This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8Ss4HgDWFiGsxFzxij5wWX1bkYY.cer
File:                     8Ss4HgDWFiGsxFzxij5wWX1bkYY.cer (raw, json)
Hash identifier:          tyBX9OdDR3boZKF9wwL60qfXAmC2pb/0znsEleJpVK4=
Subject key identifier:   F1:2B:38:1E:00:D6:16:21:AC:C4:5C:F1:8A:3E:70:59:7D:5B:91:86
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B76EB677A8675CCA9C5DD1295FCFD45F3
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/d9/8b2c9f-15ce-434e-be93-5d436cef608f/1/8Ss4HgDWFiGsxFzxij5wWX1bkYY.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/d9/8b2c9f-15ce-434e-be93-5d436cef608f/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 00:18:17 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 208074
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 06:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:76:eb:67:7a:86:75:cc:a9:c5:dd:12:95:fc:fd:45:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 00:18:17 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=f12b381e00d61621acc45cf18a3e70597d5b9186
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:96:00:77:9c:b7:19:af:89:7f:ea:33:b3:16:
                    47:04:73:bb:6d:b8:6a:d2:4c:0c:34:32:ff:aa:52:
                    ca:67:2a:82:93:21:82:14:4c:b4:23:d6:8c:f6:72:
                    6f:51:c2:fd:0b:78:ce:59:54:c5:c2:dc:93:b8:9b:
                    c1:7f:7f:0f:60:c9:46:24:ce:04:1c:8f:48:54:d0:
                    f5:f3:b4:13:d2:05:94:87:e8:a3:97:20:e6:5d:80:
                    92:1e:45:f2:78:ce:3e:35:5c:da:13:b3:db:bb:29:
                    51:1d:7e:57:b1:51:83:99:21:39:16:c1:d8:a5:b7:
                    f1:9d:08:aa:da:af:cd:29:22:e6:e8:98:9d:e4:08:
                    1f:d3:6d:e0:32:da:17:f4:ac:3f:bd:86:6f:4b:99:
                    ce:99:a0:ee:f6:cd:8d:ae:20:ef:30:da:6a:ae:ce:
                    9e:4f:55:a4:2e:7a:40:95:f4:7c:e2:8b:78:5f:7c:
                    7f:9f:25:44:34:74:d0:4e:dd:d7:ec:1b:8e:85:81:
                    e7:7e:54:d0:3c:e0:c0:ec:63:cd:37:f2:46:02:4c:
                    88:d3:ec:ca:fc:c4:ff:b0:d3:14:22:0f:cd:8b:13:
                    6d:5a:0a:99:71:d2:21:46:a6:e1:0b:55:75:2b:d7:
                    a1:7c:b8:41:da:e7:46:c5:b6:ad:7b:4b:1e:49:bc:
                    1b:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:2B:38:1E:00:D6:16:21:AC:C4:5C:F1:8A:3E:70:59:7D:5B:91:86
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/8b2c9f-15ce-434e-be93-5d436cef608f/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/8b2c9f-15ce-434e-be93-5d436cef608f/1/8Ss4HgDWFiGsxFzxij5wWX1bkYY.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  208074

    Signature Algorithm: sha256WithRSAEncryption
         35:4b:b7:be:57:d1:41:5b:36:d1:37:5f:35:77:7c:e2:bc:0e:
         68:e2:37:0a:d0:08:6e:79:31:7a:11:c5:ca:3a:70:48:96:7e:
         09:36:0d:53:6a:06:af:0b:22:dd:e7:be:b3:e7:eb:41:25:c1:
         d7:d7:ef:28:b9:55:2d:65:ce:da:1a:67:d4:20:ff:87:29:30:
         bb:0a:27:13:12:a5:b0:0e:e9:2b:ca:55:3f:00:ce:87:30:98:
         d5:7d:3b:c5:26:a9:c5:4b:71:d8:00:e2:25:b0:b7:eb:36:4d:
         3c:83:a2:9b:0f:10:0b:c2:9c:6d:1e:bb:5e:cc:07:64:58:b7:
         af:18:b0:1a:fa:8e:42:ad:cc:e2:35:ab:1e:b5:d6:cf:02:2b:
         34:20:64:ed:30:91:9b:b8:c8:18:4e:38:6b:13:f3:5e:a9:4d:
         7f:37:3d:f4:23:da:a5:c1:de:c7:37:76:ef:75:94:3e:98:90:
         3c:1a:11:57:6a:72:51:c9:62:25:f4:1f:be:63:10:24:d7:f7:
         73:e9:1e:5e:23:9d:69:5b:7c:1d:0a:29:e1:f7:c4:63:b8:c5:
         7d:3a:aa:57:3a:9a:cd:f1:e9:0e:29:4a:04:90:4d:50:31:92:
         ac:f3:4a:c1:97:5b:f4:2f:6a:bd:4a:5c:64:cc:b4:f1:4c:9d:
         74:4b:03:fd
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt262d6hnXMqcXdEpX8/UXzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMDAxODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTJiMzgxZTAwZDYxNjIxYWNjNDVjZjE4YTNlNzA1OTdkNWI5MTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5YAd5y3Ga+Jf+ozsxZHBHO7bbhq
0kwMNDL/qlLKZyqCkyGCFEy0I9aM9nJvUcL9C3jOWVTFwtyTuJvBf38PYMlGJM4E
HI9IVND187QT0gWUh+ijlyDmXYCSHkXyeM4+NVzaE7PbuylRHX5XsVGDmSE5FsHY
pbfxnQiq2q/NKSLm6Jid5Agf023gMtoX9Kw/vYZvS5nOmaDu9s2NriDvMNpqrs6e
T1WkLnpAlfR84ot4X3x/nyVENHTQTt3X7BuOhYHnflTQPODA7GPNN/JGAkyI0+zK
/MT/sNMUIg/NixNtWgqZcdIhRqbhC1V1K9ehfLhB2udGxbate0seSbwb+wIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFPErOB4A1hYhrMRc8Yo+cFl9W5GGMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q5LzhiMmM5
Zi0xNWNlLTQzNGUtYmU5My01ZDQzNmNlZjYwOGYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkvOGIyYzlm
LTE1Y2UtNDM0ZS1iZTkzLTVkNDM2Y2VmNjA4Zi8xLzhTczRIZ0RXRmlHc3hGenhp
ajV3V1gxYmtZWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMsyjANBgkqhkiG9w0BAQsFAAOCAQEANUu3vlfRQVs2
0TdfNXd84rwOaOI3CtAIbnkxehHFyjpwSJZ+CTYNU2oGrwsi3ee+s+frQSXB19fv
KLlVLWXO2hpn1CD/hykwuwonExKlsA7pK8pVPwDOhzCY1X07xSapxUtx2ADiJbC3
6zZNPIOimw8QC8KcbR67XswHZFi3rxiwGvqOQq3M4jWrHrXWzwIrNCBk7TCRm7jI
GE44axPzXqlNfzc99CPapcHexzd273WUPpiQPBoRV2pyUcliJfQfvmMQJNf3c+ke
XiOdaVt8HQop4ffEY7jFfTqqVzqazfHpDilKBJBNUDGSrPNKwZdb9C9qvUpcZMy0
8UyddEsD/Q==
-----END CERTIFICATE-----