This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CIKLx914SFC4lu197ZSD218B4Fk.cer File: CIKLx914SFC4lu197ZSD218B4Fk.cer (raw, json) Hash identifier: 6GjMDx3kpfO41qfx9dJ+92Zij/roEqpP2QTHMOkksNY= Subject key identifier: 08:82:8B:C7:DD:78:48:50:B8:96:ED:7D:ED:94:83:DB:5F:01:E0:59 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7EA4CF286AB5B789C38DA0B3BBE0B5D8 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/fc/866754-f0ef-4900-8dd0-6c0403c9a440/1/CIKLx914SFC4lu197ZSD218B4Fk.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/fc/866754-f0ef-4900-8dd0-6c0403c9a440/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 12:18:08 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 89.248.66.0/24 IP: 213.177.170.0/24 IP: 2a10:e6c0::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:cf:28:6a:b5:b7:89:c3:8d:a0:b3:bb:e0:b5:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 12:18:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=08828bc7dd784850b896ed7ded9483db5f01e059 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:c3:c7:93:a1:b7:1b:81:c4:82:f5:df:56:33: 7f:5d:29:1e:b5:08:a6:80:95:79:cc:86:94:39:83: a9:6d:b6:17:91:e0:51:00:90:9d:70:8d:ca:8d:ce: cb:53:da:78:f5:c1:de:5f:77:db:73:ea:68:4a:15: 39:06:b4:d5:d3:21:f6:97:11:f9:c3:79:a1:ac:9f: d0:c2:f9:3f:5c:a4:0a:d4:97:d4:ca:4d:16:28:dc: 5f:37:46:3c:cf:e5:2a:dc:18:06:08:81:10:39:fc: 29:8f:bc:22:67:66:93:aa:cd:02:73:a1:5e:9b:9f: 10:04:8d:b0:8a:0d:9e:81:c0:0f:fd:05:d1:15:b1: 82:15:49:3a:6d:9d:75:62:f1:f2:2f:ea:8b:6f:cd: 4b:7f:a0:7d:e4:ab:9f:9b:e4:6d:98:09:84:39:d3: 49:08:a5:3d:2e:f1:93:b8:3e:28:78:3a:9f:a6:42: 68:82:60:85:07:88:3d:b8:cb:ae:c1:d1:9f:a9:c0: 10:b7:82:3e:3a:8f:26:af:e1:83:0e:13:c5:41:0c: 1a:b9:6b:72:0b:44:13:98:c7:24:fd:2c:2f:92:c8: 01:29:c4:6d:12:b2:d7:2e:db:05:3e:6f:a2:40:9c: 81:65:28:14:ac:73:8b:eb:28:4f:77:4f:f0:af:98: 4c:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:82:8B:C7:DD:78:48:50:B8:96:ED:7D:ED:94:83:DB:5F:01:E0:59 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/866754-f0ef-4900-8dd0-6c0403c9a440/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/866754-f0ef-4900-8dd0-6c0403c9a440/1/CIKLx914SFC4lu197ZSD218B4Fk.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.248.66.0/24 213.177.170.0/24 IPv6: 2a10:e6c0::/32 Signature Algorithm: sha256WithRSAEncryption 0d:ec:44:74:ed:49:d1:ae:c9:3a:d5:6e:52:df:ce:55:0d:16: 3a:99:96:96:a8:96:64:0b:1a:1a:36:7b:b0:4c:23:3e:fa:34: d0:a1:3f:78:0b:8a:d6:ad:1f:02:56:6a:6f:ec:da:e0:da:0b: 65:bb:6b:4c:93:6c:49:7d:a1:1d:3e:78:88:81:18:b5:0f:c7: 44:7f:9d:40:ba:2d:a8:8c:34:28:d3:bf:a4:b8:fb:25:59:f0: 93:1a:d6:51:69:85:76:56:07:d7:ae:fe:ae:83:81:d5:2c:01: 6e:cb:57:72:d4:c2:57:2d:fa:8b:78:a3:b1:eb:28:0e:dd:43: c5:8a:0f:77:d1:07:bf:86:bb:ef:a4:fe:f5:36:5f:d3:99:74: b9:7f:f4:5e:1e:19:f4:d0:20:fc:b4:40:ce:10:25:58:8b:fa: cb:8d:b4:ed:3b:98:8d:4b:72:e6:73:9f:32:4e:c6:ec:66:1e: c0:70:54:8f:63:00:4b:10:81:03:27:30:a3:42:64:2d:b1:31: 60:40:f0:4c:ad:d9:11:6e:1e:18:14:d0:b9:34:9c:7e:9c:27: 17:0a:0b:71:a1:99:d3:1d:4a:d6:cf:44:57:fe:be:03:e6:4f: 06:7a:d0:aa:1a:01:e9:6d:f8:8e:fa:42:7b:ac:0b:59:3e:ed: c4:92:69:d0 -----BEGIN CERTIFICATE----- MIIFjTCCBHWgAwIBAgISAZt+pM8oarW3icONoLO74LXYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTIxODA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwODgyOGJjN2RkNzg0ODUwYjg5NmVkN2RlZDk0ODNkYjVmMDFlMDU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMPHk6G3G4HEgvXfVjN/XSketQim gJV5zIaUOYOpbbYXkeBRAJCdcI3Kjc7LU9p49cHeX3fbc+poShU5BrTV0yH2lxH5 w3mhrJ/Qwvk/XKQK1JfUyk0WKNxfN0Y8z+Uq3BgGCIEQOfwpj7wiZ2aTqs0Cc6Fe m58QBI2wig2egcAP/QXRFbGCFUk6bZ11YvHyL+qLb81Lf6B95Kufm+RtmAmEOdNJ CKU9LvGTuD4oeDqfpkJogmCFB4g9uMuuwdGfqcAQt4I+Oo8mr+GDDhPFQQwauWty C0QTmMck/SwvksgBKcRtErLXLtsFPm+iQJyBZSgUrHOL6yhPd0/wr5hMEwIDAQAB o4ICmTCCApUwHQYDVR0OBBYEFAiCi8fdeEhQuJbtfe2Ug9tfAeBZMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZjLzg2Njc1 NC1mMGVmLTQ5MDAtOGRkMC02YzA0MDNjOWE0NDAvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmMvODY2NzU0 LWYwZWYtNDkwMC04ZGQwLTZjMDQwM2M5YTQ0MC8xL0NJS0x4OTE0U0ZDNGx1MTk3 WlNEMjE4QjRGay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF BwEHAQH/BCUwIzASBAIAATAMAwQAWfhCAwQA1bGqMA0EAgACMAcDBQAqEObAMA0G CSqGSIb3DQEBCwUAA4IBAQAN7ER07UnRrsk61W5S385VDRY6mZaWqJZkCxoaNnuw TCM++jTQoT94C4rWrR8CVmpv7Nrg2gtlu2tMk2xJfaEdPniIgRi1D8dEf51Aui2o jDQo07+kuPslWfCTGtZRaYV2VgfXrv6ug4HVLAFuy1dy1MJXLfqLeKOx6ygO3UPF ig930Qe/hrvvpP71Nl/TmXS5f/ReHhn00CD8tEDOECVYi/rLjbTtO5iNS3Lmc58y TsbsZh7AcFSPYwBLEIEDJzCjQmQtsTFgQPBMrdkRbh4YFNC5NJx+nCcXCgtxoZnT HUrWz0RX/r4D5k8GetCqGgHpbfiO+kJ7rAtZPu3EkmnQ -----END CERTIFICATE-----Generated at Mon Jan 26 06:04:22 2026 by rpki-client