This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fbEHV8-jkX2_pbm-aOl4ZT1BQ2g.cer File: fbEHV8-jkX2_pbm-aOl4ZT1BQ2g.cer (raw, json) Hash identifier: BiEHqCtp+nenjQQjGcA6GHdfIUPXo+1Xf2yzT+nP304= Subject key identifier: 7D:B1:07:57:CF:A3:91:7D:BF:A5:B9:BE:68:E9:78:65:3D:41:43:68 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019BBD7927CE28F81D24CBC69E3914583EE0 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/47/2b78a9-411d-4c88-8ccd-fc41d1c414ab/1/fbEHV8-jkX2_pbm-aOl4ZT1BQ2g.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/47/2b78a9-411d-4c88-8ccd-fc41d1c414ab/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Wed 14 Jan 2026 17:06:32 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 211598 IP: 185.46.236.0/24 IP: 2a0d:b140::/29 IP: 2a10:bc40::/29 IP: 2a12:5f40::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:bd:79:27:ce:28:f8:1d:24:cb:c6:9e:39:14:58:3e:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 14 17:06:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7db10757cfa3917dbfa5b9be68e978653d414368 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:65:58:2f:23:4c:a0:2d:e4:78:48:c1:b5:8a: 92:36:33:1b:c3:27:83:bc:7e:87:e2:5e:d8:9a:78: a3:62:c7:4d:39:f5:c1:d3:29:82:79:c3:46:b8:d9: d7:15:18:cb:0b:ea:cf:bf:a1:f9:5b:fe:50:36:2a: b8:8e:91:dc:a8:53:e7:83:61:ad:d4:b3:50:ab:2f: 5f:0a:5d:51:17:71:dc:98:67:87:77:1f:57:9b:a1: ec:5b:45:a1:5c:e4:65:33:4c:f7:c7:2c:14:41:af: 99:87:b6:39:30:05:07:34:72:f6:49:04:d7:e1:34: 99:41:23:5f:98:42:a4:97:91:be:f6:14:a7:55:cd: 36:f8:12:eb:42:58:b0:a7:27:f0:db:20:24:8a:08: 0e:15:23:6b:ab:8a:70:60:27:2c:78:8a:b1:6e:5c: 9d:6e:01:2b:e4:ce:e8:64:35:d0:c6:ab:98:48:93: ab:e9:ee:b1:93:f9:cd:07:fb:c6:d7:7d:5b:6b:d2: 01:42:d9:4b:d4:2f:d0:bb:eb:df:a2:87:df:d9:d3: 42:6e:07:bd:4b:bb:fa:a6:91:b0:b9:3e:86:a4:29: 65:14:29:0c:6b:b8:ab:57:56:ef:0f:5b:d4:c7:e0: c3:0c:d4:92:ba:37:ad:15:cb:09:52:5e:cc:d4:af: c7:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:B1:07:57:CF:A3:91:7D:BF:A5:B9:BE:68:E9:78:65:3D:41:43:68 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/2b78a9-411d-4c88-8ccd-fc41d1c414ab/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/2b78a9-411d-4c88-8ccd-fc41d1c414ab/1/fbEHV8-jkX2_pbm-aOl4ZT1BQ2g.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.46.236.0/24 IPv6: 2a0d:b140::/29 2a10:bc40::/29 2a12:5f40::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 211598 Signature Algorithm: sha256WithRSAEncryption 27:e9:d0:88:74:d6:c4:97:4a:a6:a9:22:7d:db:db:99:8f:52: 4c:99:2b:dd:1c:2a:47:4f:41:ff:8a:da:8b:ed:91:8d:f7:12: d5:e9:a0:fa:62:99:5b:a7:e3:33:06:03:1f:67:2b:6d:0f:fa: b8:9f:dc:07:b0:19:a4:91:3c:db:f1:1f:af:f8:32:92:65:43: 7d:68:b5:96:48:f8:6d:ff:a7:d4:75:68:08:ea:f6:4a:f9:5c: b5:54:3c:70:4a:7d:60:b7:53:17:42:13:06:83:31:ac:94:3c: 6f:44:e1:a1:05:60:a9:ca:a5:05:62:51:13:86:92:8d:ba:67: cc:5b:57:96:11:fb:ae:d6:c8:fd:0c:f3:89:ce:15:d2:6a:1d: 8d:cc:48:13:12:2d:4f:c0:e8:3d:2b:73:9b:ef:f7:6b:5c:b2: ce:ec:67:f0:5d:58:ae:32:65:71:1d:8b:a4:db:ef:25:db:5b: 7f:38:c0:cf:bb:a7:36:ac:17:58:96:38:97:67:d6:26:cb:33: 10:c6:d6:12:a7:04:6b:10:2b:48:cf:a2:9a:3e:87:7c:ff:ab: 45:01:8a:a7:47:26:7b:64:30:1a:9e:ab:57:e2:df:e6:c2:93: b2:bb:5e:98:f0:b4:6b:8d:1d:25:1b:a2:ef:84:e6:dc:69:00: c0:53:14:5d -----BEGIN CERTIFICATE----- MIIFsTCCBJmgAwIBAgISAZu9eSfOKPgdJMvGnjkUWD7gMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTE0MTcwNjMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3ZGIxMDc1N2NmYTM5MTdkYmZhNWI5YmU2OGU5Nzg2NTNkNDE0MzY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2VYLyNMoC3keEjBtYqSNjMbwyeD vH6H4l7YmnijYsdNOfXB0ymCecNGuNnXFRjLC+rPv6H5W/5QNiq4jpHcqFPng2Gt 1LNQqy9fCl1RF3HcmGeHdx9Xm6HsW0WhXORlM0z3xywUQa+Zh7Y5MAUHNHL2SQTX 4TSZQSNfmEKkl5G+9hSnVc02+BLrQliwpyfw2yAkiggOFSNrq4pwYCcseIqxblyd bgEr5M7oZDXQxquYSJOr6e6xk/nNB/vG131ba9IBQtlL1C/Qu+vfooff2dNCbge9 S7v6ppGwuT6GpCllFCkMa7irV1bvD1vUx+DDDNSSujetFcsJUl7M1K/HZwIDAQAB o4ICvTCCArkwHQYDVR0OBBYEFH2xB1fPo5F9v6W5vmjpeGU9QUNoMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ3LzJiNzhh OS00MTFkLTRjODgtOGNjZC1mYzQxZDFjNDE0YWIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcvMmI3OGE5 LTQxMWQtNGM4OC04Y2NkLWZjNDFkMWM0MTRhYi8xL2ZiRUhWOC1qa1gyX3BibS1h T2w0WlQxQlEyZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDwGCCsGAQUF BwEHAQH/BC0wKzAMBAIAATAGAwQAuS7sMBsEAgACMBUDBQMqDbFAAwUDKhC8QAMF AyoSX0AwGgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAzqOMA0GCSqGSIb3DQEBCwUA A4IBAQAn6dCIdNbEl0qmqSJ929uZj1JMmSvdHCpHT0H/itqL7ZGN9xLV6aD6Yplb p+MzBgMfZyttD/q4n9wHsBmkkTzb8R+v+DKSZUN9aLWWSPht/6fUdWgI6vZK+Vy1 VDxwSn1gt1MXQhMGgzGslDxvROGhBWCpyqUFYlEThpKNumfMW1eWEfuu1sj9DPOJ zhXSah2NzEgTEi1PwOg9K3Ob7/drXLLO7GfwXViuMmVxHYuk2+8l21t/OMDPu6c2 rBdYljiXZ9YmyzMQxtYSpwRrECtIz6KaPod8/6tFAYqnRyZ7ZDAanqtX4t/mwpOy u16Y8LRrjR0lG6LvhObcaQDAUxRd -----END CERTIFICATE-----Generated at Mon Jan 26 00:59:35 2026 by rpki-client