This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/SQsh95ueovPQQjdHFIZ9EkAZlds.cer File: SQsh95ueovPQQjdHFIZ9EkAZlds.cer (raw, json) Hash identifier: lEKiItv09nWx1bE63NtVkLiEzUpKIzzs2JUoQ6WUvTc= Subject key identifier: 49:0B:21:F7:9B:9E:A2:F3:D0:42:37:47:14:86:7D:12:40:19:95:DB Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019AE3AF0A9C7BD84A60E64AD7318AAAD362 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/SQsh95ueovPQQjdHFIZ9EkAZlds.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Wed 03 Dec 2025 10:08:10 +0000 Certificate not after: Wed 01 Jul 2026 00:00:00 +0000 Subordinate resources: AS: 51043 IP: 5.22.136.0/21 IP: 77.73.9.0/24 IP: 77.73.12.0/24 IP: 82.197.74.0/24 IP: 83.98.32.0/19 IP: 148.253.160.0/19 IP: 159.242.64.0/18 IP: 178.23.128.0/21 IP: 185.59.180.0/22 IP: 185.173.67.0/24 IP: 195.184.238.0/23 IP: 212.47.86.0/23 IP: 2a00:ed40::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:e3:af:0a:9c:7b:d8:4a:60:e6:4a:d7:31:8a:aa:d3:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Dec 3 10:08:10 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=490b21f79b9ea2f3d042374714867d12401995db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:39:7e:17:8c:71:b7:54:47:bf:ed:e1:f3:c1: a1:3f:91:20:37:8c:ea:53:57:9f:75:3b:19:95:14: 71:1b:a1:ce:87:28:7b:dd:13:e1:3f:56:0e:2d:8f: 3e:80:05:90:04:ce:ad:e2:68:40:3c:7d:48:99:5b: 16:94:d8:6d:c5:3a:3b:37:13:97:36:cb:f2:c9:4d: 0a:b6:21:81:0a:7c:7f:98:77:85:20:63:bd:60:56: 88:86:aa:1f:cd:fa:c6:3f:4b:2b:57:35:51:6e:a9: 5b:75:17:00:03:64:ed:78:30:2b:f6:49:2e:d7:3d: 62:13:fb:1c:03:5d:24:a9:a6:f0:d5:9e:03:8e:b0: 86:0f:a6:a0:27:87:20:15:f9:1e:f6:23:5f:66:24: a2:a0:d8:b0:77:5a:db:19:c3:0b:a1:41:86:3d:ab: b6:4a:a5:4b:43:f8:f2:82:1e:6a:e1:a7:13:bf:19: 03:a1:52:16:d9:dc:cc:83:47:4b:df:6d:88:21:66: a7:30:64:04:01:99:9b:c2:a1:89:06:a7:80:7e:80: 8c:5a:3f:de:c5:66:5b:58:71:e0:67:1c:50:a3:b1: d5:a8:0f:c5:f4:fe:09:9e:91:8d:22:b1:1d:43:26: be:76:bc:1f:90:75:21:59:d1:5f:2c:78:14:3b:f5: 88:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:0B:21:F7:9B:9E:A2:F3:D0:42:37:47:14:86:7D:12:40:19:95:DB X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/SQsh95ueovPQQjdHFIZ9EkAZlds.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.22.136.0/21 77.73.9.0/24 77.73.12.0/24 82.197.74.0/24 83.98.32.0/19 148.253.160.0/19 159.242.64.0/18 178.23.128.0/21 185.59.180.0/22 185.173.67.0/24 195.184.238.0/23 212.47.86.0/23 IPv6: 2a00:ed40::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 51043 Signature Algorithm: sha256WithRSAEncryption 91:9e:a1:1e:86:88:ea:d0:21:91:e0:7d:ec:1b:b4:04:92:c9: 36:24:5a:9a:d9:78:b9:c7:7f:c3:60:0f:72:fc:10:6d:42:e3: a5:95:86:df:a1:dd:95:5f:21:74:b0:37:48:24:57:2b:f0:68: af:ee:a9:ab:e6:a0:d6:6b:6c:7b:f6:db:d5:26:79:41:bb:04: eb:82:8b:1f:0e:ce:f3:4c:05:31:38:77:e3:db:fd:aa:38:53: 80:9e:e6:2a:19:a6:92:bf:37:6b:91:76:a0:f8:09:2e:dc:a0: 89:53:9a:d1:a2:59:6e:8c:ea:52:a5:5e:16:7e:7f:dd:2b:e9: f9:02:05:8a:89:d0:a6:7f:9c:b3:cf:13:33:6d:0c:72:cd:ab: d6:40:df:6c:58:c6:8a:b9:dd:3c:f4:d2:c9:ab:63:fe:51:81: 4f:b5:b3:e2:3a:f7:d7:ad:77:dc:3c:f4:44:69:cc:be:8b:a3: 01:7f:16:0b:93:f6:51:08:e4:d2:84:0f:0c:d5:f2:49:74:be: 75:e2:15:f1:f0:45:a9:07:2c:bb:4f:dc:8d:bf:11:52:f1:10: ff:18:51:f1:4a:73:c4:e0:eb:f3:d2:4c:df:b4:e7:91:bf:a6: 98:84:2e:9a:b9:d0:32:6a:de:0c:f9:20:1f:94:d4:69:86:02: de:a3:a8:1f -----BEGIN CERTIFICATE----- MIIF5TCCBM2gAwIBAgISAZrjrwqce9hKYOZK1zGKqtNiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjUxMjAzMTAwODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0OTBiMjFmNzliOWVhMmYzZDA0MjM3NDcxNDg2N2QxMjQwMTk5NWRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjl+F4xxt1RHv+3h88GhP5EgN4zq U1efdTsZlRRxG6HOhyh73RPhP1YOLY8+gAWQBM6t4mhAPH1ImVsWlNhtxTo7NxOX NsvyyU0KtiGBCnx/mHeFIGO9YFaIhqofzfrGP0srVzVRbqlbdRcAA2TteDAr9kku 1z1iE/scA10kqabw1Z4DjrCGD6agJ4cgFfke9iNfZiSioNiwd1rbGcMLoUGGPau2 SqVLQ/jygh5q4acTvxkDoVIW2dzMg0dL322IIWanMGQEAZmbwqGJBqeAfoCMWj/e xWZbWHHgZxxQo7HVqA/F9P4JnpGNIrEdQya+drwfkHUhWdFfLHgUO/WI/QIDAQAB o4IC8TCCAu0wHQYDVR0OBBYEFEkLIfebnqLz0EI3RxSGfRJAGZXbMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FlL2UxMDE2 NS1iNGNkLTQzMjEtYmYzYy00ODBjMzJmNDAwZTEvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWUvZTEwMTY1 LWI0Y2QtNDMyMS1iZjNjLTQ4MGMzMmY0MDBlMS8xL1NRc2g5NXVlb3ZQUVFqZEhG SVo5RWtBWmxkcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHAGCCsGAQUF BwEHAQH/BGEwXzBOBAIAATBIAwQDBRaIAwQATUkJAwQATUkMAwQAUsVKAwQFU2Ig AwQFlP2gAwQGn/JAAwQDsheAAwQCuTu0AwQAua1DAwQBw7juAwQB1C9WMA0EAgAC MAcDBQAqAO1AMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwDHYzANBgkqhkiG9w0B AQsFAAOCAQEAkZ6hHoaI6tAhkeB97Bu0BJLJNiRamtl4ucd/w2APcvwQbULjpZWG 36HdlV8hdLA3SCRXK/Bor+6pq+ag1mtse/bb1SZ5QbsE64KLHw7O80wFMTh349v9 qjhTgJ7mKhmmkr83a5F2oPgJLtygiVOa0aJZbozqUqVeFn5/3Svp+QIFionQpn+c s88TM20Mcs2r1kDfbFjGirndPPTSyatj/lGBT7Wz4jr316133Dz0RGnMvoujAX8W C5P2UQjk0oQPDNXySXS+deIV8fBFqQcsu0/cjb8RUvEQ/xhR8UpzxODr89JM37Tn kb+mmIQumrnQMmreDPkgH5TUaYYC3qOoHw== -----END CERTIFICATE-----Generated at Sat Dec 6 08:13:03 2025 by rpki-client