This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5cN18687kSQJ3YNgp0CRNVaTcUE.cer
File:                     5cN18687kSQJ3YNgp0CRNVaTcUE.cer (raw, json)
Hash identifier:          N2Ut28ScKKehQjIPbTknMHMxQi216UjJ60686pvU0lE=
Subject key identifier:   E5:C3:75:F3:AF:3B:91:24:09:DD:83:60:A7:40:91:35:56:93:71:41
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B77C672619E8CD8EB82189A046E035574
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/13/8d00c2-71db-4fee-b6cb-c75c6d20d32c/1/5cN18687kSQJ3YNgp0CRNVaTcUE.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/13/8d00c2-71db-4fee-b6cb-c75c6d20d32c/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 04:17:32 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 215532
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:c6:72:61:9e:8c:d8:eb:82:18:9a:04:6e:03:55:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 04:17:32 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e5c375f3af3b912409dd8360a740913556937141
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:69:9d:c5:4b:0b:2c:29:03:fc:f4:bd:bd:05:
                    e5:b6:2a:f9:3a:ba:99:4c:ee:5f:f0:e2:23:9d:76:
                    36:fc:e9:96:ac:99:08:0f:f6:5d:5d:51:ab:ba:85:
                    52:02:6e:48:3c:31:7d:81:0d:51:e9:06:f8:14:4c:
                    cb:01:3d:2e:b1:d4:6e:38:87:f5:ce:01:7c:ea:ef:
                    1e:c7:2b:58:f9:8a:45:48:99:29:d1:ce:71:1a:be:
                    ba:9a:c1:82:70:83:fa:4a:71:51:cd:67:8a:b6:4d:
                    67:5e:bb:96:61:64:46:60:d5:98:84:69:d2:67:bc:
                    08:db:7a:77:d2:71:ff:71:c1:62:b4:71:03:b3:58:
                    4f:de:f5:ca:2c:75:10:b2:fd:02:dc:e3:45:0d:1b:
                    cc:6a:b1:9b:b2:e0:59:d8:97:2c:b0:5f:e0:76:5e:
                    ad:86:7a:c9:cb:06:18:26:5b:08:91:23:2f:6a:18:
                    ce:7c:85:f4:9a:c8:e6:a7:f4:7f:6d:49:1f:b0:30:
                    54:76:61:bd:06:64:40:06:d0:78:f1:5b:95:30:f9:
                    c5:47:82:17:06:ae:40:4b:53:c1:96:eb:44:f5:21:
                    a6:32:4f:e1:d7:ec:c9:15:60:b8:ce:56:6a:e7:3b:
                    24:04:bb:e3:be:49:85:fd:09:2d:45:50:bf:2e:ab:
                    a6:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:C3:75:F3:AF:3B:91:24:09:DD:83:60:A7:40:91:35:56:93:71:41
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/8d00c2-71db-4fee-b6cb-c75c6d20d32c/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/8d00c2-71db-4fee-b6cb-c75c6d20d32c/1/5cN18687kSQJ3YNgp0CRNVaTcUE.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  215532

    Signature Algorithm: sha256WithRSAEncryption
         74:e9:6c:da:ba:4c:b8:33:aa:8a:dd:64:88:21:5d:27:ed:84:
         37:0f:36:fa:a6:c9:4c:f7:fd:4e:01:57:7d:71:28:2b:67:84:
         e7:23:89:cb:2f:51:ee:a6:a6:e1:c6:04:15:4d:b8:b5:9b:9d:
         06:e0:86:3f:c1:03:95:2f:7f:62:5f:56:07:a4:78:ff:7b:68:
         a3:85:b5:6f:8e:f6:28:45:d3:fd:95:7a:dc:21:88:33:ac:a5:
         3a:f6:2c:24:d7:01:b5:c4:78:97:2c:b8:8c:b5:bd:e7:95:5f:
         4f:96:02:f5:e7:26:a2:32:7f:b6:86:36:a4:c3:01:b8:10:81:
         d4:b8:5e:24:4c:d6:56:6f:8e:6f:6d:ca:5a:28:c1:3f:39:29:
         1f:ed:37:88:d6:19:7c:bd:aa:cf:71:54:21:97:1f:54:a3:10:
         3f:d9:ca:03:84:9f:8f:21:a3:75:2c:a5:24:64:72:11:c3:c5:
         f7:93:0b:f9:80:3a:14:ed:de:24:10:5a:29:d9:fc:c2:b9:84:
         08:cc:e8:6f:1e:82:8a:84:08:7d:38:4c:1a:49:07:bd:14:3e:
         6d:ef:7a:51:0b:9d:d2:84:45:d3:38:11:cd:e3:f2:ae:a7:3d:
         58:1e:34:f6:5a:9c:e1:76:82:50:c0:40:53:07:6b:87:ce:51:
         47:0c:f1:a7
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt3xnJhnozY64IYmgRuA1V0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMDQxNzMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWMzNzVmM2FmM2I5MTI0MDlkZDgzNjBhNzQwOTEzNTU2OTM3MTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGmdxUsLLCkD/PS9vQXltir5OrqZ
TO5f8OIjnXY2/OmWrJkID/ZdXVGruoVSAm5IPDF9gQ1R6Qb4FEzLAT0usdRuOIf1
zgF86u8exytY+YpFSJkp0c5xGr66msGCcIP6SnFRzWeKtk1nXruWYWRGYNWYhGnS
Z7wI23p30nH/ccFitHEDs1hP3vXKLHUQsv0C3ONFDRvMarGbsuBZ2JcssF/gdl6t
hnrJywYYJlsIkSMvahjOfIX0msjmp/R/bUkfsDBUdmG9BmRABtB48VuVMPnFR4IX
Bq5AS1PBlutE9SGmMk/h1+zJFWC4zlZq5zskBLvjvkmF/QktRVC/LqumpwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFOXDdfOvO5EkCd2DYKdAkTVWk3FBMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEzLzhkMDBj
Mi03MWRiLTRmZWUtYjZjYi1jNzVjNmQyMGQzMmMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMvOGQwMGMy
LTcxZGItNGZlZS1iNmNiLWM3NWM2ZDIwZDMyYy8xLzVjTjE4Njg3a1NRSjNZTmdw
MENSTlZhVGNVRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNJ7DANBgkqhkiG9w0BAQsFAAOCAQEAdOls2rpMuDOq
it1kiCFdJ+2ENw82+qbJTPf9TgFXfXEoK2eE5yOJyy9R7qam4cYEFU24tZudBuCG
P8EDlS9/Yl9WB6R4/3too4W1b472KEXT/ZV63CGIM6ylOvYsJNcBtcR4lyy4jLW9
55VfT5YC9ecmojJ/toY2pMMBuBCB1LheJEzWVm+Ob23KWijBPzkpH+03iNYZfL2q
z3FUIZcfVKMQP9nKA4SfjyGjdSylJGRyEcPF95ML+YA6FO3eJBBaKdn8wrmECMzo
bx6CioQIfThMGkkHvRQ+be96UQud0oRF0zgRzePyrqc9WB409lqc4XaCUMBAUwdr
h85RRwzxpw==
-----END CERTIFICATE-----