This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer
File:                     4KM3CoQbiT57aPhqOTNjWC4QVkg.cer (raw, json)
Hash identifier:          3bnblsIUDPecknFnr5REhXIZ+1ckS/dpS5I0IzJoXUU=
Subject key identifier:   E0:A3:37:0A:84:1B:89:3E:7B:68:F8:6A:39:33:63:58:2E:10:56:48
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7C116240BC876F319A0EED457CB2F072
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 02 Jan 2026 00:17:52 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 204914
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 06:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:11:62:40:bc:87:6f:31:9a:0e:ed:45:7c:b2:f0:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 00:17:52 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e0a3370a841b893e7b68f86a393363582e105648
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:d3:ab:af:ba:00:97:3a:ff:cb:f4:bb:89:fa:
                    4f:f5:a8:5b:c1:0d:52:9a:13:22:8e:be:ee:b9:6e:
                    e4:eb:5c:30:0b:fc:3c:e9:16:0f:f0:de:5b:35:91:
                    20:22:5f:09:3a:9d:65:ec:f8:0a:e1:cc:5b:3a:4b:
                    b8:ee:dc:30:02:44:6d:18:ce:0f:44:f1:ae:c4:64:
                    18:9b:57:5b:78:46:3d:2e:0d:6b:54:f7:d7:11:f4:
                    df:e4:61:b2:02:37:81:57:dc:41:c3:cc:4c:e0:e5:
                    dc:1a:97:a1:51:d6:f0:7e:ee:74:f3:79:b9:bd:d3:
                    4b:4b:90:6d:6b:75:41:e1:6e:a7:d6:e6:98:04:0b:
                    7d:bb:dc:06:dc:27:09:46:62:6f:63:ec:84:b4:6c:
                    a5:73:70:0f:89:28:dc:c2:df:da:02:3e:51:4e:20:
                    b0:7c:2d:0f:fa:77:d9:f3:ce:12:3c:fe:7c:e7:a3:
                    4b:39:90:0c:3c:82:1f:0a:b9:09:80:6d:21:d2:8e:
                    7c:43:df:8a:ee:0d:6d:9b:1c:38:b1:f4:e6:c4:e2:
                    08:6f:83:b0:bb:fc:58:f9:a0:63:61:62:3a:26:39:
                    67:06:df:ce:f3:aa:8d:16:3f:67:37:86:6d:20:d1:
                    7a:db:06:36:40:5e:b9:14:3b:fc:c2:db:67:1e:b9:
                    b2:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:A3:37:0A:84:1B:89:3E:7B:68:F8:6A:39:33:63:58:2E:10:56:48
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  204914

    Signature Algorithm: sha256WithRSAEncryption
         2f:c8:ad:90:3a:9c:bf:92:ec:59:7f:dc:2a:c6:40:dc:4f:b6:
         7d:73:55:08:a6:00:0b:40:23:7c:75:d9:f3:b6:9d:2c:76:76:
         f1:e0:78:10:1e:b2:dd:55:4d:5e:43:72:f8:d2:10:f9:0b:48:
         0f:2f:c4:4e:49:95:a0:c3:c8:ef:b8:37:e5:f3:d0:4c:d7:9b:
         6e:af:19:31:56:ee:cc:5f:4e:92:d5:14:dd:d9:02:91:7b:e1:
         7f:78:a1:59:f3:7b:22:53:fc:ec:6f:55:e4:82:5b:fd:e5:77:
         fe:23:29:33:d4:13:6a:66:41:e5:c3:d3:f6:06:5c:5d:25:ab:
         50:0c:76:67:9d:1e:b1:d9:0b:f7:3f:1a:81:45:d8:da:05:7c:
         1a:b4:fd:35:a1:b4:a7:99:2b:97:c5:a6:c6:f7:f6:a6:76:1f:
         02:05:f5:20:34:93:fa:5e:c0:77:46:c2:80:9b:d7:fa:84:b2:
         ec:57:0c:55:c5:b4:fc:a1:75:02:95:cd:94:5b:13:36:44:3c:
         9a:9d:82:e4:12:43:e7:d4:ed:3f:15:27:5f:d2:64:e0:e2:6e:
         15:da:eb:d8:1c:8c:43:18:16:39:71:29:5c:a4:4d:32:2f:00:
         5a:48:8b:b8:53:0e:99:7b:ef:3f:ba:71:df:7b:b1:99:80:6a:
         95:19:6a:4c
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt8EWJAvIdvMZoO7UV8svByMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMDAxNzUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGEzMzcwYTg0MWI4OTNlN2I2OGY4NmEzOTMzNjM1ODJlMTA1NjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdOrr7oAlzr/y/S7ifpP9ahbwQ1S
mhMijr7uuW7k61wwC/w86RYP8N5bNZEgIl8JOp1l7PgK4cxbOku47twwAkRtGM4P
RPGuxGQYm1dbeEY9Lg1rVPfXEfTf5GGyAjeBV9xBw8xM4OXcGpehUdbwfu5083m5
vdNLS5Bta3VB4W6n1uaYBAt9u9wG3CcJRmJvY+yEtGylc3APiSjcwt/aAj5RTiCw
fC0P+nfZ884SPP5856NLOZAMPIIfCrkJgG0h0o58Q9+K7g1tmxw4sfTmxOIIb4Ow
u/xY+aBjYWI6JjlnBt/O86qNFj9nN4ZtINF62wY2QF65FDv8wttnHrmyXwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFOCjNwqEG4k+e2j4ajkzY1guEFZIMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQwLzk1NzQ2
ZS1iZTUyLTQyZWUtOWNjOC1jM2VkYjRkOGY3MWUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAvOTU3NDZl
LWJlNTItNDJlZS05Y2M4LWMzZWRiNGQ4ZjcxZS8xLzRLTTNDb1FiaVQ1N2FQaHFP
VE5qV0M0UVZrZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMgcjANBgkqhkiG9w0BAQsFAAOCAQEAL8itkDqcv5Ls
WX/cKsZA3E+2fXNVCKYAC0AjfHXZ87adLHZ28eB4EB6y3VVNXkNy+NIQ+QtIDy/E
TkmVoMPI77g35fPQTNebbq8ZMVbuzF9OktUU3dkCkXvhf3ihWfN7IlP87G9V5IJb
/eV3/iMpM9QTamZB5cPT9gZcXSWrUAx2Z50esdkL9z8agUXY2gV8GrT9NaG0p5kr
l8Wmxvf2pnYfAgX1IDST+l7Ad0bCgJvX+oSy7FcMVcW0/KF1ApXNlFsTNkQ8mp2C
5BJD59TtPxUnX9Jk4OJuFdrr2ByMQxgWOXEpXKRNMi8AWkiLuFMOmXvvP7px33ux
mYBqlRlqTA==
-----END CERTIFICATE-----