This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/BV1ugjSUcsyv0KBp9Xj2R8MKmEY.cer
File:                     BV1ugjSUcsyv0KBp9Xj2R8MKmEY.cer (raw, json)
Hash identifier:          Cs1QIZlJZD9iGxiUx1TN3isv8xh3ucipO1or5K56Sow=
Subject key identifier:   05:5D:6E:82:34:94:72:CC:AF:D0:A0:69:F5:78:F6:47:C3:0A:98:46
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7F159D4C19A07D483BF62CC0D7434A3C
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/d5/880a54-d301-492d-acba-5aae3ab78995/1/BV1ugjSUcsyv0KBp9Xj2R8MKmEY.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/d5/880a54-d301-492d-acba-5aae3ab78995/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 02 Jan 2026 14:21:21 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 202043
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:15:9d:4c:19:a0:7d:48:3b:f6:2c:c0:d7:43:4a:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 14:21:21 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=055d6e82349472ccafd0a069f578f647c30a9846
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:9f:af:65:04:fb:d8:77:d3:38:d4:4c:a1:60:
                    d8:c1:d1:53:f7:27:ec:3f:29:f8:a3:b2:3a:20:15:
                    7a:e7:c8:be:ba:dd:73:7c:19:a7:a3:1a:f6:12:14:
                    e4:ad:6f:06:f3:fb:7a:b1:44:a7:a0:f1:ba:af:0f:
                    b0:e6:f2:c1:6e:36:69:00:be:52:24:b6:ee:c1:84:
                    ca:3b:00:70:74:77:fb:c1:85:83:3a:e2:f9:95:31:
                    3d:f6:f8:bb:4c:5f:ad:92:2c:92:7d:af:6a:56:0f:
                    af:a3:92:34:58:01:a1:76:4a:91:11:93:a8:cf:26:
                    7a:a0:7b:94:9a:93:da:ac:1b:1e:dd:d6:17:5d:90:
                    89:51:e6:98:38:2f:48:85:f4:c2:65:5f:34:53:ae:
                    15:ac:58:86:9f:aa:85:0c:68:d1:d0:d0:5b:2e:f9:
                    28:f4:c8:96:36:08:e5:44:ff:19:42:34:b9:ca:d5:
                    e1:3d:3f:3d:98:f0:ac:0a:6c:0e:91:a3:b0:cd:86:
                    fd:73:8c:d9:66:03:c3:49:24:78:e3:0f:8b:76:e5:
                    2d:c5:15:eb:96:b1:41:5e:64:6f:a3:5c:f9:a4:de:
                    20:27:84:2b:2e:e2:fd:36:6a:77:5a:0e:13:de:5f:
                    ec:a7:86:b2:bd:7d:f3:64:7d:9b:d3:4d:20:a5:7e:
                    54:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:5D:6E:82:34:94:72:CC:AF:D0:A0:69:F5:78:F6:47:C3:0A:98:46
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/880a54-d301-492d-acba-5aae3ab78995/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/880a54-d301-492d-acba-5aae3ab78995/1/BV1ugjSUcsyv0KBp9Xj2R8MKmEY.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  202043

    Signature Algorithm: sha256WithRSAEncryption
         2d:c9:2b:1b:96:04:9a:08:5a:3d:53:d4:e4:2e:d1:bb:12:b4:
         f8:47:ab:ed:e4:a6:5f:c4:27:84:6f:70:20:de:12:47:c5:7b:
         70:d1:20:27:f7:c0:5f:db:77:8a:5b:64:7f:cd:80:76:12:9c:
         e8:de:3c:8f:aa:01:00:14:8c:8c:1f:37:0a:e1:c0:5c:fd:dd:
         d3:e6:79:39:ee:59:d4:c6:0d:ac:2e:14:b5:8d:0d:51:cc:2a:
         9c:f4:41:dc:7f:25:00:4f:1c:81:f2:cf:d5:08:cf:41:fc:b3:
         92:33:b4:a7:f1:9f:a8:f4:8a:d2:6c:dd:b7:84:fc:eb:8e:6e:
         7d:4b:5a:39:be:a7:3c:26:15:7f:f2:03:d9:b7:f0:a7:14:9d:
         ca:c8:c8:13:25:8b:02:50:dc:7d:4c:1a:f3:40:e8:4c:7e:05:
         4f:24:e2:af:31:9a:f2:fa:31:7c:6d:31:ad:33:60:14:1b:d0:
         95:4a:28:03:4f:b9:e3:49:27:82:2f:67:f2:75:8f:bc:2b:d4:
         a5:93:6e:16:34:9f:9e:8c:f3:6d:92:c8:c8:12:41:ae:e7:af:
         90:d6:be:53:16:c3:36:c7:1c:f8:9b:2b:a8:87:38:6b:eb:dc:
         c1:74:6d:7d:e0:a2:ff:7a:4d:6a:39:b0:09:6b:72:94:28:d8:
         11:70:6b:94
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt/FZ1MGaB9SDv2LMDXQ0o8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMTQyMTIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTVkNmU4MjM0OTQ3MmNjYWZkMGEwNjlmNTc4ZjY0N2MzMGE5ODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJ+vZQT72HfTONRMoWDYwdFT9yfs
Pyn4o7I6IBV658i+ut1zfBmnoxr2EhTkrW8G8/t6sUSnoPG6rw+w5vLBbjZpAL5S
JLbuwYTKOwBwdHf7wYWDOuL5lTE99vi7TF+tkiySfa9qVg+vo5I0WAGhdkqREZOo
zyZ6oHuUmpParBse3dYXXZCJUeaYOC9IhfTCZV80U64VrFiGn6qFDGjR0NBbLvko
9MiWNgjlRP8ZQjS5ytXhPT89mPCsCmwOkaOwzYb9c4zZZgPDSSR44w+LduUtxRXr
lrFBXmRvo1z5pN4gJ4QrLuL9Nmp3Wg4T3l/sp4ayvX3zZH2b000gpX5U0QIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFAVdboI0lHLMr9CgafV49kfDCphGMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q1Lzg4MGE1
NC1kMzAxLTQ5MmQtYWNiYS01YWFlM2FiNzg5OTUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUvODgwYTU0
LWQzMDEtNDkyZC1hY2JhLTVhYWUzYWI3ODk5NS8xL0JWMXVnalNVY3N5djBLQnA5
WGoyUjhNS21FWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMVOzANBgkqhkiG9w0BAQsFAAOCAQEALckrG5YEmgha
PVPU5C7RuxK0+Eer7eSmX8QnhG9wIN4SR8V7cNEgJ/fAX9t3iltkf82AdhKc6N48
j6oBABSMjB83CuHAXP3d0+Z5Oe5Z1MYNrC4UtY0NUcwqnPRB3H8lAE8cgfLP1QjP
QfyzkjO0p/GfqPSK0mzdt4T8645ufUtaOb6nPCYVf/ID2bfwpxSdysjIEyWLAlDc
fUwa80DoTH4FTyTirzGa8voxfG0xrTNgFBvQlUooA0+540kngi9n8nWPvCvUpZNu
FjSfnozzbZLIyBJBruevkNa+UxbDNscc+JsrqIc4a+vcwXRtfeCi/3pNajmwCWty
lCjYEXBrlA==
-----END CERTIFICATE-----