This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4B14knq5nJ5ziv6bAWIUpIgK0VQ.cer
File:                     4B14knq5nJ5ziv6bAWIUpIgK0VQ.cer (raw, json)
Hash identifier:          PVbZjhXId3Jyl1sQl6SkmNqY4tauhShxolTuZzUYP08=
Subject key identifier:   E0:1D:78:92:7A:B9:9C:9E:73:8A:FE:9B:01:62:14:A4:88:0A:D1:54
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B79110DB1ECF4B6CBAE8B0A767759F573
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/d1/b8fbc5-5a8b-4a2b-9414-70890e54da8b/1/4B14knq5nJ5ziv6bAWIUpIgK0VQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/d1/b8fbc5-5a8b-4a2b-9414-70890e54da8b/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 10:18:39 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 207252
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 06:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:11:0d:b1:ec:f4:b6:cb:ae:8b:0a:76:77:59:f5:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 10:18:39 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e01d78927ab99c9e738afe9b016214a4880ad154
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:6a:04:32:8e:bb:67:90:d7:bf:4c:83:60:a3:
                    30:23:52:09:e2:a7:a1:66:26:1b:85:43:2c:d8:36:
                    d9:03:2b:3b:9f:ba:8f:e4:a7:c3:67:7a:18:3a:3e:
                    07:0e:33:73:c5:84:ef:9d:ff:38:4f:b7:ed:0c:68:
                    2e:e9:c5:df:c8:0b:4b:7d:48:b9:8a:0a:b0:cd:d1:
                    69:43:46:8f:90:0c:7d:1b:d8:0a:90:97:b0:19:f3:
                    bc:e0:33:23:28:82:0a:57:5a:51:10:17:e1:77:8f:
                    a0:9f:71:0c:c7:76:a9:79:8f:a2:34:52:d4:02:7c:
                    1d:0c:b3:d1:a6:9e:ea:b6:fb:75:1c:45:64:a2:b4:
                    f0:8d:3b:23:06:63:04:18:ab:36:82:32:d9:1d:31:
                    10:71:1d:21:cf:13:8e:5f:4b:ff:79:c7:a5:04:ee:
                    5e:93:ea:d7:c0:fc:92:db:9d:71:87:32:09:fb:e2:
                    39:47:46:20:76:dd:f4:0f:32:f6:8b:96:9e:05:49:
                    80:af:f4:f7:ac:f7:41:ea:7b:0c:c9:ce:d1:a2:8b:
                    ab:bd:9a:3e:bd:36:66:c8:c1:38:53:31:84:c4:0d:
                    e4:c9:d5:64:e5:6b:73:26:a1:fe:a7:f2:1f:b6:6e:
                    ea:c7:b9:0c:98:ad:97:84:8b:95:15:1f:94:11:f8:
                    5e:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:1D:78:92:7A:B9:9C:9E:73:8A:FE:9B:01:62:14:A4:88:0A:D1:54
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b8fbc5-5a8b-4a2b-9414-70890e54da8b/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b8fbc5-5a8b-4a2b-9414-70890e54da8b/1/4B14knq5nJ5ziv6bAWIUpIgK0VQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  207252

    Signature Algorithm: sha256WithRSAEncryption
         88:74:33:88:ed:e1:b8:32:96:68:ac:4b:63:9c:19:22:12:86:
         91:db:a7:fc:83:0f:9f:8b:44:64:78:8c:82:32:4b:8f:7b:cf:
         ac:16:93:c5:8f:d7:fc:aa:58:70:6a:fe:2f:e8:3f:55:eb:d2:
         ce:07:81:2b:8d:da:ae:21:9d:4d:4c:7e:bd:a4:76:ff:ec:0c:
         00:a8:d3:55:a9:48:a9:fb:52:a6:c6:55:0b:b7:03:b1:db:96:
         27:66:71:e1:fa:8a:67:e2:19:32:7f:54:f5:ab:f8:6a:be:1a:
         b6:55:2d:94:31:e1:f8:ac:36:a4:d8:db:cb:e4:b9:3b:25:80:
         78:6e:73:44:7d:8d:73:1c:d5:d0:45:8f:f9:e5:5b:71:00:3d:
         e9:43:4d:8e:34:07:aa:79:86:35:9a:eb:7e:0b:3c:59:67:44:
         91:46:fd:75:59:f9:bf:5c:0d:bb:fe:15:f4:75:94:f4:ce:3c:
         61:ba:7c:66:a4:48:78:f8:8a:50:32:6a:f3:ac:d7:bf:4e:36:
         bc:27:c6:82:4b:08:2a:ee:98:49:9b:bd:ec:de:38:84:b4:70:
         6c:39:ca:a5:9e:68:d0:48:01:00:57:24:6e:63:52:13:31:c2:
         ff:44:7d:7e:d2:20:2a:a7:81:b3:3f:c9:5c:06:a0:17:04:d6:
         c0:96:21:1f
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt5EQ2x7PS2y66LCnZ3WfVzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMTAxODM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDFkNzg5MjdhYjk5YzllNzM4YWZlOWIwMTYyMTRhNDg4MGFkMTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5WoEMo67Z5DXv0yDYKMwI1IJ4qeh
ZiYbhUMs2DbZAys7n7qP5KfDZ3oYOj4HDjNzxYTvnf84T7ftDGgu6cXfyAtLfUi5
igqwzdFpQ0aPkAx9G9gKkJewGfO84DMjKIIKV1pREBfhd4+gn3EMx3apeY+iNFLU
AnwdDLPRpp7qtvt1HEVkorTwjTsjBmMEGKs2gjLZHTEQcR0hzxOOX0v/ecelBO5e
k+rXwPyS251xhzIJ++I5R0Ygdt30DzL2i5aeBUmAr/T3rPdB6nsMyc7RoourvZo+
vTZmyME4UzGExA3kydVk5WtzJqH+p/Iftm7qx7kMmK2XhIuVFR+UEfhejQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFOAdeJJ6uZyec4r+mwFiFKSICtFUMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2QxL2I4ZmJj
NS01YThiLTRhMmItOTQxNC03MDg5MGU1NGRhOGIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEvYjhmYmM1
LTVhOGItNGEyYi05NDE0LTcwODkwZTU0ZGE4Yi8xLzRCMTRrbnE1bko1eml2NmJB
V0lVcElnSzBWUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMplDANBgkqhkiG9w0BAQsFAAOCAQEAiHQziO3huDKW
aKxLY5wZIhKGkdun/IMPn4tEZHiMgjJLj3vPrBaTxY/X/KpYcGr+L+g/VevSzgeB
K43ariGdTUx+vaR2/+wMAKjTValIqftSpsZVC7cDsduWJ2Zx4fqKZ+IZMn9U9av4
ar4atlUtlDHh+Kw2pNjby+S5OyWAeG5zRH2NcxzV0EWP+eVbcQA96UNNjjQHqnmG
NZrrfgs8WWdEkUb9dVn5v1wNu/4V9HWU9M48Ybp8ZqRIePiKUDJq86zXv042vCfG
gksIKu6YSZu97N44hLRwbDnKpZ5o0EgBAFckbmNSEzHC/0R9ftIgKqeBsz/JXAag
FwTWwJYhHw==
-----END CERTIFICATE-----