This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Iz0j_i9zjlPnNQwnwS44KEvNqH0.cer
File:                     Iz0j_i9zjlPnNQwnwS44KEvNqH0.cer (raw, json)
Hash identifier:          1lKQhHUAZy+YEMxEPvlmncfOoCH0aMRK6V3h8bgRc5I=
Subject key identifier:   23:3D:23:FE:2F:73:8E:53:E7:35:0C:27:C1:2E:38:28:4B:CD:A8:7D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B9AAB3DA4E769E330DE75398F02D544C7
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/15/4f454f-0de4-4ac7-b5ca-2e4154f3950d/1/Iz0j_i9zjlPnNQwnwS44KEvNqH0.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/15/4f454f-0de4-4ac7-b5ca-2e4154f3950d/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 07 Jan 2026 22:54:32 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 210557
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 Jan 2026 00:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:9a:ab:3d:a4:e7:69:e3:30:de:75:39:8f:02:d5:44:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  7 22:54:32 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=233d23fe2f738e53e7350c27c12e38284bcda87d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:9d:a3:78:4d:ad:7a:19:fa:1f:99:be:64:08:
                    65:59:ed:c2:df:bd:27:bf:7d:a1:2f:e3:53:91:85:
                    fd:bb:16:9b:d2:09:f2:5c:d4:88:e8:8c:ce:3f:e5:
                    c3:51:c1:55:78:8b:c5:10:ea:f6:d0:9f:0e:c5:9f:
                    02:de:8c:76:ca:78:1a:27:58:c6:c2:7f:f4:ee:1d:
                    9f:51:96:d6:9e:9b:8b:a1:e5:b4:7a:87:b7:72:a3:
                    d5:9f:89:59:4f:bb:f7:41:78:3a:97:f8:1f:06:4a:
                    bd:a2:81:ea:9d:97:5c:7b:b6:0d:50:e0:2d:3f:e4:
                    e3:c5:5c:03:0f:97:93:81:0b:20:ea:9e:ea:d9:0d:
                    24:71:9d:1f:33:f0:40:f2:ac:cc:89:75:2c:13:fd:
                    2d:50:f0:53:85:3d:ba:ab:19:e6:d2:df:71:e1:aa:
                    bb:f9:69:d7:4c:1a:cf:4b:ab:f6:c0:62:52:03:a3:
                    ce:ab:1f:88:23:8f:a0:14:bf:60:ad:85:51:7a:f7:
                    7f:dc:31:14:d8:e6:a7:cd:8d:ca:a6:1b:70:83:b9:
                    44:9c:79:ba:09:75:31:c9:f6:c5:f0:51:d6:97:64:
                    67:b3:bc:c2:1a:ef:05:33:f1:17:d1:82:6a:ca:fc:
                    aa:5c:49:5e:23:73:f1:d5:5c:d4:22:29:98:b6:75:
                    44:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:3D:23:FE:2F:73:8E:53:E7:35:0C:27:C1:2E:38:28:4B:CD:A8:7D
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4f454f-0de4-4ac7-b5ca-2e4154f3950d/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4f454f-0de4-4ac7-b5ca-2e4154f3950d/1/Iz0j_i9zjlPnNQwnwS44KEvNqH0.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  210557

    Signature Algorithm: sha256WithRSAEncryption
         44:2e:f8:db:8f:24:1e:8e:a2:91:ea:2d:9f:ab:f2:dc:c1:85:
         ee:af:24:03:4e:57:8a:37:03:79:c6:8a:73:ea:cf:23:d4:1e:
         ba:5a:d7:27:d1:21:39:cf:a7:be:26:f9:9e:7d:20:4d:13:a3:
         4d:15:5a:37:a7:a4:41:a2:fa:29:d2:ed:52:73:93:92:d6:ca:
         28:fe:96:ce:bf:ac:d5:70:4e:29:cd:2c:66:99:1c:ac:5a:07:
         c4:20:8b:e7:0e:1f:01:b6:90:55:4b:b5:c9:0e:1b:0e:47:5e:
         a1:d4:72:c8:c1:2e:0a:03:e6:ee:f0:8a:c7:03:68:85:9d:44:
         ae:79:dd:c2:cb:0c:ec:98:54:b3:58:cf:b5:1f:d5:fb:bb:a3:
         8e:ed:3f:63:ff:f1:2b:01:fa:78:e8:b2:53:71:d3:a0:75:34:
         92:21:90:91:f8:c1:fb:61:4d:3e:ea:55:76:0f:e7:9f:ef:58:
         3d:af:c4:59:d9:0b:ce:0c:2e:ad:1c:af:ab:0a:f1:49:b0:68:
         2c:26:ad:2a:f5:9a:f2:5e:c6:31:9a:92:25:c9:56:5c:8a:97:
         6c:c1:5c:f9:f0:e4:eb:7b:77:37:55:e3:27:bf:1d:35:ba:ec:
         64:b3:9b:36:2b:08:05:4b:59:8d:95:77:cd:7e:97:77:46:7b:
         01:95:95:e4
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZuaqz2k52njMN51OY8C1UTHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTA3MjI1NDMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzNkMjNmZTJmNzM4ZTUzZTczNTBjMjdjMTJlMzgyODRiY2RhODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwp2jeE2tehn6H5m+ZAhlWe3C370n
v32hL+NTkYX9uxab0gnyXNSI6IzOP+XDUcFVeIvFEOr20J8OxZ8C3ox2yngaJ1jG
wn/07h2fUZbWnpuLoeW0eoe3cqPVn4lZT7v3QXg6l/gfBkq9ooHqnZdce7YNUOAt
P+TjxVwDD5eTgQsg6p7q2Q0kcZ0fM/BA8qzMiXUsE/0tUPBThT26qxnm0t9x4aq7
+WnXTBrPS6v2wGJSA6POqx+II4+gFL9grYVRevd/3DEU2OanzY3Kphtwg7lEnHm6
CXUxyfbF8FHWl2Rns7zCGu8FM/EX0YJqyvyqXEleI3Px1VzUIimYtnVEPQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFCM9I/4vc45T5zUMJ8EuOChLzah9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE1LzRmNDU0
Zi0wZGU0LTRhYzctYjVjYS0yZTQxNTRmMzk1MGQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUvNGY0NTRm
LTBkZTQtNGFjNy1iNWNhLTJlNDE1NGYzOTUwZC8xL0l6MGpfaTl6amxQbk5Rd253
UzQ0S0V2TnFIMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwM2fTANBgkqhkiG9w0BAQsFAAOCAQEARC74248kHo6i
keotn6vy3MGF7q8kA05XijcDecaKc+rPI9QeulrXJ9EhOc+nvib5nn0gTROjTRVa
N6ekQaL6KdLtUnOTktbKKP6Wzr+s1XBOKc0sZpkcrFoHxCCL5w4fAbaQVUu1yQ4b
DkdeodRyyMEuCgPm7vCKxwNohZ1ErnndwssM7JhUs1jPtR/V+7ujju0/Y//xKwH6
eOiyU3HToHU0kiGQkfjB+2FNPupVdg/nn+9YPa/EWdkLzgwurRyvqwrxSbBoLCat
KvWa8l7GMZqSJclWXIqXbMFc+fDk63t3N1XjJ78dNbrsZLObNisIBUtZjZV3zX6X
d0Z7AZWV5A==
-----END CERTIFICATE-----