This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KJVOKPbgHKXHNTvDcvNppfUdm7Q.cer File: KJVOKPbgHKXHNTvDcvNppfUdm7Q.cer (raw, json) Hash identifier: Z7ENsdY6GsR8bUvetT3nBCNGDSmhXDlltVn0FwOa39c= Subject key identifier: 28:95:4E:28:F6:E0:1C:A5:C7:35:3B:C3:72:F3:69:A5:F5:1D:9B:B4 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B783544BE0D89B40F821BB9F4E698B500 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/55/f37027-afc4-444f-8008-95ce2c755d47/1/KJVOKPbgHKXHNTvDcvNppfUdm7Q.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/55/f37027-afc4-444f-8008-95ce2c755d47/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 06:18:35 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 193.138.80.0/24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:35:44:be:0d:89:b4:0f:82:1b:b9:f4:e6:98:b5:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 06:18:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=28954e28f6e01ca5c7353bc372f369a5f51d9bb4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:d1:28:3f:e1:36:c6:94:2d:54:23:12:17:d6: 37:ed:ae:a5:8c:4f:a8:0e:17:1e:31:ce:ee:5e:40: 3d:b6:ba:a2:91:a3:47:e8:be:d0:26:dc:9a:1a:0f: 31:91:d4:48:27:70:08:57:92:ed:6c:17:82:24:df: 1b:8c:05:a2:33:0c:a0:ea:62:a4:7a:67:bb:e8:e2: ca:2d:55:37:0d:cb:9d:d0:8f:4e:0a:8a:7d:cc:0c: de:a8:29:12:ca:1f:94:df:8a:37:7e:e3:5b:62:0e: 59:8f:3c:df:b4:f9:33:8b:aa:3a:4b:46:f1:7b:0c: 23:06:82:e6:9a:48:34:d5:72:85:d0:16:36:b0:eb: 07:17:28:04:95:66:bd:f3:ed:ae:8d:c1:95:1a:b3: 94:32:bc:6f:0a:86:05:f2:c1:15:4c:60:8b:1c:aa: 8b:32:8d:b9:80:1c:03:a6:3d:ac:3b:84:a1:2a:fd: f6:5f:75:86:19:dd:40:cf:14:88:9a:1b:5c:72:3f: b5:d0:f0:06:22:e9:8f:ed:a8:14:dd:de:04:59:1a: e6:67:c8:d3:46:d9:1a:62:5d:92:35:a0:6c:08:54: ae:fa:87:b4:db:cf:a3:46:a4:69:04:b9:2f:45:46: a7:37:db:3a:3e:2f:8a:77:dd:69:a5:1f:c9:91:20: a0:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:95:4E:28:F6:E0:1C:A5:C7:35:3B:C3:72:F3:69:A5:F5:1D:9B:B4 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f37027-afc4-444f-8008-95ce2c755d47/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f37027-afc4-444f-8008-95ce2c755d47/1/KJVOKPbgHKXHNTvDcvNppfUdm7Q.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.138.80.0/24 Signature Algorithm: sha256WithRSAEncryption 54:52:88:47:8f:c9:fb:8e:29:66:1c:ba:13:80:42:0f:2a:cf: 64:f0:b0:52:0b:ca:44:a1:82:b6:94:18:9e:2b:84:ad:73:22: bd:73:26:28:e5:df:25:ae:64:56:af:43:13:ec:76:e7:a5:45: e2:66:38:5e:61:38:27:39:8b:f8:d3:e6:5c:58:eb:a5:12:06: 2d:df:47:5d:cd:c2:c0:55:9e:f0:4c:d6:72:2e:a9:36:ff:44: ec:0f:7d:97:d8:0a:ee:4e:c2:f0:b7:58:5e:d2:fa:fc:4c:0e: 12:5e:16:c1:09:22:5c:6d:ab:78:86:d2:d2:da:99:c0:14:53: d4:af:a0:ba:eb:26:df:23:d0:ec:42:9a:ca:e6:47:df:45:e9: 32:3d:0f:09:65:b5:69:02:86:5d:8e:8f:a7:20:6f:36:c6:50: 07:1f:5e:ab:cb:f7:80:ec:99:65:c5:bb:6a:58:ea:76:5e:cd: d1:7c:af:99:9e:d4:29:20:a5:ba:6c:a1:a7:29:4a:43:42:56: ef:51:3e:b2:eb:a4:94:f6:61:0d:64:a2:67:aa:f0:45:51:ee: 65:6b:a0:20:f2:15:12:07:ff:88:36:55:67:52:80:bf:26:86: 40:72:4e:52:06:f9:2b:98:ac:90:4e:6e:20:8a:21:e9:cf:1b: 3d:f0:f2:e9 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgISAZt4NUS+DYm0D4IbufTmmLUAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMDYxODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyODk1NGUyOGY2ZTAxY2E1YzczNTNiYzM3MmYzNjlhNWY1MWQ5YmI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9EoP+E2xpQtVCMSF9Y37a6ljE+o DhceMc7uXkA9trqikaNH6L7QJtyaGg8xkdRIJ3AIV5LtbBeCJN8bjAWiMwyg6mKk eme76OLKLVU3Dcud0I9OCop9zAzeqCkSyh+U34o3fuNbYg5ZjzzftPkzi6o6S0bx ewwjBoLmmkg01XKF0BY2sOsHFygElWa98+2ujcGVGrOUMrxvCoYF8sEVTGCLHKqL Mo25gBwDpj2sO4ShKv32X3WGGd1AzxSImhtccj+10PAGIumP7agU3d4EWRrmZ8jT RtkaYl2SNaBsCFSu+oe028+jRqRpBLkvRUanN9s6Pi+Kd91ppR/JkSCgmQIDAQAB o4IChDCCAoAwHQYDVR0OBBYEFCiVTij24BylxzU7w3LzaaX1HZu0MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU1L2YzNzAy Ny1hZmM0LTQ0NGYtODAwOC05NWNlMmM3NTVkNDcvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTUvZjM3MDI3 LWFmYzQtNDQ0Zi04MDA4LTk1Y2UyYzc1NWQ0Ny8xL0tKVk9LUGJnSEtYSE5UdkRj dk5wcGZVZG03US5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQAwYpQMA0GCSqGSIb3DQEBCwUAA4IBAQBUUohH j8n7jilmHLoTgEIPKs9k8LBSC8pEoYK2lBieK4StcyK9cyYo5d8lrmRWr0MT7Hbn pUXiZjheYTgnOYv40+ZcWOulEgYt30ddzcLAVZ7wTNZyLqk2/0TsD32X2AruTsLw t1he0vr8TA4SXhbBCSJcbat4htLS2pnAFFPUr6C66ybfI9DsQprK5kffRekyPQ8J ZbVpAoZdjo+nIG82xlAHH16ry/eA7JllxbtqWOp2Xs3RfK+ZntQpIKW6bKGnKUpD QlbvUT6y66SU9mENZKJnqvBFUe5la6Ag8hUSB/+INlVnUoC/JoZAck5SBvkrmKyQ Tm4giiHpzxs98PLp -----END CERTIFICATE-----Generated at Sun Jan 25 19:06:20 2026 by rpki-client