This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/UfSwsEaesNBxmUzYI480vvAMb74.cer File: UfSwsEaesNBxmUzYI480vvAMb74.cer (raw, json) Hash identifier: mP63L/tbyXucgWIz8D+iqw2ICyv9i83t+BxfG585qwg= Subject key identifier: 51:F4:B0:B0:46:9E:B0:D0:71:99:4C:D8:23:8F:34:BE:F0:0C:6F:BE Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7F138D80B9ECA65B0412C15BD04DC7AF Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/UfSwsEaesNBxmUzYI480vvAMb74.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 14:19:06 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 200217 AS: 200999 AS: 207685 AS: 208660 IP: 5.102.40.0/22 IP: 45.92.240.0/22 IP: 45.130.28.0/22 IP: 46.60.16.0/20 IP: 64.225.128.0/20 IP: 74.63.0.0/20 IP: 91.212.135.0/24 IP: 91.212.141.0 -- 91.212.142.255 IP: 91.212.149.0/24 IP: 91.233.150.0/24 IP: 91.234.10.0/24 IP: 91.234.20.0/24 IP: 91.234.53.0/24 IP: 124.197.32.0/20 IP: 185.48.232.0/22 IP: 185.52.192.0/22 IP: 185.178.84.0/22 IP: 185.254.220.0/22 IP: 193.142.27.0/24 IP: 193.142.52.0/24 IP: 193.142.54.0/24 IP: 193.142.60.0/24 IP: 194.146.52.0/23 IP: 194.146.60.0/23 IP: 194.152.58.0/23 IP: 194.153.72.0/23 IP: 217.71.192.0/21 IP: 2a01:9aa0::/32 IP: 2a01:a160::/32 IP: 2a13:7bc0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:13:8d:80:b9:ec:a6:5b:04:12:c1:5b:d0:4d:c7:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 14:19:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=51f4b0b0469eb0d071994cd8238f34bef00c6fbe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:5c:0d:9e:ca:3a:75:75:3c:60:06:bc:26:6b: 22:e9:19:ac:4d:07:55:7a:96:ba:d0:ef:93:dc:88: 8a:26:e3:cb:f8:75:25:6b:f0:cb:0c:00:d1:01:2a: c4:73:10:2b:69:b2:44:85:86:02:b9:1d:df:a1:9d: f0:b2:b3:42:8c:fc:06:87:36:d1:12:c3:45:6f:bd: 8d:db:e1:06:15:5e:1b:60:60:b2:e4:47:23:4e:27: 00:b6:03:b9:ca:f2:16:f6:05:3a:e2:45:66:e8:85: 37:e0:bd:f1:c2:a9:08:0b:ee:65:06:8b:6a:45:fe: b9:0e:83:60:ed:ce:eb:e1:d1:47:c3:fa:1f:7f:11: e2:91:a7:7a:68:59:00:c7:b3:02:6a:a2:52:32:54: 1a:1d:7c:11:db:a7:78:e6:c4:7d:54:7d:26:db:15: 12:ef:b4:2d:06:f5:5a:22:0d:28:4a:27:17:48:9a: 53:ed:d1:41:26:74:3f:64:2e:49:a5:72:73:90:94: ea:47:9d:2b:6c:8c:be:0e:5a:ab:ec:4b:28:27:1c: 41:34:fd:ff:d8:e4:28:2a:03:2a:48:66:d1:9e:e2: 5f:1a:34:9d:23:a6:8d:84:2e:00:de:94:43:fb:0d: b3:d9:86:22:64:e6:b9:58:1b:f9:50:d4:ba:d9:4b: c1:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:F4:B0:B0:46:9E:B0:D0:71:99:4C:D8:23:8F:34:BE:F0:0C:6F:BE X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/UfSwsEaesNBxmUzYI480vvAMb74.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.102.40.0/22 45.92.240.0/22 45.130.28.0/22 46.60.16.0/20 64.225.128.0/20 74.63.0.0/20 91.212.135.0/24 91.212.141.0-91.212.142.255 91.212.149.0/24 91.233.150.0/24 91.234.10.0/24 91.234.20.0/24 91.234.53.0/24 124.197.32.0/20 185.48.232.0/22 185.52.192.0/22 185.178.84.0/22 185.254.220.0/22 193.142.27.0/24 193.142.52.0/24 193.142.54.0/24 193.142.60.0/24 194.146.52.0/23 194.146.60.0/23 194.152.58.0/23 194.153.72.0/23 217.71.192.0/21 IPv6: 2a01:9aa0::/32 2a01:a160::/32 2a13:7bc0::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 200217 200999 207685 208660 Signature Algorithm: sha256WithRSAEncryption 1e:ff:a1:f0:68:b7:3a:6e:e9:b0:d9:2c:44:f1:f3:35:9d:74: cf:85:ab:4c:1a:ef:9c:b2:2b:f5:87:e6:6e:75:aa:76:c0:15: 0c:95:e2:7d:ee:d9:58:ab:73:e0:ad:cf:68:da:41:07:f8:ee: 20:06:b5:8d:3e:f5:a9:23:c9:c0:ea:94:a7:59:71:01:86:42: b0:8f:da:bb:d5:dd:93:08:81:90:9f:6c:e7:4a:67:c6:ce:70: 93:84:af:81:57:be:8e:c8:03:fe:95:9a:a6:bf:b2:20:53:54: 10:3d:ba:15:c8:8b:40:07:07:60:a6:47:fc:dd:37:ce:7a:b5: 87:5d:65:38:b8:ae:f7:be:d8:14:75:e2:d8:1e:5e:eb:08:d1: a8:4e:cd:51:21:18:b4:34:e5:f1:55:f3:28:8f:c9:0c:b4:b2: ca:01:24:32:0f:26:ec:90:0a:c2:1b:3e:f2:86:46:8b:51:79: 03:b9:d7:01:0c:47:e8:6d:a8:a4:a2:0b:e0:c0:35:e8:79:d6: b0:c4:e8:bb:9d:42:a3:3f:e5:d2:e3:f0:b6:d1:6c:63:ff:b7: 86:c7:6e:98:c7:d7:63:43:ea:ea:15:10:af:24:d9:d2:d7:f5: 9f:90:a1:fa:08:a8:1d:f6:55:2a:75:60:13:46:bb:03:25:4f: 49:42:33:02 -----BEGIN CERTIFICATE----- MIIGaTCCBVGgAwIBAgISAZt/E42AueymWwQSwVvQTcevMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTQxOTA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MWY0YjBiMDQ2OWViMGQwNzE5OTRjZDgyMzhmMzRiZWYwMGM2ZmJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVwNnso6dXU8YAa8Jmsi6RmsTQdV epa60O+T3IiKJuPL+HUla/DLDADRASrEcxArabJEhYYCuR3foZ3wsrNCjPwGhzbR EsNFb72N2+EGFV4bYGCy5EcjTicAtgO5yvIW9gU64kVm6IU34L3xwqkIC+5lBotq Rf65DoNg7c7r4dFHw/offxHikad6aFkAx7MCaqJSMlQaHXwR26d45sR9VH0m2xUS 77QtBvVaIg0oSicXSJpT7dFBJnQ/ZC5JpXJzkJTqR50rbIy+Dlqr7EsoJxxBNP3/ 2OQoKgMqSGbRnuJfGjSdI6aNhC4A3pRD+w2z2YYiZOa5WBv5UNS62UvBDwIDAQAB o4IDdTCCA3EwHQYDVR0OBBYEFFH0sLBGnrDQcZlM2COPNL7wDG++MB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q2L2QzYWIy OC03ZjQ3LTQxZjMtYjIzMS03ODg0NGUxMDExMzMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDYvZDNhYjI4 LTdmNDctNDFmMy1iMjMxLTc4ODQ0ZTEwMTEzMy8xL1VmU3dzRWFlc05CeG1VellJ NDgwdnZBTWI3NC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHkBggrBgEF BQcBBwEB/wSB1DCB0TCBsQQCAAEwgaoDBAIFZigDBAItXPADBAItghwDBAQuPBAD BARA4YADBARKPwADBABb1IcwDAMEAFvUjQMEAFvUjgMEAFvUlQMEAFvplgMEAFvq CgMEAFvqFAMEAFvqNQMEBHzFIAMEArkw6AMEArk0wAMEArmyVAMEArn+3AMEAMGO GwMEAMGONAMEAMGONgMEAMGOPAMEAcKSNAMEAcKSPAMEAcKYOgMEAcKZSAMEA9lH wDAbBAIAAjAVAwUAKgGaoAMFACoBoWADBQMqE3vAMCkGCCsGAQUFBwEIAQH/BBow GKAWMBQCAwMOGQIDAxEnAgMDK0UCAwMvFDANBgkqhkiG9w0BAQsFAAOCAQEAHv+h 8Gi3Om7psNksRPHzNZ10z4WrTBrvnLIr9YfmbnWqdsAVDJXife7ZWKtz4K3PaNpB B/juIAa1jT71qSPJwOqUp1lxAYZCsI/au9XdkwiBkJ9s50pnxs5wk4SvgVe+jsgD /pWapr+yIFNUED26FciLQAcHYKZH/N03znq1h11lOLiu977YFHXi2B5e6wjRqE7N USEYtDTl8VXzKI/JDLSyygEkMg8m7JAKwhs+8oZGi1F5A7nXAQxH6G2opKIL4MA1 6HnWsMTou51Coz/l0uPwttFsY/+3hsdumMfXY0Pq6hUQryTZ0tf1n5Ch+gioHfZV KnVgE0a7AyVPSUIzAg== -----END CERTIFICATE-----Generated at Sun Jan 25 18:51:47 2026 by rpki-client