This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/AYGCKpyioAj1zRG5-duhbuLGFFk.cer File: AYGCKpyioAj1zRG5-duhbuLGFFk.cer (raw, json) Hash identifier: iy3poDLtrToOyGfHdfcZlo0JKiqaUhkd8rRaLErLr7s= Subject key identifier: 01:81:82:2A:9C:A2:A0:08:F5:CD:11:B9:F9:DB:A1:6E:E2:C6:14:59 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7CEE6808FC6F97D99E50DFF5EA71D891 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/4f/3e9525-a2ce-4e90-900d-80d4945911dd/1/AYGCKpyioAj1zRG5-duhbuLGFFk.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/4f/3e9525-a2ce-4e90-900d-80d4945911dd/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 04:19:17 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 199578 IP: 131.246.0.0/16 IP: 192.68.165.0 -- 192.68.169.255 IP: 2a03:63c0::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ee:68:08:fc:6f:97:d9:9e:50:df:f5:ea:71:d8:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 04:19:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0181822a9ca2a008f5cd11b9f9dba16ee2c61459 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:63:de:2b:a8:3c:7d:7b:b8:4c:0a:cf:98:89: 17:00:8f:be:ec:7c:01:3d:7e:d2:1f:cf:c8:1e:20: 24:5e:28:07:08:c3:c4:6a:e8:71:31:56:07:ce:f8: 15:89:6e:c9:3b:0c:34:0f:44:2b:cb:7f:b3:1e:0d: b2:4e:14:e3:83:e3:20:ff:55:8b:05:d0:95:c7:0c: 3c:72:5e:42:54:35:f3:cf:39:2a:e1:58:22:37:aa: 10:bd:b0:b7:a0:8c:71:06:4b:51:46:16:9d:85:72: f7:97:31:94:76:c3:12:d1:b0:7d:2e:9d:23:76:74: 3c:8d:a7:0c:7a:4e:ea:26:62:a0:c1:56:11:8c:00: c7:1f:45:d0:f8:7f:6b:30:42:68:82:49:b8:33:06: da:0b:a2:43:52:15:05:e0:04:1d:a0:94:ea:fe:ea: 38:db:75:7f:2d:24:4d:84:b2:dc:ab:ba:af:09:5b: 97:23:42:74:a3:7c:76:f7:25:b7:dd:dd:53:00:60: 36:0b:c7:59:44:21:47:c4:e6:e0:7a:af:98:fd:50: 75:56:a4:82:95:71:9a:e9:b9:f4:c8:a8:a9:d7:94: 1d:44:62:59:31:8e:9e:12:82:dd:7f:3c:3e:19:9c: d8:a6:a1:73:e5:2f:8d:9d:f8:f3:9d:f3:fb:a9:ee: c1:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:81:82:2A:9C:A2:A0:08:F5:CD:11:B9:F9:DB:A1:6E:E2:C6:14:59 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/3e9525-a2ce-4e90-900d-80d4945911dd/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/3e9525-a2ce-4e90-900d-80d4945911dd/1/AYGCKpyioAj1zRG5-duhbuLGFFk.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 131.246.0.0/16 192.68.165.0-192.68.169.255 IPv6: 2a03:63c0::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 199578 Signature Algorithm: sha256WithRSAEncryption 0b:56:0a:0c:f0:69:62:b5:9d:9c:ee:9b:94:28:ae:0f:88:d8: 06:a3:c9:50:1b:7d:0d:b3:d7:75:a2:4b:bf:20:ee:60:68:a5: 21:e9:95:7b:93:e6:47:8e:14:0b:a0:cf:1b:2b:dd:d3:7e:8e: db:21:9a:fb:15:85:9f:7f:0a:74:be:47:af:ca:35:e8:4a:fb: fb:0e:c9:45:d9:51:77:f0:d4:f9:68:a3:59:66:18:75:b2:da: 40:84:98:d2:ec:90:08:dc:3b:56:07:5e:b4:c3:8a:8d:19:e4: eb:d2:e1:c9:4d:12:62:af:67:cf:31:24:66:cf:49:d5:77:b6: ca:e3:fe:ec:1f:95:30:92:4d:1d:e4:d3:f9:26:16:14:6c:1c: c8:50:99:74:0e:0e:cd:60:f4:14:22:05:d8:dd:03:7c:7f:c1: bf:39:85:76:48:f0:a5:b2:38:bd:06:cb:cd:e5:8a:72:b1:d8: ca:1d:f0:e9:af:91:e2:82:5e:5d:6d:7d:cc:17:ec:bf:46:4a: fe:85:f1:84:e2:6c:da:d8:4c:42:c8:d1:3b:72:2a:ca:71:4e: 55:f8:0a:d9:90:20:87:12:0a:a2:20:a0:6f:a7:13:da:2f:a1: 0b:33:25:d8:6d:04:28:1a:75:25:b2:85:d9:45:6e:46:26:de: 43:b4:3a:f9 -----BEGIN CERTIFICATE----- MIIFsDCCBJigAwIBAgISAZt87mgI/G+X2Z5Q3/XqcdiRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMDQxOTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMTgxODIyYTljYTJhMDA4ZjVjZDExYjlmOWRiYTE2ZWUyYzYxNDU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGPeK6g8fXu4TArPmIkXAI++7HwB PX7SH8/IHiAkXigHCMPEauhxMVYHzvgViW7JOww0D0Qry3+zHg2yThTjg+Mg/1WL BdCVxww8cl5CVDXzzzkq4VgiN6oQvbC3oIxxBktRRhadhXL3lzGUdsMS0bB9Lp0j dnQ8jacMek7qJmKgwVYRjADHH0XQ+H9rMEJogkm4MwbaC6JDUhUF4AQdoJTq/uo4 23V/LSRNhLLcq7qvCVuXI0J0o3x29yW33d1TAGA2C8dZRCFHxObgeq+Y/VB1VqSC lXGa6bn0yKip15QdRGJZMY6eEoLdfzw+GZzYpqFz5S+NnfjznfP7qe7BBwIDAQAB o4ICvDCCArgwHQYDVR0OBBYEFAGBgiqcoqAI9c0RufnboW7ixhRZMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRmLzNlOTUy NS1hMmNlLTRlOTAtOTAwZC04MGQ0OTQ1OTExZGQvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvM2U5NTI1 LWEyY2UtNGU5MC05MDBkLTgwZDQ5NDU5MTFkZC8xL0FZR0NLcHlpb0FqMXpSRzUt ZHVoYnVMR0ZGay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDsGCCsGAQUF BwEHAQH/BCwwKjAZBAIAATATAwMAg/YwDAMEAMBEpQMEAcBEqDANBAIAAjAHAwUA KgNjwDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDC5owDQYJKoZIhvcNAQELBQAD ggEBAAtWCgzwaWK1nZzum5Qorg+I2AajyVAbfQ2z13WiS78g7mBopSHplXuT5keO FAugzxsr3dN+jtshmvsVhZ9/CnS+R6/KNehK+/sOyUXZUXfw1Ploo1lmGHWy2kCE mNLskAjcO1YHXrTDio0Z5OvS4clNEmKvZ88xJGbPSdV3tsrj/uwflTCSTR3k0/km FhRsHMhQmXQODs1g9BQiBdjdA3x/wb85hXZI8KWyOL0Gy83linKx2Mod8OmvkeKC Xl1tfcwX7L9GSv6F8YTibNrYTELI0TtyKspxTlX4CtmQIIcSCqIgoG+nE9ovoQsz JdhtBCgadSWyhdlFbkYm3kO0Ovk= -----END CERTIFICATE-----Generated at Mon Jan 26 03:30:34 2026 by rpki-client