This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer File: FjB9KfVUPyHqMAm5Uj_nG48Taco.cer (raw, json) Hash identifier: sGjrf81XyHf3FY5clh/wjSu/9C/1ByHC4535Tqk5Kag= Subject key identifier: 16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B78345190688771DF8A972FDAE29CF6F5 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 06:17:33 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 5089 AS: 5462 AS: 13076 AS: 42987 AS: 43629 AS: 50534 AS: 62016 IP: 62.3.192.0/18 IP: 62.30.0.0/15 IP: 62.252.0.0/14 IP: 77.96.0.0/13 IP: 80.0.0.0/13 IP: 80.192.0.0/14 IP: 80.235.128.0/17 IP: 80.255.192.0/19 IP: 81.6.192.0/18 IP: 81.96.0.0/12 IP: 81.170.0.0/17 IP: 82.0.0.0 -- 82.20.255.255 IP: 82.28.0.0/16 IP: 82.30.0.0 -- 82.37.255.255 IP: 82.42.0.0 -- 82.45.255.255 IP: 82.47.0.0/16 IP: 82.133.0.0/17 IP: 84.19.104.0 -- 84.19.127.255 IP: 86.0.0.0/11 IP: 91.146.112.0/21 IP: 92.10.0.0 -- 92.15.255.255 IP: 92.232.0.0 -- 92.234.255.255 IP: 92.236.0.0/14 IP: 94.173.0.0 -- 94.175.255.255 IP: 185.112.212.0/22 IP: 185.173.116.0/22 IP: 185.228.252.0/22 IP: 193.38.64.0/18 IP: 193.39.32.0 -- 193.39.65.255 IP: 193.193.96.0/19 IP: 194.117.128.0/19 IP: 194.145.148.0/23 IP: 194.168.0.0/16 IP: 195.182.160.0/19 IP: 195.188.0.0/16 IP: 212.24.64.0/19 IP: 212.43.160.0/19 IP: 212.250.0.0/16 IP: 213.48.0.0/16 IP: 213.81.0.0/17 IP: 213.104.0.0/14 IP: 213.147.224.0/19 IP: 213.148.32.0/19 IP: 213.208.64.0/18 IP: 217.8.0.0/19 IP: 217.68.128.0/20 IP: 217.137.0.0/16 IP: 2a02:8800::/24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:51:90:68:87:71:df:8a:97:2f:da:e2:9c:f6:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 06:17:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=16307d29f5543f21ea3009b9523fe71b8f1369ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:7c:de:15:df:0f:da:bf:75:92:eb:58:79:d8: d7:57:da:73:8b:ff:e5:4e:52:ce:63:04:49:b1:6e: 42:ef:04:27:23:86:a8:f0:8c:92:b6:ef:ad:3d:67: 13:13:66:a8:5a:7d:3a:15:3a:17:03:c6:88:a7:09: 76:88:4e:19:8b:c1:9f:9d:c4:11:22:7a:ba:00:29: 1f:6d:26:6f:84:72:16:15:68:a4:24:84:5b:04:18: f7:99:6c:56:bd:eb:a4:e8:3c:05:3a:71:23:a6:b3: 84:01:d7:de:8a:22:2b:71:03:37:d7:df:78:3f:4a: c3:b0:48:6f:cd:34:f8:41:71:ca:1b:58:87:c7:36: 8f:f9:64:d4:93:1b:1e:b1:bc:1a:31:31:53:40:6d: 0d:5e:61:19:a2:fd:1b:6e:dd:5f:0f:8f:e0:ee:b0: 84:a8:40:35:25:54:74:af:fc:54:5c:4a:3b:5b:8e: 04:76:31:11:6c:41:b3:cd:b0:40:44:40:cb:b7:49: 32:f7:f8:82:35:7a:eb:5e:71:cb:79:c0:11:8f:07: 26:5a:6c:c8:71:dc:b6:40:46:d1:39:56:35:a1:cc: 03:5c:61:0f:04:bb:4a:d2:ee:e7:a4:7e:98:96:4c: a9:c0:cd:4c:1e:53:d6:83:07:68:a6:c9:24:87:d6: 6f:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 62.3.192.0/18 62.30.0.0/15 62.252.0.0/14 77.96.0.0/13 80.0.0.0/13 80.192.0.0/14 80.235.128.0/17 80.255.192.0/19 81.6.192.0/18 81.96.0.0/12 81.170.0.0/17 82.0.0.0-82.20.255.255 82.28.0.0/16 82.30.0.0-82.37.255.255 82.42.0.0-82.45.255.255 82.47.0.0/16 82.133.0.0/17 84.19.104.0-84.19.127.255 86.0.0.0/11 91.146.112.0/21 92.10.0.0-92.15.255.255 92.232.0.0-92.234.255.255 92.236.0.0/14 94.173.0.0-94.175.255.255 185.112.212.0/22 185.173.116.0/22 185.228.252.0/22 193.38.64.0/18 193.39.32.0-193.39.65.255 193.193.96.0/19 194.117.128.0/19 194.145.148.0/23 194.168.0.0/16 195.182.160.0/19 195.188.0.0/16 212.24.64.0/19 212.43.160.0/19 212.250.0.0/16 213.48.0.0/16 213.81.0.0/17 213.104.0.0/14 213.147.224.0/19 213.148.32.0/19 213.208.64.0/18 217.8.0.0/19 217.68.128.0/20 217.137.0.0/16 IPv6: 2a02:8800::/24 sbgp-autonomousSysNum: critical Autonomous System Numbers: 5089 5462 13076 42987 43629 50534 62016 Signature Algorithm: sha256WithRSAEncryption 88:98:37:e7:2a:98:09:6a:59:c1:be:95:78:e7:b3:c2:36:c5: 15:46:a8:89:eb:2d:48:78:d0:be:16:21:11:6f:98:cf:65:8c: 16:44:96:17:e8:48:b4:04:45:5b:8e:88:67:ac:05:53:8a:3f: 2b:7c:7d:58:fc:41:81:67:a3:03:19:7b:6a:6f:f4:8e:87:72: d4:15:30:11:6c:54:3c:17:a4:56:b7:3b:01:e6:36:92:78:b2: ef:d2:b0:37:79:bb:82:d8:f9:d2:46:35:15:41:ef:0f:92:55: 6c:38:dc:29:4a:a5:26:bb:e7:10:64:dc:f0:38:da:c8:4a:7a: f4:ad:41:e1:17:13:b2:2f:02:bc:a3:20:8a:bb:70:de:9f:e2: 8e:9b:d8:b6:c6:18:ee:10:78:88:18:1a:3b:34:5b:a8:1f:ad: 22:47:73:91:fe:b5:85:5a:c7:46:20:bf:f5:cd:7a:c5:c5:12: 15:cf:53:8e:a1:d5:ad:de:87:7d:52:3f:9b:28:2b:a4:63:d4: 8d:44:20:77:e6:90:40:c2:a1:85:52:1c:25:13:0b:e5:fd:0d: 4e:a1:14:0d:66:bb:44:a8:94:54:06:2a:e9:ca:c6:44:8d:e9: 09:ba:3c:d4:57:34:47:b2:fd:41:1d:03:ea:eb:73:f5:94:31: ed:09:bf:9e -----BEGIN CERTIFICATE----- MIIG/jCCBeagAwIBAgISAZt4NFGQaIdx34qXL9rinPb1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDYxNzMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxNjMwN2QyOWY1NTQzZjIxZWEzMDA5Yjk1MjNmZTcxYjhmMTM2OWNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33zeFd8P2r91kutYedjXV9pzi//l TlLOYwRJsW5C7wQnI4ao8IyStu+tPWcTE2aoWn06FToXA8aIpwl2iE4Zi8GfncQR Inq6ACkfbSZvhHIWFWikJIRbBBj3mWxWveuk6DwFOnEjprOEAdfeiiIrcQM31994 P0rDsEhvzTT4QXHKG1iHxzaP+WTUkxsesbwaMTFTQG0NXmEZov0bbt1fD4/g7rCE qEA1JVR0r/xUXEo7W44EdjERbEGzzbBAREDLt0ky9/iCNXrrXnHLecARjwcmWmzI cdy2QEbROVY1ocwDXGEPBLtK0u7npH6YlkypwM1MHlPWgwdopskkh9ZvWQIDAQAB o4IECjCCBAYwHQYDVR0OBBYEFBYwfSn1VD8h6jAJuVI/5xuPE2nKMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q1L2JmNWU3 MC02NjY1LTQ5ZGUtYjljZi00Y2ZlNDBmMDdhNmIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUvYmY1ZTcw LTY2NjUtNDlkZS1iOWNmLTRjZmU0MGYwN2E2Yi8xL0ZqQjlLZlZVUHlIcU1BbTVV al9uRzQ4VGFjby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBbAYIKwYB BQUHAQcBAf8EggFbMIIBVzCCAUUEAgABMIIBPQMEBj4DwAMDAT4eAwMCPvwDAwNN YAMDA1AAAwMCUMADBAdQ64ADBAVQ/8ADBAZRBsADAwRRYAMEB1GqADAJAwIBUgMD AFIUAwMAUhwwCgMDAVIeAwMBUiQwCgMDAVIqAwMBUiwDAwBSLwMEB1KFADAMAwQD VBNoAwQHVBMAAwMFVgADBANbknAwCgMDAVwKAwMEXAAwCgMDA1zoAwMAXOoDAwJc 7DAKAwMAXq0DAwReoAMEArlw1AMEArmtdAMEArnk/AMEBsEmQDAMAwQFwScgAwQB wSdAAwQFwcFgAwQFwnWAAwQBwpGUAwMAwqgDBAXDtqADAwDDvAMEBdQYQAMEBdQr oAMDANT6AwMA1TADBAfVUQADAwLVaAMEBdWT4AMEBdWUIAMEBtXQQAMEBdkIAAME BNlEgAMDANmJMAwEAgACMAYDBAAqAogwNQYIKwYBBQUHAQgBAf8EJjAkoCIwIAIC E+ECAhVWAgIzFAIDAKfrAgMAqm0CAwDFZgIDAPJAMA0GCSqGSIb3DQEBCwUAA4IB AQCImDfnKpgJalnBvpV457PCNsUVRqiJ6y1IeNC+FiERb5jPZYwWRJYX6Ei0BEVb johnrAVTij8rfH1Y/EGBZ6MDGXtqb/SOh3LUFTARbFQ8F6RWtzsB5jaSeLLv0rA3 ebuC2PnSRjUVQe8PklVsONwpSqUmu+cQZNzwONrISnr0rUHhFxOyLwK8oyCKu3De n+KOm9i2xhjuEHiIGBo7NFuoH60iR3OR/rWFWsdGIL/1zXrFxRIVz1OOodWt3od9 Uj+bKCukY9SNRCB35pBAwqGFUhwlEwvl/Q1OoRQNZrtEqJRUBirpysZEjekJujzU VzRHsv1BHQPq63P1lDHtCb+e -----END CERTIFICATE-----Generated at Sun Jan 25 11:05:29 2026 by rpki-client