This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/VUexftfcydHsKj_H1eeStZHqYoA.cer
File:                     VUexftfcydHsKj_H1eeStZHqYoA.cer (raw, json)
Hash identifier:          ZWY810eOOOLSAkQESsxdP22RI2P/xzv66ad8YUs8w34=
Subject key identifier:   55:47:B1:7E:D7:DC:C9:D1:EC:2A:3F:C7:D5:E7:92:B5:91:EA:62:80
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019BFA5997895E9E5585541AA42D2FE65FA8
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/b8/c1da06-198e-44bb-b33f-13e333e1fa17/1/VUexftfcydHsKj_H1eeStZHqYoA.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/b8/c1da06-198e-44bb-b33f-13e333e1fa17/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 26 Jan 2026 12:48:54 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    IP: 194.173.70.0/24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 15:35:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:fa:59:97:89:5e:9e:55:85:54:1a:a4:2d:2f:e6:5f:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan 26 12:48:54 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=5547b17ed7dcc9d1ec2a3fc7d5e792b591ea6280
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:91:da:0f:32:5c:16:73:59:93:84:16:b8:99:
                    c3:25:f7:c9:b7:d4:53:f1:35:0a:15:11:51:0a:a7:
                    10:07:d7:b5:d7:40:fe:8d:cb:43:f4:27:d7:3e:73:
                    66:ae:ea:42:e9:a7:f4:9b:36:d3:cc:17:8e:c5:5a:
                    3b:af:f7:89:94:b2:6b:ae:71:f6:95:04:21:5d:d6:
                    dc:3a:3f:75:e9:c2:d0:0b:37:d0:41:9b:87:6d:18:
                    99:35:06:43:80:cc:39:96:7a:03:6a:19:64:fa:25:
                    d6:fe:e7:87:2b:42:2c:0b:3a:80:bc:a4:07:ad:38:
                    b4:3c:b7:85:fc:86:97:a1:18:29:41:a0:3e:6a:c7:
                    88:39:e5:82:f0:1d:b2:25:9a:f5:69:45:d8:bd:96:
                    d3:f2:fa:18:13:20:a7:92:da:36:61:5a:ea:9d:63:
                    f1:cf:ac:54:f1:14:d8:14:fc:f5:04:7d:44:95:e0:
                    75:ec:74:f3:ba:f9:2f:cf:96:89:fe:f9:5b:80:25:
                    3b:e7:74:93:8c:8a:76:d7:51:a3:ad:aa:ac:c4:20:
                    09:2f:83:47:f7:fb:f3:b6:f1:6a:99:fc:95:d3:93:
                    09:24:02:47:71:2a:2f:7b:10:04:92:2e:83:a7:3a:
                    9b:ac:ba:34:e1:e5:fa:0c:c8:8d:84:97:12:c2:77:
                    99:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:47:B1:7E:D7:DC:C9:D1:EC:2A:3F:C7:D5:E7:92:B5:91:EA:62:80
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/c1da06-198e-44bb-b33f-13e333e1fa17/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/c1da06-198e-44bb-b33f-13e333e1fa17/1/VUexftfcydHsKj_H1eeStZHqYoA.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.173.70.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:c9:15:5d:74:ec:7c:c3:e5:b5:fa:db:ec:f2:ca:9e:59:2a:
         ef:d4:82:c4:52:30:cc:7b:07:06:01:ab:ae:8e:e0:25:18:b3:
         76:e1:c4:ba:8f:88:7f:56:4f:15:3c:2a:e7:0b:fa:12:d9:90:
         de:36:37:7d:62:52:9a:b8:59:46:74:b0:3e:e3:a7:12:00:6b:
         40:f1:fd:ad:8a:25:aa:0d:33:72:ba:12:ee:d3:bb:de:e6:54:
         6c:ef:5e:07:a7:c2:ae:b3:ea:67:38:95:58:b6:9c:54:79:85:
         cf:8d:0f:e1:be:40:92:4a:19:f3:b2:00:1f:84:f6:f6:c5:73:
         3b:c5:b5:6d:74:8a:d9:5b:76:e3:61:fa:5e:10:18:37:01:94:
         bc:89:91:ef:86:6f:05:eb:c6:64:e0:43:b7:e0:35:c3:20:33:
         60:22:9a:6a:78:31:ec:71:f1:94:b8:02:b3:37:85:d7:0e:37:
         7a:a3:a0:53:dd:92:9e:5d:27:0e:5c:eb:c3:47:3a:48:ea:c2:
         60:1b:f6:d5:6d:03:e5:21:b9:90:79:9e:f3:c5:03:13:b7:a2:
         a2:07:ae:d9:ba:ac:8e:28:fe:e0:9a:32:23:0a:5d:4f:fe:d3:
         ce:30:3d:93:8f:db:1c:83:65:af:a2:56:ba:18:ee:c6:82:0d:
         f9:bc:65:c1
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZv6WZeJXp5VhVQapC0v5l+oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTI2MTI0ODU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTQ3YjE3ZWQ3ZGNjOWQxZWMyYTNmYzdkNWU3OTJiNTkxZWE2MjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZHaDzJcFnNZk4QWuJnDJffJt9RT
8TUKFRFRCqcQB9e110D+jctD9CfXPnNmrupC6af0mzbTzBeOxVo7r/eJlLJrrnH2
lQQhXdbcOj916cLQCzfQQZuHbRiZNQZDgMw5lnoDahlk+iXW/ueHK0IsCzqAvKQH
rTi0PLeF/IaXoRgpQaA+aseIOeWC8B2yJZr1aUXYvZbT8voYEyCnkto2YVrqnWPx
z6xU8RTYFPz1BH1EleB17HTzuvkvz5aJ/vlbgCU753STjIp211GjraqsxCAJL4NH
9/vztvFqmfyV05MJJAJHcSovexAEki6DpzqbrLo04eX6DMiNhJcSwneZSwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFFVHsX7X3MnR7Co/x9XnkrWR6mKAMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I4L2MxZGEw
Ni0xOThlLTQ0YmItYjMzZi0xM2UzMzNlMWZhMTcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgvYzFkYTA2
LTE5OGUtNDRiYi1iMzNmLTEzZTMzM2UxZmExNy8xL1ZVZXhmdGZjeWRIc0tqX0gx
ZWVTdFpIcVlvQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwq1GMA0GCSqGSIb3DQEBCwUAA4IBAQCLyRVd
dOx8w+W1+tvs8sqeWSrv1ILEUjDMewcGAauujuAlGLN24cS6j4h/Vk8VPCrnC/oS
2ZDeNjd9YlKauFlGdLA+46cSAGtA8f2tiiWqDTNyuhLu07ve5lRs714Hp8Kus+pn
OJVYtpxUeYXPjQ/hvkCSShnzsgAfhPb2xXM7xbVtdIrZW3bjYfpeEBg3AZS8iZHv
hm8F68Zk4EO34DXDIDNgIppqeDHscfGUuAKzN4XXDjd6o6BT3ZKeXScOXOvDRzpI
6sJgG/bVbQPlIbmQeZ7zxQMTt6KiB67ZuqyOKP7gmjIjCl1P/tPOMD2Tj9scg2Wv
ola6GO7Ggg35vGXB
-----END CERTIFICATE-----