This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YKVAzkUEVjReyOCY709TY010vx8.cer File: YKVAzkUEVjReyOCY709TY010vx8.cer (raw, json) Hash identifier: Zbe0Wtg6YIWUgvugiRSTXcg+aOc28shu9Bpaz3feE1A= Subject key identifier: 60:A5:40:CE:45:04:56:34:5E:C8:E0:98:EF:4F:53:63:4D:74:BF:1F Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019A7DA9B534535888EF6AC6716FF1430D2C Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/YKVAzkUEVjReyOCY709TY010vx8.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 13 Nov 2025 14:41:05 +0000 Certificate not after: Wed 01 Jul 2026 00:00:00 +0000 Subordinate resources: AS: 213122 IP: 5.252.164.0/22 IP: 31.216.59.0/24 IP: 45.87.60.0/22 IP: 45.130.152.0/22 IP: 45.143.144.0/22 IP: 89.36.230.0/24 IP: 89.37.100.0/24 IP: 89.46.43.0/24 IP: 94.154.8.0/24 IP: 103.104.248.0/22 IP: 103.202.52.0/22 IP: 135.84.208.0/21 IP: 178.211.157.0/24 IP: 185.162.74.0/23 IP: 185.234.115.0/24 IP: 188.210.236.0/24 IP: 194.49.68.0/23 IP: 194.49.78.0/23 IP: 2a0e:f380::/29 IP: 2a0f:5c0::/29 IP: 2a10:e580::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 20:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:7d:a9:b5:34:53:58:88:ef:6a:c6:71:6f:f1:43:0d:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Nov 13 14:41:05 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=60a540ce450456345ec8e098ef4f53634d74bf1f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:a2:8b:e8:36:17:32:d7:d7:d5:ae:36:42:5c: 98:d4:ea:7a:fb:f9:13:1e:67:08:94:00:3b:46:e0: 47:d1:e0:26:af:3c:cd:fa:eb:13:61:be:af:ae:ae: 3d:a1:d1:92:0c:dc:b5:57:51:9c:a4:52:a6:87:9f: c8:82:ef:3f:18:9e:f1:a0:c2:8e:68:aa:11:76:b4: 56:f5:b2:1d:f7:0c:e5:e6:62:fd:f2:9a:43:c7:16: 4c:c0:bd:ef:21:0e:56:51:1d:a2:4b:a5:2b:32:ff: 36:12:bd:89:70:85:61:78:a3:d5:a8:4f:88:79:d8: 37:43:16:a1:ed:a3:2d:da:19:dd:58:a7:24:b6:41: 69:36:df:65:de:0a:fc:7c:78:f1:f1:7d:68:49:36: 58:30:ee:9c:1d:5a:99:63:d2:a8:90:ef:5f:ac:5b: 12:56:18:e5:3d:de:60:58:5c:6c:ba:b7:23:1c:00: dd:1a:28:69:27:f7:a7:8c:d6:52:9e:e4:9d:b4:b8: fd:73:4a:03:35:8b:eb:e9:51:ea:e9:08:ea:c0:fd: 42:f9:53:59:62:9a:25:66:51:e7:65:6d:db:e7:64: c8:a7:c7:8e:df:86:cf:d7:91:a9:87:47:d6:d0:a1: 61:ae:53:f5:f7:8f:0b:b6:9d:7b:30:87:1f:83:b6: e4:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:A5:40:CE:45:04:56:34:5E:C8:E0:98:EF:4F:53:63:4D:74:BF:1F X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/YKVAzkUEVjReyOCY709TY010vx8.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.252.164.0/22 31.216.59.0/24 45.87.60.0/22 45.130.152.0/22 45.143.144.0/22 89.36.230.0/24 89.37.100.0/24 89.46.43.0/24 94.154.8.0/24 103.104.248.0/22 103.202.52.0/22 135.84.208.0/21 178.211.157.0/24 185.162.74.0/23 185.234.115.0/24 188.210.236.0/24 194.49.68.0/23 194.49.78.0/23 IPv6: 2a0e:f380::/29 2a0f:5c0::/29 2a10:e580::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 213122 Signature Algorithm: sha256WithRSAEncryption 63:a1:e9:b1:87:af:98:2a:d9:38:43:d5:b5:ed:c7:0f:50:89: 2b:0d:5e:16:62:af:3e:20:f9:83:f5:97:47:1b:b0:1b:45:88: 13:22:3f:3e:16:ea:ad:61:b6:f4:fe:ab:0f:98:dd:a9:25:c8: 9f:d1:d1:46:e4:f3:2b:0a:ca:4c:ea:0c:fe:c1:e0:0b:23:bd: 3d:e8:e9:c8:e0:ee:44:fb:1e:bf:04:c5:90:8f:22:e1:2d:ab: 08:00:13:0a:c4:f5:f1:26:74:78:db:59:ce:8e:5f:ba:4b:47: 85:0b:23:53:2f:4c:f2:26:02:8c:5c:42:d1:02:c4:26:d1:8f: 99:2e:84:d7:9f:2e:ac:4c:52:9f:3e:f2:2f:48:9f:3f:ee:01: 01:63:a2:eb:a2:21:3e:f6:b2:6a:79:10:8d:91:da:55:01:d4: 5d:c5:cf:80:17:97:ff:57:78:48:7b:80:c1:39:1e:28:32:fd: 01:a5:ac:c3:e8:ad:54:56:61:73:d0:e4:85:ea:12:47:15:c3: 70:f9:3d:60:03:01:6d:cd:3c:8d:d3:80:4c:2d:fe:eb:3a:9a: 80:ef:73:50:0f:91:0f:94:26:04:b3:33:9c:83:c5:4c:cb:6f: af:c5:b2:4e:3f:e5:7b:0e:c5:02:60:a8:25:fd:da:43:e2:01: b7:6a:b5:a8 -----BEGIN CERTIFICATE----- MIIGGjCCBQKgAwIBAgISAZp9qbU0U1iI72rGcW/xQw0sMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjUxMTEzMTQ0MTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MGE1NDBjZTQ1MDQ1NjM0NWVjOGUwOThlZjRmNTM2MzRkNzRiZjFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaKL6DYXMtfX1a42QlyY1Op6+/kT HmcIlAA7RuBH0eAmrzzN+usTYb6vrq49odGSDNy1V1GcpFKmh5/Igu8/GJ7xoMKO aKoRdrRW9bId9wzl5mL98ppDxxZMwL3vIQ5WUR2iS6UrMv82Er2JcIVheKPVqE+I edg3Qxah7aMt2hndWKcktkFpNt9l3gr8fHjx8X1oSTZYMO6cHVqZY9KokO9frFsS VhjlPd5gWFxsurcjHADdGihpJ/enjNZSnuSdtLj9c0oDNYvr6VHq6QjqwP1C+VNZ YpolZlHnZW3b52TIp8eO34bP15Gph0fW0KFhrlP1948Ltp17MIcfg7bkDwIDAQAB o4IDJjCCAyIwHQYDVR0OBBYEFGClQM5FBFY0XsjgmO9PU2NNdL8fMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzljLzE5NWE0 Ny1hMmNiLTRmMDAtODUzMS1lNDczNTMxZjZmZTgvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMvMTk1YTQ3 LWEyY2ItNGYwMC04NTMxLWU0NzM1MzFmNmZlOC8xL1lLVkF6a1VFVmpSZXlPQ1k3 MDlUWTAxMHZ4OC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGkBggrBgEF BQcBBwEB/wSBlDCBkTByBAIAATBsAwQCBfykAwQAH9g7AwQCLVc8AwQCLYKYAwQC LY+QAwQAWSTmAwQAWSVkAwQAWS4rAwQAXpoIAwQCZ2j4AwQCZ8o0AwQDh1TQAwQA stOdAwQBuaJKAwQAuepzAwQAvNLsAwQBwjFEAwQBwjFOMBsEAgACMBUDBQMqDvOA AwUDKg8FwAMFAyoQ5YAwGgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDA0CCMA0GCSqG SIb3DQEBCwUAA4IBAQBjoemxh6+YKtk4Q9W17ccPUIkrDV4WYq8+IPmD9ZdHG7Ab RYgTIj8+FuqtYbb0/qsPmN2pJcif0dFG5PMrCspM6gz+weALI7096OnI4O5E+x6/ BMWQjyLhLasIABMKxPXxJnR421nOjl+6S0eFCyNTL0zyJgKMXELRAsQm0Y+ZLoTX ny6sTFKfPvIvSJ8/7gEBY6LroiE+9rJqeRCNkdpVAdRdxc+AF5f/V3hIe4DBOR4o Mv0BpazD6K1UVmFz0OSF6hJHFcNw+T1gAwFtzTyN04BMLf7rOpqA73NQD5EPlCYE szOcg8VMy2+vxbJOP+V7DsUCYKgl/dpD4gG3arWo -----END CERTIFICATE-----Generated at Sat Dec 6 06:06:24 2025 by rpki-client