This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7P2OqrWurDzpQf4SWFmzKjUlE0Q.cer
File:                     7P2OqrWurDzpQf4SWFmzKjUlE0Q.cer (raw, json)
Hash identifier:          GTWaIrFIIsILNDSdw2m/FMgbXiAi1hB++RdsOI6lcaE=
Subject key identifier:   EC:FD:8E:AA:B5:AE:AC:3C:E9:41:FE:12:58:59:B3:2A:35:25:13:44
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B78A2ED0FE2488B8DC33AF385FD3CCC14
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/0f/bb883a-486d-4975-8dbc-d4b90b6f4659/1/7P2OqrWurDzpQf4SWFmzKjUlE0Q.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/0f/bb883a-486d-4975-8dbc-d4b90b6f4659/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 08:18:22 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 212568
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 06:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:78:a2:ed:0f:e2:48:8b:8d:c3:3a:f3:85:fd:3c:cc:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 08:18:22 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=ecfd8eaab5aeac3ce941fe125859b32a35251344
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:e3:fe:f8:0b:41:b8:7b:b3:ef:f0:fd:96:01:
                    f5:64:82:2d:a2:d8:73:15:a2:1c:76:1a:0a:b0:5c:
                    5f:b6:30:a1:b9:05:fa:ec:63:48:92:18:44:93:51:
                    8d:8c:d1:23:7e:f1:d5:eb:83:91:ec:ae:99:1f:15:
                    af:41:08:52:8a:b1:98:d7:e5:43:b6:e4:a2:79:13:
                    79:99:e7:5c:3c:b8:63:98:ac:f8:80:76:1f:4d:5d:
                    f5:52:22:9a:05:63:8d:e9:74:bb:61:d9:5d:50:d9:
                    bb:d0:b5:89:84:6d:94:56:47:cf:f9:21:ee:0c:9c:
                    22:6d:d1:74:3e:75:c3:43:35:63:26:19:76:50:27:
                    d7:6a:b8:6a:15:50:c7:75:f1:5a:92:2f:f6:fa:bc:
                    69:ce:95:65:c1:71:6d:df:d8:a0:7e:72:51:bc:33:
                    96:2b:57:07:4f:b0:30:96:fa:c8:d0:b2:06:83:e8:
                    78:04:f7:f8:21:b2:4e:c8:8a:56:29:9b:c8:71:e3:
                    d1:d2:81:87:a9:46:41:37:0e:dd:dc:bb:74:7b:a9:
                    d6:05:bc:88:43:80:28:a8:27:e2:19:7e:dd:4f:73:
                    94:eb:2b:d3:91:3f:08:0a:e4:c7:e6:7f:d3:e6:4c:
                    09:ae:0b:b2:bb:c3:12:44:26:b2:cf:b7:c0:64:76:
                    d8:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:FD:8E:AA:B5:AE:AC:3C:E9:41:FE:12:58:59:B3:2A:35:25:13:44
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/bb883a-486d-4975-8dbc-d4b90b6f4659/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/bb883a-486d-4975-8dbc-d4b90b6f4659/1/7P2OqrWurDzpQf4SWFmzKjUlE0Q.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  212568

    Signature Algorithm: sha256WithRSAEncryption
         7d:80:72:85:3f:fa:71:67:2d:95:f4:48:16:8b:73:81:35:79:
         a5:a6:84:60:7e:ad:8d:9a:b6:f0:fd:f3:6c:30:c5:20:ad:f5:
         79:2b:8a:8e:cd:06:d8:85:90:e5:15:c6:cb:93:16:23:5a:c7:
         bb:df:50:5d:9e:4a:8c:4a:74:bd:d9:7a:a4:69:d4:d1:18:92:
         7c:c0:af:26:bc:74:a7:60:ea:b0:b6:07:c8:d0:7f:22:90:c7:
         a8:5f:a8:53:42:2b:13:09:c8:1a:8e:6c:d9:07:3d:85:42:e6:
         33:35:a2:a4:dd:93:58:41:53:96:d3:ed:76:16:dd:b8:6d:13:
         7a:6c:50:6d:20:b2:2b:48:74:52:96:b3:eb:e3:60:e6:3e:f5:
         67:1d:ed:b5:fd:46:c9:04:2f:42:c9:16:0e:fb:c4:4d:67:84:
         b8:6a:fb:bb:6a:e8:bb:11:8c:c3:ca:b3:ee:a2:53:00:43:31:
         19:f8:0a:f3:57:24:24:a3:04:e1:65:9d:5d:16:cb:ca:19:40:
         e7:ab:79:16:71:98:58:4f:f8:90:96:b4:38:39:4e:f6:f5:19:
         ae:8f:cc:e6:57:48:e4:62:59:8e:9c:6c:e8:ab:05:a0:42:3a:
         7e:89:97:9f:82:7a:15:c9:93:0a:9b:84:ed:2f:4d:b2:f5:77:
         9d:78:04:db
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt4ou0P4kiLjcM684X9PMwUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMDgxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2ZkOGVhYWI1YWVhYzNjZTk0MWZlMTI1ODU5YjMyYTM1MjUxMzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleP++AtBuHuz7/D9lgH1ZIItothz
FaIcdhoKsFxftjChuQX67GNIkhhEk1GNjNEjfvHV64OR7K6ZHxWvQQhSirGY1+VD
tuSieRN5medcPLhjmKz4gHYfTV31UiKaBWON6XS7YdldUNm70LWJhG2UVkfP+SHu
DJwibdF0PnXDQzVjJhl2UCfXarhqFVDHdfFaki/2+rxpzpVlwXFt39igfnJRvDOW
K1cHT7AwlvrI0LIGg+h4BPf4IbJOyIpWKZvIcePR0oGHqUZBNw7d3Lt0e6nWBbyI
Q4AoqCfiGX7dT3OU6yvTkT8ICuTH5n/T5kwJrguyu8MSRCayz7fAZHbY0wIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFOz9jqq1rqw86UH+ElhZsyo1JRNEMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBmL2JiODgz
YS00ODZkLTQ5NzUtOGRiYy1kNGI5MGI2ZjQ2NTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYvYmI4ODNh
LTQ4NmQtNDk3NS04ZGJjLWQ0YjkwYjZmNDY1OS8xLzdQMk9xcld1ckR6cFFmNFNX
Rm16S2pVbEUwUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwM+WDANBgkqhkiG9w0BAQsFAAOCAQEAfYByhT/6cWct
lfRIFotzgTV5paaEYH6tjZq28P3zbDDFIK31eSuKjs0G2IWQ5RXGy5MWI1rHu99Q
XZ5KjEp0vdl6pGnU0RiSfMCvJrx0p2DqsLYHyNB/IpDHqF+oU0IrEwnIGo5s2Qc9
hULmMzWipN2TWEFTltPtdhbduG0TemxQbSCyK0h0Upaz6+Ng5j71Zx3ttf1GyQQv
QskWDvvETWeEuGr7u2rouxGMw8qz7qJTAEMxGfgK81ckJKME4WWdXRbLyhlA56t5
FnGYWE/4kJa0ODlO9vUZro/M5ldI5GJZjpxs6KsFoEI6fomXn4J6FcmTCpuE7S9N
svV3nXgE2w==
-----END CERTIFICATE-----