This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Ho0gXHmO1488RMoMjyhS6L7I6qI.cer File: Ho0gXHmO1488RMoMjyhS6L7I6qI.cer (raw, json) Hash identifier: Ctdk1FByAB6KIs1kTPKwquhQZ+NF4gDAsjbrwiPyrE4= Subject key identifier: 1E:8D:20:5C:79:8E:D7:8F:3C:44:CA:0C:8F:28:52:E8:BE:C8:EA:A2 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B77C6A9F2B61548C6FF30834D6AEABAA8 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/Ho0gXHmO1488RMoMjyhS6L7I6qI.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 04:17:46 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 35753 AS: 48204 IP: 5.42.224.0/19 IP: 5.132.192.0/18 IP: 5.149.128.0/21 IP: 37.76.224.0/19 IP: 37.186.24.0 -- 37.186.30.255 IP: 46.38.64.0/19 IP: 46.143.128.0/18 IP: 77.79.64.0/18 IP: 77.220.116.0/22 IP: 81.24.144.0/20 IP: 87.101.128.0/17 IP: 91.147.176.0/20 IP: 93.191.104.0/21 IP: 122.254.64.0/18 IP: 128.127.192.0/18 IP: 128.204.240.0/20 IP: 149.232.64.0/18 IP: 158.80.128.0/18 IP: 164.215.40.0/21 IP: 185.20.72.0/22 IP: 185.45.212.0/22 IP: 185.54.144.0/22 IP: 185.163.120.0/22 IP: 213.166.128.0/19 IP: 217.26.128.0/21 IP: 217.170.32.0/19 IP: 2a00:5400::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:a9:f2:b6:15:48:c6:ff:30:83:4d:6a:ea:ba:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 04:17:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1e8d205c798ed78f3c44ca0c8f2852e8bec8eaa2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:e8:a2:5c:13:f4:00:21:9a:62:64:f9:06:93: ea:f2:f7:1c:5c:fb:e9:f8:02:d8:e5:d6:da:f0:21: 39:15:58:1f:59:88:f1:a1:5c:e7:95:49:f6:b8:61: 1e:0f:37:3b:02:dd:df:eb:f7:d1:e7:51:aa:a5:13: cf:78:0f:c3:f5:35:7f:0f:b1:62:57:19:22:40:14: e8:fe:00:67:5e:4b:01:ee:1c:e9:09:b3:40:48:ef: 0c:62:96:3f:4c:2c:0e:21:3b:76:b4:95:b3:61:f1: 26:11:23:3f:39:aa:43:42:1e:8c:9e:52:bd:63:35: 35:4f:11:ed:dc:9e:89:af:83:d3:d7:af:b4:f3:4a: c1:c6:21:58:19:6b:3f:e3:af:75:81:9c:33:91:0d: ee:28:dd:1c:52:19:d6:1e:90:d7:a8:f5:f5:92:74: 00:86:cc:55:38:6a:8c:78:ff:44:65:b9:ee:c0:19: d3:e9:e8:3c:dd:ce:21:12:5f:e5:cb:37:01:0c:e8: a2:73:de:8e:d8:ef:45:4c:83:55:ab:63:3b:45:0a: 40:da:ba:f5:90:a4:1a:6c:51:2c:74:dc:87:92:61: 99:2d:92:2d:5d:3d:d0:60:87:76:7c:70:bb:cf:13: cc:e9:7d:c9:29:a5:5c:bf:55:58:c4:24:8b:62:bc: 06:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:8D:20:5C:79:8E:D7:8F:3C:44:CA:0C:8F:28:52:E8:BE:C8:EA:A2 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/Ho0gXHmO1488RMoMjyhS6L7I6qI.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.42.224.0/19 5.132.192.0/18 5.149.128.0/21 37.76.224.0/19 37.186.24.0-37.186.30.255 46.38.64.0/19 46.143.128.0/18 77.79.64.0/18 77.220.116.0/22 81.24.144.0/20 87.101.128.0/17 91.147.176.0/20 93.191.104.0/21 122.254.64.0/18 128.127.192.0/18 128.204.240.0/20 149.232.64.0/18 158.80.128.0/18 164.215.40.0/21 185.20.72.0/22 185.45.212.0/22 185.54.144.0/22 185.163.120.0/22 213.166.128.0/19 217.26.128.0/21 217.170.32.0/19 IPv6: 2a00:5400::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 35753 48204 Signature Algorithm: sha256WithRSAEncryption 18:4a:83:81:7f:1a:ad:70:38:a4:a5:99:4d:11:72:3f:03:c6: 4c:30:5e:b4:93:07:e7:86:76:17:1c:e6:4c:4d:62:8f:60:0d: 98:3d:39:7c:d9:2c:46:7d:43:60:30:22:c6:5a:2d:30:96:f7: e3:4d:88:27:95:56:c6:47:a4:dd:4f:d3:4f:7a:d2:c5:a5:99: df:1c:95:77:53:ca:58:b6:84:7d:be:7a:a8:63:5b:34:7a:e4: ac:1b:12:5b:2a:11:0c:13:3a:2a:df:b7:53:51:56:bd:28:a4: b2:17:0e:2c:53:cb:5d:38:ef:d5:c8:34:50:0d:b4:ab:f5:4f: 93:fa:b0:f1:72:db:a0:98:bf:30:82:c1:dd:ad:44:44:cc:0b: 0d:6d:41:db:24:a7:9c:2f:26:df:1e:47:f4:45:44:aa:49:36: f0:4b:3f:e3:03:3d:ba:b1:bc:3f:fc:b1:0c:d8:ea:73:ae:c6: 4b:58:ff:21:54:94:86:8b:d6:0b:25:65:5d:be:c2:65:d8:46: 14:08:43:9b:80:0f:60:09:ae:0b:1f:20:d1:a6:21:69:be:11: 33:3d:56:76:d8:be:10:c0:0b:33:3d:e4:c9:a2:d7:dc:e7:b1: 32:0a:97:86:1a:90:5c:5c:f6:21:8a:ca:2d:ab:e6:4e:12:8e: d1:8d:ee:8a -----BEGIN CERTIFICATE----- MIIGSzCCBTOgAwIBAgISAZt3xqnythVIxv8wg01q6rqoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDQxNzQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZThkMjA1Yzc5OGVkNzhmM2M0NGNhMGM4ZjI4NTJlOGJlYzhlYWEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6eiiXBP0ACGaYmT5BpPq8vccXPvp +ALY5dba8CE5FVgfWYjxoVznlUn2uGEeDzc7At3f6/fR51GqpRPPeA/D9TV/D7Fi VxkiQBTo/gBnXksB7hzpCbNASO8MYpY/TCwOITt2tJWzYfEmESM/OapDQh6MnlK9 YzU1TxHt3J6Jr4PT16+080rBxiFYGWs/4691gZwzkQ3uKN0cUhnWHpDXqPX1knQA hsxVOGqMeP9EZbnuwBnT6eg83c4hEl/lyzcBDOiic96O2O9FTINVq2M7RQpA2rr1 kKQabFEsdNyHkmGZLZItXT3QYId2fHC7zxPM6X3JKaVcv1VYxCSLYrwGswIDAQAB o4IDVzCCA1MwHQYDVR0OBBYEFB6NIFx5jtePPETKDI8oUui+yOqiMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2QwLzI5ODg5 OC03NDU0LTQwMmItODFlOS1lZTFiZDM0NGYwMTUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAvMjk4ODk4 LTc0NTQtNDAyYi04MWU5LWVlMWJkMzQ0ZjAxNS8xL0hvMGdYSG1PMTQ4OFJNb01q eWhTNkw3STZxSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHQBggrBgEF BQcBBwEB/wSBwDCBvTCBqwQCAAEwgaQDBAUFKuADBAYFhMADBAMFlYADBAUlTOAw DAMEAyW6GAMEACW6HgMEBS4mQAMEBi6PgAMEBk1PQAMEAk3cdAMEBFEYkAMEB1dl gAMEBFuTsAMEA12/aAMEBnr+QAMEBoB/wAMEBIDM8AMEBpXoQAMEBp5QgAMEA6TX KAMEArkUSAMEArkt1AMEArk2kAMEArmjeAMEBdWmgAMEA9kagAMEBdmqIDANBAIA AjAHAwUAKgBUADAfBggrBgEFBQcBCAEB/wQQMA6gDDAKAgMAi6kCAwC8TDANBgkq hkiG9w0BAQsFAAOCAQEAGEqDgX8arXA4pKWZTRFyPwPGTDBetJMH54Z2FxzmTE1i j2ANmD05fNksRn1DYDAixlotMJb3402IJ5VWxkek3U/TT3rSxaWZ3xyVd1PKWLaE fb56qGNbNHrkrBsSWyoRDBM6Kt+3U1FWvSikshcOLFPLXTjv1cg0UA20q/VPk/qw 8XLboJi/MILB3a1ERMwLDW1B2ySnnC8m3x5H9EVEqkk28Es/4wM9urG8P/yxDNjq c67GS1j/IVSUhovWCyVlXb7CZdhGFAhDm4APYAmuCx8g0aYhab4RMz1Wdti+EMAL Mz3kyaLX3OexMgqXhhqQXFz2IYrKLavmThKO0Y3uig== -----END CERTIFICATE-----Generated at Sun Jan 25 12:10:47 2026 by rpki-client