OC8xLzVjZkRtbGtTM2NJZW4ydFJt Slp5VjJJU2VETS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUF BwEHAQH/BDEwLzAeBAIAATAYAwQCuRmoAwQCuaKYAwQDvEG4AwQCw0gkMA0EAgAC MAcDBQAqAFKAMB8GCCsGAQUFBwEIAQH/BBAwDqAMMAoCAwDtXQIDAwAgMA0GCSqG SIb3DQEBCwUAA4IBAQA1jxnIba/2TW9QpOnJ3B//irxgZe6IKof/Swjpj6XBxEKV jQHXDAIZ8CkReaPw915ozhR6hkSFzXT7v2GlES4L0TlJUPUGZvt+hOsVE1XfVnN+ cJ56IyYo1T1ElybAJQC6ab0yGdEItqBO3/b2URQDq2Dy1x1ViHFKgsImcpvHMvzx sVq6ZUuwqPalCT2Ej5DoTqtp+I2v83U6S40hokcI4Yq4eeSTK30nmjph39e6qMVg LG64bDB80MBuK9VPc+Z8NBYpmtEJJH1t+gB7GNlLWBFrImZpZBF4K/OU+LDEDrl5 R88mnWpjLU6MmnTa/2eq2XWnhcHqPrYwC91oDU7c -----END CERTIFICATE-----Generated at Sat Dec 6 08:20:13 2025 by rpki-client