This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/h5kgiOdlXLE0AgypWw5X1Oba9A8.cer File: h5kgiOdlXLE0AgypWw5X1Oba9A8.cer (raw, json) Hash identifier: QBR8/fLZiUKE21otMWE2o3pO7Nya/3BHhYCBLIj/an4= Subject key identifier: 87:99:20:88:E7:65:5C:B1:34:02:0C:A9:5B:0E:57:D4:E6:DA:F4:0F Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7B35DBEB6DE06FD38616276000A01814 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 20:18:05 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 185.146.128.0/22 IP: 2a07:50c0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:db:eb:6d:e0:6f:d3:86:16:27:60:00:a0:18:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 20:18:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=87992088e7655cb134020ca95b0e57d4e6daf40f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:37:10:1c:0f:4f:38:45:fb:f1:d6:45:0c:13: b0:1e:ed:66:ed:ec:a6:a8:2a:67:a5:90:16:46:05: 42:13:c6:95:87:ba:f6:04:2a:dd:94:95:75:2a:65: b2:d6:fc:b0:9b:21:b6:04:1a:5f:34:6d:9c:7b:55: b8:c6:81:35:e7:7c:07:91:af:e6:9b:db:d3:1a:4a: c2:2f:27:49:d9:07:72:83:6c:d9:49:9b:50:93:87: 5a:e9:f1:1f:a5:85:ab:14:a7:9d:cd:cd:9b:fd:4e: ec:ea:e3:35:a1:a8:9f:60:18:c4:07:68:6a:91:51: 29:9c:1e:08:12:ad:66:35:31:85:b8:5c:ed:54:7f: 81:52:14:27:8e:3a:06:f4:72:4d:2a:45:c9:08:f6: e6:59:71:7b:f3:d7:1d:d6:45:10:6f:42:fe:7c:7c: 96:b1:95:a0:3c:a5:a4:82:e0:dd:72:4b:85:f9:ca: f5:97:4b:60:e7:6d:f7:1a:5c:f6:70:92:ad:41:b0: 17:75:22:76:ed:bf:89:13:b8:a4:42:86:ab:30:46: 57:a8:bb:23:8a:9b:3b:d2:28:d9:95:da:ee:e4:6b: 7d:a2:2f:83:83:52:8b:a6:ff:e3:ca:28:69:85:35: 48:d6:68:43:cc:a1:34:ee:7d:25:a5:1c:24:bc:fc: da:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:99:20:88:E7:65:5C:B1:34:02:0C:A9:5B:0E:57:D4:E6:DA:F4:0F X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e08318-2975-417a-b863-85ea63c24474/1/h5kgiOdlXLE0AgypWw5X1Oba9A8.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.146.128.0/22 IPv6: 2a07:50c0::/29 Signature Algorithm: sha256WithRSAEncryption a8:76:2e:84:f0:f1:c0:2d:e6:e2:8f:71:da:53:8a:e0:b9:6e: bb:64:a2:81:a9:ba:d5:8a:a9:70:01:d3:f3:7d:0e:78:d5:93: fd:07:67:f8:7a:74:19:75:d4:d9:1b:c7:5f:72:a5:70:3b:30: 5c:1b:a2:9c:c2:13:c6:3d:67:f5:17:a8:7e:e9:8d:21:9b:9f: 02:9d:cf:00:5f:94:20:8e:23:31:0c:5b:50:18:3e:ac:cc:16: 62:ce:cc:14:42:84:91:56:48:1e:88:88:ba:94:60:e5:d1:9e: 1e:a3:b2:7d:c7:8c:31:0f:b2:61:49:c5:41:dc:02:a8:14:e9: bd:2a:3a:db:9b:fc:a7:2a:16:23:b9:8d:51:de:14:fe:8b:a9: 31:f6:fc:3b:93:e5:6a:c2:fd:dc:e7:72:6f:33:47:ba:43:2f: 3b:db:d9:09:37:49:ec:95:95:28:3c:c1:c2:9d:56:e6:a3:19: f5:c6:62:ba:c6:28:5a:23:9f:1b:fa:c1:3e:ab:9b:1e:aa:87: 31:1b:e5:d7:0c:08:c7:77:bc:58:14:aa:42:28:ce:0f:f7:2c: 55:5c:c5:52:98:5c:9b:53:d9:bc:04:2e:8f:a1:71:c1:9b:da: e3:dc:2b:b1:c4:14:61:d0:96:b3:2e:ec:25:36:3b:a5:a6:a7: 32:42:4d:93 -----BEGIN CERTIFICATE----- MIIFhzCCBG+gAwIBAgISAZt7NdvrbeBv04YWJ2AAoBgUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMjAxODA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4Nzk5MjA4OGU3NjU1Y2IxMzQwMjBjYTk1YjBlNTdkNGU2ZGFmNDBmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjcQHA9POEX78dZFDBOwHu1m7eym qCpnpZAWRgVCE8aVh7r2BCrdlJV1KmWy1vywmyG2BBpfNG2ce1W4xoE153wHka/m m9vTGkrCLydJ2Qdyg2zZSZtQk4da6fEfpYWrFKedzc2b/U7s6uM1oaifYBjEB2hq kVEpnB4IEq1mNTGFuFztVH+BUhQnjjoG9HJNKkXJCPbmWXF789cd1kUQb0L+fHyW sZWgPKWkguDdckuF+cr1l0tg5233Glz2cJKtQbAXdSJ27b+JE7ikQoarMEZXqLsj ips70ijZldru5Gt9oi+Dg1KLpv/jyihphTVI1mhDzKE07n0lpRwkvPza2wIDAQAB o4ICkzCCAo8wHQYDVR0OBBYEFIeZIIjnZVyxNAIMqVsOV9Tm2vQPMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2QyL2UwODMx OC0yOTc1LTQxN2EtYjg2My04NWVhNjNjMjQ0NzQvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDIvZTA4MzE4 LTI5NzUtNDE3YS1iODYzLTg1ZWE2M2MyNDQ3NC8xL2g1a2dpT2RsWExFMEFneXBX dzVYMU9iYTlBOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQCuZKAMA0EAgACMAcDBQMqB1DAMA0GCSqGSIb3 DQEBCwUAA4IBAQCodi6E8PHALebij3HaU4rguW67ZKKBqbrViqlwAdPzfQ541ZP9 B2f4enQZddTZG8dfcqVwOzBcG6KcwhPGPWf1F6h+6Y0hm58Cnc8AX5QgjiMxDFtQ GD6szBZizswUQoSRVkgeiIi6lGDl0Z4eo7J9x4wxD7JhScVB3AKoFOm9Kjrbm/yn KhYjuY1R3hT+i6kx9vw7k+Vqwv3c53JvM0e6Qy8729kJN0nslZUoPMHCnVbmoxn1 xmK6xihaI58b+sE+q5seqocxG+XXDAjHd7xYFKpCKM4P9yxVXMVSmFybU9m8BC6P oXHBm9rj3CuxxBRh0JazLuwlNjulpqcyQk2T -----END CERTIFICATE-----Generated at Mon Jan 26 21:11:43 2026 by rpki-client