This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8-9S7YFs9L99Ap_7CrwQGv0sZLU.cer
File:                     8-9S7YFs9L99Ap_7CrwQGv0sZLU.cer (raw, json)
Hash identifier:          QowZvQhiKwRIecGDDxrlqjSzNHwrZ2gJXadmU49c3ew=
Subject key identifier:   F3:EF:52:ED:81:6C:F4:BF:7D:02:9F:FB:0A:BC:10:1A:FD:2C:64:B5
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7CED37875B75AD07E379604C60E0EEC4
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/0c/76664c-1e05-4044-a0c5-eb2c2e86807f/1/8-9S7YFs9L99Ap_7CrwQGv0sZLU.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/0c/76664c-1e05-4044-a0c5-eb2c2e86807f/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 02 Jan 2026 04:17:59 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 209355
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 14:10:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:ed:37:87:5b:75:ad:07:e3:79:60:4c:60:e0:ee:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 04:17:59 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=f3ef52ed816cf4bf7d029ffb0abc101afd2c64b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:1f:d9:fc:b0:45:9c:ab:b2:c9:77:11:62:1d:
                    79:4e:3e:1a:8e:fa:b2:c0:59:97:72:04:ed:7a:25:
                    17:7a:6d:9a:a3:d4:6e:09:c1:67:f7:3e:c8:f2:bd:
                    51:36:83:16:a5:36:bc:b0:ee:af:55:f3:83:eb:9d:
                    47:1f:97:2e:67:13:d9:28:49:9e:d0:d9:a6:a9:54:
                    23:93:b1:22:fe:71:14:a8:c0:75:03:c6:b5:54:b9:
                    1d:b8:90:85:8f:47:7c:b0:a3:53:dd:f1:b9:b9:17:
                    88:37:bc:0a:5d:44:63:6b:ea:1d:77:91:a2:ec:35:
                    ac:39:5a:bd:7e:52:a9:d9:54:96:58:0c:52:96:f4:
                    07:d3:d7:7f:79:09:16:7f:ba:ef:78:fc:4a:be:6e:
                    d8:d5:26:aa:81:15:ea:66:f6:7d:a8:4b:a4:a0:68:
                    02:16:05:1d:d0:2d:72:9b:9a:23:3f:d6:95:50:b6:
                    6f:b1:f7:b3:db:f8:fe:b6:d7:65:c2:19:ea:e9:78:
                    29:04:55:4f:0d:1c:08:b7:1e:2b:e1:24:e5:2b:a5:
                    3f:54:dd:c6:c9:66:71:bf:b7:62:d7:2b:15:f8:78:
                    83:e5:ad:e2:97:99:0e:23:97:89:df:b2:8d:f5:4d:
                    cb:43:3f:e0:0b:45:c6:6f:b9:65:fd:65:0e:f6:33:
                    62:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:EF:52:ED:81:6C:F4:BF:7D:02:9F:FB:0A:BC:10:1A:FD:2C:64:B5
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/76664c-1e05-4044-a0c5-eb2c2e86807f/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/76664c-1e05-4044-a0c5-eb2c2e86807f/1/8-9S7YFs9L99Ap_7CrwQGv0sZLU.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  209355

    Signature Algorithm: sha256WithRSAEncryption
         ad:d8:0f:7d:cf:7f:02:a4:92:c7:b7:e2:04:9d:be:fc:e3:0b:
         56:0d:aa:3c:6c:7c:0e:37:48:38:46:4c:00:7d:ad:20:f0:51:
         a4:59:fc:68:52:e0:1f:58:a9:83:f5:a3:74:1e:6d:35:58:45:
         ca:96:71:06:3f:fd:30:52:a5:8e:6f:73:e0:95:72:49:19:8d:
         1a:8b:0a:a0:a3:fb:e8:8f:b0:09:11:c7:a9:16:0c:67:c6:39:
         f0:72:a7:25:82:40:76:0b:af:31:23:b8:6e:90:43:96:54:85:
         75:3c:e5:82:91:f5:8f:3a:88:e7:ee:c4:44:e7:e5:4f:ab:81:
         ea:49:75:66:cd:ab:02:4d:4b:8d:d6:f6:f7:f0:3e:12:9c:64:
         12:26:fe:db:db:e9:4e:23:3f:5f:1a:d4:52:f1:ff:80:1d:0d:
         24:4b:ee:aa:e8:2c:25:31:81:a5:af:01:09:5b:72:c2:09:99:
         3f:a2:80:80:f6:9d:b1:32:ad:e7:28:a5:49:4d:fa:e7:31:5f:
         a1:16:3c:b2:1d:9c:ee:d5:a7:77:bd:f9:44:87:f2:4e:00:03:
         9d:ee:10:6b:0d:49:b9:b0:72:7e:0a:dc:c7:ab:52:dc:f1:f1:
         c5:ce:f0:a0:90:ff:82:e1:95:2e:7a:52:55:01:eb:f7:fb:6e:
         6f:33:73:fa
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt87TeHW3WtB+N5YExg4O7EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMDQxNzU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2VmNTJlZDgxNmNmNGJmN2QwMjlmZmIwYWJjMTAxYWZkMmM2NGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4x/Z/LBFnKuyyXcRYh15Tj4ajvqy
wFmXcgTteiUXem2ao9RuCcFn9z7I8r1RNoMWpTa8sO6vVfOD651HH5cuZxPZKEme
0NmmqVQjk7Ei/nEUqMB1A8a1VLkduJCFj0d8sKNT3fG5uReIN7wKXURja+odd5Gi
7DWsOVq9flKp2VSWWAxSlvQH09d/eQkWf7rvePxKvm7Y1SaqgRXqZvZ9qEukoGgC
FgUd0C1ym5ojP9aVULZvsfez2/j+ttdlwhnq6XgpBFVPDRwItx4r4STlK6U/VN3G
yWZxv7di1ysV+HiD5a3il5kOI5eJ37KN9U3LQz/gC0XGb7ll/WUO9jNicwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFPPvUu2BbPS/fQKf+wq8EBr9LGS1MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBjLzc2NjY0
Yy0xZTA1LTQwNDQtYTBjNS1lYjJjMmU4NjgwN2YvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMvNzY2NjRj
LTFlMDUtNDA0NC1hMGM1LWViMmMyZTg2ODA3Zi8xLzgtOVM3WUZzOUw5OUFwXzdD
cndRR3Ywc1pMVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMxyzANBgkqhkiG9w0BAQsFAAOCAQEArdgPfc9/AqSS
x7fiBJ2+/OMLVg2qPGx8DjdIOEZMAH2tIPBRpFn8aFLgH1ipg/WjdB5tNVhFypZx
Bj/9MFKljm9z4JVySRmNGosKoKP76I+wCRHHqRYMZ8Y58HKnJYJAdguvMSO4bpBD
llSFdTzlgpH1jzqI5+7EROflT6uB6kl1Zs2rAk1Ljdb29/A+EpxkEib+29vpTiM/
XxrUUvH/gB0NJEvuqugsJTGBpa8BCVtywgmZP6KAgPadsTKt5yilSU365zFfoRY8
sh2c7tWnd735RIfyTgADne4Qaw1JubByfgrcx6tS3PHxxc7woJD/guGVLnpSVQHr
9/tubzNz+g==
-----END CERTIFICATE-----