This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
File:                     YNJSouMVOM2lhXutCYPIvfVYsXs.cer (raw, json)
Hash identifier:          OS7xtvLuJDoDhqjDhd9gdDdpt2UHlHE8TQR52kF6v0w=
Subject key identifier:   60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7BA39592938BE3D97936E28ECAF1854E
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 22:17:56 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 200021
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:a3:95:92:93:8b:e3:d9:79:36:e2:8e:ca:f1:85:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 22:17:56 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=60d252a2e31538cda5857bad0983c8bdf558b17b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:6a:c8:aa:f4:4c:8a:8c:29:1a:25:e2:b4:54:
                    65:34:90:b9:83:92:3b:db:be:fb:e1:75:09:96:29:
                    0d:02:65:33:93:9a:3f:ce:f2:49:28:ea:2c:66:a4:
                    0a:e6:2a:06:c9:91:df:24:22:7d:c1:75:7f:e8:4c:
                    d3:6a:43:fb:c8:d5:0c:83:33:2c:f1:fc:31:f1:fe:
                    e3:05:59:cd:fd:3e:c1:f1:80:d6:ae:38:c4:b7:41:
                    56:3d:c8:1c:0f:2e:66:28:fc:24:b2:f6:de:77:aa:
                    15:f1:56:9a:e0:24:01:e3:95:eb:58:3a:28:6d:aa:
                    b4:a2:cf:75:3f:07:23:e9:b1:94:ef:a0:5f:d0:37:
                    2d:62:4f:10:36:6b:02:93:35:b9:95:24:a4:5d:7f:
                    07:f9:54:53:3a:a5:ea:74:40:7a:32:25:45:aa:db:
                    ad:9e:73:13:46:cb:09:e1:f2:d1:18:42:16:da:3c:
                    4b:a7:fc:97:fc:82:bf:7a:77:71:41:e9:dc:53:e7:
                    5c:b5:df:59:f1:41:d5:d4:64:69:e9:3d:bd:8c:9b:
                    20:7a:20:c1:54:8b:49:2b:86:9c:27:2f:ce:56:0f:
                    89:d5:f8:f8:7c:67:db:2f:6a:c6:15:7c:27:d3:a5:
                    30:a7:6e:b7:e2:6c:b3:5c:e7:24:7e:0d:26:3c:60:
                    71:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  200021

    Signature Algorithm: sha256WithRSAEncryption
         1d:7d:b1:ec:46:81:d3:e3:bc:d5:00:b4:aa:d8:49:f8:4a:80:
         33:df:cf:8d:cb:b9:e9:f9:bb:86:63:65:f9:73:79:a7:19:79:
         4e:b7:36:0f:da:b5:67:5f:2d:fa:91:5d:22:6d:30:a7:f9:57:
         9d:8c:2c:cf:1d:c4:ae:c1:a2:44:8f:48:7f:7b:30:17:66:53:
         7c:1f:af:28:19:75:81:5c:2c:d8:ba:ff:97:f6:8a:61:4a:f2:
         b6:51:d0:80:b2:3e:03:40:8f:4b:b4:ae:44:da:78:32:d0:c9:
         a7:70:1e:f5:6b:6f:3d:64:e9:14:81:24:db:66:6d:f7:78:b4:
         c5:13:26:04:34:0f:45:6a:69:21:5a:97:2b:86:76:87:cf:5f:
         55:c7:99:65:a9:2b:c1:da:2d:c7:a6:e3:f1:ee:82:65:75:69:
         42:31:00:ea:40:4a:68:0a:5f:f2:b4:fd:1b:89:e2:8f:a8:35:
         75:0a:49:45:fb:a7:82:3a:6d:e3:8b:18:ce:ae:a5:0a:d0:e7:
         5b:7f:5d:35:f6:a0:47:eb:70:3a:0f:3c:88:14:8e:d4:f4:0f:
         a9:57:32:37:9d:28:45:88:28:7a:6b:3c:ad:a1:a8:ac:d8:01:
         36:b3:08:e7:88:89:6a:f7:2c:b5:21:46:b9:04:38:7f:dc:1b:
         09:3c:64:94
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt7o5WSk4vj2Xk24o7K8YVOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMjIxNzU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGQyNTJhMmUzMTUzOGNkYTU4NTdiYWQwOTgzYzhiZGY1NThiMTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmrIqvRMiowpGiXitFRlNJC5g5I7
27774XUJlikNAmUzk5o/zvJJKOosZqQK5ioGyZHfJCJ9wXV/6EzTakP7yNUMgzMs
8fwx8f7jBVnN/T7B8YDWrjjEt0FWPcgcDy5mKPwksvbed6oV8Vaa4CQB45XrWDoo
baq0os91Pwcj6bGU76Bf0DctYk8QNmsCkzW5lSSkXX8H+VRTOqXqdEB6MiVFqtut
nnMTRssJ4fLRGEIW2jxLp/yX/IK/endxQencU+dctd9Z8UHV1GRp6T29jJsgeiDB
VItJK4acJy/OVg+J1fj4fGfbL2rGFXwn06Uwp2634myzXOckfg0mPGBxSwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFGDSUqLjFTjNpYV7rQmDyL31WLF7MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MyL2ExN2Rk
Zi05YmE2LTQzOTUtYWFlNi01NjZmNmNmNDMxYzAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzIvYTE3ZGRm
LTliYTYtNDM5NS1hYWU2LTU2NmY2Y2Y0MzFjMC8xL1lOSlNvdU1WT00ybGhYdXRD
WVBJdmZWWXNYcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMNVTANBgkqhkiG9w0BAQsFAAOCAQEAHX2x7EaB0+O8
1QC0qthJ+EqAM9/Pjcu56fm7hmNl+XN5pxl5Trc2D9q1Z18t+pFdIm0wp/lXnYws
zx3ErsGiRI9If3swF2ZTfB+vKBl1gVws2Lr/l/aKYUrytlHQgLI+A0CPS7SuRNp4
MtDJp3Ae9WtvPWTpFIEk22Zt93i0xRMmBDQPRWppIVqXK4Z2h89fVceZZakrwdot
x6bj8e6CZXVpQjEA6kBKaApf8rT9G4nij6g1dQpJRfungjpt44sYzq6lCtDnW39d
NfagR+twOg88iBSO1PQPqVcyN50oRYgoems8raGorNgBNrMI54iJavcstSFGuQQ4
f9wbCTxklA==
-----END CERTIFICATE-----