This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ZNQFTRtiFYuDNaIBnwVIs4cqNEM.cer
File:                     ZNQFTRtiFYuDNaIBnwVIs4cqNEM.cer (raw, json)
Hash identifier:          2o+d1DOdRLdlFBWJAcGXh4VpZ7eWS9SQOScce9ewxXY=
Subject key identifier:   64:D4:05:4D:1B:62:15:8B:83:35:A2:01:9F:05:48:B3:87:2A:34:43
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019C0024E65BC0DE1FAA296D9339C903931D
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/87/200d4e-7528-4f5e-b365-6b4852570b8a/1/ZNQFTRtiFYuDNaIBnwVIs4cqNEM.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/87/200d4e-7528-4f5e-b365-6b4852570b8a/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Tue 27 Jan 2026 15:49:04 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 204464
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Feb 2026 21:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:00:24:e6:5b:c0:de:1f:aa:29:6d:93:39:c9:03:93:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan 27 15:49:04 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=64d4054d1b62158b8335a2019f0548b3872a3443
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:c7:b1:cf:fb:b3:93:37:60:f8:14:c3:d4:05:
                    1d:82:65:5a:9c:60:96:2a:e1:25:22:83:94:b2:0a:
                    9f:bb:c3:44:0b:01:99:94:82:69:8a:4b:70:f1:ea:
                    2e:9e:1f:3f:65:57:a9:b9:d4:a4:7e:13:b8:25:5f:
                    15:a6:fa:12:08:e7:2f:62:33:f9:c6:07:27:46:49:
                    c7:dc:c6:2c:db:24:ae:57:54:74:05:cf:d9:13:ad:
                    48:f3:f5:26:98:15:92:79:fe:a8:af:60:45:39:41:
                    60:e6:5d:95:3d:67:fa:b7:80:da:51:a6:53:f7:9d:
                    0b:04:9b:d6:0e:5f:f2:ef:81:d4:c6:40:e1:6a:4a:
                    8f:db:f9:64:4a:e3:8b:d4:8a:58:40:92:ee:57:f4:
                    74:0b:80:7b:d1:86:db:26:33:d4:c2:8d:b1:92:7f:
                    ac:ba:84:09:e2:a2:de:03:ba:df:20:e2:01:68:42:
                    08:66:bd:e8:73:8d:f6:24:d9:39:c8:31:ef:50:59:
                    5d:9b:c4:91:c8:4a:e4:4d:01:60:6f:a8:72:f3:b5:
                    4b:48:d6:3d:57:14:24:da:aa:2c:24:97:16:6f:80:
                    ff:27:45:28:5e:61:9c:5b:61:c6:fa:d9:47:40:bd:
                    b2:bc:74:04:aa:5b:38:b0:b4:af:2b:c5:f5:96:1a:
                    ad:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:D4:05:4D:1B:62:15:8B:83:35:A2:01:9F:05:48:B3:87:2A:34:43
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/200d4e-7528-4f5e-b365-6b4852570b8a/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/200d4e-7528-4f5e-b365-6b4852570b8a/1/ZNQFTRtiFYuDNaIBnwVIs4cqNEM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  204464

    Signature Algorithm: sha256WithRSAEncryption
         54:1d:60:5c:9f:14:28:88:8a:9a:1f:16:f5:9e:0c:25:ef:84:
         a7:b0:51:59:79:54:60:e5:10:20:b4:d3:f0:2d:4c:be:ff:55:
         36:25:22:ec:b1:d5:ed:cb:51:cf:4e:98:18:fb:e7:97:21:07:
         c1:1a:22:58:33:d3:b2:52:a7:ab:06:b8:48:87:24:23:c6:3c:
         57:e9:14:36:07:4f:1b:3a:89:dd:c6:3d:8d:75:3a:c1:9c:7b:
         49:3f:ad:b1:a1:bf:92:0a:7b:34:a8:69:37:6a:47:de:65:eb:
         8d:5d:47:c1:88:f3:a0:75:37:dd:54:aa:09:40:27:84:e0:55:
         fd:22:3c:ae:25:a2:b5:fa:6e:96:9a:78:f3:e7:db:43:47:30:
         b2:28:a9:81:d8:28:5f:a7:9f:e7:14:2d:d8:7e:41:24:44:76:
         2d:7a:0a:9f:79:2a:87:ee:c6:0c:4b:5f:c2:7a:11:42:ce:8e:
         e4:19:af:bc:b9:40:04:cc:35:f8:b4:b6:15:c8:3b:50:ec:86:
         4b:d3:6e:2c:a0:b3:90:aa:1c:69:1e:ec:d4:ed:7c:4f:fc:c9:
         e5:b1:36:e1:49:1a:67:84:94:2d:1c:1e:b4:23:ca:4d:89:c0:
         60:d0:83:06:32:9f:c5:04:bb:ce:15:c4:5e:6b:84:f0:cd:3d:
         65:39:93:83
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZwAJOZbwN4fqiltkznJA5MdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTI3MTU0OTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGQ0MDU0ZDFiNjIxNThiODMzNWEyMDE5ZjA1NDhiMzg3MmEzNDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28exz/uzkzdg+BTD1AUdgmVanGCW
KuElIoOUsgqfu8NECwGZlIJpiktw8eounh8/ZVepudSkfhO4JV8VpvoSCOcvYjP5
xgcnRknH3MYs2ySuV1R0Bc/ZE61I8/UmmBWSef6or2BFOUFg5l2VPWf6t4DaUaZT
950LBJvWDl/y74HUxkDhakqP2/lkSuOL1IpYQJLuV/R0C4B70YbbJjPUwo2xkn+s
uoQJ4qLeA7rfIOIBaEIIZr3oc432JNk5yDHvUFldm8SRyErkTQFgb6hy87VLSNY9
VxQk2qosJJcWb4D/J0UoXmGcW2HG+tlHQL2yvHQEqls4sLSvK8X1lhqtewIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFGTUBU0bYhWLgzWiAZ8FSLOHKjRDMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg3LzIwMGQ0
ZS03NTI4LTRmNWUtYjM2NS02YjQ4NTI1NzBiOGEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcvMjAwZDRl
LTc1MjgtNGY1ZS1iMzY1LTZiNDg1MjU3MGI4YS8xL1pOUUZUUnRpRll1RE5hSUJu
d1ZJczRjcU5FTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMesDANBgkqhkiG9w0BAQsFAAOCAQEAVB1gXJ8UKIiK
mh8W9Z4MJe+Ep7BRWXlUYOUQILTT8C1Mvv9VNiUi7LHV7ctRz06YGPvnlyEHwRoi
WDPTslKnqwa4SIckI8Y8V+kUNgdPGzqJ3cY9jXU6wZx7ST+tsaG/kgp7NKhpN2pH
3mXrjV1HwYjzoHU33VSqCUAnhOBV/SI8riWitfpulpp48+fbQ0cwsiipgdgoX6ef
5xQt2H5BJER2LXoKn3kqh+7GDEtfwnoRQs6O5BmvvLlABMw1+LS2Fcg7UOyGS9Nu
LKCzkKocaR7s1O18T/zJ5bE24UkaZ4SULRwetCPKTYnAYNCDBjKfxQS7zhXEXmuE
8M09ZTmTgw==
-----END CERTIFICATE-----