This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/A_g_WVVmnLCoGPusAnxoKurtXXI.cer
File:                     A_g_WVVmnLCoGPusAnxoKurtXXI.cer (raw, json)
Hash identifier:          kpgTVeWugKHR21mx3TE/N8SlBPG/sZk4izFgPlCd/AQ=
Subject key identifier:   03:F8:3F:59:55:66:9C:B0:A8:18:FB:AC:02:7C:68:2A:EA:ED:5D:72
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7EA69151D152782E519C8C772F1F6AF6
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/47/afbb0f-4a9a-4c30-8a62-f16f1a70ab2d/1/A_g_WVVmnLCoGPusAnxoKurtXXI.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/47/afbb0f-4a9a-4c30-8a62-f16f1a70ab2d/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 02 Jan 2026 12:20:04 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 35348
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:a6:91:51:d1:52:78:2e:51:9c:8c:77:2f:1f:6a:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 12:20:04 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=03f83f5955669cb0a818fbac027c682aeaed5d72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fa:62:88:03:06:b7:a7:f3:23:35:db:ee:5d:69:
                    bb:de:31:35:48:32:c2:64:3e:3e:36:06:27:43:e6:
                    dc:f4:c6:f8:6d:cd:6b:27:79:a3:3d:8d:dd:14:86:
                    3f:04:6f:50:99:12:97:59:d7:67:43:b1:55:ba:b9:
                    ce:1b:7f:ab:80:64:7a:ce:ef:3b:85:00:b8:98:e7:
                    3e:54:e4:a7:dd:83:58:80:1a:c0:f7:b8:6c:8c:22:
                    45:98:bc:3a:2a:77:79:34:38:b8:e5:2e:15:ea:07:
                    3b:c0:d5:19:e8:a2:e7:cb:d3:4a:25:d2:c8:33:da:
                    37:92:cf:43:18:dd:13:48:48:3d:4b:ac:63:19:24:
                    2e:90:e9:37:7e:14:7c:3f:ab:ab:a2:cc:95:ed:d7:
                    59:ab:05:91:75:03:67:78:ae:5f:6a:0b:f8:17:ee:
                    e6:a0:0d:0f:2b:e7:8a:ec:c1:d3:4e:c0:99:0b:cd:
                    47:dd:9e:84:60:92:d7:49:3d:7e:73:f6:61:b4:c1:
                    0f:b4:a2:f8:8e:ad:9f:84:e7:6a:0d:ce:c2:71:56:
                    e6:a2:6c:42:22:d1:63:0e:91:15:df:29:6f:b8:5f:
                    97:06:cf:1c:b1:b3:fa:a4:0b:26:96:70:63:9f:e5:
                    93:aa:5b:01:14:8e:0d:d4:d9:d0:a9:c9:bf:82:97:
                    2f:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:F8:3F:59:55:66:9C:B0:A8:18:FB:AC:02:7C:68:2A:EA:ED:5D:72
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/afbb0f-4a9a-4c30-8a62-f16f1a70ab2d/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/afbb0f-4a9a-4c30-8a62-f16f1a70ab2d/1/A_g_WVVmnLCoGPusAnxoKurtXXI.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  35348

    Signature Algorithm: sha256WithRSAEncryption
         a2:95:03:26:94:2f:80:11:fe:97:e3:e4:0c:17:0b:04:03:8c:
         06:60:72:1b:d7:df:bc:bb:88:62:a8:84:78:34:50:39:59:9c:
         98:74:75:60:cd:dc:27:25:79:84:76:ad:d2:62:ed:b5:93:d5:
         51:9b:da:86:44:a7:21:4d:75:86:93:fa:b0:f6:c8:cb:d8:b4:
         c4:b1:a4:77:ed:bd:0d:bf:37:84:85:a7:6a:01:f7:e9:df:9e:
         4c:21:cf:2c:84:9a:8c:e7:79:27:50:bb:65:de:8f:43:27:9a:
         65:e2:d1:de:b5:3a:7c:70:c4:a2:69:72:b5:27:c8:db:09:0a:
         92:f8:a0:88:53:83:c6:30:c3:82:b7:bb:97:4b:e2:71:9c:ed:
         4a:08:5b:3b:97:b4:84:04:31:3b:d3:c7:49:7b:f4:8a:9b:82:
         66:86:eb:cd:49:92:c9:1c:8a:86:7b:e9:ee:4a:9b:d7:91:70:
         1d:65:8b:f8:e3:9a:d4:ac:f6:7f:3b:70:f8:9a:4d:09:c6:a7:
         35:ec:99:81:36:13:eb:64:f7:4c:53:1c:9b:f3:69:67:10:c5:
         56:7c:a1:47:05:85:64:aa:3a:95:33:0c:d2:8b:26:79:fe:ed:
         22:4e:20:02:13:3d:f6:7e:dc:a1:2c:45:f1:ef:1e:b8:42:2e:
         c9:0f:68:3f
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt+ppFR0VJ4LlGcjHcvH2r2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMTIyMDA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2Y4M2Y1OTU1NjY5Y2IwYTgxOGZiYWMwMjdjNjgyYWVhZWQ1ZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+mKIAwa3p/MjNdvuXWm73jE1SDLC
ZD4+NgYnQ+bc9Mb4bc1rJ3mjPY3dFIY/BG9QmRKXWddnQ7FVurnOG3+rgGR6zu87
hQC4mOc+VOSn3YNYgBrA97hsjCJFmLw6Knd5NDi45S4V6gc7wNUZ6KLny9NKJdLI
M9o3ks9DGN0TSEg9S6xjGSQukOk3fhR8P6urosyV7ddZqwWRdQNneK5fagv4F+7m
oA0PK+eK7MHTTsCZC81H3Z6EYJLXST1+c/ZhtMEPtKL4jq2fhOdqDc7CcVbmomxC
ItFjDpEV3ylvuF+XBs8csbP6pAsmlnBjn+WTqlsBFI4N1NnQqcm/gpcvmQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFAP4P1lVZpywqBj7rAJ8aCrq7V1yMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ3L2FmYmIw
Zi00YTlhLTRjMzAtOGE2Mi1mMTZmMWE3MGFiMmQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcvYWZiYjBm
LTRhOWEtNGMzMC04YTYyLWYxNmYxYTcwYWIyZC8xL0FfZ19XVlZtbkxDb0dQdXNB
bnhvS3VydFhYSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCKFDANBgkqhkiG9w0BAQsFAAOCAQEAopUDJpQvgBH+
l+PkDBcLBAOMBmByG9ffvLuIYqiEeDRQOVmcmHR1YM3cJyV5hHat0mLttZPVUZva
hkSnIU11hpP6sPbIy9i0xLGkd+29Db83hIWnagH36d+eTCHPLISajOd5J1C7Zd6P
QyeaZeLR3rU6fHDEomlytSfI2wkKkvigiFODxjDDgre7l0vicZztSghbO5e0hAQx
O9PHSXv0ipuCZobrzUmSyRyKhnvp7kqb15FwHWWL+OOa1Kz2fztw+JpNCcanNeyZ
gTYT62T3TFMcm/NpZxDFVnyhRwWFZKo6lTMM0osmef7tIk4gAhM99n7coSxF8e8e
uEIuyQ9oPw==
-----END CERTIFICATE-----