This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/adA-sSuz_i5OlkUcnMPvjunTtfU.cer
File:                     adA-sSuz_i5OlkUcnMPvjunTtfU.cer (raw, json)
Hash identifier:          C0WLsjMFH9ESFno+taSh0P5VpZ65Nu8ka5prwc9RCkg=
Subject key identifier:   69:D0:3E:B1:2B:B3:FE:2E:4E:96:45:1C:9C:C3:EF:8E:E9:D3:B5:F5
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7F855575EEE6777EA862E5CC7A026BE7
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/6c/829bc6-ee1c-45a3-bcdd-057cee05e0e3/1/adA-sSuz_i5OlkUcnMPvjunTtfU.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/6c/829bc6-ee1c-45a3-bcdd-057cee05e0e3/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 02 Jan 2026 16:23:23 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 21439
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:85:55:75:ee:e6:77:7e:a8:62:e5:cc:7a:02:6b:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 16:23:23 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=69d03eb12bb3fe2e4e96451c9cc3ef8ee9d3b5f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:9a:f6:86:2a:b0:3c:b9:91:f9:d7:08:2e:8c:
                    ff:e6:47:84:29:bd:af:7e:e4:92:17:25:9f:a6:a6:
                    4e:3b:76:11:c0:dc:f4:3f:84:5d:fe:3a:1d:1c:23:
                    21:92:5f:50:79:4d:8e:b3:d6:b5:29:e8:1b:f6:8e:
                    57:78:10:3f:db:1f:f8:2b:65:d0:3b:d4:1c:14:1d:
                    8a:40:ec:4c:c7:c9:bc:36:f9:bb:1b:f3:75:6c:1e:
                    c3:91:ab:4e:45:fc:fb:86:9e:a4:4e:9f:12:61:bd:
                    3c:db:d3:38:3f:95:5a:2a:b8:2a:01:72:ce:70:a4:
                    41:f4:bb:8e:8f:f6:5f:a8:9c:e3:95:80:40:cf:ab:
                    c6:67:08:6e:4f:65:89:36:07:94:06:88:35:b8:f1:
                    35:a9:4a:9e:88:7b:d2:8c:cb:4c:38:36:c5:55:c1:
                    95:56:03:1e:3d:0c:cf:d3:df:95:05:a1:0b:85:3e:
                    1d:4a:37:87:f0:70:c8:51:d4:6d:d6:0a:73:29:70:
                    10:dc:83:d4:d7:00:19:70:bd:a5:8c:6a:6a:83:db:
                    fb:05:3c:43:7a:87:cb:f9:32:b4:0e:78:d1:8c:5d:
                    46:a0:5e:07:94:8e:5f:25:50:97:7f:d5:77:d2:d7:
                    62:ab:a5:4c:c1:d1:68:b8:83:a7:ed:97:11:44:b8:
                    ab:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:D0:3E:B1:2B:B3:FE:2E:4E:96:45:1C:9C:C3:EF:8E:E9:D3:B5:F5
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/829bc6-ee1c-45a3-bcdd-057cee05e0e3/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/829bc6-ee1c-45a3-bcdd-057cee05e0e3/1/adA-sSuz_i5OlkUcnMPvjunTtfU.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  21439

    Signature Algorithm: sha256WithRSAEncryption
         65:fc:69:30:2e:8d:c2:0e:ce:23:45:b0:60:45:e4:d1:e5:df:
         dd:e6:ae:5c:e8:37:8b:53:f4:0f:91:f3:ff:5d:81:a3:77:25:
         e0:88:57:ad:40:cc:87:e3:df:ee:7b:28:25:3b:78:14:6d:f8:
         6c:71:66:c7:06:25:4a:ce:15:71:55:9c:92:24:57:0a:c5:b2:
         af:8f:c2:19:04:8a:35:cf:9f:2b:b7:ce:a4:6f:ad:cb:d7:d9:
         dd:da:a5:92:ea:27:55:32:6f:7c:89:05:ed:10:e6:9b:51:d0:
         30:b5:ed:5a:6d:bb:ef:1c:85:d3:dd:e7:13:c8:3c:97:d1:24:
         2e:77:5b:c1:f5:df:e5:9a:df:7b:87:a8:a1:10:e6:a6:d1:7a:
         9e:05:49:23:9b:33:99:b3:5a:d6:7f:5d:9b:bd:b6:00:d2:b1:
         09:01:07:f5:bf:3f:db:b3:c6:63:0d:a8:0e:6a:c8:ca:83:82:
         b2:c4:ef:4e:c2:0a:bf:83:90:3a:e6:f3:a5:99:fa:3f:9e:02:
         2a:40:f6:66:02:20:19:61:e1:86:1c:a0:01:15:33:64:34:fe:
         5a:0d:2c:b0:9a:e3:40:51:90:0e:2b:af:d9:ce:33:79:b3:7e:
         18:0c:36:9b:59:26:f3:36:4b:a2:4c:98:8b:65:9d:0e:6e:73:
         ab:6f:89:30
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZt/hVV17uZ3fqhi5cx6AmvnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMTYyMzIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWQwM2ViMTJiYjNmZTJlNGU5NjQ1MWM5Y2MzZWY4ZWU5ZDNiNWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpr2hiqwPLmR+dcILoz/5keEKb2v
fuSSFyWfpqZOO3YRwNz0P4Rd/jodHCMhkl9QeU2Os9a1Kegb9o5XeBA/2x/4K2XQ
O9QcFB2KQOxMx8m8Nvm7G/N1bB7DkatORfz7hp6kTp8SYb0829M4P5VaKrgqAXLO
cKRB9LuOj/ZfqJzjlYBAz6vGZwhuT2WJNgeUBog1uPE1qUqeiHvSjMtMODbFVcGV
VgMePQzP09+VBaELhT4dSjeH8HDIUdRt1gpzKXAQ3IPU1wAZcL2ljGpqg9v7BTxD
eofL+TK0DnjRjF1GoF4HlI5fJVCXf9V30tdiq6VMwdFouIOn7ZcRRLirJQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFGnQPrErs/4uTpZFHJzD747p07X1MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZjLzgyOWJj
Ni1lZTFjLTQ1YTMtYmNkZC0wNTdjZWUwNWUwZTMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmMvODI5YmM2
LWVlMWMtNDVhMy1iY2RkLTA1N2NlZTA1ZTBlMy8xL2FkQS1zU3V6X2k1T2xrVWNu
TVB2anVuVHRmVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBkGCCsGAQUF
BwEIAQH/BAowCKAGMAQCAlO/MA0GCSqGSIb3DQEBCwUAA4IBAQBl/GkwLo3CDs4j
RbBgReTR5d/d5q5c6DeLU/QPkfP/XYGjdyXgiFetQMyH49/ueyglO3gUbfhscWbH
BiVKzhVxVZySJFcKxbKvj8IZBIo1z58rt86kb63L19nd2qWS6idVMm98iQXtEOab
UdAwte1abbvvHIXT3ecTyDyX0SQud1vB9d/lmt97h6ihEOam0XqeBUkjmzOZs1rW
f12bvbYA0rEJAQf1vz/bs8ZjDagOasjKg4KyxO9Owgq/g5A65vOlmfo/ngIqQPZm
AiAZYeGGHKABFTNkNP5aDSywmuNAUZAOK6/ZzjN5s34YDDabWSbzNkuiTJiLZZ0O
bnOrb4kw
-----END CERTIFICATE-----