This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/xHC41L-HFAS8pTx3gVME7y6k4co.cer File: xHC41L-HFAS8pTx3gVME7y6k4co.cer (raw, json) Hash identifier: kDN5lqQy4s76dOldQ3L4BB4wMJIumYT8U4+DuP0kOZM= Subject key identifier: C4:70:B8:D4:BF:87:14:04:BC:A5:3C:77:81:53:04:EF:2E:A4:E1:CA Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7EA58CDCEB4CF07A3ADAA76786775780 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 12:18:57 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: IP: 176.117.105.0/24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a5:8c:dc:eb:4c:f0:7a:3a:da:a7:67:86:77:57:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 12:18:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c470b8d4bf871404bca53c77815304ef2ea4e1ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:9a:f5:a9:c4:a7:7e:79:ab:50:8d:a9:1a:4b: ec:4f:e9:7a:41:04:75:67:a7:47:05:1d:b4:28:65: aa:43:0f:af:a0:3b:26:03:6e:81:8b:b9:a3:12:de: ea:5d:8d:79:54:4a:2a:d1:e3:01:ed:22:77:e9:04: 1c:28:15:3d:d1:76:9c:13:0c:8a:4f:36:ed:3f:f6: 58:be:bf:2e:db:d8:97:40:36:7e:d8:b3:6f:7a:f4: 7d:39:7f:bf:6e:ed:ac:85:2c:32:b8:2d:d9:55:a8: a6:c9:ea:2d:82:d0:07:57:a0:bf:57:e4:98:86:de: d9:b2:5d:29:90:55:17:a3:33:dd:4f:3b:7d:f4:4a: 2f:67:01:7c:0d:15:65:0e:b1:de:6e:1b:bc:3f:f8: 38:e8:a7:7c:4b:eb:1c:e8:f0:f0:ee:6d:b4:a6:ce: b6:87:b0:f0:f2:32:d5:9c:c6:a5:db:da:f9:4b:77: 21:2a:7f:eb:bd:d2:f5:01:53:a8:49:2f:99:ac:97: 9e:de:94:ca:f4:18:1d:cd:0c:ec:ad:bc:3b:02:0b: 60:75:52:df:3f:5d:fa:5e:19:f1:29:2c:32:7b:df: 81:87:33:d1:2a:f8:29:87:55:ed:7c:8c:f0:5c:ce: 2f:2d:37:35:20:5f:d6:17:d6:80:f4:94:93:d3:b9: 9e:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:70:B8:D4:BF:87:14:04:BC:A5:3C:77:81:53:04:EF:2E:A4:E1:CA X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a4ba8f-5e61-4dcc-ba0b-f624ed5f46fe/1/xHC41L-HFAS8pTx3gVME7y6k4co.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.117.105.0/24 Signature Algorithm: sha256WithRSAEncryption 4c:4a:c1:bc:9a:0f:35:5d:7e:51:a9:50:cf:a6:2f:b1:9b:a4: 9e:71:81:87:59:f1:ae:da:da:36:4f:92:a4:82:2a:ff:60:90: f5:68:05:b8:d5:b2:52:27:e9:eb:53:5f:ae:7a:2d:db:60:03: 23:94:a6:64:e8:18:f0:91:35:c7:08:0e:dc:44:9c:7e:c2:d1: 53:59:e4:89:15:2a:9b:c4:52:24:5d:28:ad:75:db:1a:e3:14: 04:f8:6e:28:83:4d:49:41:a7:9e:67:b5:c2:b8:ad:2f:27:dd: f9:a1:0e:26:8c:f7:5b:3a:e4:87:32:ec:56:a3:9a:02:d9:97: 72:af:25:79:d7:c2:ec:00:2f:a2:18:f1:ad:14:ec:02:1e:c9: c1:00:93:7b:0a:70:c3:9b:28:62:07:31:a7:76:24:dc:c1:e9: 90:9d:a3:2e:49:29:63:ce:45:da:e2:5c:33:5b:26:e6:76:40: 7b:3a:c3:61:ed:0e:dc:97:06:29:b8:c5:0e:1a:69:46:57:97: 7d:8b:f2:87:57:c6:e6:69:01:9b:d6:41:31:63:1b:fd:55:2c: 94:8d:3c:eb:bd:01:60:03:2f:6c:38:4a:5c:50:46:f5:df:af: f0:48:0a:d1:ca:bb:6b:eb:53:4e:e3:ed:00:4e:94:48:2f:49: 4d:2a:53:e6 -----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgISAZt+pYzc60zwejrap2eGd1eAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTIxODU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNDcwYjhkNGJmODcxNDA0YmNhNTNjNzc4MTUzMDRlZjJlYTRlMWNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA55r1qcSnfnmrUI2pGkvsT+l6QQR1 Z6dHBR20KGWqQw+voDsmA26Bi7mjEt7qXY15VEoq0eMB7SJ36QQcKBU90XacEwyK TzbtP/ZYvr8u29iXQDZ+2LNvevR9OX+/bu2shSwyuC3ZVaimyeotgtAHV6C/V+SY ht7Zsl0pkFUXozPdTzt99EovZwF8DRVlDrHebhu8P/g46Kd8S+sc6PDw7m20ps62 h7Dw8jLVnMal29r5S3chKn/rvdL1AVOoSS+ZrJee3pTK9BgdzQzsrbw7AgtgdVLf P136XhnxKSwye9+BhzPRKvgph1XtfIzwXM4vLTc1IF/WF9aA9JST07me9wIDAQAB o4IChDCCAoAwHQYDVR0OBBYEFMRwuNS/hxQEvKU8d4FTBO8upOHKMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y2L2E0YmE4 Zi01ZTYxLTRkY2MtYmEwYi1mNjI0ZWQ1ZjQ2ZmUvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvYTRiYThm LTVlNjEtNGRjYy1iYTBiLWY2MjRlZDVmNDZmZS8xL3hIQzQxTC1IRkFTOHBUeDNn Vk1FN3k2azRjby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF BwEHAQH/BBAwDjAMBAIAATAGAwQAsHVpMA0GCSqGSIb3DQEBCwUAA4IBAQBMSsG8 mg81XX5RqVDPpi+xm6SecYGHWfGu2to2T5Kkgir/YJD1aAW41bJSJ+nrU1+uei3b YAMjlKZk6BjwkTXHCA7cRJx+wtFTWeSJFSqbxFIkXSitddsa4xQE+G4og01JQaee Z7XCuK0vJ935oQ4mjPdbOuSHMuxWo5oC2ZdyryV518LsAC+iGPGtFOwCHsnBAJN7 CnDDmyhiBzGndiTcwemQnaMuSSljzkXa4lwzWybmdkB7OsNh7Q7clwYpuMUOGmlG V5d9i/KHV8bmaQGb1kExYxv9VSyUjTzrvQFgAy9sOEpcUEb136/wSArRyrtr61NO 4+0ATpRIL0lNKlPm -----END CERTIFICATE-----Generated at Sun Jan 25 22:19:55 2026 by rpki-client