This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/XKBT3-dxLuY9v_ZA-uBzCNZs50g.cer File: XKBT3-dxLuY9v_ZA-uBzCNZs50g.cer (raw, json) Hash identifier: h8qOgPq6VadohTSG+Tve6WpX1F7AaAOF50ajf8G5Ook= Subject key identifier: 5C:A0:53:DF:E7:71:2E:E6:3D:BF:F6:40:FA:E0:73:08:D6:6C:E7:48 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7E2C21E84D73C7CB9930A44AD29C3CE5 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9c/ebbd2c-bf5a-46da-86fb-80c3ea4fd000/1/XKBT3-dxLuY9v_ZA-uBzCNZs50g.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9c/ebbd2c-bf5a-46da-86fb-80c3ea4fd000/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 10:06:20 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 20869 AS: 209190 IP: 80.67.96.0/20 IP: 81.92.128.0/20 IP: 92.54.0.0/18 IP: 185.10.168.0/22 IP: 2a02:a0::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:2c:21:e8:4d:73:c7:cb:99:30:a4:4a:d2:9c:3c:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 10:06:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5ca053dfe7712ee63dbff640fae07308d66ce748 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:c6:6a:b3:d9:dd:31:89:30:0c:8d:e3:37:38: 2a:6d:80:27:05:2a:1e:d6:05:b4:5c:fa:f1:0b:f9: 73:bc:c8:a9:8c:ba:1c:f0:ac:10:8e:7a:a4:3e:b9: a5:fc:ca:0a:7a:7a:38:ff:29:e3:72:bf:c1:20:23: e0:93:41:5a:b9:c9:53:d3:00:b0:6e:a7:a0:56:55: b0:53:c9:21:01:9c:3b:37:ec:72:fe:86:6f:b7:38: d1:1e:26:85:60:ce:7e:65:4f:95:f5:23:bf:61:b8: 17:c2:b8:0e:a6:2d:41:43:7c:b2:e8:a8:34:03:2e: 35:82:37:42:f5:c3:19:04:30:19:5d:ca:a6:a1:b7: e0:93:7e:0a:49:4f:03:a8:3f:ff:76:7e:ef:4b:5c: b8:94:fc:6d:44:fe:52:b4:10:12:dd:04:05:7a:7f: b6:52:f0:f3:f6:1b:87:3f:d5:35:c5:52:65:90:c0: b9:7f:b4:a9:18:72:3d:58:38:95:4a:b0:fb:4f:8d: a1:c9:bc:54:1a:21:72:b1:a3:66:85:ad:db:6a:f1: 00:c3:f4:b9:07:6a:54:56:aa:9e:55:22:16:0e:e9: 98:33:52:30:93:a4:c7:a7:1b:02:f9:f1:de:f7:e0: a2:61:2c:39:29:f5:8a:f7:d6:e1:f8:db:e9:3a:c6: 85:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:A0:53:DF:E7:71:2E:E6:3D:BF:F6:40:FA:E0:73:08:D6:6C:E7:48 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/ebbd2c-bf5a-46da-86fb-80c3ea4fd000/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/ebbd2c-bf5a-46da-86fb-80c3ea4fd000/1/XKBT3-dxLuY9v_ZA-uBzCNZs50g.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.67.96.0/20 81.92.128.0/20 92.54.0.0/18 185.10.168.0/22 IPv6: 2a02:a0::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 20869 209190 Signature Algorithm: sha256WithRSAEncryption 11:35:ea:1f:6f:95:66:ff:ee:f9:15:3a:a6:06:dd:2a:e3:f0: af:da:65:29:15:82:4b:ce:1d:2b:bb:bb:1b:59:6a:7a:4f:b1: 60:84:14:57:a1:bb:aa:06:c1:4a:f6:19:13:ff:20:3b:35:1b: 5a:6e:4e:50:af:12:43:e1:8d:e1:bf:62:cc:d9:a7:30:e8:85: bb:95:d3:41:76:f9:62:c4:d0:15:ba:97:a2:f6:a2:6b:f4:b9: 4f:cc:ca:00:cd:cd:b3:f8:64:c6:d2:c0:7f:8e:d4:ec:be:3a: 55:6c:51:34:cd:a8:9e:f5:10:27:de:77:2f:6b:7a:e8:2c:b8: 94:51:f5:ad:09:a9:5b:d9:8d:6e:b5:fd:ae:8f:14:91:c5:a9: d2:82:2f:79:76:77:37:81:b8:08:e1:bf:87:18:98:8b:77:08: a9:3c:a5:8b:47:57:cc:7e:98:0d:18:4e:6f:2f:c0:05:82:b7: 48:37:22:a8:de:85:b1:09:62:1b:2e:9b:0d:86:c6:ac:b0:4a: 03:21:b8:1c:4d:33:2e:cd:14:e6:79:14:a0:6d:a0:a2:9a:7d: cf:37:4e:88:48:fd:58:58:40:3f:39:13:74:16:f7:cf:e5:eb: 37:75:35:6f:1f:f6:90:b2:7c:7f:6c:1f:d8:9c:64:63:07:01: a6:ea:3e:a2 -----BEGIN CERTIFICATE----- MIIFuTCCBKGgAwIBAgISAZt+LCHoTXPHy5kwpErSnDzlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTAwNjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1Y2EwNTNkZmU3NzEyZWU2M2RiZmY2NDBmYWUwNzMwOGQ2NmNlNzQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcZqs9ndMYkwDI3jNzgqbYAnBSoe 1gW0XPrxC/lzvMipjLoc8KwQjnqkPrml/MoKeno4/ynjcr/BICPgk0FauclT0wCw bqegVlWwU8khAZw7N+xy/oZvtzjRHiaFYM5+ZU+V9SO/YbgXwrgOpi1BQ3yy6Kg0 Ay41gjdC9cMZBDAZXcqmobfgk34KSU8DqD//dn7vS1y4lPxtRP5StBAS3QQFen+2 UvDz9huHP9U1xVJlkMC5f7SpGHI9WDiVSrD7T42hybxUGiFysaNmha3bavEAw/S5 B2pUVqqeVSIWDumYM1Iwk6THpxsC+fHe9+CiYSw5KfWK99bh+NvpOsaFUQIDAQAB o4ICxTCCAsEwHQYDVR0OBBYEFFygU9/ncS7mPb/2QPrgcwjWbOdIMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzljL2ViYmQy Yy1iZjVhLTQ2ZGEtODZmYi04MGMzZWE0ZmQwMDAvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMvZWJiZDJj LWJmNWEtNDZkYS04NmZiLTgwYzNlYTRmZDAwMC8xL1hLQlQzLWR4THVZOXZfWkEt dUJ6Q05aczUwZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUF BwEHAQH/BDEwLzAeBAIAATAYAwQEUENgAwQEUVyAAwQGXDYAAwQCuQqoMA0EAgAC MAcDBQAqAgCgMB4GCCsGAQUFBwEIAQH/BA8wDaALMAkCAlGFAgMDMSYwDQYJKoZI hvcNAQELBQADggEBABE16h9vlWb/7vkVOqYG3Srj8K/aZSkVgkvOHSu7uxtZanpP sWCEFFehu6oGwUr2GRP/IDs1G1puTlCvEkPhjeG/YszZpzDohbuV00F2+WLE0BW6 l6L2omv0uU/MygDNzbP4ZMbSwH+O1Oy+OlVsUTTNqJ71ECfedy9reugsuJRR9a0J qVvZjW61/a6PFJHFqdKCL3l2dzeBuAjhv4cYmIt3CKk8pYtHV8x+mA0YTm8vwAWC t0g3IqjehbEJYhsumw2GxqywSgMhuBxNMy7NFOZ5FKBtoKKafc83TohI/VhYQD85 E3QW98/l6zd1NW8f9pCyfH9sH9icZGMHAabqPqI= -----END CERTIFICATE-----Generated at Sun Jan 25 10:41:52 2026 by rpki-client