This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8mkwhbX3XA8Q3gjiLL5LBiRRsVA.cer File: 8mkwhbX3XA8Q3gjiLL5LBiRRsVA.cer (raw, json) Hash identifier: b0H/CJSnzch+SWWzAEzqg/+vQX0ZQDVai+BHy0I/3bY= Subject key identifier: F2:69:30:85:B5:F7:5C:0F:10:DE:08:E2:2C:BE:4B:06:24:51:B1:50 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7C11FF2E37C1192AA86455E6702152ED Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d9/173327-9742-435b-86c0-55e85ea09dde/1/8mkwhbX3XA8Q3gjiLL5LBiRRsVA.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d9/173327-9742-435b-86c0-55e85ea09dde/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 00:18:32 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 45023 IP: 193.200.60.0/24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:11:ff:2e:37:c1:19:2a:a8:64:55:e6:70:21:52:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 00:18:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f2693085b5f75c0f10de08e22cbe4b062451b150 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:54:71:ba:4f:66:4a:87:88:d1:8a:4a:da:fe: 9a:06:5e:af:01:75:a2:a6:92:a0:39:d0:e9:11:34: be:fb:7c:c4:33:c8:1d:a1:e6:3c:ce:51:58:ac:30: da:c3:cc:11:68:03:a9:21:db:31:89:b3:dc:46:8c: 77:a5:14:5a:0b:a1:5f:ba:14:f4:b7:d4:2e:f9:07: 5d:ce:b2:ef:07:a8:1b:ea:bb:90:18:f5:18:d4:00: 7d:bd:be:38:be:af:d8:8e:f9:82:1d:c5:ed:a7:a8: 3d:8a:1c:26:4d:ba:ab:2c:f8:0a:70:6f:c4:57:1a: 78:29:fc:61:b4:fd:7b:4d:f9:bd:53:95:56:cc:ae: 6d:3e:ae:2d:11:01:5e:b8:58:fa:6b:7d:4d:fc:38: 23:5e:7d:64:c6:c4:3e:22:55:b1:51:43:46:fa:89: 91:5d:89:eb:b2:31:97:a6:ad:50:84:63:1d:74:3e: 89:bc:ec:d4:44:6c:03:6c:29:8f:31:6e:a9:b5:ec: 01:61:f0:13:93:a4:a5:56:52:67:d0:11:47:c9:48: aa:f6:2d:2f:bf:e6:43:0d:ca:51:aa:7b:af:50:0e: 39:1b:9e:54:a4:3a:f8:ce:f7:b4:a6:72:7d:9f:41: c4:30:19:1c:ba:fb:63:fe:d6:04:12:13:cd:42:59: 8a:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:69:30:85:B5:F7:5C:0F:10:DE:08:E2:2C:BE:4B:06:24:51:B1:50 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/173327-9742-435b-86c0-55e85ea09dde/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/173327-9742-435b-86c0-55e85ea09dde/1/8mkwhbX3XA8Q3gjiLL5LBiRRsVA.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.200.60.0/24 sbgp-autonomousSysNum: critical Autonomous System Numbers: 45023 Signature Algorithm: sha256WithRSAEncryption 49:b4:82:0b:f3:18:2d:12:d5:11:37:fc:ef:de:4f:1c:58:e6: 88:d6:a7:2c:69:53:71:d0:60:61:5f:48:9d:8e:1e:b3:8f:25: bb:7f:8e:dd:4a:e2:f1:39:62:02:47:b3:54:c3:b0:ba:54:01: 65:e5:7b:0b:86:d2:87:61:e5:bd:ed:38:78:32:90:99:5e:01: db:bd:27:94:b6:c5:28:76:0f:03:33:d3:4c:d0:f1:35:66:bf: ff:e4:6a:8a:16:57:81:d0:71:41:1b:5e:9d:34:bd:c6:44:a5: 89:4c:3f:cb:f6:2c:30:d9:b6:4b:40:7c:67:9c:7d:17:3a:84: 28:5a:d4:45:8a:0f:1f:24:7d:59:8f:df:c0:2b:ec:29:93:83: b5:cb:a5:35:29:03:60:69:16:40:3a:e0:47:45:58:34:4f:25: 17:09:28:98:37:18:40:30:39:ea:b7:2d:5f:7f:61:78:3d:eb: 07:6a:17:f2:38:12:4a:6f:9e:f6:4d:f1:93:0f:69:63:84:f5: cb:4a:bf:a3:49:bf:86:1c:9a:48:77:ce:d8:b8:7e:56:f1:40: 66:4b:60:91:56:fe:b7:f1:12:70:3b:ce:2d:79:f8:5a:88:77: 7a:c9:35:ed:dc:3c:5e:81:c3:91:6a:95:5f:7c:f7:1f:83:67: e9:7d:51:09 -----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgISAZt8Ef8uN8EZKqhkVeZwIVLtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDAxODMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMjY5MzA4NWI1Zjc1YzBmMTBkZTA4ZTIyY2JlNGIwNjI0NTFiMTUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFRxuk9mSoeI0YpK2v6aBl6vAXWi ppKgOdDpETS++3zEM8gdoeY8zlFYrDDaw8wRaAOpIdsxibPcRox3pRRaC6FfuhT0 t9Qu+QddzrLvB6gb6ruQGPUY1AB9vb44vq/YjvmCHcXtp6g9ihwmTbqrLPgKcG/E Vxp4KfxhtP17Tfm9U5VWzK5tPq4tEQFeuFj6a31N/DgjXn1kxsQ+IlWxUUNG+omR XYnrsjGXpq1QhGMddD6JvOzURGwDbCmPMW6ptewBYfATk6SlVlJn0BFHyUiq9i0v v+ZDDcpRqnuvUA45G55UpDr4zve0pnJ9n0HEMBkcuvtj/tYEEhPNQlmKOQIDAQAB o4ICoDCCApwwHQYDVR0OBBYEFPJpMIW191wPEN4I4iy+SwYkUbFQMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q5LzE3MzMy Ny05NzQyLTQzNWItODZjMC01NWU4NWVhMDlkZGUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkvMTczMzI3 LTk3NDItNDM1Yi04NmMwLTU1ZTg1ZWEwOWRkZS8xLzhta3doYlgzWEE4UTNnamlM TDVMQmlSUnNWQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQAwcg8MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC AwCv3zANBgkqhkiG9w0BAQsFAAOCAQEASbSCC/MYLRLVETf8795PHFjmiNanLGlT cdBgYV9InY4es48lu3+O3Uri8TliAkezVMOwulQBZeV7C4bSh2Hlve04eDKQmV4B 270nlLbFKHYPAzPTTNDxNWa//+RqihZXgdBxQRtenTS9xkSliUw/y/YsMNm2S0B8 Z5x9FzqEKFrURYoPHyR9WY/fwCvsKZODtculNSkDYGkWQDrgR0VYNE8lFwkomDcY QDA56rctX39heD3rB2oX8jgSSm+e9k3xkw9pY4T1y0q/o0m/hhyaSHfO2Lh+VvFA ZktgkVb+t/EScDvOLXn4Woh3esk17dw8XoHDkWqVX3z3H4Nn6X1RCQ== -----END CERTIFICATE-----Generated at Sun Jan 25 19:42:19 2026 by rpki-client