This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/UX1ZQ4zCAdyi_BznpodzvXG-Dr4.cer
File:                     UX1ZQ4zCAdyi_BznpodzvXG-Dr4.cer (raw, json)
Hash identifier:          inX5e6Z1g4aHwLscPefx5Bxr2c0YHSJREf3je+wN3ws=
Subject key identifier:   51:7D:59:43:8C:C2:01:DC:A2:FC:1C:E7:A6:87:73:BD:71:BE:0E:BE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7B36924E0BA731E119F8D4A142CAE67B
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/82/50f5ba-bdf4-4a71-a836-8b31e23382da/1/UX1ZQ4zCAdyi_BznpodzvXG-Dr4.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/82/50f5ba-bdf4-4a71-a836-8b31e23382da/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 20:18:52 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    IP: 193.108.19.0/24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 06:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:36:92:4e:0b:a7:31:e1:19:f8:d4:a1:42:ca:e6:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 20:18:52 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=517d59438cc201dca2fc1ce7a68773bd71be0ebe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:d9:23:0c:9a:01:ae:ff:9d:d3:fe:32:50:80:
                    02:e6:c8:14:dd:24:d2:b4:e4:a3:87:41:e3:bd:52:
                    9a:8c:4d:ea:8b:57:12:8a:e6:b4:23:82:0b:44:2d:
                    f0:62:06:a1:63:98:7f:97:18:2a:75:5a:a6:f7:43:
                    42:99:95:b9:c0:47:38:68:91:8a:42:a9:33:5e:cb:
                    d1:c5:5a:f0:e0:1b:82:a6:57:6b:2d:f2:77:67:be:
                    58:12:29:af:8c:0f:49:d7:0e:54:4a:f5:1f:10:4f:
                    22:d0:17:bc:d0:f9:0f:c2:df:46:8b:33:99:ec:13:
                    64:9e:32:02:39:f5:6b:43:59:ef:ed:6d:40:5a:6b:
                    42:a6:20:c9:2d:ee:f3:fa:d3:d2:a5:41:c0:ba:01:
                    9a:56:93:a0:2d:12:20:b2:d6:bb:ac:2b:ac:67:2c:
                    98:2f:b5:fd:bd:57:81:f2:7c:e5:b3:a5:4d:35:da:
                    42:66:6f:f8:e0:08:d9:d0:77:cd:a4:e6:4d:09:c8:
                    89:b3:f1:64:3a:21:4c:ef:ed:a3:8c:db:2d:67:14:
                    3c:b2:68:8a:1f:93:89:45:61:95:03:6d:a7:75:5d:
                    3e:d4:c2:be:37:4e:ff:b1:12:65:56:3c:39:f9:1e:
                    5a:28:61:79:2d:69:90:09:3a:16:57:a7:03:42:22:
                    a6:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:7D:59:43:8C:C2:01:DC:A2:FC:1C:E7:A6:87:73:BD:71:BE:0E:BE
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/50f5ba-bdf4-4a71-a836-8b31e23382da/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/50f5ba-bdf4-4a71-a836-8b31e23382da/1/UX1ZQ4zCAdyi_BznpodzvXG-Dr4.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.108.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:de:41:07:db:e2:cd:08:64:05:d6:45:1b:d6:2a:b8:fd:e3:
         87:06:88:50:92:14:ab:db:03:1d:da:7c:74:a2:2e:ca:73:55:
         04:bf:52:86:e4:9a:7f:3d:7f:4e:65:25:8c:fc:dc:09:c0:b9:
         6a:ab:56:ba:61:d1:a8:c8:c0:67:66:ca:84:b8:c7:9b:20:eb:
         91:98:40:f0:c7:e0:d9:35:78:8f:75:88:0c:5d:15:9d:c3:ee:
         bd:ae:92:c8:b8:9b:0e:2f:a8:6d:84:59:c5:87:3b:09:b9:cb:
         5a:37:b1:3e:10:3a:4e:78:25:c8:54:67:40:e6:b6:46:ee:c7:
         0c:8a:2d:fb:a4:b8:0c:df:f2:64:c2:bf:1d:47:d2:3f:5e:64:
         02:bc:49:2e:b8:d0:14:31:9a:a5:aa:9d:8c:3a:f6:56:d8:2a:
         fd:78:16:f6:01:63:74:c3:dd:40:fb:cf:fc:70:b7:46:e9:57:
         2f:63:ff:10:4f:9c:6b:8c:95:12:2a:31:de:ee:e4:40:ee:22:
         71:67:91:01:bc:34:64:e6:7e:86:75:71:64:02:f4:f2:ed:4a:
         5f:5b:20:e6:20:1d:e7:9c:0e:c4:88:26:7e:5c:05:5e:85:63:
         96:95:07:2e:91:13:71:39:5b:4f:d1:27:83:21:c5:51:36:cb:
         72:62:07:51
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZt7NpJOC6cx4Rn41KFCyuZ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMjAxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTdkNTk0MzhjYzIwMWRjYTJmYzFjZTdhNjg3NzNiZDcxYmUwZWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdkjDJoBrv+d0/4yUIAC5sgU3STS
tOSjh0HjvVKajE3qi1cSiua0I4ILRC3wYgahY5h/lxgqdVqm90NCmZW5wEc4aJGK
QqkzXsvRxVrw4BuCpldrLfJ3Z75YEimvjA9J1w5USvUfEE8i0Be80PkPwt9GizOZ
7BNknjICOfVrQ1nv7W1AWmtCpiDJLe7z+tPSpUHAugGaVpOgLRIgsta7rCusZyyY
L7X9vVeB8nzls6VNNdpCZm/44AjZ0HfNpOZNCciJs/FkOiFM7+2jjNstZxQ8smiK
H5OJRWGVA22ndV0+1MK+N07/sRJlVjw5+R5aKGF5LWmQCToWV6cDQiKm3QIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFFF9WUOMwgHcovwc56aHc71xvg6+MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgyLzUwZjVi
YS1iZGY0LTRhNzEtYTgzNi04YjMxZTIzMzgyZGEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIvNTBmNWJh
LWJkZjQtNGE3MS1hODM2LThiMzFlMjMzODJkYS8xL1VYMVpRNHpDQWR5aV9Cem5w
b2R6dlhHLURyNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwWwTMA0GCSqGSIb3DQEBCwUAA4IBAQAS3kEH
2+LNCGQF1kUb1iq4/eOHBohQkhSr2wMd2nx0oi7Kc1UEv1KG5Jp/PX9OZSWM/NwJ
wLlqq1a6YdGoyMBnZsqEuMebIOuRmEDwx+DZNXiPdYgMXRWdw+69rpLIuJsOL6ht
hFnFhzsJuctaN7E+EDpOeCXIVGdA5rZG7scMii37pLgM3/Jkwr8dR9I/XmQCvEku
uNAUMZqlqp2MOvZW2Cr9eBb2AWN0w91A+8/8cLdG6VcvY/8QT5xrjJUSKjHe7uRA
7iJxZ5EBvDRk5n6GdXFkAvTy7UpfWyDmIB3nnA7EiCZ+XAVehWOWlQcukRNxOVtP
0SeDIcVRNstyYgdR
-----END CERTIFICATE-----