This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2_W8uRxkCgo0KQXlpRcHUo9aM6E.cer
File:                     2_W8uRxkCgo0KQXlpRcHUo9aM6E.cer (raw, json)
Hash identifier:          hWQZBCRXpT4wehagvGWcEzXc4HhFGurT4AKG5zNRV/w=
Subject key identifier:   DB:F5:BC:B9:1C:64:0A:0A:34:29:05:E5:A5:17:07:52:8F:5A:33:A1
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7CED24FE01CEF186FD728F641E0396BC
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/d4/27ed2d-07c7-41d8-9c24-12b4ebc41451/1/2_W8uRxkCgo0KQXlpRcHUo9aM6E.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/d4/27ed2d-07c7-41d8-9c24-12b4ebc41451/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 02 Jan 2026 04:17:54 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 207338
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 14:10:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:ed:24:fe:01:ce:f1:86:fd:72:8f:64:1e:03:96:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 04:17:54 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=dbf5bcb91c640a0a342905e5a51707528f5a33a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:0d:42:5d:ce:e4:64:11:25:65:30:e5:f9:90:
                    56:e4:75:22:0b:68:f7:30:c5:4a:bf:c5:99:0b:00:
                    1c:5b:fc:bd:a8:b5:fb:46:74:24:55:6c:ec:46:42:
                    62:92:6e:ad:aa:64:63:bd:d7:c6:ab:22:b2:ed:72:
                    52:9a:6b:6c:51:06:05:bb:27:2d:60:97:73:df:0e:
                    ae:0d:b6:a3:7a:97:90:25:e7:3e:58:fb:96:ad:e5:
                    c0:6a:7d:d2:0c:8b:89:ca:50:91:88:b2:f9:78:b0:
                    b9:92:1d:a8:4c:58:b9:95:93:3a:aa:f8:97:e5:f8:
                    b9:7d:78:a2:59:0e:47:fd:a4:ad:54:3b:cd:1d:3f:
                    0e:18:de:a8:6a:05:ea:5c:b3:1a:dd:f0:31:f0:a5:
                    58:b2:d1:d2:f9:99:78:49:3f:53:20:2b:69:ca:5e:
                    4f:05:9c:6e:6e:5d:ae:85:09:2c:a4:fc:ef:18:8d:
                    5e:bc:f5:f0:78:c8:65:c0:f4:bb:d3:46:b9:46:87:
                    5b:c6:25:23:39:c8:aa:e7:72:53:b9:43:42:37:ab:
                    59:50:8b:cc:eb:44:a3:d2:5a:b2:46:0d:64:b6:eb:
                    f3:ff:a7:7a:78:3e:f2:72:ab:4a:1a:ec:24:e4:88:
                    ce:c5:34:d6:d7:29:9a:7b:c1:b6:2a:c2:83:bb:ce:
                    81:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:F5:BC:B9:1C:64:0A:0A:34:29:05:E5:A5:17:07:52:8F:5A:33:A1
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/27ed2d-07c7-41d8-9c24-12b4ebc41451/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/27ed2d-07c7-41d8-9c24-12b4ebc41451/1/2_W8uRxkCgo0KQXlpRcHUo9aM6E.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  207338

    Signature Algorithm: sha256WithRSAEncryption
         0d:e8:f9:31:14:31:7b:56:ba:3e:b3:38:fb:d3:cb:43:2a:9f:
         37:3a:e5:f8:27:b6:ee:13:aa:14:fa:8e:b5:c3:d2:8f:d3:9c:
         40:37:9a:c4:2d:99:2d:12:0d:f6:0c:4f:a1:66:01:c2:a7:68:
         f5:57:aa:1d:a4:30:3b:ac:b0:c3:16:97:8c:d9:78:7e:50:54:
         b4:10:20:99:75:0a:b0:9c:05:9b:fa:3f:a3:a1:bf:e5:95:dd:
         3c:e5:1e:8c:a0:31:39:8f:c5:66:7d:97:98:2f:c1:06:eb:cf:
         b3:42:02:af:c9:e8:8d:31:ac:36:71:d8:6e:92:b6:50:70:49:
         cf:0c:12:80:2c:cd:8b:10:2b:9f:7d:d5:4b:ee:6e:bc:f3:06:
         f2:1c:df:75:8b:29:ea:45:b5:07:cf:4b:d7:62:94:e6:c3:f4:
         9d:7f:d7:2d:82:5e:2a:a8:5a:40:8b:f0:ce:f4:aa:6a:e2:74:
         d3:f2:08:be:f8:fa:bc:18:c7:cf:ca:d5:f2:0a:b9:bd:cf:ad:
         90:13:c8:6b:18:1f:39:64:a4:3d:28:e9:f8:1b:88:c9:3f:45:
         73:58:1d:c9:12:bc:67:73:d4:fe:16:1c:46:0f:12:a2:82:a5:
         6b:72:c8:36:f9:60:c3:cf:89:87:eb:d8:cf:81:fc:21:7f:68:
         e5:c9:c1:3a
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt87ST+Ac7xhv1yj2QeA5a8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMDQxNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmY1YmNiOTFjNjQwYTBhMzQyOTA1ZTVhNTE3MDc1MjhmNWEzM2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuA1CXc7kZBElZTDl+ZBW5HUiC2j3
MMVKv8WZCwAcW/y9qLX7RnQkVWzsRkJikm6tqmRjvdfGqyKy7XJSmmtsUQYFuyct
YJdz3w6uDbajepeQJec+WPuWreXAan3SDIuJylCRiLL5eLC5kh2oTFi5lZM6qviX
5fi5fXiiWQ5H/aStVDvNHT8OGN6oagXqXLMa3fAx8KVYstHS+Zl4ST9TICtpyl5P
BZxubl2uhQkspPzvGI1evPXweMhlwPS700a5RodbxiUjOciq53JTuUNCN6tZUIvM
60Sj0lqyRg1ktuvz/6d6eD7ycqtKGuwk5IjOxTTW1ymae8G2KsKDu86BNQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFNv1vLkcZAoKNCkF5aUXB1KPWjOhMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q0LzI3ZWQy
ZC0wN2M3LTQxZDgtOWMyNC0xMmI0ZWJjNDE0NTEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQvMjdlZDJk
LTA3YzctNDFkOC05YzI0LTEyYjRlYmM0MTQ1MS8xLzJfVzh1UnhrQ2dvMEtRWGxw
UmNIVW85YU02RS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMp6jANBgkqhkiG9w0BAQsFAAOCAQEADej5MRQxe1a6
PrM4+9PLQyqfNzrl+Ce27hOqFPqOtcPSj9OcQDeaxC2ZLRIN9gxPoWYBwqdo9Veq
HaQwO6ywwxaXjNl4flBUtBAgmXUKsJwFm/o/o6G/5ZXdPOUejKAxOY/FZn2XmC/B
BuvPs0ICr8nojTGsNnHYbpK2UHBJzwwSgCzNixArn33VS+5uvPMG8hzfdYsp6kW1
B89L12KU5sP0nX/XLYJeKqhaQIvwzvSqauJ00/IIvvj6vBjHz8rV8gq5vc+tkBPI
axgfOWSkPSjp+BuIyT9Fc1gdyRK8Z3PU/hYcRg8SooKla3LINvlgw8+Jh+vYz4H8
IX9o5cnBOg==
-----END CERTIFICATE-----