This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.cer File: gyP0nWzGUM1tZUgjSOHW0Lj9fqo.cer (raw, json) Hash identifier: NXBmWNL7KoISLfVNmYvj3Z4MyEG7wMvJDBiVQNBxX7k= Subject key identifier: 83:23:F4:9D:6C:C6:50:CD:6D:65:48:23:48:E1:D6:D0:B8:FD:7E:AA Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7F8303187B9B15365E0149322CFAA16E Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/60/e73f16-45d2-43c1-a4af-5cf9194d1702/1/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/60/e73f16-45d2-43c1-a4af-5cf9194d1702/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 16:20:51 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 24608 IP: 2.156.0.0/14 IP: 5.84.0.0/14 IP: 31.188.0.0/14 IP: 37.100.0.0/14 IP: 37.226.0.0/15 IP: 62.13.160.0/19 IP: 91.252.0.0/14 IP: 94.160.0.0/13 IP: 128.45.0.0/16 IP: 128.66.0.0/15 IP: 176.206.0.0/15 IP: 185.97.108.0/22 IP: 2a03:1700::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:03:18:7b:9b:15:36:5e:01:49:32:2c:fa:a1:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 16:20:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8323f49d6cc650cd6d65482348e1d6d0b8fd7eaa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:81:5a:8c:a9:83:a9:af:ec:c7:ef:2f:c2:1a: 4a:c0:53:62:df:15:de:7d:70:07:93:e6:89:66:30: c8:d1:4a:32:b2:8f:ff:27:14:e8:fc:f1:0b:26:e3: 66:43:a9:ac:c0:32:d5:ee:fc:9b:0f:ca:5d:46:7d: e2:70:08:f8:43:f6:b1:f7:4c:b4:a7:3a:83:fd:06: cd:f9:e4:3e:22:ac:a3:75:37:63:9a:ec:f8:f1:c1: b6:a7:0b:6c:fa:19:c1:0a:3c:bb:41:f1:72:40:27: 6c:fa:40:bf:83:3f:62:fc:9b:d2:b2:15:5b:dd:3d: 80:cc:5b:55:64:27:87:3e:aa:ba:5e:29:4c:dc:9a: f6:3f:06:26:23:d4:01:40:ef:af:52:12:0d:eb:09: a9:31:e1:27:af:2a:e7:83:a4:27:ef:3a:43:01:dd: a4:70:45:78:62:85:b8:ad:4d:c4:66:40:3c:ab:68: 15:45:7c:76:e9:21:b3:92:dc:96:63:ef:0d:7d:41: 70:5f:76:db:f0:16:e2:10:ec:17:cc:f1:08:76:ba: ec:00:6b:a9:3e:2c:3d:2e:78:ca:10:ce:29:a0:80: c5:bc:2d:27:46:0b:51:84:38:1a:23:97:ff:df:ad: b9:4a:3f:55:a5:1f:d6:e6:4f:68:00:3b:2f:2c:55: 69:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:23:F4:9D:6C:C6:50:CD:6D:65:48:23:48:E1:D6:D0:B8:FD:7E:AA X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/e73f16-45d2-43c1-a4af-5cf9194d1702/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/e73f16-45d2-43c1-a4af-5cf9194d1702/1/gyP0nWzGUM1tZUgjSOHW0Lj9fqo.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.156.0.0/14 5.84.0.0/14 31.188.0.0/14 37.100.0.0/14 37.226.0.0/15 62.13.160.0/19 91.252.0.0/14 94.160.0.0/13 128.45.0.0/16 128.66.0.0/15 176.206.0.0/15 185.97.108.0/22 IPv6: 2a03:1700::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 24608 Signature Algorithm: sha256WithRSAEncryption 66:5d:24:7c:7d:41:88:f0:c3:0f:e5:c9:1a:b4:bd:2d:5f:40: a5:a8:10:7e:50:8a:21:6c:3e:c5:2c:a6:cc:ff:cd:a3:3c:bb: 16:f1:53:c5:62:52:fe:be:0b:a3:a4:ec:5a:b9:c7:8a:21:91: e1:d0:8c:ee:3e:e6:60:19:1e:52:58:80:83:ae:de:e3:04:4e: d3:e4:9e:bd:55:56:f8:13:78:ac:f3:23:4d:e7:ac:6a:4a:3c: e5:f5:fe:c2:4f:23:c0:08:39:63:63:b5:66:7c:ab:ad:dc:87: de:63:71:a6:00:35:59:c3:54:2f:75:3b:23:3a:f0:36:6c:33: 39:9c:30:f0:6b:14:d2:0c:7d:21:e9:62:31:2f:a7:9f:59:37: bf:42:49:fd:ba:f3:04:94:60:68:57:cd:c2:e5:a2:dc:e3:ee: 5f:a4:38:58:35:6d:aa:90:13:88:42:85:70:67:13:9d:2b:e6: ca:6f:11:82:b9:a6:aa:40:2d:24:e5:61:5c:7d:16:b2:c6:84: 98:3e:d2:1a:3f:be:6b:14:61:0d:9d:5e:72:74:16:28:9e:df: 7c:0d:74:d9:14:49:ab:fe:7a:28:8e:6c:c8:22:8e:1f:50:3d: c6:df:2b:50:71:ca:87:88:9f:a6:8a:84:da:1c:79:6d:ef:96: 82:aa:da:b8 -----BEGIN CERTIFICATE----- MIIF2jCCBMKgAwIBAgISAZt/gwMYe5sVNl4BSTIs+qFuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTYyMDUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4MzIzZjQ5ZDZjYzY1MGNkNmQ2NTQ4MjM0OGUxZDZkMGI4ZmQ3ZWFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIFajKmDqa/sx+8vwhpKwFNi3xXe fXAHk+aJZjDI0Uoyso//JxTo/PELJuNmQ6mswDLV7vybD8pdRn3icAj4Q/ax90y0 pzqD/QbN+eQ+IqyjdTdjmuz48cG2pwts+hnBCjy7QfFyQCds+kC/gz9i/JvSshVb 3T2AzFtVZCeHPqq6XilM3Jr2PwYmI9QBQO+vUhIN6wmpMeEnryrng6Qn7zpDAd2k cEV4YoW4rU3EZkA8q2gVRXx26SGzktyWY+8NfUFwX3bb8BbiEOwXzPEIdrrsAGup Piw9LnjKEM4poIDFvC0nRgtRhDgaI5f/3625Sj9VpR/W5k9oADsvLFVpHwIDAQAB o4IC5jCCAuIwHQYDVR0OBBYEFIMj9J1sxlDNbWVII0jh1tC4/X6qMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYwL2U3M2Yx Ni00NWQyLTQzYzEtYTRhZi01Y2Y5MTk0ZDE3MDIvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAvZTczZjE2 LTQ1ZDItNDNjMS1hNGFmLTVjZjkxOTRkMTcwMi8xL2d5UDBuV3pHVU0xdFpVZ2pT T0hXMExqOWZxby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGCCsGAQUF BwEHAQH/BFcwVTBEBAIAATA+AwMCApwDAwIFVAMDAh+8AwMCJWQDAwEl4gMEBT4N oAMDAlv8AwMDXqADAwCALQMDAYBCAwMBsM4DBAK5YWwwDQQCAAIwBwMFAyoDFwAw GQYIKwYBBQUHAQgBAf8ECjAIoAYwBAICYCAwDQYJKoZIhvcNAQELBQADggEBAGZd JHx9QYjwww/lyRq0vS1fQKWoEH5QiiFsPsUspsz/zaM8uxbxU8ViUv6+C6Ok7Fq5 x4ohkeHQjO4+5mAZHlJYgIOu3uMETtPknr1VVvgTeKzzI03nrGpKPOX1/sJPI8AI OWNjtWZ8q63ch95jcaYANVnDVC91OyM68DZsMzmcMPBrFNIMfSHpYjEvp59ZN79C Sf268wSUYGhXzcLlotzj7l+kOFg1baqQE4hChXBnE50r5spvEYK5pqpALSTlYVx9 FrLGhJg+0ho/vmsUYQ2dXnJ0Fiie33wNdNkUSav+eiiObMgijh9QPcbfK1BxyoeI n6aKhNoceW3vloKq2rg= -----END CERTIFICATE-----Generated at Sun Jan 25 16:45:57 2026 by rpki-client