This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
File:                     QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer (raw, json)
Hash identifier:          rPCC+C9HOt8IAtnL4l23N8AKn+M84+661/fYLGFa89E=
Subject key identifier:   40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7C13454702AE886063853EF961C67712
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 02 Jan 2026 00:19:56 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 206468
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 06:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:13:45:47:02:ae:88:60:63:85:3e:f9:61:c6:77:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 00:19:56 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=408b0fe658eb96fb50b135f71bb92f27b92c1394
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:b7:3b:97:c9:41:b6:a7:ee:44:73:ae:05:dc:
                    e5:70:b5:2a:71:7d:98:97:8e:9b:99:1f:a4:90:bf:
                    01:8e:b3:e5:26:50:43:48:5d:f1:43:f0:2b:f8:87:
                    78:0e:fd:49:72:f6:3f:4f:33:3d:55:e0:e2:c9:f3:
                    d6:48:9d:f9:8a:1a:66:25:aa:ac:cf:9d:a5:f7:76:
                    cd:1e:7c:b4:73:43:18:5b:6c:25:b9:1f:40:3c:e7:
                    d9:28:f0:85:89:07:62:5f:17:6c:d7:0c:73:90:26:
                    85:42:bc:94:62:3d:5c:a9:ed:ae:d5:e5:54:a1:2f:
                    98:2a:03:23:47:6c:72:00:ef:62:8f:6f:bc:37:9c:
                    87:80:7c:f2:d8:f5:cb:f7:d8:94:fd:55:9f:cb:77:
                    b2:68:a5:86:96:a1:81:12:49:86:84:9c:37:f6:8c:
                    52:b3:9c:06:88:47:11:97:71:89:6f:60:b0:19:af:
                    cd:0c:ac:86:8d:5f:02:51:55:3c:60:c7:c0:e5:d8:
                    9c:31:a3:ff:66:cc:08:7c:9f:18:6c:2e:7a:da:bc:
                    89:3d:5a:d8:75:ef:fe:17:57:f5:91:ca:12:96:06:
                    c8:29:13:cf:31:d9:ff:ff:fc:58:c9:a4:15:78:f2:
                    04:6c:0f:2f:55:88:b5:e2:54:2a:89:4d:83:1d:55:
                    ec:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  206468

    Signature Algorithm: sha256WithRSAEncryption
         ae:e1:ce:02:23:06:7e:bc:09:8d:e0:7a:61:8a:1f:ea:0c:68:
         ae:f9:b8:cb:f6:18:0a:a6:38:38:27:d1:54:16:16:1c:92:b3:
         ec:ce:90:92:7d:21:b4:86:39:54:e1:28:12:8f:76:93:0c:bf:
         e4:bb:09:fa:00:55:3a:75:26:12:46:c6:9b:b3:c7:23:a1:98:
         2b:97:2a:05:df:7b:ae:76:9c:7d:24:83:06:00:ab:b6:24:c1:
         aa:6c:86:8c:22:da:fe:6c:89:61:7f:3e:ae:41:d2:8a:31:6f:
         45:31:b2:20:9f:97:18:79:01:be:e0:04:79:b3:82:f6:b2:4a:
         4e:a4:60:59:e0:d8:11:ad:48:35:a7:c9:91:bb:ae:e8:c9:b7:
         89:8b:a2:cb:51:d7:aa:4b:23:02:5e:28:1a:bb:62:52:96:7b:
         27:2d:64:8b:c6:e9:be:b0:cc:fe:70:5c:89:4c:ee:25:5a:da:
         b1:34:ce:c5:5d:b4:a1:52:00:be:ee:cd:ec:bb:6a:77:55:c8:
         f4:a3:a7:4b:52:1c:10:53:2e:f8:e2:14:81:17:02:29:64:0e:
         62:c8:51:3f:45:47:61:9c:06:94:93:8c:0e:46:be:49:da:d2:
         40:da:0b:2a:51:b6:65:fd:64:27:2b:d1:a2:1e:32:56:46:2b:
         5a:f9:45:88
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt8E0VHAq6IYGOFPvlhxncSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMDAxOTU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDhiMGZlNjU4ZWI5NmZiNTBiMTM1ZjcxYmI5MmYyN2I5MmMxMzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLc7l8lBtqfuRHOuBdzlcLUqcX2Y
l46bmR+kkL8BjrPlJlBDSF3xQ/Ar+Id4Dv1JcvY/TzM9VeDiyfPWSJ35ihpmJaqs
z52l93bNHny0c0MYW2wluR9APOfZKPCFiQdiXxds1wxzkCaFQryUYj1cqe2u1eVU
oS+YKgMjR2xyAO9ij2+8N5yHgHzy2PXL99iU/VWfy3eyaKWGlqGBEkmGhJw39oxS
s5wGiEcRl3GJb2CwGa/NDKyGjV8CUVU8YMfA5dicMaP/ZswIfJ8YbC562ryJPVrY
de/+F1f1kcoSlgbIKRPPMdn///xYyaQVePIEbA8vVYi14lQqiU2DHVXs+wIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFECLD+ZY65b7ULE19xu5Lye5LBOUMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU1L2U1NjU0
Yy05ZmU3LTQ3OTMtOGE4Zi00MGVkYWRlZWU4NjAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTUvZTU2NTRj
LTlmZTctNDc5My04YThmLTQwZWRhZGVlZTg2MC8xL1FJc1A1bGpybHZ0UXNUWDNH
N2t2Sjdrc0U1US5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMmhDANBgkqhkiG9w0BAQsFAAOCAQEAruHOAiMGfrwJ
jeB6YYof6gxorvm4y/YYCqY4OCfRVBYWHJKz7M6Qkn0htIY5VOEoEo92kwy/5LsJ
+gBVOnUmEkbGm7PHI6GYK5cqBd97rnacfSSDBgCrtiTBqmyGjCLa/myJYX8+rkHS
ijFvRTGyIJ+XGHkBvuAEebOC9rJKTqRgWeDYEa1INafJkbuu6Mm3iYuiy1HXqksj
Al4oGrtiUpZ7Jy1ki8bpvrDM/nBciUzuJVrasTTOxV20oVIAvu7N7Ltqd1XI9KOn
S1IcEFMu+OIUgRcCKWQOYshRP0VHYZwGlJOMDka+SdrSQNoLKlG2Zf1kJyvRoh4y
VkYrWvlFiA==
-----END CERTIFICATE-----