This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/qFfj-rEefTOV3RA9ap-V2SJV9ks.cer File: qFfj-rEefTOV3RA9ap-V2SJV9ks.cer (raw, json) Hash identifier: mRrpd046lSVlSP2K1TmCm26vC67z+hPfzpum0E58KOU= Subject key identifier: A8:57:E3:FA:B1:1E:7D:33:95:DD:10:3D:6A:9F:95:D9:22:55:F6:4B Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669 Certificate serial: 019B323ECE8AFA20AD4B6F9A74AFE2C6C316 Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Manifest: rsync://rpki.ripe.net/repository/DEFAULT/09/c522b0-0718-4b77-b8d6-3a6a06e188c3/1/qFfj-rEefTOV3RA9ap-V2SJV9ks.mft caRepository: rsync://rpki.ripe.net/repository/DEFAULT/09/c522b0-0718-4b77-b8d6-3a6a06e188c3/1/ Notify URL: https://rrdp.ripe.net/notification.xml Certificate not before: Thu 18 Dec 2025 16:15:35 +0000 Certificate not after: Wed 01 Jul 2026 00:00:00 +0000 Subordinate resources: AS: 41653 IP: 45.141.172.0/22 IP: 91.199.0.0/24 IP: 95.128.40.0/21 IP: 176.121.248.0/22 IP: 178.212.228.0/24 IP: 185.66.232.0/22 IP: 194.105.152.0/23 IP: 195.14.22.0/24 IP: 2a02:ec0::/32 IP: 2a0e:cec0::/29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 10:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:3e:ce:8a:fa:20:ad:4b:6f:9a:74:af:e2:c6:c3:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669 Validity Not Before: Dec 18 16:15:35 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=a857e3fab11e7d3395dd103d6a9f95d92255f64b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:43:b6:76:5d:aa:22:7f:03:be:52:16:f0:9f: f6:d0:d7:30:ea:c1:4d:95:b7:bd:80:af:8b:70:8b: de:bb:62:ce:27:15:5e:02:50:ce:b4:ba:ca:3a:56: 1b:26:4b:31:77:f0:71:ab:d6:b7:04:b2:d1:31:3d: 2c:66:b4:1b:dd:ef:03:50:24:3c:a2:12:8d:9a:16: f9:ce:ee:2e:ce:be:31:d4:4f:3e:39:c9:db:9b:dd: b6:b2:79:34:fa:79:7f:03:aa:e3:50:d5:d8:7c:f4: d4:a7:78:a8:36:37:40:0d:8c:86:32:a3:51:21:fd: 37:77:df:a1:69:9f:ca:59:68:a0:40:3b:72:3d:33: 1b:8f:01:ca:23:13:5e:be:75:e6:5e:e6:c7:cd:ed: 28:39:6a:fa:1f:e7:f7:1e:3a:53:9b:fe:40:9c:d4: f9:85:b4:76:b4:13:a9:e4:8f:ba:6b:21:d6:1a:eb: 1e:9b:b2:fe:18:16:b6:d8:ce:3d:f3:3d:9a:9f:a8: a4:b3:d2:a0:2c:a1:fc:e5:60:1e:73:e5:ff:e8:31: 8e:a3:53:10:eb:03:b9:7f:fa:69:14:a7:d3:84:66: c9:da:fc:b1:e4:49:86:04:0b:b9:d0:8c:c5:a7:d7: 76:aa:f6:3e:5d:05:d5:b3:e9:f5:8d:48:68:6f:4f: 37:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:57:E3:FA:B1:1E:7D:33:95:DD:10:3D:6A:9F:95:D9:22:55:F6:4B X509v3 Authority Key Identifier: keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer Subject Information Access: CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c522b0-0718-4b77-b8d6-3a6a06e188c3/1/ RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c522b0-0718-4b77-b8d6-3a6a06e188c3/1/qFfj-rEefTOV3RA9ap-V2SJV9ks.mft RPKI Notify - URI:https://rrdp.ripe.net/notification.xml X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.141.172.0/22 91.199.0.0/24 95.128.40.0/21 176.121.248.0/22 178.212.228.0/24 185.66.232.0/22 194.105.152.0/23 195.14.22.0/24 IPv6: 2a02:ec0::/32 2a0e:cec0::/29 sbgp-autonomousSysNum: critical Autonomous System Numbers: 41653 Signature Algorithm: sha256WithRSAEncryption 08:2d:af:12:81:29:4f:24:ea:4f:6e:db:f5:b2:2d:9e:fa:0f: dc:c1:47:76:f2:ae:6d:30:9a:47:c5:35:21:25:43:24:aa:27: 2c:8b:c5:69:99:1d:dd:a2:81:4a:5d:d9:89:4a:35:91:c0:82: 48:d0:42:e8:1a:d1:bd:be:1b:19:ac:ce:50:0b:73:72:0d:cb: 6a:e4:87:9e:e2:6f:de:f2:4f:83:2a:de:eb:fb:1c:0a:12:a8: 3d:17:b7:01:a9:4f:80:47:07:3e:5b:62:c0:2b:4e:43:2d:a1: b2:92:72:d6:b3:5a:9c:8d:c8:9b:27:04:33:ca:6b:d2:ef:be: 4d:9c:72:a9:1f:d1:67:19:e6:7d:a7:27:92:3e:03:87:20:b7: 75:7d:6c:f9:70:03:ad:ba:e7:67:83:9c:5e:14:8b:73:d8:50: be:5b:22:71:df:cb:b4:ac:df:c1:75:4d:8b:ef:58:2b:a6:57: d6:7c:33:2e:e4:57:f6:a2:c2:43:e9:9f:0a:1b:ae:3d:f6:de: 3a:b8:14:b7:78:09:3d:eb:77:00:e0:1f:15:99:67:1e:63:e1: 00:bd:cd:51:d6:d4:ae:c2:e7:bb:57:18:2e:cf:d9:7e:76:b1: 59:0f:dc:cc:9a:0a:2d:a8:0e:45:fc:60:3b:40:c7:9a:71:56: d1:28:e6:3b -----BEGIN CERTIFICATE----- MIIF1DCCBLygAwIBAgISAZsyPs6K+iCtS2+adK/ixsMWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk ZGU2NjkwHhcNMjUxMjE4MTYxNTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhODU3ZTNmYWIxMWU3ZDMzOTVkZDEwM2Q2YTlmOTVkOTIyNTVmNjRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukO2dl2qIn8DvlIW8J/20Ncw6sFN lbe9gK+LcIveu2LOJxVeAlDOtLrKOlYbJksxd/Bxq9a3BLLRMT0sZrQb3e8DUCQ8 ohKNmhb5zu4uzr4x1E8+Ocnbm922snk0+nl/A6rjUNXYfPTUp3ioNjdADYyGMqNR If03d9+haZ/KWWigQDtyPTMbjwHKIxNevnXmXubHze0oOWr6H+f3HjpTm/5AnNT5 hbR2tBOp5I+6ayHWGusem7L+GBa22M498z2an6iks9KgLKH85WAec+X/6DGOo1MQ 6wO5f/ppFKfThGbJ2vyx5EmGBAu50IzFp9d2qvY+XQXVs+n1jUhob083VQIDAQAB o4IC4DCCAtwwHQYDVR0OBBYEFKhX4/qxHn0zld0QPWqfldkiVfZLMB8GA1UdIwQY MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA5L2M1MjJi MC0wNzE4LTRiNzctYjhkNi0zYTZhMDZlMTg4YzMvMS8wfAYIKwYBBQUHMAqGcHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkvYzUyMmIw LTA3MTgtNGI3Ny1iOGQ2LTNhNmEwNmUxODhjMy8xL3FGZmotckVlZlRPVjNSQTlh cC1WMlNKVjlrcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF8GCCsGAQUF BwEHAQH/BFAwTjA2BAIAATAwAwQCLY2sAwQAW8cAAwQDX4AoAwQCsHn4AwQAstTk AwQCuULoAwQBwmmYAwQAww4WMBQEAgACMA4DBQAqAg7AAwUDKg7OwDAaBggrBgEF BQcBCAEB/wQLMAmgBzAFAgMAorUwDQYJKoZIhvcNAQELBQADggEBAAgtrxKBKU8k 6k9u2/WyLZ76D9zBR3byrm0wmkfFNSElQySqJyyLxWmZHd2igUpd2YlKNZHAgkjQ Quga0b2+GxmszlALc3INy2rkh57ib97yT4Mq3uv7HAoSqD0XtwGpT4BHBz5bYsAr TkMtobKSctazWpyNyJsnBDPKa9Lvvk2ccqkf0WcZ5n2nJ5I+A4cgt3V9bPlwA626 52eDnF4Ui3PYUL5bInHfy7Ss38F1TYvvWCumV9Z8My7kV/aiwkPpnwobrj323jq4 FLd4CT3rdwDgHxWZZx5j4QC9zVHW1K7C57tXGC7P2X52sVkP3MyaCi2oDkX8YDtA x5pxVtEo5js= -----END CERTIFICATE-----Generated at Mon Dec 22 12:21:39 2025 by rpki-client