This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12TH8_eLh21rBDwWzdvd6x55W5w.cer
File:                     12TH8_eLh21rBDwWzdvd6x55W5w.cer (raw, json)
Hash identifier:          AcyrdTTceJuHWJzvuB+12YYXA9/n/eJSt3/6rpUomho=
Subject key identifier:   D7:64:C7:F3:F7:8B:87:6D:6B:04:3C:16:CD:DB:DD:EB:1E:79:5B:9C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7910754A59B8D60D2E7FD399B6E2465D
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/f9/826de6-5039-4037-8802-5e2cbf942405/1/12TH8_eLh21rBDwWzdvd6x55W5w.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/f9/826de6-5039-4037-8802-5e2cbf942405/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 10:18:00 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 207762
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 06:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:10:75:4a:59:b8:d6:0d:2e:7f:d3:99:b6:e2:46:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 10:18:00 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=d764c7f3f78b876d6b043c16cddbddeb1e795b9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:5d:e2:55:ab:29:71:3f:52:2d:83:cc:9f:f6:
                    ac:67:1a:3c:33:f4:25:e2:95:d3:59:f9:d5:78:45:
                    3b:08:49:48:50:c4:2b:73:f2:98:3d:59:99:f6:51:
                    10:50:92:35:ff:51:89:dd:e3:e9:08:d7:53:06:b3:
                    a2:25:d7:bd:fe:54:99:5d:b7:65:5b:2b:b2:e1:8c:
                    60:03:15:98:3d:64:28:9f:eb:9a:05:7b:60:e8:69:
                    34:8b:5a:ba:8c:55:7f:ef:7c:fd:fb:b2:e1:07:f6:
                    d9:2a:97:4c:71:2b:45:8d:2a:68:d2:d6:45:44:89:
                    29:d3:43:28:34:ea:3d:f2:62:5c:02:55:6d:e8:7a:
                    cd:a9:60:19:09:b5:61:fa:ad:ab:93:2f:3f:3d:7e:
                    f4:b0:db:46:15:ef:0d:09:89:18:6a:1a:38:94:c4:
                    1b:f0:a4:fa:79:33:6e:7e:e0:ae:b1:5d:bc:81:20:
                    5e:92:07:fb:0c:d1:27:fd:15:fe:90:4a:1c:b0:aa:
                    d7:58:d9:50:80:1b:52:6c:2b:59:c5:35:40:ed:dd:
                    cf:56:22:8d:1d:9a:06:c8:0f:c7:08:3e:27:9a:ab:
                    96:c2:6e:b0:38:42:3d:a9:cc:fd:ab:79:08:c1:fa:
                    db:0f:7e:05:0e:50:12:50:5a:fd:a1:fe:1f:d5:3e:
                    04:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:64:C7:F3:F7:8B:87:6D:6B:04:3C:16:CD:DB:DD:EB:1E:79:5B:9C
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/826de6-5039-4037-8802-5e2cbf942405/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/826de6-5039-4037-8802-5e2cbf942405/1/12TH8_eLh21rBDwWzdvd6x55W5w.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  207762

    Signature Algorithm: sha256WithRSAEncryption
         ae:a3:cb:99:90:15:6e:9c:37:8f:44:af:45:d7:99:9b:4b:cc:
         cc:e0:9f:f8:36:9d:49:fd:ec:eb:a0:4e:49:61:96:49:48:0f:
         eb:96:3b:a8:64:83:06:70:9a:bf:58:b0:d0:ae:54:4b:19:8d:
         ae:0b:17:82:28:05:bd:31:96:e9:55:76:0a:7c:69:7f:76:fb:
         f2:9c:7e:df:60:b5:65:33:8c:b3:78:cb:3e:c8:99:ff:d5:7c:
         8d:ec:9b:d0:d6:a1:2f:23:a1:77:85:15:b4:8b:e6:9d:8b:b2:
         36:62:56:d9:ea:75:59:4b:1a:bf:52:95:88:f4:b8:f2:49:3e:
         e2:7c:f4:67:78:a3:9a:1b:37:58:38:92:f9:79:98:95:88:23:
         80:fe:6b:db:22:31:43:5d:7e:45:e4:a8:4e:ea:e7:53:78:4a:
         da:ef:f2:7a:e6:35:65:9e:b4:56:ef:d8:d2:8d:41:ce:b1:a6:
         8c:f8:3f:a1:4b:a0:6b:65:0d:b0:2b:e1:f9:a4:4a:d7:e5:2e:
         9c:c5:a4:79:44:62:b6:5b:ca:05:d4:25:66:09:bf:b8:a9:1b:
         ed:c3:b2:4e:4d:ae:a8:27:5b:ac:0e:05:c2:10:e2:28:d3:21:
         38:57:b8:d3:da:2d:25:fd:eb:04:80:7a:17:b9:72:4c:5f:03:
         d0:3b:02:81
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt5EHVKWbjWDS5/05m24kZdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMTAxODAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzY0YzdmM2Y3OGI4NzZkNmIwNDNjMTZjZGRiZGRlYjFlNzk1YjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2V3iVaspcT9SLYPMn/asZxo8M/Ql
4pXTWfnVeEU7CElIUMQrc/KYPVmZ9lEQUJI1/1GJ3ePpCNdTBrOiJde9/lSZXbdl
Wyuy4YxgAxWYPWQon+uaBXtg6Gk0i1q6jFV/73z9+7LhB/bZKpdMcStFjSpo0tZF
RIkp00MoNOo98mJcAlVt6HrNqWAZCbVh+q2rky8/PX70sNtGFe8NCYkYaho4lMQb
8KT6eTNufuCusV28gSBekgf7DNEn/RX+kEocsKrXWNlQgBtSbCtZxTVA7d3PViKN
HZoGyA/HCD4nmquWwm6wOEI9qcz9q3kIwfrbD34FDlASUFr9of4f1T4EjwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFNdkx/P3i4dtawQ8Fs3b3eseeVucMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y5LzgyNmRl
Ni01MDM5LTQwMzctODgwMi01ZTJjYmY5NDI0MDUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkvODI2ZGU2
LTUwMzktNDAzNy04ODAyLTVlMmNiZjk0MjQwNS8xLzEyVEg4X2VMaDIxckJEd1d6
ZHZkNng1NVc1dy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMrkjANBgkqhkiG9w0BAQsFAAOCAQEArqPLmZAVbpw3
j0SvRdeZm0vMzOCf+DadSf3s66BOSWGWSUgP65Y7qGSDBnCav1iw0K5USxmNrgsX
gigFvTGW6VV2Cnxpf3b78px+32C1ZTOMs3jLPsiZ/9V8jeyb0NahLyOhd4UVtIvm
nYuyNmJW2ep1WUsav1KViPS48kk+4nz0Z3ijmhs3WDiS+XmYlYgjgP5r2yIxQ11+
ReSoTurnU3hK2u/yeuY1ZZ60Vu/Y0o1BzrGmjPg/oUuga2UNsCvh+aRK1+UunMWk
eURitlvKBdQlZgm/uKkb7cOyTk2uqCdbrA4FwhDiKNMhOFe409otJf3rBIB6F7ly
TF8D0DsCgQ==
-----END CERTIFICATE-----