This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/SQsh95ueovPQQjdHFIZ9EkAZlds.cer File: SQsh95ueovPQQjdHFIZ9EkAZlds.cer (raw, json) Hash identifier: k8BhD44UvtUQnZAVc+FFoHkADPZBd5bX+n04pyTnKsQ= Subject key identifier: 49:0B:21:F7:9B:9E:A2:F3:D0:42:37:47:14:86:7D:12:40:19:95:DB Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7F837C8DE4ECA7346A7594188A07005B Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/SQsh95ueovPQQjdHFIZ9EkAZlds.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 16:21:22 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 51043 IP: 5.22.136.0/21 IP: 77.73.9.0/24 IP: 77.73.12.0/24 IP: 82.197.74.0/24 IP: 83.98.32.0/19 IP: 148.253.160.0/19 IP: 159.242.64.0/18 IP: 178.23.128.0/21 IP: 185.59.180.0/22 IP: 185.173.67.0/24 IP: 195.184.238.0/23 IP: 212.47.86.0/23 IP: 2a00:ed40::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:7c:8d:e4:ec:a7:34:6a:75:94:18:8a:07:00:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 16:21:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=490b21f79b9ea2f3d042374714867d12401995db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:39:7e:17:8c:71:b7:54:47:bf:ed:e1:f3:c1: a1:3f:91:20:37:8c:ea:53:57:9f:75:3b:19:95:14: 71:1b:a1:ce:87:28:7b:dd:13:e1:3f:56:0e:2d:8f: 3e:80:05:90:04:ce:ad:e2:68:40:3c:7d:48:99:5b: 16:94:d8:6d:c5:3a:3b:37:13:97:36:cb:f2:c9:4d: 0a:b6:21:81:0a:7c:7f:98:77:85:20:63:bd:60:56: 88:86:aa:1f:cd:fa:c6:3f:4b:2b:57:35:51:6e:a9: 5b:75:17:00:03:64:ed:78:30:2b:f6:49:2e:d7:3d: 62:13:fb:1c:03:5d:24:a9:a6:f0:d5:9e:03:8e:b0: 86:0f:a6:a0:27:87:20:15:f9:1e:f6:23:5f:66:24: a2:a0:d8:b0:77:5a:db:19:c3:0b:a1:41:86:3d:ab: b6:4a:a5:4b:43:f8:f2:82:1e:6a:e1:a7:13:bf:19: 03:a1:52:16:d9:dc:cc:83:47:4b:df:6d:88:21:66: a7:30:64:04:01:99:9b:c2:a1:89:06:a7:80:7e:80: 8c:5a:3f:de:c5:66:5b:58:71:e0:67:1c:50:a3:b1: d5:a8:0f:c5:f4:fe:09:9e:91:8d:22:b1:1d:43:26: be:76:bc:1f:90:75:21:59:d1:5f:2c:78:14:3b:f5: 88:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:0B:21:F7:9B:9E:A2:F3:D0:42:37:47:14:86:7D:12:40:19:95:DB X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/SQsh95ueovPQQjdHFIZ9EkAZlds.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.22.136.0/21 77.73.9.0/24 77.73.12.0/24 82.197.74.0/24 83.98.32.0/19 148.253.160.0/19 159.242.64.0/18 178.23.128.0/21 185.59.180.0/22 185.173.67.0/24 195.184.238.0/23 212.47.86.0/23 IPv6: 2a00:ed40::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 51043 Signature Algorithm: sha256WithRSAEncryption 82:38:ff:b4:3c:05:d4:27:1f:57:2c:40:56:4f:c0:9b:6e:ef: d1:f2:28:e8:f2:52:0a:86:12:5b:ea:4f:d7:a0:51:c4:ad:9d: 0d:d6:b5:4b:52:ee:d1:73:60:31:ea:ca:60:16:95:3e:0c:7a: 2c:d6:d2:4a:b2:13:f5:d6:31:fd:df:01:56:6d:23:87:d6:8c: b3:cb:5d:a3:d6:50:96:48:6b:07:d7:f3:a4:de:a2:54:e2:c2: b0:01:70:62:d6:ae:8f:bf:2d:61:ca:6c:03:ca:e5:d4:ff:55: 00:13:39:fb:93:02:aa:d1:de:be:84:33:d8:e5:28:5a:2d:4c: 74:e5:09:c2:73:a7:ee:51:de:73:3d:c3:7a:41:ff:9d:64:86: ba:9f:f7:e7:0b:7a:cc:d3:ee:ed:fa:3c:cd:d1:73:e5:4d:2f: ec:94:c9:d0:9d:77:cf:a7:f5:5f:e0:6e:27:f1:fa:6b:01:f3: ac:98:16:f0:8a:b7:1f:f1:bf:bb:84:b4:8a:7c:47:65:a9:c9: c8:40:f7:b6:74:6c:cc:29:b7:64:59:62:a1:bb:15:83:1e:f7: e0:cc:f9:07:d1:72:e3:f1:e1:f9:6d:16:f4:21:e1:4f:21:57: cd:be:a2:d4:4f:29:9f:ba:b4:74:f6:a8:2e:5a:8b:a6:a2:d4: 23:da:2f:db -----BEGIN CERTIFICATE----- MIIF5TCCBM2gAwIBAgISAZt/g3yN5OynNGp1lBiKBwBbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTYyMTIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0OTBiMjFmNzliOWVhMmYzZDA0MjM3NDcxNDg2N2QxMjQwMTk5NWRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjl+F4xxt1RHv+3h88GhP5EgN4zq U1efdTsZlRRxG6HOhyh73RPhP1YOLY8+gAWQBM6t4mhAPH1ImVsWlNhtxTo7NxOX NsvyyU0KtiGBCnx/mHeFIGO9YFaIhqofzfrGP0srVzVRbqlbdRcAA2TteDAr9kku 1z1iE/scA10kqabw1Z4DjrCGD6agJ4cgFfke9iNfZiSioNiwd1rbGcMLoUGGPau2 SqVLQ/jygh5q4acTvxkDoVIW2dzMg0dL322IIWanMGQEAZmbwqGJBqeAfoCMWj/e xWZbWHHgZxxQo7HVqA/F9P4JnpGNIrEdQya+drwfkHUhWdFfLHgUO/WI/QIDAQAB o4IC8TCCAu0wHQYDVR0OBBYEFEkLIfebnqLz0EI3RxSGfRJAGZXbMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FlL2UxMDE2 NS1iNGNkLTQzMjEtYmYzYy00ODBjMzJmNDAwZTEvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWUvZTEwMTY1 LWI0Y2QtNDMyMS1iZjNjLTQ4MGMzMmY0MDBlMS8xL1NRc2g5NXVlb3ZQUVFqZEhG SVo5RWtBWmxkcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHAGCCsGAQUF BwEHAQH/BGEwXzBOBAIAATBIAwQDBRaIAwQATUkJAwQATUkMAwQAUsVKAwQFU2Ig AwQFlP2gAwQGn/JAAwQDsheAAwQCuTu0AwQAua1DAwQBw7juAwQB1C9WMA0EAgAC MAcDBQAqAO1AMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwDHYzANBgkqhkiG9w0B AQsFAAOCAQEAgjj/tDwF1CcfVyxAVk/Am27v0fIo6PJSCoYSW+pP16BRxK2dDda1 S1Lu0XNgMerKYBaVPgx6LNbSSrIT9dYx/d8BVm0jh9aMs8tdo9ZQlkhrB9fzpN6i VOLCsAFwYtauj78tYcpsA8rl1P9VABM5+5MCqtHevoQz2OUoWi1MdOUJwnOn7lHe cz3DekH/nWSGup/35wt6zNPu7fo8zdFz5U0v7JTJ0J13z6f1X+BuJ/H6awHzrJgW 8Iq3H/G/u4S0inxHZanJyED3tnRszCm3ZFliobsVgx734Mz5B9Fy4/Hh+W0W9CHh TyFXzb6i1E8pn7q0dPaoLlqLpqLUI9ov2w== -----END CERTIFICATE-----Generated at Sun Jan 25 11:46:55 2026 by rpki-client