This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KflnDuKjDqyMCjncR_96jNJHOwA.cer File: KflnDuKjDqyMCjncR_96jNJHOwA.cer (raw, json) Hash identifier: JX30HCBmTO92Rq+q5uyAZqyowyuThwCyrE5BvOL69uA= Subject key identifier: 29:F9:67:0E:E2:A3:0E:AC:8C:0A:39:DC:47:FF:7A:8C:D2:47:3B:00 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7FF269511F7B5105BC7DF4C581091A62 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/86/2ff76d-f116-4430-8407-6e29efdfd4e3/1/KflnDuKjDqyMCjncR_96jNJHOwA.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/86/2ff76d-f116-4430-8407-6e29efdfd4e3/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 18:22:31 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 209114 IP: 193.33.120.0/24 IP: 194.31.130.0/24 IP: 212.56.58.0/23 IP: 2a12:6e40::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:69:51:1f:7b:51:05:bc:7d:f4:c5:81:09:1a:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 18:22:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=29f9670ee2a30eac8c0a39dc47ff7a8cd2473b00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:07:0d:e3:62:6b:f0:94:ff:97:6e:bc:64:84: 06:f2:b9:df:67:8d:d8:7e:0a:9d:9c:a7:e3:dc:c4: a7:0d:a4:07:92:68:6a:74:a4:1b:27:c3:22:d6:41: c0:90:4e:fe:1a:cb:f3:34:f3:f5:04:0d:ed:61:9b: d7:3a:46:0b:78:75:90:52:50:55:96:83:0c:88:da: 20:d2:90:62:9b:87:2b:8e:04:12:3f:8e:19:dd:65: 47:d1:1f:ee:73:88:88:95:39:53:4c:0d:bc:57:49: 9c:60:a0:d2:aa:c8:18:86:b4:4e:2c:d6:a6:11:c3: 4c:b1:55:04:8a:cb:2e:4f:82:5c:0d:51:83:43:74: 00:4c:42:81:e5:a0:7c:f4:20:ba:20:8a:bb:3f:9e: de:ae:6d:cf:71:c3:ce:9f:f1:a7:a3:b6:f7:85:bc: c0:0b:40:23:d4:9d:12:cb:a9:15:4c:ef:c4:8b:41: fb:24:d3:17:67:7a:1d:2b:2b:9b:57:cf:ad:18:6d: 20:86:03:cc:46:f4:5c:47:7a:a5:45:73:64:a7:a0: de:10:48:23:e4:3e:92:c3:df:dd:e0:56:6d:63:e1: 40:7e:2d:4c:ee:8d:49:8f:d7:f9:79:e0:ad:9c:8b: 6b:20:12:c0:64:2a:52:65:03:b6:14:cb:ed:24:d5: b6:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:F9:67:0E:E2:A3:0E:AC:8C:0A:39:DC:47:FF:7A:8C:D2:47:3B:00 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/2ff76d-f116-4430-8407-6e29efdfd4e3/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/2ff76d-f116-4430-8407-6e29efdfd4e3/1/KflnDuKjDqyMCjncR_96jNJHOwA.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.33.120.0/24 194.31.130.0/24 212.56.58.0/23 IPv6: 2a12:6e40::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 209114 Signature Algorithm: sha256WithRSAEncryption 23:df:47:30:b5:bd:3e:0e:74:c8:1d:9c:63:34:69:2b:ae:a9: 76:77:94:d0:2a:6e:6c:fd:8e:2d:e1:46:49:9e:5d:56:df:ff: 32:aa:e0:34:83:e3:55:cf:8a:77:a3:fb:95:7d:86:5e:94:c1: c6:f7:5d:18:3e:1c:21:69:b7:42:28:0d:cb:41:a9:b0:fd:64: 76:20:40:5e:ee:11:73:8e:3c:9d:12:ca:1f:02:9d:ef:9b:d6: d4:9c:bf:42:f2:cc:97:bd:b7:e5:3f:c9:98:34:42:4d:60:44: c3:f0:d0:1c:79:a1:04:63:c1:eb:4b:83:24:32:77:a6:bb:5b: c9:b6:c2:ce:9f:db:c1:7f:85:bb:88:bf:19:8c:f9:50:71:a8: a5:1a:90:98:0b:8b:1e:25:62:48:e7:d2:25:05:b3:d2:b2:4e: 68:e8:61:f0:96:87:92:b6:1b:e8:57:82:97:07:76:3c:11:2c: 7c:07:2c:45:a8:f4:a2:e6:82:86:4a:5a:c1:e1:4a:b9:b6:ff: a6:a0:c6:80:04:01:3c:73:a5:f6:9d:93:06:62:b6:82:4e:11: 2c:4c:85:f0:8f:d9:75:05:ca:dd:6f:fb:6d:33:12:a1:b8:55: 73:70:85:e5:b8:47:ba:d1:1c:cb:57:a5:8c:bb:16:64:85:c6: f2:ef:ff:5d -----BEGIN CERTIFICATE----- MIIFrzCCBJegAwIBAgISAZt/8mlRH3tRBbx99MWBCRpiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTgyMjMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOWY5NjcwZWUyYTMwZWFjOGMwYTM5ZGM0N2ZmN2E4Y2QyNDczYjAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAcN42Jr8JT/l268ZIQG8rnfZ43Y fgqdnKfj3MSnDaQHkmhqdKQbJ8Mi1kHAkE7+GsvzNPP1BA3tYZvXOkYLeHWQUlBV loMMiNog0pBim4crjgQSP44Z3WVH0R/uc4iIlTlTTA28V0mcYKDSqsgYhrROLNam EcNMsVUEissuT4JcDVGDQ3QATEKB5aB89CC6IIq7P57erm3PccPOn/Gno7b3hbzA C0Aj1J0Sy6kVTO/Ei0H7JNMXZ3odKyubV8+tGG0ghgPMRvRcR3qlRXNkp6DeEEgj 5D6Sw9/d4FZtY+FAfi1M7o1Jj9f5eeCtnItrIBLAZCpSZQO2FMvtJNW28wIDAQAB o4ICuzCCArcwHQYDVR0OBBYEFCn5Zw7iow6sjAo53Ef/eozSRzsAMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg2LzJmZjc2 ZC1mMTE2LTQ0MzAtODQwNy02ZTI5ZWZkZmQ0ZTMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYvMmZmNzZk LWYxMTYtNDQzMC04NDA3LTZlMjllZmRmZDRlMy8xL0tmbG5EdUtqRHF5TUNqbmNS Xzk2ak5KSE93QS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF BwEHAQH/BCswKTAYBAIAATASAwQAwSF4AwQAwh+CAwQB1Dg6MA0EAgACMAcDBQMq Em5AMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMw2jANBgkqhkiG9w0BAQsFAAOC AQEAI99HMLW9Pg50yB2cYzRpK66pdneU0CpubP2OLeFGSZ5dVt//MqrgNIPjVc+K d6P7lX2GXpTBxvddGD4cIWm3QigNy0GpsP1kdiBAXu4Rc448nRLKHwKd75vW1Jy/ QvLMl7235T/JmDRCTWBEw/DQHHmhBGPB60uDJDJ3prtbybbCzp/bwX+Fu4i/GYz5 UHGopRqQmAuLHiViSOfSJQWz0rJOaOhh8JaHkrYb6FeClwd2PBEsfAcsRaj0ouaC hkpaweFKubb/pqDGgAQBPHOl9p2TBmK2gk4RLEyF8I/ZdQXK3W/7bTMSobhVc3CF 5bhHutEcy1eljLsWZIXG8u//XQ== -----END CERTIFICATE-----Generated at Mon Jan 26 05:56:45 2026 by rpki-client