This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eRmmrv08qPUPyPNKs9FHklbbnXg.cer
File:                     eRmmrv08qPUPyPNKs9FHklbbnXg.cer (raw, json)
Hash identifier:          p/RC53sPyp57dYAsmlvj4ZBg5wo8fC/XgTPfkmeRefs=
Subject key identifier:   79:19:A6:AE:FD:3C:A8:F5:0F:C8:F3:4A:B3:D1:47:92:56:DB:9D:78
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7EA5198B54601B16F96E285B5B96A5AE
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/60/150a36-e59e-48da-ac60-911e83904ca1/1/eRmmrv08qPUPyPNKs9FHklbbnXg.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/60/150a36-e59e-48da-ac60-911e83904ca1/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 02 Jan 2026 12:18:27 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    IP: 2001:67c:1554::/48
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 06:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:a5:19:8b:54:60:1b:16:f9:6e:28:5b:5b:96:a5:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 12:18:27 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=7919a6aefd3ca8f50fc8f34ab3d1479256db9d78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:ca:5c:c4:ef:6c:2f:4e:b4:a4:b6:77:c9:d0:
                    b2:30:ef:0d:bd:87:e3:3b:ce:3c:34:0a:b4:a1:8d:
                    5d:63:c4:87:98:1b:aa:ec:5c:6c:43:ec:49:db:bf:
                    5d:13:89:3f:77:4a:59:53:db:cd:65:0b:6c:8c:54:
                    64:c4:ab:cf:e0:07:8d:cc:06:16:67:a3:45:c1:b3:
                    c7:9e:e7:a4:7b:e1:ff:63:2c:9c:0d:49:92:5b:43:
                    50:74:48:a9:8f:55:f9:4d:41:a3:8d:a4:9d:4f:32:
                    4b:70:b9:f9:82:5e:7a:8d:24:e3:f2:ec:3e:b7:34:
                    d7:58:e4:90:01:f8:21:39:bb:74:46:95:3a:b6:df:
                    93:b3:eb:13:58:2d:a6:1f:5f:e5:83:15:51:aa:e0:
                    a6:88:ab:b9:ee:6d:66:52:15:fc:ec:d4:fc:69:7c:
                    37:99:a6:4c:92:22:32:86:5f:3f:5b:80:39:64:28:
                    3a:f9:82:3b:e5:71:0e:82:bf:50:e0:df:e8:ae:0a:
                    85:58:3c:39:a0:ce:8d:46:d5:c9:67:4f:89:64:af:
                    2c:a5:f9:03:59:e0:1a:b3:fb:78:4e:e4:00:d8:02:
                    39:bf:87:59:6e:d6:de:9c:53:b7:01:70:ac:de:a9:
                    0d:d3:88:a7:56:6f:e8:4e:f3:64:ea:b0:84:f4:b6:
                    a2:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:19:A6:AE:FD:3C:A8:F5:0F:C8:F3:4A:B3:D1:47:92:56:DB:9D:78
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/150a36-e59e-48da-ac60-911e83904ca1/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/150a36-e59e-48da-ac60-911e83904ca1/1/eRmmrv08qPUPyPNKs9FHklbbnXg.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:1554::/48

    Signature Algorithm: sha256WithRSAEncryption
         28:e2:33:60:a6:63:0f:20:b7:06:92:c9:8d:fa:44:7f:a1:de:
         5a:f7:9a:7b:5f:eb:1a:0c:d8:32:7c:32:82:3b:95:ad:37:1d:
         03:23:6f:39:5b:2e:92:c1:6d:68:ae:a7:c6:f6:60:2e:b6:5b:
         28:54:b3:6a:b8:5a:86:8d:d8:b8:07:5f:11:79:ca:42:5c:f1:
         0f:6d:50:cd:14:08:31:57:7c:35:3f:be:d7:cc:3e:04:e1:a5:
         72:6e:61:72:7e:fe:77:65:da:10:0b:b3:ca:b9:64:1f:dd:ce:
         31:4c:9b:7a:ff:ed:3a:d5:8e:e2:d1:5c:09:63:c8:f9:e1:69:
         00:54:e2:db:3d:8a:00:5c:35:ae:dd:33:4e:f4:f0:45:d6:b8:
         3c:82:43:98:6c:7f:99:bf:ed:db:bd:65:0e:51:ad:94:03:d8:
         96:64:ca:f8:1f:8c:79:0f:b9:41:d0:02:92:7f:0b:56:c4:fb:
         3d:b4:41:92:14:6e:dd:39:22:f0:f2:6f:96:f7:85:22:4b:a5:
         de:38:f0:2c:62:3c:67:85:8b:66:19:b5:12:ba:03:5d:e5:e5:
         a3:ec:f8:45:48:9e:6f:c0:12:67:7e:36:79:5c:f9:10:ad:ad:
         ef:98:87:ee:18:a2:02:08:a0:83:95:30:af:66:e0:89:07:80:
         35:cd:57:d7
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAZt+pRmLVGAbFvluKFtblqWuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMTIxODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTE5YTZhZWZkM2NhOGY1MGZjOGYzNGFiM2QxNDc5MjU2ZGI5ZDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMpcxO9sL060pLZ3ydCyMO8NvYfj
O848NAq0oY1dY8SHmBuq7FxsQ+xJ279dE4k/d0pZU9vNZQtsjFRkxKvP4AeNzAYW
Z6NFwbPHnueke+H/YyycDUmSW0NQdEipj1X5TUGjjaSdTzJLcLn5gl56jSTj8uw+
tzTXWOSQAfghObt0RpU6tt+Ts+sTWC2mH1/lgxVRquCmiKu57m1mUhX87NT8aXw3
maZMkiIyhl8/W4A5ZCg6+YI75XEOgr9Q4N/orgqFWDw5oM6NRtXJZ0+JZK8spfkD
WeAas/t4TuQA2AI5v4dZbtbenFO3AXCs3qkN04inVm/oTvNk6rCE9Lai/QIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFHkZpq79PKj1D8jzSrPRR5JW2514MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYwLzE1MGEz
Ni1lNTllLTQ4ZGEtYWM2MC05MTFlODM5MDRjYTEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAvMTUwYTM2
LWU1OWUtNDhkYS1hYzYwLTkxMWU4MzkwNGNhMS8xL2VSbW1ydjA4cVBVUHlQTktz
OUZIa2xiYm5YZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBVUMA0GCSqGSIb3DQEBCwUAA4IBAQAo
4jNgpmMPILcGksmN+kR/od5a95p7X+saDNgyfDKCO5WtNx0DI285Wy6SwW1orqfG
9mAutlsoVLNquFqGjdi4B18RecpCXPEPbVDNFAgxV3w1P77XzD4E4aVybmFyfv53
ZdoQC7PKuWQf3c4xTJt6/+061Y7i0VwJY8j54WkAVOLbPYoAXDWu3TNO9PBF1rg8
gkOYbH+Zv+3bvWUOUa2UA9iWZMr4H4x5D7lB0AKSfwtWxPs9tEGSFG7dOSLw8m+W
94UiS6XeOPAsYjxnhYtmGbUSugNd5eWj7PhFSJ5vwBJnfjZ5XPkQra3vmIfuGKIC
CKCDlTCvZuCJB4A1zVfX
-----END CERTIFICATE-----