This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0cdzwgrI5Ak99iu7hyyvzbaLVdw.cer
File:                     0cdzwgrI5Ak99iu7hyyvzbaLVdw.cer (raw, json)
Hash identifier:          hDQn8b7ig05SeS+9yh26KoFCnCpMu2K/BPYMJcN0bTI=
Subject key identifier:   D1:C7:73:C2:0A:C8:E4:09:3D:F6:2B:BB:87:2C:AF:CD:B6:8B:55:DC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7B368AE2DD8C41B5D0DCD2975EFC5F92
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/79/ee3822-abea-48d9-93a9-8856c65fe182/1/0cdzwgrI5Ak99iu7hyyvzbaLVdw.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/79/ee3822-abea-48d9-93a9-8856c65fe182/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 20:18:50 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    IP: 193.133.28.0/23
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 06:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:36:8a:e2:dd:8c:41:b5:d0:dc:d2:97:5e:fc:5f:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 20:18:50 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=d1c773c20ac8e4093df62bbb872cafcdb68b55dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:48:ad:76:b5:77:cf:50:4d:d0:55:c4:21:16:
                    10:c7:49:f6:01:73:3d:0c:45:09:ea:d2:96:05:f8:
                    13:d6:a9:82:f6:ab:60:cf:96:16:98:6f:3f:a7:71:
                    7d:69:2d:4e:e0:cd:95:54:ce:b3:f6:2e:0e:ad:12:
                    3e:b1:96:f8:e5:28:7a:e8:54:ad:b1:db:e4:c7:a2:
                    07:2b:10:e7:50:7e:de:c1:91:bb:2a:88:9d:65:bc:
                    16:57:16:c8:1a:de:5b:60:f5:a8:b7:78:35:ab:1d:
                    a0:0b:16:f7:29:58:40:d4:3e:d7:32:12:16:39:b1:
                    13:07:51:b6:44:b7:d5:d9:32:28:3a:f4:3f:69:36:
                    ec:8f:62:32:04:92:b2:d8:54:ed:37:2f:2e:24:b9:
                    76:02:ea:99:8a:dd:79:f5:6a:cf:81:3f:56:a8:49:
                    1f:af:17:d0:c1:54:af:f3:b6:07:37:f0:c8:dc:b6:
                    dc:19:fd:39:81:04:60:06:ae:b5:6b:cc:85:77:87:
                    a1:e1:3c:c9:be:64:aa:05:30:46:82:a6:2b:ae:45:
                    eb:87:b3:28:96:3c:30:7e:99:43:a0:80:b8:07:e4:
                    1f:1c:3b:ce:9a:e8:07:d1:87:6e:5d:66:d0:fd:d6:
                    46:96:13:b6:ef:3e:b2:39:74:bf:91:83:f3:61:b9:
                    6a:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:C7:73:C2:0A:C8:E4:09:3D:F6:2B:BB:87:2C:AF:CD:B6:8B:55:DC
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/ee3822-abea-48d9-93a9-8856c65fe182/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/ee3822-abea-48d9-93a9-8856c65fe182/1/0cdzwgrI5Ak99iu7hyyvzbaLVdw.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.133.28.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2e:d8:f9:09:62:9a:7e:2a:13:6d:b6:f6:80:18:5d:7c:75:e5:
         fb:c0:b4:59:72:da:64:56:4b:dc:d0:77:65:b7:99:5c:7f:f6:
         73:e0:b3:c0:8a:35:be:54:dd:29:93:63:0e:3d:f5:d3:7d:7c:
         d5:87:10:e4:23:80:8d:08:90:03:70:39:a8:84:1d:93:4a:a9:
         bb:eb:98:dc:0d:81:4b:d3:1e:e6:dc:34:75:3d:ed:12:4c:58:
         0f:bd:5f:d7:50:d2:50:93:81:5d:c3:15:83:15:1f:58:2d:85:
         f6:5e:35:93:2c:a5:72:df:3b:fe:bb:d3:fc:5d:95:0a:84:d2:
         86:37:0a:78:7a:40:2b:70:d0:40:63:9b:25:cc:be:2b:90:ef:
         1a:94:af:30:3f:5b:b3:ec:13:b8:a7:50:a1:5f:cf:ff:6d:8c:
         fa:f6:91:d6:4e:a8:b6:92:aa:be:33:c8:d1:a0:44:97:f4:08:
         eb:4a:00:22:4a:23:62:12:34:aa:57:cf:fc:a6:74:64:80:a4:
         1c:e6:c8:c6:a3:86:29:c4:da:bd:78:5d:04:2a:64:95:b6:6a:
         75:d1:ba:52:d1:22:f5:55:8c:5d:ef:dc:06:1c:10:53:8f:ff:
         73:f6:b8:1e:92:36:14:b7:4d:2a:0a:67:be:d7:ac:48:e2:18:
         ea:2f:22:0f
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZt7Nori3YxBtdDc0pde/F+SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMjAxODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWM3NzNjMjBhYzhlNDA5M2RmNjJiYmI4NzJjYWZjZGI2OGI1NWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokitdrV3z1BN0FXEIRYQx0n2AXM9
DEUJ6tKWBfgT1qmC9qtgz5YWmG8/p3F9aS1O4M2VVM6z9i4OrRI+sZb45Sh66FSt
sdvkx6IHKxDnUH7ewZG7KoidZbwWVxbIGt5bYPWot3g1qx2gCxb3KVhA1D7XMhIW
ObETB1G2RLfV2TIoOvQ/aTbsj2IyBJKy2FTtNy8uJLl2AuqZit159WrPgT9WqEkf
rxfQwVSv87YHN/DI3LbcGf05gQRgBq61a8yFd4eh4TzJvmSqBTBGgqYrrkXrh7Mo
ljwwfplDoIC4B+QfHDvOmugH0YduXWbQ/dZGlhO27z6yOXS/kYPzYblqVQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFNHHc8IKyOQJPfYru4csr822i1XcMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc5L2VlMzgy
Mi1hYmVhLTQ4ZDktOTNhOS04ODU2YzY1ZmUxODIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkvZWUzODIy
LWFiZWEtNDhkOS05M2E5LTg4NTZjNjVmZTE4Mi8xLzBjZHp3Z3JJNUFrOTlpdTdo
eXl2emJhTFZkdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQBwYUcMA0GCSqGSIb3DQEBCwUAA4IBAQAu2PkJ
Ypp+KhNttvaAGF18deX7wLRZctpkVkvc0Hdlt5lcf/Zz4LPAijW+VN0pk2MOPfXT
fXzVhxDkI4CNCJADcDmohB2TSqm765jcDYFL0x7m3DR1Pe0STFgPvV/XUNJQk4Fd
wxWDFR9YLYX2XjWTLKVy3zv+u9P8XZUKhNKGNwp4ekArcNBAY5slzL4rkO8alK8w
P1uz7BO4p1ChX8//bYz69pHWTqi2kqq+M8jRoESX9AjrSgAiSiNiEjSqV8/8pnRk
gKQc5sjGo4YpxNq9eF0EKmSVtmp10bpS0SL1VYxd79wGHBBTj/9z9rgekjYUt00q
Cme+16xI4hjqLyIP
-----END CERTIFICATE-----