This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/NoTy9VGkNSosFNf45pMpqdxD_eA.cer
File:                     NoTy9VGkNSosFNf45pMpqdxD_eA.cer (raw, json)
Hash identifier:          2+P7iwVamrnWRWwQoZZl6R77NyYaDK699cOmuxQ6dDY=
Subject key identifier:   36:84:F2:F5:51:A4:35:2A:2C:14:D7:F8:E6:93:29:A9:DC:43:FD:E0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B783546009F589C693F849051A26C54EB
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/60/9762d8-8952-4c39-b474-29abee3efbb7/1/NoTy9VGkNSosFNf45pMpqdxD_eA.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/60/9762d8-8952-4c39-b474-29abee3efbb7/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 06:18:35 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 48552
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:78:35:46:00:9f:58:9c:69:3f:84:90:51:a2:6c:54:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 06:18:35 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=3684f2f551a4352a2c14d7f8e69329a9dc43fde0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:8e:31:e2:d2:93:08:42:d8:05:9d:9d:57:fa:
                    68:40:19:e3:b0:67:bf:3f:f7:8a:3e:de:4a:4e:ea:
                    34:84:c4:ac:4c:b7:17:dc:6b:98:0d:44:66:29:4e:
                    b2:40:bf:ce:56:10:cb:71:1e:5e:8f:3a:27:b7:59:
                    d7:83:59:a1:b9:b3:42:96:e9:d9:6c:a3:52:c7:96:
                    ba:c1:c2:fb:f5:f0:ca:dc:f5:1c:a6:c3:8e:73:36:
                    6e:72:aa:a2:2e:0c:4a:af:af:9f:b2:1c:60:21:db:
                    76:06:1c:19:db:62:f0:81:f8:bb:86:50:c0:b9:cc:
                    39:d0:e6:5d:d6:a5:1b:1e:bc:b1:f2:17:94:87:91:
                    ff:d3:1b:a1:10:48:50:74:17:25:51:84:5e:1a:d1:
                    6f:49:94:59:33:38:40:e3:6e:98:63:0e:f7:11:2f:
                    fd:d2:da:cd:ee:52:e6:0d:c1:66:81:55:f9:cb:ce:
                    63:4e:4c:bf:76:71:b9:9e:b9:ed:d7:68:58:43:b9:
                    15:02:69:cb:c6:1f:df:53:7d:17:3c:09:5f:a9:9d:
                    e8:c7:65:2b:f4:ee:7f:16:df:10:07:37:6f:7c:66:
                    a4:77:04:f6:d0:bc:78:f4:52:10:2f:30:91:76:cc:
                    d1:9e:99:81:19:8a:7d:ce:03:28:07:19:8d:53:3a:
                    bc:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:84:F2:F5:51:A4:35:2A:2C:14:D7:F8:E6:93:29:A9:DC:43:FD:E0
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/9762d8-8952-4c39-b474-29abee3efbb7/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/9762d8-8952-4c39-b474-29abee3efbb7/1/NoTy9VGkNSosFNf45pMpqdxD_eA.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  48552

    Signature Algorithm: sha256WithRSAEncryption
         40:af:cc:9c:f1:b7:7b:0e:1b:36:e0:fd:a4:b5:d8:71:d5:75:
         27:08:1f:79:27:9c:24:ea:dc:13:d0:e5:45:83:cb:c8:99:a9:
         7d:9d:62:8c:a4:9b:3f:cd:29:68:d5:e6:7e:a6:1f:43:ad:cc:
         49:a9:74:c2:d2:26:2a:cc:62:f7:d0:7d:ab:c1:df:06:a9:77:
         be:87:c8:29:0a:56:94:c5:c4:77:df:a7:00:1c:2a:3b:13:96:
         70:2f:34:0d:da:85:e9:f4:d5:81:dd:ee:9b:c4:2e:46:2f:8d:
         98:9f:bb:15:1a:4c:c8:32:bb:c5:9d:d4:46:07:90:45:96:ed:
         91:88:78:5c:d8:ee:19:86:4a:7e:93:22:c3:16:b9:62:7e:5d:
         9b:10:a4:23:04:3d:ba:73:0f:0b:ae:ec:fe:0e:13:9b:87:1b:
         6c:3c:0c:8e:a2:7d:ed:16:ea:a4:e6:65:35:c5:38:75:12:39:
         c0:0a:c6:c0:ba:5e:ef:68:d6:69:46:a3:f7:15:ab:2d:4b:6b:
         15:c6:30:a6:4f:b3:73:4b:82:12:8c:b9:6c:0d:a2:fc:68:23:
         a1:b6:f7:6d:98:80:60:2e:a2:86:cd:60:64:df:2a:53:c9:84:
         78:d7:53:54:da:e3:18:7b:c1:e9:cf:9a:c0:92:77:de:ec:49:
         3e:72:0c:5d
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt4NUYAn1icaT+EkFGibFTrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMDYxODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjg0ZjJmNTUxYTQzNTJhMmMxNGQ3ZjhlNjkzMjlhOWRjNDNmZGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtI4x4tKTCELYBZ2dV/poQBnjsGe/
P/eKPt5KTuo0hMSsTLcX3GuYDURmKU6yQL/OVhDLcR5ejzont1nXg1mhubNClunZ
bKNSx5a6wcL79fDK3PUcpsOOczZucqqiLgxKr6+fshxgIdt2BhwZ22Lwgfi7hlDA
ucw50OZd1qUbHryx8heUh5H/0xuhEEhQdBclUYReGtFvSZRZMzhA426YYw73ES/9
0trN7lLmDcFmgVX5y85jTky/dnG5nrnt12hYQ7kVAmnLxh/fU30XPAlfqZ3ox2Ur
9O5/Ft8QBzdvfGakdwT20Lx49FIQLzCRdszRnpmBGYp9zgMoBxmNUzq8oQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFDaE8vVRpDUqLBTX+OaTKancQ/3gMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYwLzk3NjJk
OC04OTUyLTRjMzktYjQ3NC0yOWFiZWUzZWZiYjcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAvOTc2MmQ4
LTg5NTItNGMzOS1iNDc0LTI5YWJlZTNlZmJiNy8xL05vVHk5VkdrTlNvc0ZOZjQ1
cE1wcWR4RF9lQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwC9qDANBgkqhkiG9w0BAQsFAAOCAQEAQK/MnPG3ew4b
NuD9pLXYcdV1JwgfeSecJOrcE9DlRYPLyJmpfZ1ijKSbP80paNXmfqYfQ63MSal0
wtImKsxi99B9q8HfBql3vofIKQpWlMXEd9+nABwqOxOWcC80DdqF6fTVgd3um8Qu
Ri+NmJ+7FRpMyDK7xZ3URgeQRZbtkYh4XNjuGYZKfpMiwxa5Yn5dmxCkIwQ9unMP
C67s/g4Tm4cbbDwMjqJ97RbqpOZlNcU4dRI5wArGwLpe72jWaUaj9xWrLUtrFcYw
pk+zc0uCEoy5bA2i/Ggjobb3bZiAYC6ihs1gZN8qU8mEeNdTVNrjGHvB6c+awJJ3
3uxJPnIMXQ==
-----END CERTIFICATE-----