This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1IdkFNyZXRTt46AaMjtiuQb4PFc.cer
File:                     1IdkFNyZXRTt46AaMjtiuQb4PFc.cer (raw, json)
Hash identifier:          XP/Gz1GCigNHiHV/M26rjV/z8dkfW1zR6jgq+BkHQmY=
Subject key identifier:   D4:87:64:14:DC:99:5D:14:ED:E3:A0:1A:32:3B:62:B9:06:F8:3C:57
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7B3692CAF7C93949D9E9ACBD5A60C601
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/e3/469a73-2cf3-4687-acc6-102c4ba8cc4b/1/1IdkFNyZXRTt46AaMjtiuQb4PFc.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/e3/469a73-2cf3-4687-acc6-102c4ba8cc4b/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 20:18:52 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 215663
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 06:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:36:92:ca:f7:c9:39:49:d9:e9:ac:bd:5a:60:c6:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 20:18:52 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=d4876414dc995d14ede3a01a323b62b906f83c57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:a3:4e:4d:56:41:c6:e8:5d:ee:52:35:4e:80:
                    ca:b6:83:4c:58:a3:b2:4e:60:8c:42:38:d3:89:41:
                    a0:4e:d6:9a:7b:22:21:b3:6c:f4:32:39:1d:69:15:
                    d5:dc:09:f5:04:42:90:ed:4a:3e:88:b0:dc:e2:0c:
                    57:f6:d5:ef:f3:0f:60:1d:95:99:e2:41:8f:01:d5:
                    66:eb:c8:4e:c4:74:0d:93:7d:22:f5:ee:35:b6:75:
                    9f:7e:b9:4a:be:48:00:f4:40:53:23:a2:bd:96:57:
                    38:25:4a:88:1f:2d:0a:5e:d9:c5:58:83:95:46:ba:
                    37:40:2a:d5:06:f9:09:3e:a5:2f:1b:45:fd:d7:a2:
                    fd:ab:26:b8:a9:69:11:6f:ea:3f:85:f9:07:64:8e:
                    14:85:65:6e:bf:07:fa:d3:1f:59:7a:c9:16:1e:04:
                    e9:8c:44:44:c7:dd:45:29:5f:f8:01:a9:21:8c:30:
                    e7:f3:5f:2c:55:c5:54:ab:86:94:75:66:b7:36:9b:
                    5e:d4:17:8d:67:f7:cd:ba:6d:94:69:f6:b5:03:cf:
                    17:82:04:6a:44:26:68:9c:2a:f1:0c:76:b7:67:c3:
                    9b:93:d1:1f:42:ba:0d:55:58:e0:c7:e4:c0:1e:ab:
                    c3:f0:82:00:a5:47:4d:e8:42:2c:f2:71:41:91:0e:
                    77:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:87:64:14:DC:99:5D:14:ED:E3:A0:1A:32:3B:62:B9:06:F8:3C:57
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/469a73-2cf3-4687-acc6-102c4ba8cc4b/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/469a73-2cf3-4687-acc6-102c4ba8cc4b/1/1IdkFNyZXRTt46AaMjtiuQb4PFc.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  215663

    Signature Algorithm: sha256WithRSAEncryption
         39:62:bf:dc:a9:61:19:16:5c:21:eb:0a:a9:24:30:5a:d5:2f:
         3a:0e:c3:d6:e5:df:2a:42:73:c3:d8:69:9c:04:c5:ab:72:6c:
         95:4f:49:45:73:c2:d4:54:2c:27:d4:6e:b0:fd:20:82:0b:a0:
         9f:bf:dd:9a:e1:1c:a8:c6:45:67:24:8c:af:8c:65:5f:66:dc:
         f8:2b:f3:3a:28:b9:45:92:ce:3e:9f:fa:f0:57:eb:d1:a5:8f:
         bf:c6:f0:71:93:2a:56:90:81:fc:16:da:3c:42:1c:fd:a8:25:
         4b:fa:35:63:83:94:42:87:b4:5e:fb:85:a9:a9:26:7b:ae:a3:
         12:0e:98:18:b4:d9:13:da:2e:a5:0d:53:6e:25:dd:2d:ec:13:
         c2:cf:2a:51:67:f8:48:ce:7f:7f:13:bb:52:95:8e:e3:32:f9:
         83:da:a0:7c:0d:b7:51:07:44:44:93:43:87:bb:aa:7c:05:e8:
         39:ee:ba:82:ca:f8:f9:87:12:26:5e:ea:9e:51:d6:b7:19:c2:
         34:d2:c5:9e:90:c2:f2:f9:71:48:fd:0c:e2:b2:f0:62:ed:d9:
         40:39:9c:0d:1a:5d:93:5f:96:12:48:3c:1b:24:82:f5:1b:4a:
         8e:bb:ca:a3:ee:f6:33:55:91:a8:7a:9e:cd:dd:b7:45:1f:85:
         4e:d3:8f:b2
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt7NpLK98k5SdnprL1aYMYBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMjAxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDg3NjQxNGRjOTk1ZDE0ZWRlM2EwMWEzMjNiNjJiOTA2ZjgzYzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qNOTVZBxuhd7lI1ToDKtoNMWKOy
TmCMQjjTiUGgTtaaeyIhs2z0MjkdaRXV3An1BEKQ7Uo+iLDc4gxX9tXv8w9gHZWZ
4kGPAdVm68hOxHQNk30i9e41tnWffrlKvkgA9EBTI6K9llc4JUqIHy0KXtnFWIOV
Rro3QCrVBvkJPqUvG0X916L9qya4qWkRb+o/hfkHZI4UhWVuvwf60x9ZeskWHgTp
jEREx91FKV/4AakhjDDn818sVcVUq4aUdWa3Npte1BeNZ/fNum2Uafa1A88XggRq
RCZonCrxDHa3Z8Obk9EfQroNVVjgx+TAHqvD8IIApUdN6EIs8nFBkQ53QwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFNSHZBTcmV0U7eOgGjI7YrkG+DxXMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2UzLzQ2OWE3
My0yY2YzLTQ2ODctYWNjNi0xMDJjNGJhOGNjNGIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTMvNDY5YTcz
LTJjZjMtNDY4Ny1hY2M2LTEwMmM0YmE4Y2M0Yi8xLzFJZGtGTnlaWFJUdDQ2QWFN
anRpdVFiNFBGYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNKbzANBgkqhkiG9w0BAQsFAAOCAQEAOWK/3KlhGRZc
IesKqSQwWtUvOg7D1uXfKkJzw9hpnATFq3JslU9JRXPC1FQsJ9RusP0gggugn7/d
muEcqMZFZySMr4xlX2bc+CvzOii5RZLOPp/68Ffr0aWPv8bwcZMqVpCB/BbaPEIc
/aglS/o1Y4OUQoe0XvuFqakme66jEg6YGLTZE9oupQ1TbiXdLewTws8qUWf4SM5/
fxO7UpWO4zL5g9qgfA23UQdERJNDh7uqfAXoOe66gsr4+YcSJl7qnlHWtxnCNNLF
npDC8vlxSP0M4rLwYu3ZQDmcDRpdk1+WEkg8GySC9RtKjrvKo+72M1WRqHqezd23
RR+FTtOPsg==
-----END CERTIFICATE-----