This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
File:                     5LDTY6ChegaEUahRRc5PpGTX-hs.cer (raw, json)
Hash identifier:          iV4nvc3e1T15HDoJ2m0tf9paWmewZGXbsriPDADc7gc=
Subject key identifier:   E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7834CCE3377BA9B74B7175992DAF2CB1
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 06:18:04 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 211243
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:78:34:cc:e3:37:7b:a9:b7:4b:71:75:99:2d:af:2c:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 06:18:04 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:72:e1:9f:74:cc:f0:8e:5b:22:e7:ae:a6:6b:
                    7a:db:76:00:da:b7:8a:f9:fe:f4:15:39:b3:0c:76:
                    a7:22:08:2a:93:ad:ca:b5:23:0b:24:f5:dd:33:65:
                    12:2d:92:8b:35:bf:de:57:a3:69:34:90:c1:05:a2:
                    f5:1b:2d:6f:98:b1:58:04:c7:6b:1a:a4:94:be:75:
                    a5:64:cf:ac:02:db:e0:11:5f:c2:0b:81:13:b9:e6:
                    eb:fa:4f:02:52:2b:8c:e4:9d:d0:f0:79:21:ee:bd:
                    8e:c1:aa:5c:ee:54:95:bb:d2:ce:7d:28:d0:dc:70:
                    c6:1c:2c:64:9f:ca:98:b6:76:fb:1e:8d:0b:94:3d:
                    66:b0:11:28:2d:c5:77:90:10:8d:15:83:f6:53:d5:
                    b7:75:f5:9a:4d:58:33:7b:68:2f:ea:70:08:06:4c:
                    38:f0:f8:ec:34:11:6d:49:4b:74:88:9a:77:be:06:
                    e7:6c:d4:6a:72:51:5a:4a:b0:3c:08:03:e7:f2:d7:
                    bc:9f:46:c6:6e:21:b3:1c:93:8a:49:66:00:0b:1c:
                    a4:8e:f0:b7:25:e8:7c:ff:25:d4:dc:fc:af:3c:c6:
                    c0:91:b6:2b:e8:b9:ab:91:e1:1d:c9:19:20:26:a8:
                    0f:f4:bb:cf:00:19:66:be:17:cd:7b:58:55:31:01:
                    37:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  211243

    Signature Algorithm: sha256WithRSAEncryption
         5a:6a:7e:2f:86:4d:28:32:3b:33:f5:89:3a:c7:48:5a:fc:c4:
         ef:cc:32:d5:61:ac:8f:78:b7:9c:b5:ce:09:d2:f7:20:eb:9a:
         cc:2a:d2:90:93:36:5c:3c:f0:7e:5b:94:3e:7e:cf:f4:73:1e:
         a1:83:32:00:c1:33:22:c8:e5:82:da:9b:49:2d:79:ad:61:b0:
         97:7a:a7:ec:ff:3c:a0:e7:52:fc:d5:3c:ef:eb:6d:db:3c:f4:
         a5:d6:d8:42:0f:a0:ad:85:9b:d1:27:f7:35:71:ba:89:3b:3f:
         1f:ab:fa:63:0f:be:6a:2c:ad:4e:f0:1a:df:c1:d6:80:2f:d4:
         6e:9d:17:d3:74:0e:cc:4e:52:72:cb:93:09:75:28:04:95:8b:
         59:cd:30:17:a6:04:01:60:f0:1c:c6:03:be:57:2f:99:bf:70:
         a6:fe:2f:9f:c4:74:b8:8f:25:ce:ad:af:96:ea:b4:08:d0:c3:
         3f:40:23:c8:87:26:44:ed:ba:ce:2a:f8:c8:b6:49:3e:bf:6a:
         f3:e9:2f:1e:fe:57:ee:cb:53:68:9e:67:30:bf:c4:a8:4f:3e:
         19:b7:7a:73:bf:70:c8:7b:a2:e8:96:59:db:ac:70:75:3f:b7:
         9f:a1:9e:9e:cf:a8:43:b7:e4:f5:a5:1a:9d:9c:80:32:d2:76:
         95:87:a3:19
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt4NMzjN3upt0txdZktryyxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMDYxODA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGIwZDM2M2EwYTE3YTA2ODQ1MWE4NTE0NWNlNGZhNDY0ZDdmYTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3Lhn3TM8I5bIueupmt623YA2reK
+f70FTmzDHanIggqk63KtSMLJPXdM2USLZKLNb/eV6NpNJDBBaL1Gy1vmLFYBMdr
GqSUvnWlZM+sAtvgEV/CC4ETuebr+k8CUiuM5J3Q8Hkh7r2Owapc7lSVu9LOfSjQ
3HDGHCxkn8qYtnb7Ho0LlD1msBEoLcV3kBCNFYP2U9W3dfWaTVgze2gv6nAIBkw4
8PjsNBFtSUt0iJp3vgbnbNRqclFaSrA8CAPn8te8n0bGbiGzHJOKSWYACxykjvC3
Jeh8/yXU3PyvPMbAkbYr6LmrkeEdyRkgJqgP9LvPABlmvhfNe1hVMQE3rwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFOSw02OgoXoGhFGoUUXOT6Rk1/obMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBlLzQ3NTNk
My1hMWU5LTRmZDUtYWVmZS03YzdkOGE3OGE5NjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUvNDc1M2Qz
LWExZTktNGZkNS1hZWZlLTdjN2Q4YTc4YTk2My8xLzVMRFRZNkNoZWdhRVVhaFJS
YzVQcEdUWC1ocy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwM5KzANBgkqhkiG9w0BAQsFAAOCAQEAWmp+L4ZNKDI7
M/WJOsdIWvzE78wy1WGsj3i3nLXOCdL3IOuazCrSkJM2XDzwfluUPn7P9HMeoYMy
AMEzIsjlgtqbSS15rWGwl3qn7P88oOdS/NU87+tt2zz0pdbYQg+grYWb0Sf3NXG6
iTs/H6v6Yw++aiytTvAa38HWgC/Ubp0X03QOzE5ScsuTCXUoBJWLWc0wF6YEAWDw
HMYDvlcvmb9wpv4vn8R0uI8lzq2vluq0CNDDP0AjyIcmRO26zir4yLZJPr9q8+kv
Hv5X7stTaJ5nML/EqE8+Gbd6c79wyHui6JZZ26xwdT+3n6Gens+oQ7fk9aUanZyA
MtJ2lYejGQ==
-----END CERTIFICATE-----