This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/JGv0aYcy2l-8fCAC9jlnxo9W22w.cer
File:                     JGv0aYcy2l-8fCAC9jlnxo9W22w.cer (raw, json)
Hash identifier:          2hZ0ri62XT00WVi8lIjr23h8MZKwxBtxL0eO1C3FmWE=
Subject key identifier:   24:6B:F4:69:87:32:DA:5F:BC:7C:20:02:F6:39:67:C6:8F:56:DB:6C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B76EB04523915F65E9941A1F829F64442
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/18/2f9666-904a-4622-9066-f5122bac14aa/1/JGv0aYcy2l-8fCAC9jlnxo9W22w.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/18/2f9666-904a-4622-9066-f5122bac14aa/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 00:17:52 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 216392
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 14:10:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:76:eb:04:52:39:15:f6:5e:99:41:a1:f8:29:f6:44:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 00:17:52 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=246bf4698732da5fbc7c2002f63967c68f56db6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:57:ec:b9:cf:b1:22:de:21:f4:3e:8e:16:47:
                    14:96:01:84:34:c5:10:2b:c7:ef:26:f1:d8:81:23:
                    30:c3:c3:84:75:ef:a5:bd:9a:16:ff:08:82:16:6a:
                    20:e7:ab:ea:84:bf:01:85:ae:d7:38:62:78:30:3c:
                    44:24:85:16:bb:a9:0f:36:62:91:27:a0:e7:0f:53:
                    0b:c9:e9:de:1e:df:c3:61:09:82:dc:72:8d:7e:91:
                    ab:71:ec:ba:d1:92:0c:18:98:2b:41:7b:81:27:08:
                    b0:b3:18:e0:bc:bd:8b:66:44:74:9e:cf:dd:50:4f:
                    35:21:fc:f9:41:08:f7:de:1e:ec:b0:54:64:78:95:
                    a0:71:9b:bc:2a:bc:ed:49:82:85:26:62:25:48:38:
                    90:3d:25:08:2d:0a:0f:07:2b:ca:8f:da:08:c0:88:
                    80:f4:57:1e:cf:c5:4d:cd:1f:10:a8:0a:e6:d6:ec:
                    60:84:ea:3d:98:ee:3a:90:f4:e5:e9:a6:a3:78:9d:
                    8f:20:4e:3e:f0:83:06:b4:93:3e:bf:a6:e7:f7:fd:
                    5b:f4:b0:07:28:70:d2:81:0b:d9:32:2f:94:17:c7:
                    ad:30:f4:58:14:43:95:3a:1a:84:0e:c8:86:1d:cf:
                    d6:bb:05:9e:a3:9e:6b:9d:7d:17:b3:04:33:81:57:
                    db:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:6B:F4:69:87:32:DA:5F:BC:7C:20:02:F6:39:67:C6:8F:56:DB:6C
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/2f9666-904a-4622-9066-f5122bac14aa/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/2f9666-904a-4622-9066-f5122bac14aa/1/JGv0aYcy2l-8fCAC9jlnxo9W22w.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  216392

    Signature Algorithm: sha256WithRSAEncryption
         4c:82:02:9c:b7:25:50:2b:42:1c:e8:c8:b5:b9:19:b1:15:b9:
         d1:59:a3:a0:c9:17:55:9c:7e:7c:94:cf:28:48:75:1e:9c:76:
         24:dc:fc:4e:5d:20:14:cc:f6:55:5c:69:63:82:c0:05:87:f9:
         6d:ad:db:c8:4b:27:25:95:d8:97:15:44:ad:90:f5:c8:9e:b4:
         a9:37:04:e9:44:29:d4:16:d3:c8:7b:1f:ce:7d:22:fe:c8:bc:
         ef:8d:dd:5c:84:4d:81:d8:fe:82:8a:2f:6c:9b:9a:1f:b4:f3:
         21:54:c5:d6:d2:01:a8:f3:2e:81:d6:5b:48:41:4c:4e:a5:75:
         64:17:2d:32:71:f0:d7:b9:96:33:40:58:b4:63:f1:d2:6a:38:
         d3:15:7a:4e:8e:42:7e:68:21:be:7c:aa:f4:8b:34:ba:11:37:
         88:d8:43:0a:00:4c:98:d4:d1:de:e3:cc:37:3a:1a:78:62:56:
         91:92:c3:fb:66:b8:dd:50:39:ba:09:e9:df:41:23:11:d5:4a:
         60:4d:d6:60:f6:b6:27:de:ff:53:1b:f2:91:4b:6c:a5:5c:b9:
         fc:e0:4c:87:95:32:0a:df:13:ad:35:df:9a:ff:34:3f:e8:ff:
         b1:82:07:90:9d:bb:ab:2d:ca:30:1d:4e:2b:af:b7:70:0d:18:
         02:b3:10:88
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt26wRSORX2XplBofgp9kRCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMDAxNzUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDZiZjQ2OTg3MzJkYTVmYmM3YzIwMDJmNjM5NjdjNjhmNTZkYjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1fsuc+xIt4h9D6OFkcUlgGENMUQ
K8fvJvHYgSMww8OEde+lvZoW/wiCFmog56vqhL8Bha7XOGJ4MDxEJIUWu6kPNmKR
J6DnD1MLyeneHt/DYQmC3HKNfpGrcey60ZIMGJgrQXuBJwiwsxjgvL2LZkR0ns/d
UE81Ifz5QQj33h7ssFRkeJWgcZu8KrztSYKFJmIlSDiQPSUILQoPByvKj9oIwIiA
9Fcez8VNzR8QqArm1uxghOo9mO46kPTl6aajeJ2PIE4+8IMGtJM+v6bn9/1b9LAH
KHDSgQvZMi+UF8etMPRYFEOVOhqEDsiGHc/WuwWeo55rnX0XswQzgVfb2wIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFCRr9GmHMtpfvHwgAvY5Z8aPVttsMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE4LzJmOTY2
Ni05MDRhLTQ2MjItOTA2Ni1mNTEyMmJhYzE0YWEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgvMmY5NjY2
LTkwNGEtNDYyMi05MDY2LWY1MTIyYmFjMTRhYS8xL0pHdjBhWWN5MmwtOGZDQUM5
amxueG85VzIydy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNNSDANBgkqhkiG9w0BAQsFAAOCAQEATIICnLclUCtC
HOjItbkZsRW50VmjoMkXVZx+fJTPKEh1Hpx2JNz8Tl0gFMz2VVxpY4LABYf5ba3b
yEsnJZXYlxVErZD1yJ60qTcE6UQp1BbTyHsfzn0i/si8743dXIRNgdj+goovbJua
H7TzIVTF1tIBqPMugdZbSEFMTqV1ZBctMnHw17mWM0BYtGPx0mo40xV6To5Cfmgh
vnyq9Is0uhE3iNhDCgBMmNTR3uPMNzoaeGJWkZLD+2a43VA5ugnp30EjEdVKYE3W
YPa2J97/UxvykUtspVy5/OBMh5UyCt8TrTXfmv80P+j/sYIHkJ27qy3KMB1OK6+3
cA0YArMQiA==
-----END CERTIFICATE-----