This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/iBqxgMs1FxhiIbOZmwi4OvT2aUU.cer File: iBqxgMs1FxhiIbOZmwi4OvT2aUU.cer (raw, json) Hash identifier: mbFRGpBVmFHnYeTaFDBgvffK3dITtJYHsQSWfZz+hBE= Subject key identifier: 88:1A:B1:80:CB:35:17:18:62:21:B3:99:9B:08:B8:3A:F4:F6:69:45 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7A5B021F8C3881E494E7A79C80B856E5 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/33/c7f601-3fa2-4db6-a03d-3a63bf7630f5/1/iBqxgMs1FxhiIbOZmwi4OvT2aUU.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/33/c7f601-3fa2-4db6-a03d-3a63bf7630f5/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 01 Jan 2026 16:19:03 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 215742 IP: 91.211.85.0/24 IP: 2a0d:ebc0::/32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:02:1f:8c:38:81:e4:94:e7:a7:9c:80:b8:56:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 1 16:19:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=881ab180cb3517186221b3999b08b83af4f66945 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:d5:e1:c2:d6:31:21:e3:ad:59:ee:e8:85:7c: aa:30:1a:c7:16:2b:3f:86:c8:de:cf:e7:f6:f3:12: 4d:f5:a7:47:38:1d:1c:09:12:99:98:76:98:44:22: 09:f4:07:33:a2:ef:e3:e3:7f:68:2b:44:e6:ae:90: ff:a6:ec:cb:aa:aa:bb:bd:4c:d5:6c:22:36:ee:55: e7:43:96:26:e3:73:e6:58:d4:f2:6d:31:22:2c:9e: 4b:4b:93:ec:8f:9e:b8:01:e2:29:8b:99:04:b9:99: ac:2a:4c:a5:bb:e1:c0:c5:e8:6f:a4:57:9c:0d:b8: c1:db:25:5b:ff:86:15:d6:b4:06:8a:6a:3c:19:e1: 9f:e2:21:33:8b:bd:8d:5b:dc:46:b0:e3:cd:38:8d: 77:6c:df:4d:ad:42:c7:f9:8e:b5:7e:b0:e4:42:d4: f6:74:df:96:b3:7c:e8:c2:2d:d1:64:07:58:c7:16: e7:b3:df:7b:32:d9:10:5f:79:b2:e2:aa:42:d8:ce: 6a:bd:5c:89:9f:4e:8d:fa:5f:bd:79:cc:fc:af:fd: f0:06:4c:e5:8e:f0:36:3c:74:2e:7e:18:93:08:5c: 33:a1:f8:4d:f1:5b:cb:f3:72:3c:92:34:57:28:c6: c8:66:1f:d0:3d:ee:7b:94:04:26:a1:1e:63:ac:3c: 0e:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:1A:B1:80:CB:35:17:18:62:21:B3:99:9B:08:B8:3A:F4:F6:69:45 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c7f601-3fa2-4db6-a03d-3a63bf7630f5/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c7f601-3fa2-4db6-a03d-3a63bf7630f5/1/iBqxgMs1FxhiIbOZmwi4OvT2aUU.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.211.85.0/24 IPv6: 2a0d:ebc0::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 215742 Signature Algorithm: sha256WithRSAEncryption ad:9e:79:b0:08:27:d1:9c:20:a5:08:c5:06:cc:6c:ac:a1:8b: 38:2e:1a:01:81:69:96:d4:74:dc:47:7c:c8:c2:fc:7d:a2:5e: e0:0f:c0:50:62:c5:a6:b9:fb:64:1b:1c:ce:a3:21:69:87:8f: f6:86:fc:75:aa:4c:09:51:95:04:ec:24:25:cd:bb:0c:76:b0: f3:ad:45:b7:4d:b7:b3:37:72:b8:06:fe:db:24:18:e7:77:15: 86:50:58:37:eb:66:fc:27:37:11:64:63:32:4c:f6:6f:78:3b: 00:29:25:e7:6e:94:9c:6a:c4:cd:ca:11:18:fe:da:b0:0b:32: c2:30:8b:88:b4:80:85:49:20:60:74:c0:f4:05:c0:73:c2:37: c3:8c:00:55:cd:e9:3f:dd:18:cd:06:71:09:9f:ea:0d:78:58: 21:d7:d1:ec:9b:42:58:f6:a5:00:2e:af:4f:58:17:f9:7f:4a: bd:06:2e:89:79:42:4a:2d:6b:5b:12:c2:be:1d:4f:e8:15:ca: dc:37:0b:ad:2e:a6:51:3c:a1:80:61:4b:ef:34:d2:d0:b8:aa: a1:e3:da:ce:1f:15:ae:11:35:d1:c0:4f:5a:50:50:97:eb:fb: 4c:d0:25:bb:3a:18:d8:9a:90:ee:82:a1:a0:f0:01:92:6d:5a: 23:e7:3b:cc -----BEGIN CERTIFICATE----- MIIFozCCBIugAwIBAgISAZt6WwIfjDiB5JTnp5yAuFblMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAxMTYxOTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ODFhYjE4MGNiMzUxNzE4NjIyMWIzOTk5YjA4YjgzYWY0ZjY2OTQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9XhwtYxIeOtWe7ohXyqMBrHFis/ hsjez+f28xJN9adHOB0cCRKZmHaYRCIJ9Aczou/j439oK0TmrpD/puzLqqq7vUzV bCI27lXnQ5Ym43PmWNTybTEiLJ5LS5Psj564AeIpi5kEuZmsKkylu+HAxehvpFec DbjB2yVb/4YV1rQGimo8GeGf4iEzi72NW9xGsOPNOI13bN9NrULH+Y61frDkQtT2 dN+Ws3zowi3RZAdYxxbns997MtkQX3my4qpC2M5qvVyJn06N+l+9ecz8r/3wBkzl jvA2PHQufhiTCFwzofhN8VvL83I8kjRXKMbIZh/QPe57lAQmoR5jrDwOJwIDAQAB o4ICrzCCAqswHQYDVR0OBBYEFIgasYDLNRcYYiGzmZsIuDr09mlFMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzL2M3ZjYw MS0zZmEyLTRkYjYtYTAzZC0zYTYzYmY3NjMwZjUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMvYzdmNjAx LTNmYTItNGRiNi1hMDNkLTNhNjNiZjc2MzBmNS8xL2lCcXhnTXMxRnhoaUliT1pt d2k0T3ZUMmFVVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF BwEHAQH/BB8wHTAMBAIAATAGAwQAW9NVMA0EAgACMAcDBQAqDevAMBoGCCsGAQUF BwEIAQH/BAswCaAHMAUCAwNKvjANBgkqhkiG9w0BAQsFAAOCAQEArZ55sAgn0Zwg pQjFBsxsrKGLOC4aAYFpltR03Ed8yML8faJe4A/AUGLFprn7ZBsczqMhaYeP9ob8 dapMCVGVBOwkJc27DHaw861Ft023szdyuAb+2yQY53cVhlBYN+tm/Cc3EWRjMkz2 b3g7ACkl526UnGrEzcoRGP7asAsywjCLiLSAhUkgYHTA9AXAc8I3w4wAVc3pP90Y zQZxCZ/qDXhYIdfR7JtCWPalAC6vT1gX+X9KvQYuiXlCSi1rWxLCvh1P6BXK3DcL rS6mUTyhgGFL7zTS0LiqoePazh8VrhE10cBPWlBQl+v7TNAluzoY2JqQ7oKhoPAB km1aI+c7zA== -----END CERTIFICATE-----Generated at Mon Jan 26 09:29:01 2026 by rpki-client