This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer File: CIRls3stTp9BOjHce35suioz25Y.cer (raw, json) Hash identifier: rNG0GIfgDXjUvMZA+TatTtD86GK0iCcpJnnH+4fY9Js= Subject key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019AEE705340C023029FEDF759F11A3060AF Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 05 Dec 2025 12:15:30 +0000 Certificate not after: Wed 01 Jul 2026 00:00:00 +0000 Subordinate resources: AS: 8647 AS: 15596 IP: 31.193.191.0/24 IP: 45.150.149.0/24 IP: 62.3.26.0/24 IP: 91.213.173.0/24 IP: 103.216.172.0/22 IP: 146.19.92.0/24 IP: 185.218.142.0/24 IP: 188.66.24.0/22 IP: 193.108.56.0/22 IP: 193.108.102.0 -- 193.108.105.255 IP: 193.242.117.0/24 IP: 213.109.154.0/24 IP: 2a06:fc0::/29 IP: 2a06:5e80::/29 IP: 2a07:3f00::/29 IP: 2a07:e840::/29 IP: 2a09:4bc0::/29 IP: 2a09:ddc0::/29 IP: 2a11:4380::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:ee:70:53:40:c0:23:02:9f:ed:f7:59:f1:1a:30:60:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Dec 5 12:15:30 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:90:8b:76:35:48:f1:9d:10:32:b4:5d:aa:46: 67:3f:97:1e:d4:c3:0b:07:0d:53:5e:6b:d0:df:d0: 6a:94:cd:38:32:09:60:4a:f6:73:32:8d:a2:cb:97: f4:b6:5b:a9:ad:25:0b:8c:89:58:30:2c:61:d0:72: 9b:21:8f:c8:23:a5:dc:d7:f3:94:33:3e:4d:ed:74: d1:02:eb:5a:02:dc:76:6c:64:8f:4d:a2:55:23:7a: af:63:09:29:d0:32:54:ed:7e:de:da:c1:f8:2d:58: 86:de:fa:1f:99:3d:d2:47:1b:af:e9:74:79:80:fe: 5f:c7:9d:1a:0a:80:52:36:fa:ca:80:1a:10:b7:a4: 22:c1:e0:94:aa:64:04:10:72:98:e5:86:f5:45:c3: 8b:53:3e:d9:89:06:85:62:5d:1c:81:75:59:4e:43: 67:79:15:57:95:b5:4a:d1:dc:82:49:cd:89:bb:65: 50:ed:0e:0b:42:c6:7a:05:bd:3b:75:a0:86:e6:ab: 82:2c:20:49:2c:54:a6:f2:2f:b1:14:26:c1:2b:a4: 83:d6:a8:a8:db:f1:cd:44:a9:15:fd:67:72:e6:8c: e8:3e:5d:df:29:0e:f2:57:a2:fe:de:cd:b9:2a:7a: f0:92:35:7d:45:3d:bf:66:68:5d:21:ec:78:f6:d0: b5:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.193.191.0/24 45.150.149.0/24 62.3.26.0/24 91.213.173.0/24 103.216.172.0/22 146.19.92.0/24 185.218.142.0/24 188.66.24.0/22 193.108.56.0/22 193.108.102.0-193.108.105.255 193.242.117.0/24 213.109.154.0/24 IPv6: 2a06:fc0::/29 2a06:5e80::/29 2a07:3f00::/29 2a07:e840::/29 2a09:4bc0::/29 2a09:ddc0::/29 2a11:4380::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 8647 15596 Signature Algorithm: sha256WithRSAEncryption 4b:b0:92:23:83:2d:36:6c:47:28:9f:f9:e5:fb:d2:33:ef:c8: bb:5c:5e:fa:80:fc:d4:04:17:f6:c9:8e:69:86:7a:6b:f5:11: 93:fe:23:a3:43:bb:fb:91:e8:fa:32:5d:c2:cf:91:c6:5d:5b: 15:69:78:b7:d8:72:ac:85:23:aa:20:9d:81:ad:12:37:31:70: 82:20:97:35:85:21:ca:38:91:e9:68:83:2c:87:99:50:70:bf: 95:15:3d:0c:b4:19:0a:9e:dc:47:69:dc:68:9d:77:19:72:53: 6a:2f:08:aa:c3:ff:8a:7d:4b:ba:2c:37:ad:93:63:b7:09:f6: 24:cd:dc:3c:aa:3c:5a:f3:d2:5b:43:48:3c:ef:7d:08:fe:4d: 1a:39:e8:39:6d:9e:76:02:ea:4a:ae:d3:41:15:49:c5:5e:1c: 3f:44:9e:85:73:69:89:3a:31:0c:e8:47:23:b4:7c:55:09:d6: 24:b5:d8:06:1d:aa:63:1e:19:da:b0:cd:4a:d8:b1:c0:ac:36: b5:8c:d2:73:fc:1a:4a:61:36:2e:c9:65:5c:fb:27:ee:2e:36: 49:a7:0e:50:e7:0a:ec:42:f5:aa:82:28:89:a5:15:30:54:67: 7c:fa:16:7b:a6:fd:cc:53:69:30:87:35:cd:e2:87:f0:79:b9: 61:f8:1a:9d -----BEGIN CERTIFICATE----- MIIGHTCCBQWgAwIBAgISAZrucFNAwCMCn+33WfEaMGCvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjUxMjA1MTIxNTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwODg0NjViMzdiMmQ0ZTlmNDEzYTMxZGM3YjdlNmNiYTJhMzNkYjk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJCLdjVI8Z0QMrRdqkZnP5ce1MML Bw1TXmvQ39BqlM04MglgSvZzMo2iy5f0tluprSULjIlYMCxh0HKbIY/II6Xc1/OU Mz5N7XTRAutaAtx2bGSPTaJVI3qvYwkp0DJU7X7e2sH4LViG3vofmT3SRxuv6XR5 gP5fx50aCoBSNvrKgBoQt6QiweCUqmQEEHKY5Yb1RcOLUz7ZiQaFYl0cgXVZTkNn eRVXlbVK0dyCSc2Ju2VQ7Q4LQsZ6Bb07daCG5quCLCBJLFSm8i+xFCbBK6SD1qio 2/HNRKkV/Wdy5ozoPl3fKQ7yV6L+3s25KnrwkjV9RT2/ZmhdIex49tC11QIDAQAB o4IDKTCCAyUwHQYDVR0OBBYEFAiEZbN7LU6fQTox3Ht+bLoqM9uWMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNkLzNlMmIx OC01NWM5LTQxODAtOGM2ZS0yYzcwODZmZGVkOTMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2QvM2UyYjE4 LTU1YzktNDE4MC04YzZlLTJjNzA4NmZkZWQ5My8xL0NJUmxzM3N0VHA5Qk9qSGNl MzVzdWlvejI1WS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGkBggrBgEF BQcBBwEB/wSBlDCBkTBWBAIAATBQAwQAH8G/AwQALZaVAwQAPgMaAwQAW9WtAwQC Z9isAwQAkhNcAwQAudqOAwQCvEIYAwQCwWw4MAwDBAHBbGYDBAHBbGgDBADB8nUD BADVbZowNwQCAAIwMQMFAyoGD8ADBQMqBl6AAwUDKgc/AAMFAyoH6EADBQMqCUvA AwUDKgndwAMFAyoRQ4AwHQYIKwYBBQUHAQgBAf8EDjAMoAowCAICIccCAjzsMA0G CSqGSIb3DQEBCwUAA4IBAQBLsJIjgy02bEcon/nl+9Iz78i7XF76gPzUBBf2yY5p hnpr9RGT/iOjQ7v7kej6Ml3Cz5HGXVsVaXi32HKshSOqIJ2BrRI3MXCCIJc1hSHK OJHpaIMsh5lQcL+VFT0MtBkKntxHadxonXcZclNqLwiqw/+KfUu6LDetk2O3CfYk zdw8qjxa89JbQ0g8730I/k0aOeg5bZ52AupKrtNBFUnFXhw/RJ6Fc2mJOjEM6Ecj tHxVCdYktdgGHapjHhnasM1K2LHArDa1jNJz/BpKYTYuyWVc+yfuLjZJpw5Q5wrs QvWqgiiJpRUwVGd8+hZ7pv3MU2kwhzXN4ofweblh+Bqd -----END CERTIFICATE-----Generated at Sat Dec 6 07:56:26 2025 by rpki-client