This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/csJqvJ4Gwa_vm1_S2kBBLnrua0c.cer File: csJqvJ4Gwa_vm1_S2kBBLnrua0c.cer (raw, json) Hash identifier: KnNtoBR0tvRJrFMX+5uBVfuDqFdZ/RwKMRY4yxCLmog= Subject key identifier: 72:C2:6A:BC:9E:06:C1:AF:EF:9B:5F:D2:DA:40:41:2E:7A:EE:6B:47 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019BBCA66BF682883A3D80FCB318FB88172D Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/csJqvJ4Gwa_vm1_S2kBBLnrua0c.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Wed 14 Jan 2026 13:16:21 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 25291 AS: 43902 AS: 49130 IP: 31.99.192.0/21 IP: 37.44.0.0/21 IP: 37.49.152.0/21 IP: 37.123.104.0/21 IP: 77.247.80.0/21 IP: 91.247.160.0/24 IP: 109.68.224.0/21 IP: 147.93.208.0/22 IP: 151.252.40.0/21 IP: 176.74.56.0/21 IP: 185.46.136.0/22 IP: 185.54.232.0/22 IP: 185.56.104.0/22 IP: 185.56.128.0/21 IP: 195.192.128.0/18 IP: 2a00:13c8::/32 IP: 2a00:7fc0::/29 IP: 2a04:d480::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:bc:a6:6b:f6:82:88:3a:3d:80:fc:b3:18:fb:88:17:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 14 13:16:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=72c26abc9e06c1afef9b5fd2da40412e7aee6b47 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:53:46:52:45:26:e9:57:01:bd:9e:e7:7c:2b: bf:60:65:79:30:ae:47:d3:cc:5d:9c:3a:33:f2:6a: e1:a5:c8:02:b6:ca:7f:33:ca:05:31:d0:ea:b2:bb: 49:8e:45:07:3a:4f:ca:bc:21:32:89:b7:51:78:06: 4e:66:01:bd:1b:8d:39:b7:8e:c0:1d:0e:12:42:83: 5a:90:64:8b:bf:c5:11:95:0f:36:5c:77:65:d6:70: 73:bf:a4:04:d0:a4:42:f8:31:22:17:3a:09:96:18: 5a:49:a6:a4:23:5f:c1:fc:04:82:20:83:bd:c6:15: c4:86:32:dd:d8:70:2d:2b:2b:e6:2f:1a:06:75:dc: 26:1d:80:0a:70:c1:42:d6:26:93:1e:e7:e9:94:d0: a7:6c:d5:53:45:f8:91:60:db:e0:6c:a3:00:ce:a7: 81:07:77:54:ec:29:7c:da:2f:4c:31:46:e8:c9:33: 92:e6:34:1a:4e:82:ae:ff:a8:85:93:5b:7a:0d:18: a6:ec:a9:c3:be:40:43:e9:e6:e2:6d:43:75:9d:92: 35:24:f1:b4:88:cb:54:61:dd:20:ea:c8:a1:a8:03: d5:d4:25:e9:ce:48:ab:24:c5:12:b2:13:98:95:07: aa:37:57:d9:f4:66:f4:a0:09:5c:50:1f:bf:a7:ef: 04:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:C2:6A:BC:9E:06:C1:AF:EF:9B:5F:D2:DA:40:41:2E:7A:EE:6B:47 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/csJqvJ4Gwa_vm1_S2kBBLnrua0c.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.99.192.0/21 37.44.0.0/21 37.49.152.0/21 37.123.104.0/21 77.247.80.0/21 91.247.160.0/24 109.68.224.0/21 147.93.208.0/22 151.252.40.0/21 176.74.56.0/21 185.46.136.0/22 185.54.232.0/22 185.56.104.0/22 185.56.128.0/21 195.192.128.0/18 IPv6: 2a00:13c8::/32 2a00:7fc0::/29 2a04:d480::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 25291 43902 49130 Signature Algorithm: sha256WithRSAEncryption 68:ae:8d:92:d6:33:9c:64:c5:9d:e6:cd:7d:f6:f4:c4:36:09: f2:b9:0c:62:30:d6:07:98:39:df:5a:ab:f9:1c:30:f8:93:6a: 89:0c:84:e7:29:b2:b6:3a:8a:4f:09:ca:bd:fc:70:1c:4a:a7: df:2e:09:f5:08:e7:85:d5:2e:ec:ac:9a:57:50:92:4a:4d:7c: 3b:1b:79:26:bf:d7:c1:48:14:cb:56:6d:03:cb:5d:0a:63:f3: f3:7a:16:09:66:bc:f7:eb:ad:02:a8:e0:fd:3d:46:bc:1d:eb: 06:01:b3:d9:37:d2:02:55:87:95:e6:50:81:95:eb:ca:d2:dd: 16:2d:ec:34:be:ca:6f:e3:3a:52:a2:52:2a:61:b3:1d:0e:8d: a4:3d:39:6a:aa:fa:61:d2:ef:44:fe:3f:63:0d:16:6a:33:aa: 8e:02:93:dc:c0:5d:24:79:e9:c9:fd:1e:39:e0:e9:4f:96:e8: c4:7f:65:8f:97:e1:d5:44:49:0d:c0:e2:40:63:f6:27:17:3d: 97:31:9e:de:de:17:6d:76:45:f7:03:f3:88:a3:48:19:ac:53: 8a:c5:94:88:9c:62:ef:dc:cb:13:d7:40:b3:3b:1e:f0:38:17: 8c:ab:2f:50:3e:46:20:17:18:94:93:f1:95:75:69:48:01:5b: 2a:c6:49:58 -----BEGIN CERTIFICATE----- MIIGEDCCBPigAwIBAgISAZu8pmv2gog6PYD8sxj7iBctMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTE0MTMxNjIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MmMyNmFiYzllMDZjMWFmZWY5YjVmZDJkYTQwNDEyZTdhZWU2YjQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVNGUkUm6VcBvZ7nfCu/YGV5MK5H 08xdnDoz8mrhpcgCtsp/M8oFMdDqsrtJjkUHOk/KvCEyibdReAZOZgG9G405t47A HQ4SQoNakGSLv8URlQ82XHdl1nBzv6QE0KRC+DEiFzoJlhhaSaakI1/B/ASCIIO9 xhXEhjLd2HAtKyvmLxoGddwmHYAKcMFC1iaTHufplNCnbNVTRfiRYNvgbKMAzqeB B3dU7Cl82i9MMUboyTOS5jQaToKu/6iFk1t6DRim7KnDvkBD6ebibUN1nZI1JPG0 iMtUYd0g6sihqAPV1CXpzkirJMUSshOYlQeqN1fZ9Gb0oAlcUB+/p+8E0QIDAQAB o4IDHDCCAxgwHQYDVR0OBBYEFHLCaryeBsGv75tf0tpAQS567mtHMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg3LzZjMDUz MC0xMDc0LTRiMzUtYmUwYy1jZDdkNjE5MTMyODgvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcvNmMwNTMw LTEwNzQtNGIzNS1iZTBjLWNkN2Q2MTkxMzI4OC8xL2NzSnF2SjRHd2Ffdm0xX1My a0JCTG5ydWEwYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGRBggrBgEF BQcBBwEB/wSBgTB/MGAEAgABMFoDBAMfY8ADBAMlLAADBAMlMZgDBAMle2gDBANN 91ADBABb96ADBANtROADBAKTXdADBAOX/CgDBAOwSjgDBAK5LogDBAK5NugDBAK5 OGgDBAO5OIADBAbDwIAwGwQCAAIwFQMFACoAE8gDBQMqAH/AAwUDKgTUgDAjBggr BgEFBQcBCAEB/wQUMBKgEDAOAgJiywIDAKt+AgMAv+owDQYJKoZIhvcNAQELBQAD ggEBAGiujZLWM5xkxZ3mzX329MQ2CfK5DGIw1geYOd9aq/kcMPiTaokMhOcpsrY6 ik8Jyr38cBxKp98uCfUI54XVLuysmldQkkpNfDsbeSa/18FIFMtWbQPLXQpj8/N6 FglmvPfrrQKo4P09Rrwd6wYBs9k30gJVh5XmUIGV68rS3RYt7DS+ym/jOlKiUiph sx0OjaQ9OWqq+mHS70T+P2MNFmozqo4Ck9zAXSR56cn9Hjng6U+W6MR/ZY+X4dVE SQ3A4kBj9icXPZcxnt7eF212RfcD84ijSBmsU4rFlIicYu/cyxPXQLM7HvA4F4yr L1A+RiAXGJST8ZV1aUgBWyrGSVg= -----END CERTIFICATE-----Generated at Sun Jan 25 21:09:36 2026 by rpki-client