This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/EVVnl9qc5x7sKV81sAhZuQzoxfA.cer
File:                     EVVnl9qc5x7sKV81sAhZuQzoxfA.cer (raw, json)
Hash identifier:          8mQLRtpHYcFbCDiyUtlY6ZMNsQY/cwcUlQ7QVK+6b9Y=
Subject key identifier:   11:55:67:97:DA:9C:E7:1E:EC:29:5F:35:B0:08:59:B9:0C:E8:C5:F0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019BFA02902778DFDF707A0184B3A7D0FE46
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/f2/4696e5-fcec-44a0-8f03-1eeda9a9ff8f/1/EVVnl9qc5x7sKV81sAhZuQzoxfA.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/f2/4696e5-fcec-44a0-8f03-1eeda9a9ff8f/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 26 Jan 2026 11:13:50 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    IP: 193.168.0.0/24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 06:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:fa:02:90:27:78:df:df:70:7a:01:84:b3:a7:d0:fe:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan 26 11:13:50 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=11556797da9ce71eec295f35b00859b90ce8c5f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:5c:11:16:e1:11:35:0c:43:4f:0a:fb:9c:08:
                    47:a4:b0:82:df:45:61:4a:c5:8d:3a:ba:72:de:87:
                    8c:00:84:e7:4c:08:96:83:6a:0b:cb:ca:fb:be:7f:
                    0b:ac:39:47:44:77:ce:b1:c3:cf:31:3b:4d:ce:89:
                    5d:95:27:73:c7:aa:51:b7:ad:d8:fe:a4:e6:99:37:
                    6a:12:a9:e0:fc:a4:53:fa:ed:71:4a:11:53:da:21:
                    74:d1:f5:f7:6b:b7:4d:9d:1a:d4:a7:59:45:df:75:
                    45:b9:ae:ee:a0:73:fe:2a:e0:8b:7a:5b:44:83:3b:
                    14:07:21:dd:73:df:5e:81:c9:ab:4a:2b:9c:76:a7:
                    16:cd:24:23:07:5d:6d:eb:53:a8:33:e1:9f:f0:8e:
                    f2:9c:c2:53:7e:af:c8:e1:b8:87:05:d5:af:a3:f7:
                    5d:fa:4a:3e:ec:4b:83:4d:aa:2e:34:44:aa:96:66:
                    0b:2a:b1:fc:04:cf:2d:e1:76:64:25:93:fe:28:9d:
                    99:c1:b2:71:78:e5:51:ac:64:dd:ac:b9:da:96:f6:
                    ac:bf:97:a8:f9:8b:a1:67:5d:c3:c2:39:8b:73:e0:
                    41:39:18:8e:41:b0:c6:0c:c5:07:97:67:7e:9f:50:
                    fb:31:dd:3c:84:1d:18:b8:07:a8:36:9f:e4:17:9b:
                    4c:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:55:67:97:DA:9C:E7:1E:EC:29:5F:35:B0:08:59:B9:0C:E8:C5:F0
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4696e5-fcec-44a0-8f03-1eeda9a9ff8f/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4696e5-fcec-44a0-8f03-1eeda9a9ff8f/1/EVVnl9qc5x7sKV81sAhZuQzoxfA.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.168.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:a0:7a:6b:73:44:f2:37:6a:9e:23:62:97:ff:76:2a:72:55:
         44:7a:b0:68:b9:ec:ab:b1:7f:d0:04:7a:a3:ee:fb:61:8a:6a:
         f6:b1:5b:4a:61:e2:97:28:13:4a:ef:7f:2b:7e:ce:69:ce:a7:
         d3:89:8a:e7:a4:bf:47:aa:de:a9:35:02:ff:a5:9d:b7:e3:b9:
         2d:9c:ae:72:60:aa:a7:15:cb:b7:48:b4:f1:ae:2a:51:ed:71:
         3c:1f:66:de:19:26:e1:d2:cc:1f:28:b0:31:df:24:b4:27:ff:
         d5:3e:72:17:76:4c:58:8d:9c:b6:1c:41:b8:f0:d9:ef:42:08:
         0a:ff:91:c1:94:95:17:cf:06:a9:22:10:2e:cb:7d:a3:b6:01:
         69:55:07:9f:97:52:07:b3:1c:69:f2:3a:fb:da:7a:82:75:6c:
         f5:31:6b:b3:36:6c:71:a6:aa:be:76:c2:bd:cf:ee:09:a5:8d:
         be:f4:68:7d:ec:8c:92:90:e2:c2:a5:e2:d0:19:6c:4e:fc:e9:
         eb:0d:0d:c7:57:65:73:35:91:31:d6:e3:4c:94:da:4d:d2:95:
         c9:8e:22:6b:13:ff:60:01:a8:56:1d:a4:18:63:fd:55:83:53:
         32:82:89:df:3e:d7:f4:b8:a3:23:45:5e:83:ff:a2:bc:b1:4d:
         fe:6c:60:cf
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZv6ApAneN/fcHoBhLOn0P5GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTI2MTExMzUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTU1Njc5N2RhOWNlNzFlZWMyOTVmMzViMDA4NTliOTBjZThjNWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVwRFuERNQxDTwr7nAhHpLCC30Vh
SsWNOrpy3oeMAITnTAiWg2oLy8r7vn8LrDlHRHfOscPPMTtNzoldlSdzx6pRt63Y
/qTmmTdqEqng/KRT+u1xShFT2iF00fX3a7dNnRrUp1lF33VFua7uoHP+KuCLeltE
gzsUByHdc99egcmrSiucdqcWzSQjB11t61OoM+Gf8I7ynMJTfq/I4biHBdWvo/dd
+ko+7EuDTaouNESqlmYLKrH8BM8t4XZkJZP+KJ2ZwbJxeOVRrGTdrLnalvasv5eo
+YuhZ13DwjmLc+BBORiOQbDGDMUHl2d+n1D7Md08hB0YuAeoNp/kF5tMDwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFBFVZ5fanOce7ClfNbAIWbkM6MXwMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YyLzQ2OTZl
NS1mY2VjLTQ0YTAtOGYwMy0xZWVkYTlhOWZmOGYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIvNDY5NmU1
LWZjZWMtNDRhMC04ZjAzLTFlZWRhOWE5ZmY4Zi8xL0VWVm5sOXFjNXg3c0tWODFz
QWhadVF6b3hmQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwagAMA0GCSqGSIb3DQEBCwUAA4IBAQBLoHpr
c0TyN2qeI2KX/3YqclVEerBoueyrsX/QBHqj7vthimr2sVtKYeKXKBNK738rfs5p
zqfTiYrnpL9Hqt6pNQL/pZ2347ktnK5yYKqnFcu3SLTxripR7XE8H2beGSbh0swf
KLAx3yS0J//VPnIXdkxYjZy2HEG48NnvQggK/5HBlJUXzwapIhAuy32jtgFpVQef
l1IHsxxp8jr72nqCdWz1MWuzNmxxpqq+dsK9z+4JpY2+9Gh97IySkOLCpeLQGWxO
/OnrDQ3HV2VzNZEx1uNMlNpN0pXJjiJrE/9gAahWHaQYY/1Vg1MygonfPtf0uKMj
RV6D/6K8sU3+bGDP
-----END CERTIFICATE-----