This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Y4UAVfJ-xAdWKX_811nrhh7vc8E.cer
File:                     Y4UAVfJ-xAdWKX_811nrhh7vc8E.cer (raw, json)
Hash identifier:          PjZE7zfWkbW5OIdYpzTTfjZtMkugRcwg98xIJNBPAso=
Subject key identifier:   63:85:00:55:F2:7E:C4:07:56:29:7F:FC:D7:59:EB:86:1E:EF:73:C1
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7BA47C6AAB8138B2959F822DBB41F496
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/17/ff6b18-7ddf-46f5-a0d5-06d4475b7fe5/1/Y4UAVfJ-xAdWKX_811nrhh7vc8E.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/17/ff6b18-7ddf-46f5-a0d5-06d4475b7fe5/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 22:18:55 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 215903
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:a4:7c:6a:ab:81:38:b2:95:9f:82:2d:bb:41:f4:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 22:18:55 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=63850055f27ec40756297ffcd759eb861eef73c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:6a:58:74:29:ad:f3:7a:87:e6:09:40:2b:53:
                    42:f9:4b:9a:54:3f:50:c1:4d:6f:2c:2a:19:4a:fd:
                    2a:1a:c0:d0:1f:c8:7c:81:4b:ec:bf:84:55:09:c2:
                    7e:83:38:61:80:df:c4:be:ce:17:c9:cf:ff:ed:13:
                    d7:4e:24:78:87:ad:be:cb:16:9c:09:49:ad:a9:9a:
                    2f:7a:af:bd:44:63:0f:f2:56:1c:79:fc:b7:ce:3c:
                    06:50:bf:58:2d:86:ad:ec:b5:2d:96:88:95:8c:ba:
                    24:f7:7e:0e:8b:5d:6c:09:82:1a:70:01:0d:e0:20:
                    07:1a:8c:af:21:da:77:de:43:15:a8:22:8a:57:96:
                    71:c2:a3:de:c3:a3:ec:55:ee:67:13:5b:04:53:54:
                    5c:da:b5:a5:9a:13:27:bb:77:cf:3b:b8:9d:ac:af:
                    26:e4:a4:fc:f2:2e:13:4d:26:65:df:b4:59:71:0b:
                    8d:81:37:3d:ab:75:02:94:9e:9f:f8:d0:ec:ed:cd:
                    10:4a:42:d4:af:95:65:07:1d:63:8e:3b:84:c4:e1:
                    0b:75:c1:87:1d:ad:62:4a:97:a7:27:79:7f:77:cd:
                    ea:06:f1:3d:5e:60:b8:2f:1b:dc:ed:b6:ef:e0:32:
                    76:77:bc:63:49:51:69:6f:28:8f:fb:7b:ff:bd:8f:
                    54:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:85:00:55:F2:7E:C4:07:56:29:7F:FC:D7:59:EB:86:1E:EF:73:C1
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/ff6b18-7ddf-46f5-a0d5-06d4475b7fe5/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/ff6b18-7ddf-46f5-a0d5-06d4475b7fe5/1/Y4UAVfJ-xAdWKX_811nrhh7vc8E.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  215903

    Signature Algorithm: sha256WithRSAEncryption
         47:9e:46:32:fa:f1:2f:85:5d:e3:af:0f:40:a5:a6:0d:a4:38:
         8d:fb:b6:a7:35:69:ce:cf:92:5d:42:25:97:7e:bb:16:5d:05:
         00:2a:81:a0:25:86:07:2b:44:dc:29:a5:42:43:84:8e:50:05:
         78:04:49:a8:61:30:b8:8f:16:a3:39:44:e3:7f:3a:8b:2f:17:
         7d:99:d5:45:a8:79:b5:fe:01:78:21:ce:ff:b2:65:23:e3:ca:
         2f:2c:20:d3:93:b7:b4:78:31:0b:05:49:7d:44:a3:9f:f8:0f:
         08:79:73:35:9f:55:32:4d:a0:47:6c:50:61:a8:fa:50:61:0b:
         a9:a9:65:21:b8:84:f0:6e:e3:37:41:7c:6c:35:1b:0a:f1:a3:
         67:89:e4:d2:c5:8c:73:6e:6b:09:7b:2c:e9:b3:1d:27:fe:cd:
         46:eb:01:e7:e7:47:2f:11:7e:83:84:7b:e2:00:f2:94:cf:45:
         13:02:d0:8f:21:df:c9:d4:8b:b7:97:e9:1f:f9:eb:39:e5:49:
         c6:a3:17:d7:25:7a:7c:bc:a5:36:d9:9c:46:ea:a9:10:5c:aa:
         82:74:83:8a:dc:96:f1:bc:0c:ed:26:42:82:56:d8:b0:e9:7b:
         ad:50:70:b2:52:9b:6e:ae:0b:02:5a:ba:f1:73:2c:23:d1:4c:
         25:c4:99:48
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt7pHxqq4E4spWfgi27QfSWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMjIxODU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mzg1MDA1NWYyN2VjNDA3NTYyOTdmZmNkNzU5ZWI4NjFlZWY3M2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWpYdCmt83qH5glAK1NC+UuaVD9Q
wU1vLCoZSv0qGsDQH8h8gUvsv4RVCcJ+gzhhgN/Evs4Xyc//7RPXTiR4h62+yxac
CUmtqZoveq+9RGMP8lYcefy3zjwGUL9YLYat7LUtloiVjLok934Oi11sCYIacAEN
4CAHGoyvIdp33kMVqCKKV5ZxwqPew6PsVe5nE1sEU1Rc2rWlmhMnu3fPO7idrK8m
5KT88i4TTSZl37RZcQuNgTc9q3UClJ6f+NDs7c0QSkLUr5VlBx1jjjuExOELdcGH
Ha1iSpenJ3l/d83qBvE9XmC4Lxvc7bbv4DJ2d7xjSVFpbyiP+3v/vY9UZwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFGOFAFXyfsQHVil//NdZ64Ye73PBMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE3L2ZmNmIx
OC03ZGRmLTQ2ZjUtYTBkNS0wNmQ0NDc1YjdmZTUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcvZmY2YjE4
LTdkZGYtNDZmNS1hMGQ1LTA2ZDQ0NzViN2ZlNS8xL1k0VUFWZkoteEFkV0tYXzgx
MW5yaGg3dmM4RS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNLXzANBgkqhkiG9w0BAQsFAAOCAQEAR55GMvrxL4Vd
468PQKWmDaQ4jfu2pzVpzs+SXUIll367Fl0FACqBoCWGBytE3CmlQkOEjlAFeARJ
qGEwuI8WozlE4386iy8XfZnVRah5tf4BeCHO/7JlI+PKLywg05O3tHgxCwVJfUSj
n/gPCHlzNZ9VMk2gR2xQYaj6UGELqallIbiE8G7jN0F8bDUbCvGjZ4nk0sWMc25r
CXss6bMdJ/7NRusB5+dHLxF+g4R74gDylM9FEwLQjyHfydSLt5fpH/nrOeVJxqMX
1yV6fLylNtmcRuqpEFyqgnSDityW8bwM7SZCglbYsOl7rVBwslKbbq4LAlq68XMs
I9FMJcSZSA==
-----END CERTIFICATE-----