This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Y4xQnLd7AUm29m9QGfhYs6z5Quk.cer File: Y4xQnLd7AUm29m9QGfhYs6z5Quk.cer (raw, json) Hash identifier: 6RvcUvSOVGbIvRnoz1I/jsGf2oYc9EudtBndGKHSI8A= Subject key identifier: 63:8C:50:9C:B7:7B:01:49:B6:F6:6F:50:19:F8:58:B3:AC:F9:42:E9 Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B7E38BB30F9BC53C8B341E98E794C7770 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d8/860a5e-e0d0-44f5-9c54-3cc4ff9aa1bc/1/Y4xQnLd7AUm29m9QGfhYs6z5Quk.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d8/860a5e-e0d0-44f5-9c54-3cc4ff9aa1bc/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Fri 02 Jan 2026 10:20:05 +0000 Certificate not after: Thu 01 Jul 2027 00:00:00 +0000 Subordinate resources: AS: 29562 IP: 5.10.48.0/20 IP: 5.56.176.0 -- 5.56.255.255 IP: 5.158.128.0/18 IP: 37.49.0.0/17 IP: 37.209.0.0/17 IP: 46.5.0.0/16 IP: 46.223.0.0/16 IP: 46.237.192.0/18 IP: 78.42.0.0/15 IP: 82.212.0.0/18 IP: 85.216.0.0/17 IP: 91.89.0.0/16 IP: 95.208.0.0/16 IP: 109.192.0.0/15 IP: 134.3.0.0/16 IP: 149.172.0.0/16 IP: 185.2.140.0/22 IP: 217.8.48.0/20 IP: 2a02:8070::/31 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 07 Jan 2026 21:34:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:bb:30:f9:bc:53:c8:b3:41:e9:8e:79:4c:77:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Jan 2 10:20:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=638c509cb77b0149b6f66f5019f858b3acf942e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:57:bb:ae:9c:e9:a0:4f:29:0f:42:f3:7b:0a: 10:17:31:30:d5:9e:69:16:d9:8b:7b:8a:74:d6:72: d1:f2:66:ff:6d:75:de:25:3f:9c:d7:c1:58:4d:f1: 11:d6:16:b1:14:37:5e:26:c6:94:37:37:49:07:c6: 57:5a:11:3a:32:0d:6d:a4:88:45:47:83:bc:3f:d2: 63:3b:58:1c:58:4a:d2:c5:ef:d0:fe:cd:54:ad:83: 34:73:0f:44:25:7b:f2:29:50:03:57:e8:03:21:ec: 79:c6:b5:12:cf:0d:9d:6e:a4:17:3e:d6:d2:1b:cf: 76:bd:d4:15:99:60:46:3a:c0:3a:90:76:4e:82:50: 6f:43:65:88:b5:43:f0:46:ad:7f:80:3f:f1:77:3e: 58:b6:72:88:db:46:9b:5e:39:69:a2:75:3e:83:ea: ae:43:db:4d:02:d8:e6:ce:d7:81:f5:8f:d7:a3:e1: c6:9e:c5:0c:0e:5a:f4:13:d3:89:5d:06:84:b3:a9: 18:94:6e:5f:8f:00:09:fd:cb:58:c8:06:74:31:d4: a1:b7:00:b7:bb:f2:b7:25:ea:5e:90:ff:e0:11:5c: 81:5e:53:15:af:f0:f2:04:ff:3d:c4:09:ce:e9:69: 26:48:2d:03:1a:e3:1b:3d:f3:9a:9f:04:64:30:a1: c5:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:8C:50:9C:B7:7B:01:49:B6:F6:6F:50:19:F8:58:B3:AC:F9:42:E9 X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/860a5e-e0d0-44f5-9c54-3cc4ff9aa1bc/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/860a5e-e0d0-44f5-9c54-3cc4ff9aa1bc/1/Y4xQnLd7AUm29m9QGfhYs6z5Quk.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.10.48.0/20 5.56.176.0-5.56.255.255 5.158.128.0/18 37.49.0.0/17 37.209.0.0/17 46.5.0.0/16 46.223.0.0/16 46.237.192.0/18 78.42.0.0/15 82.212.0.0/18 85.216.0.0/17 91.89.0.0/16 95.208.0.0/16 109.192.0.0/15 134.3.0.0/16 149.172.0.0/16 185.2.140.0/22 217.8.48.0/20 IPv6: 2a02:8070::/31 sbgp-autonomousSysNum: critical Autonomous System Numbers: 29562 Signature Algorithm: sha256WithRSAEncryption 94:ea:77:a6:8c:0d:f5:e3:e6:6e:40:fd:c4:8c:1d:c5:5a:28: 48:71:08:38:71:99:a8:60:4c:37:0c:70:3c:bd:a5:11:fa:4b: 8f:13:c2:4d:64:d8:cf:47:55:76:68:35:f6:8d:31:43:93:f9: b4:69:39:e0:f0:ba:44:97:01:30:a2:b4:50:df:c4:7f:10:79: 0a:1f:06:37:f5:44:eb:cd:4f:76:44:11:5a:4d:3c:51:40:e8: 84:1c:1e:2f:0c:90:bb:5b:3d:5c:d4:ed:fc:2c:9d:d9:7b:8a: 70:43:ae:83:f1:01:62:5c:62:94:b4:35:30:2e:b2:90:79:db: 44:81:dd:cd:ed:23:f9:cf:ba:54:85:67:2c:5f:2b:a8:9a:ef: 53:1f:ea:01:f9:41:5d:d3:b2:76:b3:10:d3:0e:10:2b:58:f5: b9:14:fb:08:1f:b8:aa:42:01:5c:44:7c:4a:bb:d8:60:0a:5c: 36:84:0f:c4:52:b0:de:90:d0:93:b7:e9:b9:3c:38:00:96:1b: 90:33:d8:d6:0b:62:5e:9f:12:97:3e:72:22:dc:f1:f3:71:82: 44:90:82:4c:4a:45:3d:8c:ce:ed:01:8b:1a:56:62:39:0c:39: 92:a7:70:9d:8f:ac:d5:e3:61:e5:38:3c:aa:20:29:a4:f5:36: b2:c1:96:24 -----BEGIN CERTIFICATE----- MIIGCjCCBPKgAwIBAgISAZt+OLsw+bxTyLNB6Y55THdwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjYwMTAyMTAyMDA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MzhjNTA5Y2I3N2IwMTQ5YjZmNjZmNTAxOWY4NThiM2FjZjk0MmU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1e7rpzpoE8pD0LzewoQFzEw1Z5p FtmLe4p01nLR8mb/bXXeJT+c18FYTfER1haxFDdeJsaUNzdJB8ZXWhE6Mg1tpIhF R4O8P9JjO1gcWErSxe/Q/s1UrYM0cw9EJXvyKVADV+gDIex5xrUSzw2dbqQXPtbS G892vdQVmWBGOsA6kHZOglBvQ2WItUPwRq1/gD/xdz5YtnKI20abXjlponU+g+qu Q9tNAtjmzteB9Y/Xo+HGnsUMDlr0E9OJXQaEs6kYlG5fjwAJ/ctYyAZ0MdShtwC3 u/K3JepekP/gEVyBXlMVr/DyBP89xAnO6WkmSC0DGuMbPfOanwRkMKHFBQIDAQAB o4IDFjCCAxIwHQYDVR0OBBYEFGOMUJy3ewFJtvZvUBn4WLOs+ULpMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q4Lzg2MGE1 ZS1lMGQwLTQ0ZjUtOWM1NC0zY2M0ZmY5YWExYmMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgvODYwYTVl LWUwZDAtNDRmNS05YzU0LTNjYzRmZjlhYTFiYy8xL1k0eFFuTGQ3QVVtMjltOVFH ZmhZczZ6NVF1ay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGVBggrBgEF BQcBBwEB/wSBhTCBgjBxBAIAATBrAwQEBQowMAsDBAQFOLADAwAFOAMEBgWegAME ByUxAAMEByXRAAMDAC4FAwMALt8DBAYu7cADAwFOKgMEBlLUAAMEB1XYAAMDAFtZ AwMAX9ADAwFtwAMDAIYDAwMAlawDBAK5AowDBATZCDAwDQQCAAIwBwMFASoCgHAw GQYIKwYBBQUHAQgBAf8ECjAIoAYwBAICc3owDQYJKoZIhvcNAQELBQADggEBAJTq d6aMDfXj5m5A/cSMHcVaKEhxCDhxmahgTDcMcDy9pRH6S48Twk1k2M9HVXZoNfaN MUOT+bRpOeDwukSXATCitFDfxH8QeQofBjf1ROvNT3ZEEVpNPFFA6IQcHi8MkLtb PVzU7fwsndl7inBDroPxAWJcYpS0NTAuspB520SB3c3tI/nPulSFZyxfK6ia71Mf 6gH5QV3TsnazENMOECtY9bkU+wgfuKpCAVxEfEq72GAKXDaED8RSsN6Q0JO36bk8 OACWG5Az2NYLYl6fEpc+ciLc8fNxgkSQgkxKRT2Mzu0BixpWYjkMOZKncJ2PrNXj YeU4PKogKaT1NrLBliQ= -----END CERTIFICATE-----Generated at Wed Jan 7 02:36:11 2026 by rpki-client