This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/DCYlvf-pQ33CuW2K4CMQC8iOb-M.cer File: DCYlvf-pQ33CuW2K4CMQC8iOb-M.cer (raw, json) Hash identifier: yGjP3/zSNmWE30y6UKcJIzcW/SIk//wws1DMyqHm770= Subject key identifier: 0C:26:25:BD:FF:A9:43:7D:C2:B9:6D:8A:E0:23:10:0B:C8:8E:6F:E3 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7E38055957FF5374DC052021E1365E6E Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/60/9c78b9-da39-450f-bb96-07804aff490f/1/DCYlvf-pQ33CuW2K4CMQC8iOb-M.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/60/9c78b9-da39-450f-bb96-07804aff490f/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 10:19:19 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 8680 IP: 37.72.152.0/21 IP: 46.102.107.0/24 IP: 62.68.160.0/19 IP: 77.81.75.0/24 IP: 78.111.192.0/20 IP: 84.247.1.0/24 IP: 85.204.71.0/24 IP: 85.204.135.0/24 IP: 85.204.144.0/24 IP: 85.204.192.0/24 IP: 86.104.12.0/24 IP: 86.104.64.0/24 IP: 86.105.10.0/23 IP: 88.81.128.0/19 IP: 89.32.207.0/24 IP: 89.33.15.0/24 IP: 89.35.82.0/23 IP: 89.37.59.0/24 IP: 89.40.64.0/24 IP: 89.42.115.0/24 IP: 89.42.174.0/23 IP: 89.42.179.0/24 IP: 89.43.49.0/24 IP: 89.43.172.0/23 IP: 89.44.107.0/24 IP: 89.47.248.0/24 IP: 89.47.253.0/24 IP: 91.190.160.0/21 IP: 92.114.55.0/24 IP: 93.114.188.0/23 IP: 93.187.144.0/21 IP: 146.247.48.0/20 IP: 185.3.100.0/22 IP: 188.214.59.0/24 IP: 188.241.17.0/24 IP: 212.30.0.0/19 IP: 217.19.128.0/20 IP: 2a02:7380::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:05:59:57:ff:53:74:dc:05:20:21:e1:36:5e:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 10:19:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0c2625bdffa9437dc2b96d8ae023100bc88e6fe3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:29:ef:a7:33:ce:fa:14:19:6d:93:ad:17:28: ec:26:d7:8b:b3:7d:97:eb:2a:a5:c6:e7:b8:10:72: fa:05:49:5e:1f:4e:39:fc:57:ff:97:05:27:92:32: 8c:5f:0a:32:4f:02:12:4b:5b:ed:b5:a1:83:18:76: d6:2f:70:5a:ec:5f:db:72:17:f2:66:2f:81:cc:4e: 94:cd:13:05:f0:cc:8d:fe:ce:f0:02:e2:a7:2b:41: 43:a1:34:bc:65:7e:2a:61:a7:88:18:01:56:a6:b4: 66:d8:e7:fa:08:41:14:da:ed:fa:89:3b:30:a3:38: ab:ee:3b:78:9e:66:cf:32:f4:26:d7:12:df:39:18: ff:69:af:64:dc:34:d3:d7:f4:3e:77:0e:ac:7c:7f: 4f:19:f6:1d:e8:df:26:a7:2c:75:a9:49:06:f4:37: 2c:b3:63:d2:38:cb:29:2b:dc:0e:13:66:c0:98:6b: 8e:fe:7f:d4:f9:48:46:18:1a:71:2c:13:aa:77:55: fd:6d:91:ed:e6:fd:a9:73:6c:ae:02:36:22:7d:71: 53:ae:1b:8f:e9:c1:a9:16:e3:4e:f3:9b:fd:98:07: 30:ed:69:02:05:cf:b7:24:94:77:48:63:fe:8f:e0: 6c:fe:8e:61:2e:90:f3:5d:c0:98:81:5e:10:58:7f: 82:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:26:25:BD:FF:A9:43:7D:C2:B9:6D:8A:E0:23:10:0B:C8:8E:6F:E3 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/9c78b9-da39-450f-bb96-07804aff490f/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/9c78b9-da39-450f-bb96-07804aff490f/1/DCYlvf-pQ33CuW2K4CMQC8iOb-M.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.72.152.0/21 46.102.107.0/24 62.68.160.0/19 77.81.75.0/24 78.111.192.0/20 84.247.1.0/24 85.204.71.0/24 85.204.135.0/24 85.204.144.0/24 85.204.192.0/24 86.104.12.0/24 86.104.64.0/24 86.105.10.0/23 88.81.128.0/19 89.32.207.0/24 89.33.15.0/24 89.35.82.0/23 89.37.59.0/24 89.40.64.0/24 89.42.115.0/24 89.42.174.0/23 89.42.179.0/24 89.43.49.0/24 89.43.172.0/23 89.44.107.0/24 89.47.248.0/24 89.47.253.0/24 91.190.160.0/21 92.114.55.0/24 93.114.188.0/23 93.187.144.0/21 146.247.48.0/20 185.3.100.0/22 188.214.59.0/24 188.241.17.0/24 212.30.0.0/19 217.19.128.0/20 IPv6: 2a02:7380::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 8680 Signature Algorithm: sha256WithRSAEncryption 36:e1:4c:4f:0d:36:96:b9:e3:24:43:73:82:da:01:44:9a:de: dd:50:90:bd:c7:b1:62:37:21:f7:1d:28:25:7c:ad:89:a5:b8: f0:47:39:fe:d5:32:1e:b9:d2:e0:d9:fd:61:5e:74:d4:74:ba: b8:b9:61:72:89:16:f5:4f:c3:56:47:29:e5:94:cf:43:ac:1a: 93:b3:0c:7d:e1:18:4b:8c:fb:ac:81:a2:48:cf:cc:da:15:00: 85:1d:28:d6:57:ce:7d:c3:2a:57:65:01:91:7b:18:a7:2d:08: ae:27:9b:f3:3a:51:b3:01:6a:a2:1f:09:0d:94:82:bb:ec:25: 1c:7c:54:5f:69:61:b4:84:bc:ee:93:13:d8:dc:11:82:89:0a: f8:ab:81:ca:ee:be:f7:de:c7:44:bd:cb:8d:3c:98:0c:15:d0: 10:e9:ab:03:45:ce:cb:81:b0:45:09:7d:d6:3e:74:09:c4:ab: e0:e6:e9:14:ed:f2:f2:8c:02:c1:3c:68:6b:b0:5f:c4:00:4e: 35:c5:b8:01:ca:ab:a3:1c:53:c2:3a:ce:1e:61:3a:62:0b:14: 36:f2:7e:4b:02:7b:0b:92:7c:27:81:47:95:a2:cf:1c:f3:79: c4:58:2b:b8:74:aa:9d:94:a6:61:40:56:ed:94:79:62:4f:f7: cf:80:03:a9 -----BEGIN CERTIFICATE----- MIIGgDCCBWigAwIBAgISAZt+OAVZV/9TdNwFICHhNl5uMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTAxOTE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYzI2MjViZGZmYTk0MzdkYzJiOTZkOGFlMDIzMTAwYmM4OGU2ZmUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCnvpzPO+hQZbZOtFyjsJteLs32X 6yqlxue4EHL6BUleH045/Ff/lwUnkjKMXwoyTwISS1vttaGDGHbWL3Ba7F/bchfy Zi+BzE6UzRMF8MyN/s7wAuKnK0FDoTS8ZX4qYaeIGAFWprRm2Of6CEEU2u36iTsw ozir7jt4nmbPMvQm1xLfORj/aa9k3DTT1/Q+dw6sfH9PGfYd6N8mpyx1qUkG9Dcs s2PSOMspK9wOE2bAmGuO/n/U+UhGGBpxLBOqd1X9bZHt5v2pc2yuAjYifXFTrhuP 6cGpFuNO85v9mAcw7WkCBc+3JJR3SGP+j+Bs/o5hLpDzXcCYgV4QWH+CAwIDAQAB o4IDjDCCA4gwHQYDVR0OBBYEFAwmJb3/qUN9wrltiuAjEAvIjm/jMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYwLzljNzhi OS1kYTM5LTQ1MGYtYmI5Ni0wNzgwNGFmZjQ5MGYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAvOWM3OGI5 LWRhMzktNDUwZi1iYjk2LTA3ODA0YWZmNDkwZi8xL0RDWWx2Zi1wUTMzQ3VXMks0 Q01RQzhpT2ItTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBCgYIKwYB BQUHAQcBAf8EgfowgfcwgeUEAgABMIHeAwQDJUiYAwQALmZrAwQFPkSgAwQATVFL AwQETm/AAwQAVPcBAwQAVcxHAwQAVcyHAwQAVcyQAwQAVczAAwQAVmgMAwQAVmhA AwQBVmkKAwQFWFGAAwQAWSDPAwQAWSEPAwQBWSNSAwQAWSU7AwQAWShAAwQAWSpz AwQBWSquAwQAWSqzAwQAWSsxAwQBWSusAwQAWSxrAwQAWS/4AwQAWS/9AwQDW76g AwQAXHI3AwQBXXK8AwQDXbuQAwQEkvcwAwQCuQNkAwQAvNY7AwQAvPERAwQF1B4A AwQE2ROAMA0EAgACMAcDBQAqAnOAMBkGCCsGAQUFBwEIAQH/BAowCKAGMAQCAiHo MA0GCSqGSIb3DQEBCwUAA4IBAQA24UxPDTaWueMkQ3OC2gFEmt7dUJC9x7FiNyH3 HSglfK2JpbjwRzn+1TIeudLg2f1hXnTUdLq4uWFyiRb1T8NWRynllM9DrBqTswx9 4RhLjPusgaJIz8zaFQCFHSjWV859wypXZQGRexinLQiuJ5vzOlGzAWqiHwkNlIK7 7CUcfFRfaWG0hLzukxPY3BGCiQr4q4HK7r733sdEvcuNPJgMFdAQ6asDRc7LgbBF CX3WPnQJxKvg5ukU7fLyjALBPGhrsF/EAE41xbgByqujHFPCOs4eYTpiCxQ28n5L AnsLknwngUeVos8c83nEWCu4dKqdlKZhQFbtlHliT/fPgAOp -----END CERTIFICATE-----Generated at Mon Jan 26 10:51:34 2026 by rpki-client