This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/deEJHTju5ZeWM68nco7pUjGv9tM.cer
File:                     deEJHTju5ZeWM68nco7pUjGv9tM.cer (raw, json)
Hash identifier:          eSHL0zheSeakSO6fKkGwonz5/n4ayGJLSQQwaByhJzs=
Subject key identifier:   75:E1:09:1D:38:EE:E5:97:96:33:AF:27:72:8E:E9:52:31:AF:F6:D3
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7C804CA660FE16EA7F345862D3B3400E
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/84/fbce4a-b6a2-44e5-83fa-0d671d470078/1/deEJHTju5ZeWM68nco7pUjGv9tM.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/84/fbce4a-b6a2-44e5-83fa-0d671d470078/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 02 Jan 2026 02:19:01 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 214456
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 14:10:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:80:4c:a6:60:fe:16:ea:7f:34:58:62:d3:b3:40:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 02:19:01 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=75e1091d38eee5979633af27728ee95231aff6d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:36:30:b1:ab:6e:46:0d:92:f6:fa:40:8d:41:
                    92:10:d0:10:7c:e4:d4:9a:76:c5:e7:fc:f2:17:6c:
                    2f:8e:3f:d3:86:82:27:02:e5:69:88:71:ba:72:cc:
                    15:4d:d9:30:46:54:0d:66:1c:bd:93:13:83:03:53:
                    69:0f:a7:6d:34:cd:99:50:d5:3b:36:f9:c2:39:2e:
                    90:f9:98:1c:e8:eb:15:62:a8:9f:ab:9e:0f:ac:19:
                    f7:f9:90:5f:a8:33:8f:2a:53:28:e0:a3:f2:10:53:
                    9b:53:9a:95:2a:4e:2b:4c:67:4b:18:a3:76:f5:d4:
                    a4:a3:70:25:13:57:53:86:57:69:51:5f:b3:8f:41:
                    ed:42:40:00:6e:ed:72:b1:e1:3f:84:cd:e2:75:2e:
                    ef:5d:d0:b0:82:73:2c:e4:df:be:07:69:ae:2a:81:
                    65:62:92:51:68:9c:f7:13:f3:f1:9a:25:8e:83:51:
                    2b:6b:c7:c7:fb:44:16:81:eb:c0:c6:a2:95:e1:eb:
                    cd:18:e2:c2:80:93:0f:ec:b4:a5:8d:f9:ad:ad:f6:
                    3b:f4:82:6f:76:6a:89:eb:76:fa:10:c9:cf:d0:4f:
                    2a:95:4a:49:6a:48:0b:50:07:72:60:5a:25:86:a7:
                    91:9a:2d:da:53:f7:14:78:2c:10:e9:d8:88:9e:d0:
                    fd:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:E1:09:1D:38:EE:E5:97:96:33:AF:27:72:8E:E9:52:31:AF:F6:D3
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/fbce4a-b6a2-44e5-83fa-0d671d470078/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/fbce4a-b6a2-44e5-83fa-0d671d470078/1/deEJHTju5ZeWM68nco7pUjGv9tM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  214456

    Signature Algorithm: sha256WithRSAEncryption
         8a:85:63:3c:de:cf:3c:a1:75:d0:34:4c:3f:99:6a:10:dd:b4:
         11:f3:7e:e7:cc:bd:06:8e:0e:7c:f8:43:ff:d7:d9:f0:c2:58:
         7c:12:72:50:a6:a7:ae:46:52:3e:8f:5a:63:a2:93:71:5a:1d:
         d7:7e:c5:4f:2a:f1:d2:2a:a8:79:a8:e9:6e:3a:6a:c0:95:63:
         1c:8a:27:09:33:b7:7b:4e:d6:99:34:0e:46:c3:8a:c1:4c:c4:
         37:4e:01:0c:56:07:02:55:ce:73:c1:34:d4:cf:e2:3b:9b:5b:
         23:79:4e:fe:64:16:cb:1e:4e:f0:f3:2f:03:fc:40:00:0c:92:
         8a:fa:a7:94:e9:89:d4:fb:9a:a8:59:15:27:32:78:fd:b9:ae:
         43:98:cb:cd:ae:b4:71:58:e8:26:f7:07:84:ec:e0:74:db:3f:
         87:72:32:90:39:a3:c4:da:8d:57:dc:a9:61:1a:50:bf:33:18:
         31:f7:d5:6c:3e:74:cf:bd:7c:36:3a:c3:bd:56:46:fe:cc:98:
         4e:88:0b:33:91:f1:15:7f:47:00:51:39:8e:c3:d3:11:ce:5f:
         25:db:be:11:c8:57:20:e8:fc:54:75:ad:ee:e7:2a:aa:0a:a7:
         ba:36:1d:cf:6e:61:30:b8:db:95:ce:9f:60:f9:d1:0c:d9:ce:
         0c:e5:d5:c0
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt8gEymYP4W6n80WGLTs0AOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMDIxOTAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWUxMDkxZDM4ZWVlNTk3OTYzM2FmMjc3MjhlZTk1MjMxYWZmNmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojYwsatuRg2S9vpAjUGSENAQfOTU
mnbF5/zyF2wvjj/ThoInAuVpiHG6cswVTdkwRlQNZhy9kxODA1NpD6dtNM2ZUNU7
NvnCOS6Q+Zgc6OsVYqifq54PrBn3+ZBfqDOPKlMo4KPyEFObU5qVKk4rTGdLGKN2
9dSko3AlE1dThldpUV+zj0HtQkAAbu1yseE/hM3idS7vXdCwgnMs5N++B2muKoFl
YpJRaJz3E/PxmiWOg1Era8fH+0QWgevAxqKV4evNGOLCgJMP7LSljfmtrfY79IJv
dmqJ63b6EMnP0E8qlUpJakgLUAdyYFolhqeRmi3aU/cUeCwQ6diIntD9JwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFHXhCR047uWXljOvJ3KO6VIxr/bTMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg0L2ZiY2U0
YS1iNmEyLTQ0ZTUtODNmYS0wZDY3MWQ0NzAwNzgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODQvZmJjZTRh
LWI2YTItNDRlNS04M2ZhLTBkNjcxZDQ3MDA3OC8xL2RlRUpIVGp1NVplV002OG5j
bzdwVWpHdjl0TS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNFuDANBgkqhkiG9w0BAQsFAAOCAQEAioVjPN7PPKF1
0DRMP5lqEN20EfN+58y9Bo4OfPhD/9fZ8MJYfBJyUKanrkZSPo9aY6KTcVod137F
Tyrx0iqoeajpbjpqwJVjHIonCTO3e07WmTQORsOKwUzEN04BDFYHAlXOc8E01M/i
O5tbI3lO/mQWyx5O8PMvA/xAAAySivqnlOmJ1PuaqFkVJzJ4/bmuQ5jLza60cVjo
JvcHhOzgdNs/h3IykDmjxNqNV9ypYRpQvzMYMffVbD50z718NjrDvVZG/syYTogL
M5HxFX9HAFE5jsPTEc5fJdu+EchXIOj8VHWt7ucqqgqnujYdz25hMLjblc6fYPnR
DNnODOXVwA==
-----END CERTIFICATE-----