This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7jSQhUVj0yIi6azlrYpknptKFyk.cer
File:                     7jSQhUVj0yIi6azlrYpknptKFyk.cer (raw, json)
Hash identifier:          lS7haGPuZaRm3xzoZrG79hCJPhnAFh3trd1/iB4RXWM=
Subject key identifier:   EE:34:90:85:45:63:D3:22:22:E9:AC:E5:AD:8A:64:9E:9B:4A:17:29
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B79104D069CE843D303DED7954CC9A159
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/3c/d02fbc-8bf5-468d-a2a3-45c53b7ef9fa/1/7jSQhUVj0yIi6azlrYpknptKFyk.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/3c/d02fbc-8bf5-468d-a2a3-45c53b7ef9fa/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 10:17:50 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 214061
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:10:4d:06:9c:e8:43:d3:03:de:d7:95:4c:c9:a1:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 10:17:50 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=ee3490854563d32222e9ace5ad8a649e9b4a1729
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:0f:bc:16:2c:5e:8e:8a:72:92:6d:c5:85:8d:
                    a1:bb:bf:65:96:b5:1e:0b:7a:97:39:46:00:75:ea:
                    33:60:35:8d:17:51:d5:cf:34:d5:3b:11:2a:52:e0:
                    cb:59:90:2e:b4:b2:29:48:a0:7f:17:4f:6f:70:3d:
                    6e:bb:16:91:a1:7e:56:d0:eb:79:00:9a:99:05:a8:
                    39:74:ce:5b:92:cf:82:bc:dd:ed:51:7c:cd:11:fd:
                    c8:6d:a9:ff:3b:2a:0e:bb:5d:ab:4b:ef:17:47:b7:
                    06:d2:4c:fa:be:d8:f0:d5:67:73:81:7d:f4:dd:78:
                    00:48:0f:39:1c:c4:34:fd:04:bc:f1:22:8c:f8:43:
                    ce:79:3a:8b:9d:b3:99:8b:34:2e:05:72:8f:e7:b7:
                    27:a3:8b:76:bc:df:9a:99:0e:b9:8a:16:9a:01:7d:
                    ae:88:d9:d2:6d:23:56:b2:7c:f6:84:11:98:1d:30:
                    b2:67:22:4f:2b:05:52:b9:0d:08:70:db:26:cf:4d:
                    a2:12:da:63:f7:cc:ad:2e:7d:40:56:2d:17:dc:90:
                    ab:c1:a9:40:37:1a:3d:0c:5e:4f:31:8a:a4:50:4c:
                    9e:9e:fc:d4:66:ba:18:17:25:31:de:28:13:44:e1:
                    00:f6:05:65:18:18:36:f2:ca:72:25:bc:75:fd:6b:
                    c6:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:34:90:85:45:63:D3:22:22:E9:AC:E5:AD:8A:64:9E:9B:4A:17:29
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/d02fbc-8bf5-468d-a2a3-45c53b7ef9fa/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/d02fbc-8bf5-468d-a2a3-45c53b7ef9fa/1/7jSQhUVj0yIi6azlrYpknptKFyk.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  214061

    Signature Algorithm: sha256WithRSAEncryption
         99:1b:e5:c8:1f:ed:16:19:89:67:e6:12:f8:4a:fd:0d:55:07:
         19:f3:64:6b:2a:e5:ee:ab:e4:b2:04:a3:30:6b:4f:2f:59:6b:
         11:44:09:98:92:38:32:45:5d:96:b5:7e:c5:df:a5:78:a1:d7:
         39:6f:bf:27:31:92:c1:71:b3:22:71:96:1b:7e:9a:5b:58:5e:
         bd:2b:a6:11:4f:8d:f5:84:11:6b:d5:8e:9c:f2:36:73:64:08:
         74:3d:76:42:25:97:d7:6c:16:e4:45:09:f8:95:c7:fa:08:4c:
         83:87:ef:57:c4:5a:30:ea:d6:89:f5:24:17:5a:85:5c:60:d2:
         fe:11:57:0e:36:cd:05:b2:62:cd:42:a2:4f:6f:b0:12:7d:fe:
         a3:e5:f6:d9:2c:65:b9:34:0f:e7:00:5c:b5:29:79:46:74:47:
         12:ed:b1:e4:ee:93:07:c4:1d:dd:9f:9e:7e:b5:33:95:73:9e:
         76:af:fc:bb:e5:fd:92:6c:9c:a5:07:3b:27:27:35:ad:ed:3e:
         61:26:f9:84:4b:22:27:d0:4a:ff:5e:b6:f7:be:d6:05:aa:50:
         6d:00:c8:ef:eb:ed:fc:ef:ca:5e:c4:43:02:be:0d:3d:10:e2:
         04:c3:5f:9d:a3:19:28:8f:42:7d:2f:86:d4:08:a3:96:96:55:
         45:e6:25:bd
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt5EE0GnOhD0wPe15VMyaFZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMTAxNzUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTM0OTA4NTQ1NjNkMzIyMjJlOWFjZTVhZDhhNjQ5ZTliNGExNzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxA+8Fixejopykm3FhY2hu79llrUe
C3qXOUYAdeozYDWNF1HVzzTVOxEqUuDLWZAutLIpSKB/F09vcD1uuxaRoX5W0Ot5
AJqZBag5dM5bks+CvN3tUXzNEf3Iban/OyoOu12rS+8XR7cG0kz6vtjw1WdzgX30
3XgASA85HMQ0/QS88SKM+EPOeTqLnbOZizQuBXKP57cno4t2vN+amQ65ihaaAX2u
iNnSbSNWsnz2hBGYHTCyZyJPKwVSuQ0IcNsmz02iEtpj98ytLn1AVi0X3JCrwalA
Nxo9DF5PMYqkUEyenvzUZroYFyUx3igTROEA9gVlGBg28spyJbx1/WvG3QIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFO40kIVFY9MiIums5a2KZJ6bShcpMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNjL2QwMmZi
Yy04YmY1LTQ2OGQtYTJhMy00NWM1M2I3ZWY5ZmEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2MvZDAyZmJj
LThiZjUtNDY4ZC1hMmEzLTQ1YzUzYjdlZjlmYS8xLzdqU1FoVVZqMHlJaTZhemxy
WXBrbnB0S0Z5ay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNELTANBgkqhkiG9w0BAQsFAAOCAQEAmRvlyB/tFhmJ
Z+YS+Er9DVUHGfNkayrl7qvksgSjMGtPL1lrEUQJmJI4MkVdlrV+xd+leKHXOW+/
JzGSwXGzInGWG36aW1hevSumEU+N9YQRa9WOnPI2c2QIdD12QiWX12wW5EUJ+JXH
+ghMg4fvV8RaMOrWifUkF1qFXGDS/hFXDjbNBbJizUKiT2+wEn3+o+X22SxluTQP
5wBctSl5RnRHEu2x5O6TB8Qd3Z+efrUzlXOedq/8u+X9kmycpQc7Jyc1re0+YSb5
hEsiJ9BK/162977WBapQbQDI7+vt/O/KXsRDAr4NPRDiBMNfnaMZKI9CfS+G1Aij
lpZVReYlvQ==
-----END CERTIFICATE-----