This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/U9A1n5-LIIFc5NmI4Qm_gjBuTHQ.cer File: U9A1n5-LIIFc5NmI4Qm_gjBuTHQ.cer (raw, json) Hash identifier: /SsDZaQzsKxD0VNBI7zrStRvkBYrs5heYsEAW5CEL9w= Subject key identifier: 53:D0:35:9F:9F:8B:20:81:5C:E4:D9:88:E1:09:BF:82:30:6E:4C:74 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7B35BB7C1C30195732328C596E49AD2F Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/U9A1n5-LIIFc5NmI4Qm_gjBuTHQ.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 20:17:57 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 205842 AS: 207096 IP: 185.166.40.0/22 IP: 185.176.204.0/22 IP: 185.202.72.0/22 IP: 185.239.188.0/22 IP: 2a0a:7600::/29 IP: 2a0a:d2c0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:bb:7c:1c:30:19:57:32:32:8c:59:6e:49:ad:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 20:17:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=53d0359f9f8b20815ce4d988e109bf82306e4c74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:8a:06:62:c5:7a:77:cf:1d:63:0f:06:82:86: 53:3d:dd:46:3c:61:f3:8b:8e:4d:86:16:f1:07:73: d3:91:aa:53:f2:2e:61:4b:4f:61:23:3f:7a:fe:4b: af:3c:54:43:f2:c3:e8:47:7c:8b:2e:99:c3:de:e9: cb:4a:10:b4:6e:dd:43:6b:00:c5:3e:0d:bb:63:72: e8:a5:6b:de:0a:38:a5:23:a1:e1:78:c9:bc:82:5b: 7d:d7:63:52:d4:1f:7e:f0:b6:11:bb:e1:89:43:32: b7:5b:37:cc:e1:50:80:bd:82:5a:72:65:c5:d1:80: 8c:d3:a0:34:44:2b:72:7a:39:fe:d8:f6:36:23:3b: 7a:df:4f:e6:cf:87:35:d7:b2:17:ed:bb:82:35:f6: 8a:6e:4e:88:55:ea:73:0a:07:6a:40:73:bc:5a:62: 66:75:89:c3:6a:ff:f7:03:50:2a:9c:78:42:59:31: 9a:ac:d1:d7:7b:c9:95:0a:be:de:ff:7e:33:20:55: a6:37:35:e6:a4:a2:18:ac:e7:3b:73:9d:5f:91:6d: b4:4d:0b:a2:8f:77:60:3b:51:e1:9e:13:5a:96:0e: 36:73:96:3b:fb:b9:45:d7:be:4c:c4:56:c2:dd:2e: 36:fe:fb:3f:c4:89:b4:d4:49:75:7c:a9:cd:25:a1: 4f:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:D0:35:9F:9F:8B:20:81:5C:E4:D9:88:E1:09:BF:82:30:6E:4C:74 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/U9A1n5-LIIFc5NmI4Qm_gjBuTHQ.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.166.40.0/22 185.176.204.0/22 185.202.72.0/22 185.239.188.0/22 IPv6: 2a0a:7600::/29 2a0a:d2c0::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 205842 207096 Signature Algorithm: sha256WithRSAEncryption a3:07:9c:7e:b9:73:27:fa:e1:64:de:a5:5c:c3:59:8d:7b:01: 8d:2f:ba:af:31:15:f0:7c:00:89:bd:c0:be:c0:cb:96:d1:97: 0e:11:d0:2d:fe:16:d9:4b:bc:eb:aa:57:ef:b0:60:37:a9:fc: 6a:8a:12:a6:db:3e:9b:77:0b:0d:62:cf:3c:a0:4b:50:f4:71: 5c:19:77:81:55:0c:4e:e8:46:11:00:e9:e5:94:5b:2a:0c:e0: 4c:eb:fe:7b:d8:85:bb:1a:aa:f6:35:b8:27:9f:94:7e:80:dd: dd:cc:da:ae:d1:0f:02:d0:8e:73:52:a9:da:f1:2d:b4:53:a6: e1:f2:92:70:62:9b:0a:ba:0f:f3:9f:c2:4f:c6:d8:2c:7d:27: 42:c6:02:69:ec:2c:71:b3:e2:ab:28:a9:19:4a:1f:eb:10:ef: 8e:d3:c4:1c:44:e7:83:50:e2:88:aa:30:7e:7c:07:b0:ec:a5: 1c:d2:e2:a2:78:9b:51:e0:95:6d:25:5e:c0:ee:bf:d8:ad:1c: ff:f7:73:4a:45:3d:eb:d9:2b:5f:93:01:e0:18:b1:78:0a:78: 5c:42:b2:81:32:09:cd:6e:c2:7d:87:a3:b7:57:30:2d:79:ad: 89:72:59:3a:63:17:38:ab:42:43:fe:9f:c6:c7:6f:f4:26:44: 34:69:c1:24 -----BEGIN CERTIFICATE----- MIIFwTCCBKmgAwIBAgISAZt7Nbt8HDAZVzIyjFluSa0vMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjAxNzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1M2QwMzU5ZjlmOGIyMDgxNWNlNGQ5ODhlMTA5YmY4MjMwNmU0Yzc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlooGYsV6d88dYw8GgoZTPd1GPGHz i45NhhbxB3PTkapT8i5hS09hIz96/kuvPFRD8sPoR3yLLpnD3unLShC0bt1DawDF Pg27Y3LopWveCjilI6HheMm8glt912NS1B9+8LYRu+GJQzK3WzfM4VCAvYJacmXF 0YCM06A0RCtyejn+2PY2Izt630/mz4c117IX7buCNfaKbk6IVepzCgdqQHO8WmJm dYnDav/3A1AqnHhCWTGarNHXe8mVCr7e/34zIFWmNzXmpKIYrOc7c51fkW20TQui j3dgO1HhnhNalg42c5Y7+7lF175MxFbC3S42/vs/xIm01El1fKnNJaFPBwIDAQAB o4ICzTCCAskwHQYDVR0OBBYEFFPQNZ+fiyCBXOTZiOEJv4Iwbkx0MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q0LzQ5MzU3 MS0yMTBlLTRkMWEtODgxOS1hNmM0OWNlOTA3NTYvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQvNDkzNTcx LTIxMGUtNGQxYS04ODE5LWE2YzQ5Y2U5MDc1Ni8xL1U5QTFuNS1MSUlGYzVObUk0 UW1fZ2pCdVRIUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEcGCCsGAQUF BwEHAQH/BDgwNjAeBAIAATAYAwQCuaYoAwQCubDMAwQCucpIAwQCue+8MBQEAgAC MA4DBQMqCnYAAwUDKgrSwDAfBggrBgEFBQcBCAEB/wQQMA6gDDAKAgMDJBICAwMo +DANBgkqhkiG9w0BAQsFAAOCAQEAowecfrlzJ/rhZN6lXMNZjXsBjS+6rzEV8HwA ib3AvsDLltGXDhHQLf4W2Uu866pX77BgN6n8aooSpts+m3cLDWLPPKBLUPRxXBl3 gVUMTuhGEQDp5ZRbKgzgTOv+e9iFuxqq9jW4J5+UfoDd3czartEPAtCOc1Kp2vEt tFOm4fKScGKbCroP85/CT8bYLH0nQsYCaewscbPiqyipGUof6xDvjtPEHETng1Di iKowfnwHsOylHNLionibUeCVbSVewO6/2K0c//dzSkU969krX5MB4BixeAp4XEKy gTIJzW7CfYejt1cwLXmtiXJZOmMXOKtCQ/6fxsdv9CZENGnBJA== -----END CERTIFICATE-----Generated at Sun Jan 25 14:43:00 2026 by rpki-client