This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1eSq4t1mqdzA42SB3qZvPjYGqA.cer
File:                     b1eSq4t1mqdzA42SB3qZvPjYGqA.cer (raw, json)
Hash identifier:          itfthy2cfkT7bdBf62mlmXk/p9JjrkFpwcnHjO++j/g=
Subject key identifier:   6F:57:92:AB:8B:75:9A:A7:73:03:8D:92:07:7A:99:BC:F8:D8:1A:A0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7835441272D7C75BBCE070C270944104
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/56/7f9978-1fe4-4b99-8143-5d1b1ecb99bf/1/b1eSq4t1mqdzA42SB3qZvPjYGqA.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/56/7f9978-1fe4-4b99-8143-5d1b1ecb99bf/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 06:18:35 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    IP: 193.22.173.0/24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 06:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:78:35:44:12:72:d7:c7:5b:bc:e0:70:c2:70:94:41:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 06:18:35 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=6f5792ab8b759aa773038d92077a99bcf8d81aa0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:12:62:23:8b:36:fa:5b:ad:4b:15:8f:f4:d2:
                    98:9e:b6:b4:5a:7d:e5:d6:2b:d2:05:f4:3a:f9:6b:
                    4b:29:2b:d0:56:6e:60:7e:b5:0c:59:6e:6a:9a:e1:
                    fa:a4:a6:1c:fb:81:e0:9a:50:a3:5d:c1:82:04:65:
                    bf:5e:62:90:23:20:26:5e:1d:47:74:56:dd:d6:3f:
                    b8:f6:07:b6:71:b6:d2:cc:88:28:ab:15:bf:02:c6:
                    0d:a0:46:c1:5c:f4:78:d8:14:d0:bb:e0:93:70:f9:
                    26:7a:e1:e9:d6:0d:36:42:9f:0d:e0:77:0c:1c:2d:
                    15:6f:1b:a0:7e:35:f8:95:0d:69:a0:b6:4b:43:6e:
                    00:a9:eb:3e:b3:df:29:5f:cf:b3:16:5b:e8:be:69:
                    49:bf:4b:05:50:13:22:63:93:c8:29:af:14:d4:22:
                    97:f3:7d:e3:09:a2:cc:78:b9:ec:f7:99:a5:36:03:
                    44:eb:af:72:59:70:b4:47:b3:c6:03:48:f7:61:1b:
                    c6:8b:24:d4:b1:ca:b8:9f:aa:12:92:18:e0:50:9a:
                    2a:14:a4:f5:63:a6:76:d0:eb:96:3c:bc:8f:22:ba:
                    74:1e:db:f0:94:1f:a4:5a:f5:5d:5b:e5:e6:53:b2:
                    b2:61:89:75:ac:d3:80:92:09:63:23:de:12:11:55:
                    76:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:57:92:AB:8B:75:9A:A7:73:03:8D:92:07:7A:99:BC:F8:D8:1A:A0
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/7f9978-1fe4-4b99-8143-5d1b1ecb99bf/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/7f9978-1fe4-4b99-8143-5d1b1ecb99bf/1/b1eSq4t1mqdzA42SB3qZvPjYGqA.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.22.173.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:6b:5a:c1:3e:75:c5:0b:9e:2b:a7:6e:36:b5:c4:fa:11:44:
         ce:cf:f2:0e:52:b9:8e:33:91:68:e7:ce:47:a8:98:da:1c:fd:
         92:7e:66:45:9d:6c:70:76:2d:f7:27:0c:54:96:ab:93:e2:47:
         5c:9d:a1:37:95:b9:d0:d6:38:29:22:e1:22:92:d1:db:4b:00:
         80:f3:96:01:12:3e:de:22:e7:c0:b2:6e:a2:9b:b4:79:b7:5e:
         ea:17:05:57:e6:85:de:e5:a0:a0:cb:17:30:2e:68:37:06:2b:
         c8:06:c7:6c:b9:ed:4a:81:17:ed:c6:a6:e8:42:37:03:66:44:
         9d:73:c0:7d:f5:5b:37:1a:a6:e0:37:94:ad:fa:d5:df:f3:a5:
         e8:a8:4e:16:dc:4b:c7:26:62:07:d9:65:14:9b:a6:68:ca:e0:
         8f:b3:b6:3d:63:15:28:33:d2:52:e2:02:63:79:de:a5:9a:3a:
         62:dc:c5:21:69:4c:92:c4:ff:63:d9:42:24:4c:8a:49:35:cc:
         54:b3:27:46:92:47:b1:22:4c:0c:0c:69:f1:2f:41:44:e9:9d:
         b5:eb:f1:2c:28:89:5f:72:b6:11:5c:f1:05:39:99:ff:1b:28:
         94:3c:2f:bc:66:40:d3:97:61:29:df:05:98:bb:82:dd:81:4f:
         7c:7d:06:73
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZt4NUQSctfHW7zgcMJwlEEEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMDYxODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjU3OTJhYjhiNzU5YWE3NzMwMzhkOTIwNzdhOTliY2Y4ZDgxYWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxJiI4s2+lutSxWP9NKYnra0Wn3l
1ivSBfQ6+WtLKSvQVm5gfrUMWW5qmuH6pKYc+4HgmlCjXcGCBGW/XmKQIyAmXh1H
dFbd1j+49ge2cbbSzIgoqxW/AsYNoEbBXPR42BTQu+CTcPkmeuHp1g02Qp8N4HcM
HC0VbxugfjX4lQ1poLZLQ24Aqes+s98pX8+zFlvovmlJv0sFUBMiY5PIKa8U1CKX
833jCaLMeLns95mlNgNE669yWXC0R7PGA0j3YRvGiyTUscq4n6oSkhjgUJoqFKT1
Y6Z20OuWPLyPIrp0HtvwlB+kWvVdW+XmU7KyYYl1rNOAkgljI94SEVV2VwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFG9XkquLdZqncwONkgd6mbz42BqgMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU2LzdmOTk3
OC0xZmU0LTRiOTktODE0My01ZDFiMWVjYjk5YmYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTYvN2Y5OTc4
LTFmZTQtNGI5OS04MTQzLTVkMWIxZWNiOTliZi8xL2IxZVNxNHQxbXFkekE0MlNC
M3FadlBqWUdxQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwRatMA0GCSqGSIb3DQEBCwUAA4IBAQBWa1rB
PnXFC54rp242tcT6EUTOz/IOUrmOM5Fo585HqJjaHP2SfmZFnWxwdi33JwxUlquT
4kdcnaE3lbnQ1jgpIuEiktHbSwCA85YBEj7eIufAsm6im7R5t17qFwVX5oXe5aCg
yxcwLmg3BivIBsdsue1KgRftxqboQjcDZkSdc8B99Vs3GqbgN5St+tXf86XoqE4W
3EvHJmIH2WUUm6ZoyuCPs7Y9YxUoM9JS4gJjed6lmjpi3MUhaUySxP9j2UIkTIpJ
NcxUsydGkkexIkwMDGnxL0FE6Z216/EsKIlfcrYRXPEFOZn/GyiUPC+8ZkDTl2Ep
3wWYu4LdgU98fQZz
-----END CERTIFICATE-----