This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/UZp1yrw_m8vraCB5f_1zzvwb-X8.cer
File:                     UZp1yrw_m8vraCB5f_1zzvwb-X8.cer (raw, json)
Hash identifier:          CDwg4v4/oj4Wq+lsey/5NrHPRQLYfH+Z4a6XKNyMr2w=
Subject key identifier:   51:9A:75:CA:BC:3F:9B:CB:EB:68:20:79:7F:FD:73:CE:FC:1B:F9:7F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019C03271D77A0A6D1DB2EAB768CFD0B1696
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/05/3c0c90-0a2f-4191-8418-caf9a20e586f/1/UZp1yrw_m8vraCB5f_1zzvwb-X8.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/05/3c0c90-0a2f-4191-8418-caf9a20e586f/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Wed 28 Jan 2026 05:50:21 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 13214
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Feb 2026 21:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:03:27:1d:77:a0:a6:d1:db:2e:ab:76:8c:fd:0b:16:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan 28 05:50:21 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=519a75cabc3f9bcbeb6820797ffd73cefc1bf97f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:34:22:10:77:18:24:f0:b3:5f:ce:91:03:02:
                    23:f4:31:55:e8:1b:40:d0:f2:7a:96:53:8b:56:3d:
                    ff:8f:fb:3e:44:c3:94:d9:67:af:29:8d:fa:6c:af:
                    99:ae:b7:09:8a:9d:5a:7c:1b:99:8c:0f:e6:e7:67:
                    e4:58:77:0e:9e:82:80:53:ae:ce:82:ab:c7:e7:c7:
                    c5:d5:36:21:a9:b4:2a:14:4e:63:59:dc:a5:70:42:
                    69:97:0f:44:12:33:7e:c9:a1:1d:64:3f:f9:9c:d8:
                    06:03:e5:8b:d9:1a:62:fa:ab:76:c4:19:91:2d:be:
                    8c:97:26:d9:30:6a:c2:6f:46:29:3e:24:85:a0:52:
                    e8:f1:38:04:fa:9f:68:f7:41:f0:ac:37:7e:a9:75:
                    a0:a1:2b:a5:91:68:4a:fd:76:51:90:bd:d2:32:94:
                    d9:80:32:3c:15:6c:85:cd:53:8b:49:b6:11:a7:3c:
                    8d:43:3a:9d:2a:57:66:4e:ef:5a:ff:07:13:a2:8b:
                    d6:ae:da:e8:a0:c5:96:58:fd:e0:15:07:0e:e8:15:
                    07:e3:8e:9f:8d:ab:fb:e8:cd:38:80:32:00:9b:0c:
                    ac:b1:7c:86:52:5c:ad:1a:f1:a4:48:02:7d:5f:1c:
                    3a:95:17:a2:b6:d7:1a:9f:a7:60:82:b8:86:0c:de:
                    9e:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:9A:75:CA:BC:3F:9B:CB:EB:68:20:79:7F:FD:73:CE:FC:1B:F9:7F
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/3c0c90-0a2f-4191-8418-caf9a20e586f/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/3c0c90-0a2f-4191-8418-caf9a20e586f/1/UZp1yrw_m8vraCB5f_1zzvwb-X8.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  13214

    Signature Algorithm: sha256WithRSAEncryption
         ab:5c:8b:2b:b7:0a:57:51:d3:67:cb:55:29:5e:c6:f8:00:6c:
         1d:10:fa:8d:04:2a:b6:72:44:5f:9a:31:58:1b:99:01:25:1c:
         62:51:4b:00:6c:c8:d9:7f:4a:64:29:d8:2d:00:55:5c:f4:80:
         78:72:fa:f0:ac:23:0b:d2:3b:3a:5d:40:08:7e:4c:54:f5:0b:
         55:bd:11:d3:2a:cf:24:42:77:af:ff:50:7c:82:f8:a7:ba:c1:
         5e:79:3c:cd:2e:1f:83:f2:da:6a:59:a9:84:6f:a6:01:23:ef:
         db:1d:84:14:c9:90:5b:97:fb:5c:04:5a:2f:ab:73:1d:5d:73:
         26:61:47:11:86:b3:42:4f:53:fd:d7:bd:22:f3:6b:e5:e0:82:
         ca:76:02:0a:43:56:f0:94:fd:00:e6:c7:48:27:2e:a3:cf:43:
         82:9b:18:0e:a8:c2:35:a0:f0:b0:d9:c1:d8:01:cb:30:90:ec:
         d8:63:74:dc:69:8f:a2:ff:f5:f5:8c:bc:05:00:e2:a0:9e:c3:
         ee:f4:d0:ef:e1:4d:4a:51:86:45:5b:c4:b3:c2:9e:35:1a:6b:
         b6:2f:6b:e6:e8:de:00:45:34:84:5c:9a:0f:11:11:b1:98:c8:
         d1:07:1e:be:ee:d7:2e:ac:50:54:95:0b:ae:98:7b:36:3d:03:
         d1:99:b9:f2
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZwDJx13oKbR2y6rdoz9CxaWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTI4MDU1MDIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTlhNzVjYWJjM2Y5YmNiZWI2ODIwNzk3ZmZkNzNjZWZjMWJmOTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjQiEHcYJPCzX86RAwIj9DFV6BtA
0PJ6llOLVj3/j/s+RMOU2WevKY36bK+ZrrcJip1afBuZjA/m52fkWHcOnoKAU67O
gqvH58fF1TYhqbQqFE5jWdylcEJplw9EEjN+yaEdZD/5nNgGA+WL2Rpi+qt2xBmR
Lb6MlybZMGrCb0YpPiSFoFLo8TgE+p9o90HwrDd+qXWgoSulkWhK/XZRkL3SMpTZ
gDI8FWyFzVOLSbYRpzyNQzqdKldmTu9a/wcToovWrtrooMWWWP3gFQcO6BUH446f
jav76M04gDIAmwyssXyGUlytGvGkSAJ9Xxw6lReittcan6dggriGDN6eNwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFFGadcq8P5vL62ggeX/9c878G/l/MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA1LzNjMGM5
MC0wYTJmLTQxOTEtODQxOC1jYWY5YTIwZTU4NmYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUvM2MwYzkw
LTBhMmYtNDE5MS04NDE4LWNhZjlhMjBlNTg2Zi8xL1VacDF5cndfbTh2cmFDQjVm
XzF6enZ3Yi1YOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBkGCCsGAQUF
BwEIAQH/BAowCKAGMAQCAjOeMA0GCSqGSIb3DQEBCwUAA4IBAQCrXIsrtwpXUdNn
y1UpXsb4AGwdEPqNBCq2ckRfmjFYG5kBJRxiUUsAbMjZf0pkKdgtAFVc9IB4cvrw
rCML0js6XUAIfkxU9QtVvRHTKs8kQnev/1B8gvinusFeeTzNLh+D8tpqWamEb6YB
I+/bHYQUyZBbl/tcBFovq3MdXXMmYUcRhrNCT1P9170i82vl4ILKdgIKQ1bwlP0A
5sdIJy6jz0OCmxgOqMI1oPCw2cHYAcswkOzYY3TcaY+i//X1jLwFAOKgnsPu9NDv
4U1KUYZFW8Szwp41Gmu2L2vm6N4ARTSEXJoPERGxmMjRBx6+7tcurFBUlQuumHs2
PQPRmbny
-----END CERTIFICATE-----