This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5frVG_rdJFMhvgkuaB2N5uLSdcM.cer
File:                     5frVG_rdJFMhvgkuaB2N5uLSdcM.cer (raw, json)
Hash identifier:          R5QQkiQvBvj1d//znH3S8HrLeYQdTBlmGVoDxUoZqkA=
Subject key identifier:   E5:FA:D5:1B:FA:DD:24:53:21:BE:09:2E:68:1D:8D:E6:E2:D2:75:C3
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7CED9AE659ED4032ED5CB07BA9EAC85E
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/29/020b7a-74a3-4594-9c46-d5bdb639fbca/1/5frVG_rdJFMhvgkuaB2N5uLSdcM.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/29/020b7a-74a3-4594-9c46-d5bdb639fbca/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 02 Jan 2026 04:18:25 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 216123
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:ed:9a:e6:59:ed:40:32:ed:5c:b0:7b:a9:ea:c8:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 04:18:25 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e5fad51bfadd245321be092e681d8de6e2d275c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:cc:3a:fb:12:7f:b2:0f:46:7f:73:7c:88:45:
                    b5:93:6f:ed:df:96:ff:82:33:6f:cf:68:6b:7e:08:
                    59:59:04:72:3b:75:1d:fe:2d:a3:f0:63:0f:57:f4:
                    9b:9d:f1:a8:e3:49:76:6e:e1:ae:5f:92:f2:ba:cc:
                    8e:d1:27:54:7c:7b:83:85:aa:7f:35:c7:89:56:e5:
                    c8:ec:3a:8b:ce:54:10:3a:60:01:75:ba:ad:ca:ad:
                    7e:5d:cf:ad:75:17:48:c1:9c:d3:52:5b:11:f2:b6:
                    f4:c0:bc:64:80:1b:3b:3c:40:83:e5:34:82:9b:27:
                    e9:72:30:ff:12:a4:f8:79:d9:7b:a4:d6:1d:f4:b7:
                    bf:26:d9:64:db:02:27:02:65:ed:a4:ea:b7:0d:cf:
                    5e:bd:b2:4c:01:62:59:a0:b8:ad:a1:8c:1e:4a:c7:
                    0d:49:0d:e1:a7:90:3c:53:6a:a4:4d:25:61:e5:ed:
                    99:1b:80:8d:d8:11:df:94:15:f8:f0:45:3f:a0:14:
                    c4:26:77:40:2c:2e:32:ea:ba:41:a2:0f:29:ce:09:
                    31:b0:40:af:ce:fe:e8:90:f0:ea:7f:1d:2c:50:ba:
                    40:bf:5b:2b:52:67:50:d3:af:d6:db:c3:96:62:32:
                    38:4a:f9:83:58:78:0c:ec:cb:54:05:51:8c:94:0f:
                    1a:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:FA:D5:1B:FA:DD:24:53:21:BE:09:2E:68:1D:8D:E6:E2:D2:75:C3
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/020b7a-74a3-4594-9c46-d5bdb639fbca/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/020b7a-74a3-4594-9c46-d5bdb639fbca/1/5frVG_rdJFMhvgkuaB2N5uLSdcM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  216123

    Signature Algorithm: sha256WithRSAEncryption
         72:76:af:c5:a3:ec:1a:d7:af:06:03:f7:f0:c3:4e:f9:57:71:
         fc:da:9b:d8:c5:bb:dc:47:1c:b7:82:a3:d0:fa:89:41:ed:21:
         8a:bd:a1:f2:09:9d:4b:03:b0:88:8c:28:45:e0:4e:eb:fc:81:
         e4:fc:c2:59:b0:d6:b0:89:1b:5a:4a:e2:ed:12:1c:c0:e4:7c:
         c8:0a:9f:4b:f7:ac:57:46:de:bf:ac:84:3b:9a:ca:60:d5:48:
         65:b5:69:99:b4:be:aa:3e:91:71:c5:9c:41:58:00:2b:c6:47:
         15:2a:d4:c9:92:11:a3:7c:6a:79:fa:b8:3a:c0:af:ee:38:f4:
         41:7a:ec:0a:4b:5a:cd:04:06:e0:39:a9:81:19:28:01:0a:20:
         0c:83:70:6e:c1:2a:21:0d:6b:fc:00:ca:b5:33:80:f9:77:fa:
         c2:56:1a:25:4b:0b:80:c0:5e:ce:78:cf:cd:40:2a:c9:75:f9:
         04:ff:b2:49:cc:5d:0b:17:6a:58:96:1f:cf:2d:72:a2:98:28:
         9f:17:e7:d6:3e:3b:3a:c3:03:58:81:16:c4:02:45:c7:fd:ae:
         cb:92:c9:cf:8e:00:95:cd:c3:43:0b:6b:25:a6:fd:df:25:82:
         30:6c:ed:fe:89:b5:92:b1:ec:79:70:de:66:da:44:28:78:92:
         6c:e7:88:dd
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt87ZrmWe1AMu1csHup6sheMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMDQxODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWZhZDUxYmZhZGQyNDUzMjFiZTA5MmU2ODFkOGRlNmUyZDI3NWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18w6+xJ/sg9Gf3N8iEW1k2/t35b/
gjNvz2hrfghZWQRyO3Ud/i2j8GMPV/SbnfGo40l2buGuX5LyusyO0SdUfHuDhap/
NceJVuXI7DqLzlQQOmABdbqtyq1+Xc+tdRdIwZzTUlsR8rb0wLxkgBs7PECD5TSC
myfpcjD/EqT4edl7pNYd9Le/Jtlk2wInAmXtpOq3Dc9evbJMAWJZoLitoYweSscN
SQ3hp5A8U2qkTSVh5e2ZG4CN2BHflBX48EU/oBTEJndALC4y6rpBog8pzgkxsECv
zv7okPDqfx0sULpAv1srUmdQ06/W28OWYjI4SvmDWHgM7MtUBVGMlA8akwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFOX61Rv63SRTIb4JLmgdjebi0nXDMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI5LzAyMGI3
YS03NGEzLTQ1OTQtOWM0Ni1kNWJkYjYzOWZiY2EvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkvMDIwYjdh
LTc0YTMtNDU5NC05YzQ2LWQ1YmRiNjM5ZmJjYS8xLzVmclZHX3JkSkZNaHZna3Vh
QjJONXVMU2RjTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNMOzANBgkqhkiG9w0BAQsFAAOCAQEAcnavxaPsGtev
BgP38MNO+Vdx/Nqb2MW73Ecct4Kj0PqJQe0hir2h8gmdSwOwiIwoReBO6/yB5PzC
WbDWsIkbWkri7RIcwOR8yAqfS/esV0bev6yEO5rKYNVIZbVpmbS+qj6RccWcQVgA
K8ZHFSrUyZIRo3xqefq4OsCv7jj0QXrsCktazQQG4DmpgRkoAQogDINwbsEqIQ1r
/ADKtTOA+Xf6wlYaJUsLgMBeznjPzUAqyXX5BP+yScxdCxdqWJYfzy1yopgonxfn
1j47OsMDWIEWxAJFx/2uy5LJz44Alc3DQwtrJab93yWCMGzt/om1krHseXDeZtpE
KHiSbOeI3Q==
-----END CERTIFICATE-----