This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Fm9ncLp34DLn59HXMtl1AkHhGfk.cer
File:                     Fm9ncLp34DLn59HXMtl1AkHhGfk.cer (raw, json)
Hash identifier:          kb8AbdfeSr4T2n6IrQlTXxzaZxMLAC6eBwLTUi3l0ys=
Subject key identifier:   16:6F:67:70:BA:77:E0:32:E7:E7:D1:D7:32:D9:75:02:41:E1:19:F9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7F14CBB68581C272A7F7B4A5334EB7F9
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/13/7bdc41-1875-4e50-b3d4-069c10dafb07/1/Fm9ncLp34DLn59HXMtl1AkHhGfk.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/13/7bdc41-1875-4e50-b3d4-069c10dafb07/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 02 Jan 2026 14:20:27 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    IP: 193.164.155.0/24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 05 Feb 2026 18:00:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:14:cb:b6:85:81:c2:72:a7:f7:b4:a5:33:4e:b7:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 14:20:27 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=166f6770ba77e032e7e7d1d732d9750241e119f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:60:bd:21:a1:32:93:36:ed:1c:73:7b:a0:9d:
                    bf:29:73:55:c4:13:f4:45:93:fa:d4:98:cd:fe:3a:
                    03:e2:97:3b:af:e4:7e:fa:7a:9d:27:a0:c4:3c:9c:
                    ef:de:1d:33:1e:01:f9:ab:e0:f6:85:65:9b:d0:92:
                    d6:79:b5:10:66:98:3c:04:dd:86:0a:75:cc:88:a1:
                    13:f2:91:0b:7c:7d:05:fe:f2:62:63:78:53:86:33:
                    a2:14:ab:11:09:e4:78:4b:1c:d8:9d:c1:46:27:ed:
                    49:73:3d:e0:be:11:84:fd:3d:62:12:c4:e2:7b:47:
                    ed:24:2a:8f:51:7a:d8:63:4c:71:b0:64:e7:6a:06:
                    f7:ba:8a:a3:6e:cf:cf:13:cb:b2:09:ae:a1:7d:64:
                    e1:41:f0:39:cb:11:83:36:cd:31:f6:9c:c6:09:b1:
                    06:ce:69:66:bb:ec:36:73:d5:26:4a:d3:9e:f9:c3:
                    31:37:83:c4:62:06:92:8d:51:4a:31:3e:1f:53:1d:
                    a4:ca:c1:f8:5e:bf:4d:ca:9d:b8:1e:02:d3:b8:4b:
                    af:21:a3:0f:1c:48:a2:f8:a3:f0:30:16:a6:63:41:
                    53:32:48:c7:57:20:14:4e:68:85:13:eb:8b:f4:d4:
                    51:74:41:da:ff:9e:43:8d:05:81:7a:83:7a:56:f1:
                    c2:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:6F:67:70:BA:77:E0:32:E7:E7:D1:D7:32:D9:75:02:41:E1:19:F9
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/7bdc41-1875-4e50-b3d4-069c10dafb07/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/7bdc41-1875-4e50-b3d4-069c10dafb07/1/Fm9ncLp34DLn59HXMtl1AkHhGfk.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.164.155.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:d0:6f:ea:30:da:c8:3e:86:a1:c6:c4:a2:5a:23:d3:c6:c7:
         e1:dd:e1:70:36:2a:7d:cd:77:4a:f7:1e:a8:94:ee:cc:13:be:
         cf:80:85:ba:d4:54:ac:70:13:81:82:a6:b3:8d:fb:4f:9b:84:
         67:da:70:cc:9a:0f:ef:f3:63:87:c7:f3:2a:fc:5c:99:04:ab:
         4e:ba:5f:61:2a:19:5a:9a:55:26:e2:60:70:c7:2d:89:eb:9d:
         c3:e9:62:14:b0:f5:3d:70:81:a0:ad:17:d9:71:17:62:b8:eb:
         a7:06:62:d0:d2:dc:36:68:ba:69:73:3c:26:7b:10:24:94:11:
         68:b1:27:0a:7f:e6:81:35:f4:94:ea:d2:29:72:e3:78:3d:c0:
         b0:d2:2a:58:fa:8d:92:b4:f3:7e:27:ab:94:f0:79:cc:38:88:
         20:e8:ed:ae:d7:5f:1c:07:73:41:0f:10:be:ec:3a:18:56:b3:
         93:eb:ca:f3:2a:41:7a:85:69:63:82:7b:59:32:3b:2d:cd:bf:
         1b:c6:96:14:a3:85:eb:1a:01:fc:5f:15:67:39:5e:52:12:ab:
         de:32:0a:74:95:8c:35:64:70:f4:13:64:6a:1c:79:98:ad:f7:
         27:05:a4:20:9b:dc:a4:57:81:46:c6:75:2c:ac:01:d9:58:d4:
         21:4e:91:05
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZt/FMu2hYHCcqf3tKUzTrf5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMTQyMDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjZmNjc3MGJhNzdlMDMyZTdlN2QxZDczMmQ5NzUwMjQxZTExOWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1WC9IaEykzbtHHN7oJ2/KXNVxBP0
RZP61JjN/joD4pc7r+R++nqdJ6DEPJzv3h0zHgH5q+D2hWWb0JLWebUQZpg8BN2G
CnXMiKET8pELfH0F/vJiY3hThjOiFKsRCeR4SxzYncFGJ+1Jcz3gvhGE/T1iEsTi
e0ftJCqPUXrYY0xxsGTnagb3uoqjbs/PE8uyCa6hfWThQfA5yxGDNs0x9pzGCbEG
zmlmu+w2c9UmStOe+cMxN4PEYgaSjVFKMT4fUx2kysH4Xr9Nyp24HgLTuEuvIaMP
HEii+KPwMBamY0FTMkjHVyAUTmiFE+uL9NRRdEHa/55DjQWBeoN6VvHC6wIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFBZvZ3C6d+Ay5+fR1zLZdQJB4Rn5MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEzLzdiZGM0
MS0xODc1LTRlNTAtYjNkNC0wNjljMTBkYWZiMDcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMvN2JkYzQx
LTE4NzUtNGU1MC1iM2Q0LTA2OWMxMGRhZmIwNy8xL0ZtOW5jTHAzNERMbjU5SFhN
dGwxQWtIaEdmay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwaSbMA0GCSqGSIb3DQEBCwUAA4IBAQAr0G/q
MNrIPoahxsSiWiPTxsfh3eFwNip9zXdK9x6olO7ME77PgIW61FSscBOBgqazjftP
m4Rn2nDMmg/v82OHx/Mq/FyZBKtOul9hKhlamlUm4mBwxy2J653D6WIUsPU9cIGg
rRfZcRdiuOunBmLQ0tw2aLppczwmexAklBFosScKf+aBNfSU6tIpcuN4PcCw0ipY
+o2StPN+J6uU8HnMOIgg6O2u118cB3NBDxC+7DoYVrOT68rzKkF6hWljgntZMjst
zb8bxpYUo4XrGgH8XxVnOV5SEqveMgp0lYw1ZHD0E2RqHHmYrfcnBaQgm9ykV4FG
xnUsrAHZWNQhTpEF
-----END CERTIFICATE-----