This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/E7ur4fopzNr8vU-Utcfk0NH4lH0.cer
File:                     E7ur4fopzNr8vU-Utcfk0NH4lH0.cer (raw, json)
Hash identifier:          eOk8no98EjYp9jWSEsOcnQ91UelTBrCG1An3m+qEgYQ=
Subject key identifier:   13:BB:AB:E1:FA:29:CC:DA:FC:BD:4F:94:B5:C7:E4:D0:D1:F8:94:7D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B77C6F03E1B00620D26F97B7718E032E3
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/0e/360c74-f29d-4136-b400-40718e0e328d/1/E7ur4fopzNr8vU-Utcfk0NH4lH0.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/0e/360c74-f29d-4136-b400-40718e0e328d/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 04:18:04 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 212528
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:c6:f0:3e:1b:00:62:0d:26:f9:7b:77:18:e0:32:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 04:18:04 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=13bbabe1fa29ccdafcbd4f94b5c7e4d0d1f8947d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:50:4b:e8:44:66:f8:d5:eb:f7:0f:16:b1:b0:
                    e2:0d:7d:51:98:42:71:56:4f:62:06:a8:65:de:bf:
                    09:89:ea:db:1c:86:1c:fe:b1:97:ee:af:b0:19:1c:
                    2e:cd:87:6c:46:8b:7a:14:85:44:2a:8a:4f:a5:c4:
                    29:29:b2:58:18:03:a4:ea:90:3f:45:f2:24:80:ec:
                    56:87:cf:b7:54:58:16:49:09:60:ee:00:a5:ff:51:
                    7e:ce:54:38:d1:08:4e:db:a7:72:66:ff:88:1c:71:
                    23:83:9a:f7:35:f8:b6:0d:d7:43:60:d4:c4:1d:e1:
                    da:ad:fa:ed:79:af:5c:8f:ee:ac:05:1d:fd:b4:94:
                    5f:87:4d:ff:48:bb:74:b0:51:9b:50:11:b9:02:52:
                    d2:5e:5d:dc:0c:7f:7a:12:de:56:53:a2:83:07:4f:
                    6a:94:29:55:fd:4c:11:1c:70:4b:05:82:7f:33:2f:
                    05:d1:fd:19:99:ca:fe:38:c0:cc:d5:63:16:40:37:
                    ee:1c:b4:b3:23:01:bd:f3:25:45:c5:43:8a:83:65:
                    9d:62:94:a5:39:4f:fd:bf:53:c0:15:a9:d7:ab:c4:
                    10:d3:23:cc:7a:19:8e:32:44:42:4b:af:3d:9f:6c:
                    bc:bd:e9:cd:98:17:78:4a:f0:76:6e:90:fb:7f:e0:
                    99:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:BB:AB:E1:FA:29:CC:DA:FC:BD:4F:94:B5:C7:E4:D0:D1:F8:94:7D
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/360c74-f29d-4136-b400-40718e0e328d/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/360c74-f29d-4136-b400-40718e0e328d/1/E7ur4fopzNr8vU-Utcfk0NH4lH0.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  212528

    Signature Algorithm: sha256WithRSAEncryption
         2e:2d:2f:3f:d9:1f:9b:00:ae:3c:76:02:04:5e:b6:35:40:57:
         a0:17:a3:e9:37:7f:0f:4f:02:dd:20:6c:d7:68:26:63:aa:a7:
         5c:89:a0:5e:29:4e:00:dc:28:00:30:df:45:ba:b6:4a:ef:71:
         4b:91:78:1f:4c:cb:1b:a7:6e:cb:c0:fc:cd:f0:6c:84:b7:b3:
         21:dc:2c:c8:f5:b5:7b:2f:72:ac:4d:29:9d:c2:42:6c:71:54:
         e6:70:05:d1:1c:f4:3a:b4:b2:2a:1f:82:c7:4f:27:de:86:04:
         ff:04:32:7e:12:1b:9b:20:52:b6:3d:b4:40:9e:c9:68:46:d3:
         69:50:28:d8:a8:76:ab:e6:59:7c:25:7c:42:53:5f:f3:c3:ff:
         30:01:0d:8a:48:3d:df:b3:c2:37:3a:46:46:9c:d3:9c:60:8a:
         3a:c7:9e:63:31:89:0b:81:d3:fe:e1:22:75:62:01:60:2f:7d:
         47:5b:f7:1a:46:13:7e:24:d5:11:24:45:b0:fe:b1:11:25:1d:
         74:07:62:8b:02:7e:62:16:d3:e3:39:58:7a:a8:e0:0b:fc:5e:
         b3:80:91:51:41:5e:b7:a9:f2:07:e5:1b:7f:89:fd:90:5f:41:
         3e:8c:5e:79:1a:74:1e:36:fc:8c:1e:9f:75:4e:36:5c:b1:86:
         79:95:49:56
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt3xvA+GwBiDSb5e3cY4DLjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMDQxODA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2JiYWJlMWZhMjljY2RhZmNiZDRmOTRiNWM3ZTRkMGQxZjg5NDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVBL6ERm+NXr9w8WsbDiDX1RmEJx
Vk9iBqhl3r8JierbHIYc/rGX7q+wGRwuzYdsRot6FIVEKopPpcQpKbJYGAOk6pA/
RfIkgOxWh8+3VFgWSQlg7gCl/1F+zlQ40QhO26dyZv+IHHEjg5r3Nfi2DddDYNTE
HeHarfrtea9cj+6sBR39tJRfh03/SLt0sFGbUBG5AlLSXl3cDH96Et5WU6KDB09q
lClV/UwRHHBLBYJ/My8F0f0Zmcr+OMDM1WMWQDfuHLSzIwG98yVFxUOKg2WdYpSl
OU/9v1PAFanXq8QQ0yPMehmOMkRCS689n2y8venNmBd4SvB2bpD7f+CZqwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFBO7q+H6Kcza/L1PlLXH5NDR+JR9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBlLzM2MGM3
NC1mMjlkLTQxMzYtYjQwMC00MDcxOGUwZTMyOGQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUvMzYwYzc0
LWYyOWQtNDEzNi1iNDAwLTQwNzE4ZTBlMzI4ZC8xL0U3dXI0Zm9wek5yOHZVLVV0
Y2ZrME5INGxIMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwM+MDANBgkqhkiG9w0BAQsFAAOCAQEALi0vP9kfmwCu
PHYCBF62NUBXoBej6Td/D08C3SBs12gmY6qnXImgXilOANwoADDfRbq2Su9xS5F4
H0zLG6duy8D8zfBshLezIdwsyPW1ey9yrE0pncJCbHFU5nAF0Rz0OrSyKh+Cx08n
3oYE/wQyfhIbmyBStj20QJ7JaEbTaVAo2Kh2q+ZZfCV8QlNf88P/MAENikg937PC
NzpGRpzTnGCKOseeYzGJC4HT/uEidWIBYC99R1v3GkYTfiTVESRFsP6xESUddAdi
iwJ+YhbT4zlYeqjgC/xes4CRUUFet6nyB+Ubf4n9kF9BPoxeeRp0Hjb8jB6fdU42
XLGGeZVJVg==
-----END CERTIFICATE-----