This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/MtRJGf3QivuaTQqHeJIwESUd1_A.cer File: MtRJGf3QivuaTQqHeJIwESUd1_A.cer (raw, json) Hash identifier: 4uVL8OAy+uksJLESIzIclbspRoRxx8KI41Ou6JGBPWM= Subject key identifier: 32:D4:49:19:FD:D0:8A:FB:9A:4D:0A:87:78:92:30:11:25:1D:D7:F0 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B99143A79624761483C7654AE4D16F578 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/MtRJGf3QivuaTQqHeJIwESUd1_A.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Wed 07 Jan 2026 15:29:58 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 64.38.116.0/24 IP: 65.38.123.0/24 IP: 65.79.176.0/24 IP: 66.45.76.0/24 IP: 66.45.113.0/24 IP: 66.179.15.0/24 IP: 66.179.141.0 -- 66.179.142.255 IP: 66.179.156.0/24 IP: 66.179.176.0/24 IP: 173.252.145.0/24 IP: 173.252.160.0/24 IP: 173.252.166.0/24 IP: 185.5.145.0 -- 185.5.146.255 IP: 193.142.132.0/22 IP: 193.228.72.0/22 IP: 194.33.156.0/22 IP: 194.34.128.0/22 IP: 194.110.48.0/22 IP: 209.46.1.0/24 IP: 209.46.39.0/24 IP: 216.183.105.0/24 IP: 216.183.109.0/24 IP: 216.183.115.0/24 IP: 216.183.123.0/24 IP: 216.203.13.0/24 IP: 216.203.31.0/24 IP: 216.203.38.0/24 IP: 216.203.56.0/24 IP: 216.245.152.0/24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:99:14:3a:79:62:47:61:48:3c:76:54:ae:4d:16:f5:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 7 15:29:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=32d44919fdd08afb9a4d0a8778923011251dd7f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:15:99:a3:41:e9:da:08:7c:cb:15:7c:2b:ff: 97:4a:30:68:3f:53:da:92:bb:c6:fa:e2:36:7c:5f: 1f:39:44:c7:da:0d:8d:3e:35:aa:b6:01:56:e0:eb: 8a:16:46:20:66:78:23:0a:5d:2e:0b:cb:63:dd:65: 7b:00:ef:6b:7e:05:ba:ed:7b:5a:04:23:13:6b:be: 68:1f:d2:66:c9:97:3a:02:74:03:b6:15:3b:2c:86: 8c:ca:a3:29:7a:38:0b:de:0f:37:aa:cd:99:ba:e4: 62:2d:bf:d5:31:06:b5:3e:7f:7c:93:66:a5:43:10: 0f:b9:bc:6d:01:3a:f3:d6:53:cf:fe:18:e7:4e:c4: c7:c2:59:6c:96:04:7c:26:f4:ff:34:a4:b4:f8:bc: d9:79:ad:72:ab:3c:33:93:5c:e7:7d:17:c8:b1:61: 61:6c:39:c1:7d:42:fb:19:f2:90:75:28:d5:72:ac: 2a:fa:f1:42:bb:b8:85:9b:06:d9:70:38:fa:ae:72: 4d:e4:d4:fc:7a:20:35:98:c7:e6:fe:70:9b:cd:7c: f8:8e:48:a4:01:e8:82:32:f4:96:18:c3:bf:77:a6: b2:7b:58:ec:af:2a:47:ad:43:84:50:ed:00:5d:d7: 5a:aa:c3:e5:e2:bd:e2:40:fb:b9:cf:ac:ff:b9:78: 9d:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:D4:49:19:FD:D0:8A:FB:9A:4D:0A:87:78:92:30:11:25:1D:D7:F0 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/MtRJGf3QivuaTQqHeJIwESUd1_A.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 64.38.116.0/24 65.38.123.0/24 65.79.176.0/24 66.45.76.0/24 66.45.113.0/24 66.179.15.0/24 66.179.141.0-66.179.142.255 66.179.156.0/24 66.179.176.0/24 173.252.145.0/24 173.252.160.0/24 173.252.166.0/24 185.5.145.0-185.5.146.255 193.142.132.0/22 193.228.72.0/22 194.33.156.0/22 194.34.128.0/22 194.110.48.0/22 209.46.1.0/24 209.46.39.0/24 216.183.105.0/24 216.183.109.0/24 216.183.115.0/24 216.183.123.0/24 216.203.13.0/24 216.203.31.0/24 216.203.38.0/24 216.203.56.0/24 216.245.152.0/24 Signature Algorithm: sha256WithRSAEncryption 40:6e:b8:4e:56:a8:83:15:b7:61:71:77:34:71:3e:57:b4:c7: eb:c8:0e:f2:a0:da:0e:e0:6b:b8:99:80:1a:b3:a2:51:07:7b: 25:1c:27:8a:7f:8b:aa:36:fd:10:e2:bc:b4:6d:b0:2d:c5:62: 2b:3b:91:64:db:18:89:70:6f:f1:5c:4a:65:8c:20:9e:ef:c1: 17:b3:c8:04:81:48:31:9b:cb:fa:dd:ce:51:cd:84:59:40:80: cb:1a:8a:8b:91:db:c9:b9:38:b5:00:6d:ea:9f:54:c1:6c:dd: 73:99:98:6b:79:56:9e:d3:c0:f6:1f:f5:89:62:30:0e:09:8d: 04:a0:a8:b8:fc:97:48:6e:e8:b4:30:66:ed:70:0c:b7:70:c5: 4e:bb:36:d5:c8:cf:21:e0:84:f3:4a:25:e9:85:e0:b0:82:ad: a4:b7:ab:63:e0:d4:b1:b4:40:4a:b5:5c:38:55:20:11:f5:9e: 8b:57:67:f4:76:cf:65:49:55:30:02:70:d8:39:ac:03:79:13: e5:35:28:57:2d:15:ca:9e:8b:ab:03:9a:6a:4d:d8:74:39:1b: 3d:88:43:4a:b0:00:ec:a0:fa:2c:82:e6:28:f4:79:f6:46:8f: 3d:4d:73:17:07:b2:9b:a2:55:6a:95:c7:c0:74:f1:89:c8:70: bd:f9:35:61 -----BEGIN CERTIFICATE----- MIIGNTCCBR2gAwIBAgISAZuZFDp5YkdhSDx2VK5NFvV4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTA3MTUyOTU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMmQ0NDkxOWZkZDA4YWZiOWE0ZDBhODc3ODkyMzAxMTI1MWRkN2YwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhWZo0Hp2gh8yxV8K/+XSjBoP1Pa krvG+uI2fF8fOUTH2g2NPjWqtgFW4OuKFkYgZngjCl0uC8tj3WV7AO9rfgW67Xta BCMTa75oH9JmyZc6AnQDthU7LIaMyqMpejgL3g83qs2ZuuRiLb/VMQa1Pn98k2al QxAPubxtATrz1lPP/hjnTsTHwllslgR8JvT/NKS0+LzZea1yqzwzk1znfRfIsWFh bDnBfUL7GfKQdSjVcqwq+vFCu7iFmwbZcDj6rnJN5NT8eiA1mMfm/nCbzXz4jkik AeiCMvSWGMO/d6aye1jsrypHrUOEUO0AXddaqsPl4r3iQPu5z6z/uXid1wIDAQAB o4IDQTCCAz0wHQYDVR0OBBYEFDLUSRn90Ir7mk0Kh3iSMBElHdfwMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZmL2ZkMjI5 NC1jZjM3LTRmYzktOWVkZC1hNGY3YjA4OGJjMWEvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmYvZmQyMjk0 LWNmMzctNGZjOS05ZWRkLWE0ZjdiMDg4YmMxYS8xL010UkpHZjNRaXZ1YVRRcUhl Skl3RVNVZDFfQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHbBggrBgEF BQcBBwEB/wSByzCByDCBxQQCAAEwgb4DBABAJnQDBABBJnsDBABBT7ADBABCLUwD BABCLXEDBABCsw8wDAMEAEKzjQMEAEKzjgMEAEKznAMEAEKzsAMEAK38kQMEAK38 oAMEAK38pjAMAwQAuQWRAwQAuQWSAwQCwY6EAwQCweRIAwQCwiGcAwQCwiKAAwQC wm4wAwQA0S4BAwQA0S4nAwQA2LdpAwQA2LdtAwQA2LdzAwQA2Ld7AwQA2MsNAwQA 2MsfAwQA2MsmAwQA2Ms4AwQA2PWYMA0GCSqGSIb3DQEBCwUAA4IBAQBAbrhOVqiD FbdhcXc0cT5XtMfryA7yoNoO4Gu4mYAas6JRB3slHCeKf4uqNv0Q4ry0bbAtxWIr O5Fk2xiJcG/xXEpljCCe78EXs8gEgUgxm8v63c5RzYRZQIDLGoqLkdvJuTi1AG3q n1TBbN1zmZhreVae08D2H/WJYjAOCY0EoKi4/JdIbui0MGbtcAy3cMVOuzbVyM8h 4ITzSiXpheCwgq2kt6tj4NSxtEBKtVw4VSAR9Z6LV2f0ds9lSVUwAnDYOawDeRPl NShXLRXKnourA5pqTdh0ORs9iENKsADsoPosguYo9Hn2Ro89TXMXB7KbolVqlcfA dPGJyHC9+TVh -----END CERTIFICATE-----Generated at Sun Jan 25 11:46:52 2026 by rpki-client