This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KqF-1AdDLEGLHJ6vYf0cocv_anQ.cer File: KqF-1AdDLEGLHJ6vYf0cocv_anQ.cer (raw, json) Hash identifier: ltSMPDnm7Thavl3DC7dytTourItr0SIqoOZoeub08uc= Subject key identifier: 2A:A1:7E:D4:07:43:2C:41:8B:1C:9E:AF:61:FD:1C:A1:CB:FF:6A:74 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7BA3B8B01FEC491981A4E810FD91426A Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/96/54d437-a277-41bd-988f-950f0a0101a9/1/KqF-1AdDLEGLHJ6vYf0cocv_anQ.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/96/54d437-a277-41bd-988f-950f0a0101a9/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 22:18:05 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 194.124.145.0 -- 194.124.147.255 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:b8:b0:1f:ec:49:19:81:a4:e8:10:fd:91:42:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 22:18:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2aa17ed407432c418b1c9eaf61fd1ca1cbff6a74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:c1:63:84:77:00:ed:b8:ba:09:71:21:bd:e8: e1:9c:c9:b2:c6:44:db:c8:d5:bf:63:2f:0d:4a:4f: b0:f6:2b:46:c8:3a:f6:5f:4d:2c:09:fa:4d:60:84: 99:a1:b4:89:1b:d1:f6:f4:fc:bc:76:05:f2:06:b3: 3e:39:1f:0a:cf:d8:39:6a:42:57:61:76:12:59:b4: be:9d:17:6a:df:15:5e:4b:31:6e:c4:0c:6a:67:57: c1:11:99:f9:e3:1c:98:5b:69:e1:78:7e:f8:9f:e0: 6a:97:f7:2b:70:19:0f:9f:a2:a7:91:8a:bc:9c:8e: f3:b0:78:83:17:a2:45:00:a8:94:bd:54:c7:b8:88: 49:2e:9e:8a:6b:c1:ba:c2:f5:83:aa:b5:af:31:2f: 3d:36:c8:52:8e:90:80:6b:9a:87:44:fd:fd:1f:f5: 8a:10:97:11:18:92:cd:bc:ac:cf:db:07:4d:47:3e: c4:47:e3:f9:fe:e5:08:b7:a2:59:7d:1d:0b:d2:c7: dc:89:5b:92:fb:14:19:27:5e:37:03:e2:84:63:91: 80:e7:d7:aa:e1:a5:04:d4:4e:7a:9b:92:42:d5:b0: a8:33:44:da:ec:b8:f7:83:e5:c2:5c:9c:90:65:72: c7:e6:02:dd:64:3e:db:64:c3:6e:79:5b:2c:d5:30: 40:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:A1:7E:D4:07:43:2C:41:8B:1C:9E:AF:61:FD:1C:A1:CB:FF:6A:74 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/54d437-a277-41bd-988f-950f0a0101a9/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/54d437-a277-41bd-988f-950f0a0101a9/1/KqF-1AdDLEGLHJ6vYf0cocv_anQ.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.124.145.0-194.124.147.255 Signature Algorithm: sha256WithRSAEncryption 32:e0:de:4f:b8:ba:1d:dc:8c:bc:6c:5e:d7:9c:f8:50:ed:77: 6f:0c:d3:21:bc:e2:5c:56:4e:61:28:ff:28:03:55:5f:5f:a6: aa:5e:be:9b:8d:7f:43:7b:31:67:18:0c:ad:1e:5f:a3:5f:ff: cd:0d:46:bb:aa:e4:b0:0d:ed:c3:94:6f:8a:c7:ff:96:d6:88: db:23:f4:77:9c:15:d2:b2:9b:b8:b9:19:f9:1b:8e:77:4a:7e: 6c:1e:75:44:c5:fe:dd:19:45:f5:a2:3c:f7:6f:5e:40:1e:c4: 8e:a9:7f:a3:d2:57:fc:bb:e7:f0:33:ef:23:1d:f8:9d:83:39: 70:fd:8f:df:7a:07:35:ab:ee:cd:d1:d3:db:61:5c:f6:d4:3f: 64:64:f8:1c:b9:d9:dc:b5:5d:df:f6:ec:12:2d:3e:61:e7:cf: 61:b0:15:c1:dd:55:bf:6b:1a:d6:44:ce:61:a0:3a:f0:f8:d9: 1f:95:2b:35:e1:59:84:6c:82:23:82:97:67:d7:da:06:e2:f5: f2:04:ca:90:f0:41:66:ff:f0:93:83:54:c6:a5:22:97:46:75: e8:00:b4:10:2d:9a:38:99:8d:b2:71:1d:ed:52:00:dd:c6:28: c2:8d:3d:c5:14:cc:32:3b:3a:f6:39:04:6d:d5:f8:c8:a6:de: fd:70:57:9b -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgISAZt7o7iwH+xJGYGk6BD9kUJqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjIxODA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYWExN2VkNDA3NDMyYzQxOGIxYzllYWY2MWZkMWNhMWNiZmY2YTc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8FjhHcA7bi6CXEhvejhnMmyxkTb yNW/Yy8NSk+w9itGyDr2X00sCfpNYISZobSJG9H29Py8dgXyBrM+OR8Kz9g5akJX YXYSWbS+nRdq3xVeSzFuxAxqZ1fBEZn54xyYW2nheH74n+Bql/crcBkPn6KnkYq8 nI7zsHiDF6JFAKiUvVTHuIhJLp6Ka8G6wvWDqrWvMS89NshSjpCAa5qHRP39H/WK EJcRGJLNvKzP2wdNRz7ER+P5/uUIt6JZfR0L0sfciVuS+xQZJ143A+KEY5GA59eq 4aUE1E56m5JC1bCoM0Ta7Lj3g+XCXJyQZXLH5gLdZD7bZMNueVss1TBAFwIDAQAB o4ICjDCCAogwHQYDVR0OBBYEFCqhftQHQyxBixyer2H9HKHL/2p0MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk2LzU0ZDQz Ny1hMjc3LTQxYmQtOTg4Zi05NTBmMGEwMTAxYTkvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTYvNTRkNDM3 LWEyNzctNDFiZC05ODhmLTk1MGYwYTAxMDFhOS8xL0txRi0xQWRETEVHTEhKNnZZ ZjBjb2N2X2FuUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCcGCCsGAQUF BwEHAQH/BBgwFjAUBAIAATAOMAwDBADCfJEDBALCfJAwDQYJKoZIhvcNAQELBQAD ggEBADLg3k+4uh3cjLxsXtec+FDtd28M0yG84lxWTmEo/ygDVV9fpqpevpuNf0N7 MWcYDK0eX6Nf/80NRruq5LAN7cOUb4rH/5bWiNsj9HecFdKym7i5GfkbjndKfmwe dUTF/t0ZRfWiPPdvXkAexI6pf6PSV/y75/Az7yMd+J2DOXD9j996BzWr7s3R09th XPbUP2Rk+By52dy1Xd/27BItPmHnz2GwFcHdVb9rGtZEzmGgOvD42R+VKzXhWYRs giOCl2fX2gbi9fIEypDwQWb/8JODVMalIpdGdegAtBAtmjiZjbJxHe1SAN3GKMKN PcUUzDI7OvY5BG3V+Mim3v1wV5s= -----END CERTIFICATE-----Generated at Mon Jan 26 10:55:45 2026 by rpki-client