This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c-9b03Yu9g-njtVfVE-joFE_2EI.cer
File:                     c-9b03Yu9g-njtVfVE-joFE_2EI.cer (raw, json)
Hash identifier:          kcTILdpztPjAuPVolQrJGA+a4OJdMDK4rsVk2JQe0d0=
Subject key identifier:   73:EF:5B:D3:76:2E:F6:0F:A7:8E:D5:5F:54:4F:A3:A0:51:3F:D8:42
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B79EBC58397628262988CDFF0FCBED135
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/66/a13cbc-1db4-4b22-baf4-b546a2d208f2/1/c-9b03Yu9g-njtVfVE-joFE_2EI.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/66/a13cbc-1db4-4b22-baf4-b546a2d208f2/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 14:17:33 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 211387
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:eb:c5:83:97:62:82:62:98:8c:df:f0:fc:be:d1:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 14:17:33 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=73ef5bd3762ef60fa78ed55f544fa3a0513fd842
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:64:eb:ad:0d:48:3a:80:1a:bf:00:8a:32:1f:
                    b5:15:7b:5b:9e:28:98:42:4b:19:69:fe:b0:43:58:
                    ef:14:d7:1e:7a:1f:3c:7d:16:0a:db:54:68:1a:aa:
                    fc:f6:99:b4:52:84:0f:0f:5a:96:ef:98:f4:d2:30:
                    04:69:a0:f6:5c:7c:8c:fb:7f:db:ac:a1:23:34:26:
                    b3:0f:86:dd:d3:1a:9c:c1:f3:86:3d:a9:31:49:a0:
                    ef:47:d6:10:81:1b:a3:f6:22:81:1d:aa:58:0c:41:
                    79:04:71:de:88:51:19:37:d9:c3:31:0d:39:be:5c:
                    eb:55:3d:3b:db:a3:90:b9:aa:bc:27:e7:b5:70:01:
                    ba:fe:43:fd:67:fa:9b:e6:ee:1e:ae:d3:90:03:d3:
                    13:68:67:58:38:50:03:86:b7:c3:f2:96:82:27:1a:
                    4c:23:57:d9:18:bf:28:83:65:57:b8:93:72:b0:2a:
                    18:da:b4:44:45:c6:db:66:ae:f0:8b:75:fd:89:48:
                    78:87:17:e2:7e:64:7e:0a:a4:47:aa:0e:fa:a9:27:
                    44:01:22:b6:75:92:d2:48:dd:66:f4:eb:15:36:6c:
                    06:72:be:3f:3c:1a:cf:8e:d7:7f:bb:97:4b:70:50:
                    d1:df:83:95:17:89:0e:c4:a2:d3:a0:a6:fa:78:57:
                    82:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:EF:5B:D3:76:2E:F6:0F:A7:8E:D5:5F:54:4F:A3:A0:51:3F:D8:42
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/a13cbc-1db4-4b22-baf4-b546a2d208f2/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/a13cbc-1db4-4b22-baf4-b546a2d208f2/1/c-9b03Yu9g-njtVfVE-joFE_2EI.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  211387

    Signature Algorithm: sha256WithRSAEncryption
         0f:90:00:38:7e:a9:c5:e6:34:5b:4e:71:2e:90:e0:04:96:02:
         fa:d4:68:1e:26:bc:17:c4:fa:33:d4:ab:48:18:a0:21:3f:a3:
         49:8b:38:7c:82:23:b0:27:cd:be:04:9a:74:6d:3c:3a:09:aa:
         f7:5c:d6:46:82:17:cc:92:8b:08:b7:b6:01:69:f3:61:a3:2b:
         97:1b:3a:0a:90:fc:09:ea:70:d6:1c:5e:14:e8:84:46:d9:1d:
         eb:2f:54:cf:15:83:17:ec:a5:54:1b:8d:6a:fb:d2:ee:cb:8f:
         d6:ff:0f:57:42:6a:d0:73:6d:fa:bb:a2:c4:1b:a9:f1:3c:67:
         25:0e:1c:87:4c:79:ce:99:a4:8f:56:af:00:ac:d6:2b:6e:5f:
         37:34:90:7a:40:94:35:4b:ad:7f:67:f1:af:05:62:27:45:88:
         09:9f:03:9b:32:2b:b4:7f:91:bc:31:26:18:d1:5c:3e:ff:b4:
         eb:34:b3:79:ae:19:29:2b:5a:c3:f9:b1:a8:73:d7:90:8a:0b:
         77:8c:2b:a5:68:f6:56:3c:3c:9b:a1:94:66:7e:f5:b6:b6:29:
         c6:95:69:99:7e:ad:5e:ac:21:eb:74:c5:31:46:16:63:b0:37:
         1e:27:f8:ef:60:0b:96:63:22:28:4c:ee:9e:07:c4:11:da:e0:
         5e:f2:a6:d7
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt568WDl2KCYpiM3/D8vtE1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMTQxNzMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2VmNWJkMzc2MmVmNjBmYTc4ZWQ1NWY1NDRmYTNhMDUxM2ZkODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mTrrQ1IOoAavwCKMh+1FXtbniiY
QksZaf6wQ1jvFNceeh88fRYK21RoGqr89pm0UoQPD1qW75j00jAEaaD2XHyM+3/b
rKEjNCazD4bd0xqcwfOGPakxSaDvR9YQgRuj9iKBHapYDEF5BHHeiFEZN9nDMQ05
vlzrVT0726OQuaq8J+e1cAG6/kP9Z/qb5u4ertOQA9MTaGdYOFADhrfD8paCJxpM
I1fZGL8og2VXuJNysCoY2rRERcbbZq7wi3X9iUh4hxfifmR+CqRHqg76qSdEASK2
dZLSSN1m9OsVNmwGcr4/PBrPjtd/u5dLcFDR34OVF4kOxKLToKb6eFeCzwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFHPvW9N2LvYPp47VX1RPo6BRP9hCMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY2L2ExM2Ni
Yy0xZGI0LTRiMjItYmFmNC1iNTQ2YTJkMjA4ZjIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYvYTEzY2Jj
LTFkYjQtNGIyMi1iYWY0LWI1NDZhMmQyMDhmMi8xL2MtOWIwM1l1OWctbmp0VmZW
RS1qb0ZFXzJFSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwM5uzANBgkqhkiG9w0BAQsFAAOCAQEAD5AAOH6pxeY0
W05xLpDgBJYC+tRoHia8F8T6M9SrSBigIT+jSYs4fIIjsCfNvgSadG08Ogmq91zW
RoIXzJKLCLe2AWnzYaMrlxs6CpD8Cepw1hxeFOiERtkd6y9UzxWDF+ylVBuNavvS
7suP1v8PV0Jq0HNt+ruixBup8TxnJQ4ch0x5zpmkj1avAKzWK25fNzSQekCUNUut
f2fxrwViJ0WICZ8DmzIrtH+RvDEmGNFcPv+06zSzea4ZKStaw/mxqHPXkIoLd4wr
pWj2Vjw8m6GUZn71trYpxpVpmX6tXqwh63TFMUYWY7A3Hif472ALlmMiKEzungfE
EdrgXvKm1w==
-----END CERTIFICATE-----