This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/jbIS8XnrkTiPoXJTw6y_nXrPVCo.cer
File:                     jbIS8XnrkTiPoXJTw6y_nXrPVCo.cer (raw, json)
Hash identifier:          clSYslCEDzwPBFGzsO0SQ+484+DIQP3JsLPEmx7S73A=
Subject key identifier:   8D:B2:12:F1:79:EB:91:38:8F:A1:72:53:C3:AC:BF:9D:7A:CF:54:2A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019BD292F03A55F44402C9B94C09D693C4CF
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/b2/bf4fb5-3d3c-4735-aebc-1623942828c0/1/jbIS8XnrkTiPoXJTw6y_nXrPVCo.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/b2/bf4fb5-3d3c-4735-aebc-1623942828c0/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Sun 18 Jan 2026 19:26:43 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 202306
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 14:10:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:d2:92:f0:3a:55:f4:44:02:c9:b9:4c:09:d6:93:c4:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan 18 19:26:43 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=8db212f179eb91388fa17253c3acbf9d7acf542a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:54:dc:d1:d4:e5:d5:45:5f:82:39:db:53:99:
                    be:fb:dd:18:f1:8d:ce:67:53:ce:51:d9:77:9a:02:
                    0d:74:d9:35:1d:a5:e0:81:29:38:41:82:40:33:68:
                    91:50:c1:92:88:31:99:1e:c1:35:61:33:64:9d:42:
                    b7:f0:2f:c9:d2:be:78:c2:e7:2a:0a:1b:d9:30:f3:
                    58:bf:d7:51:21:4e:ee:47:c6:86:cd:a7:0e:13:05:
                    eb:58:08:e6:6a:8d:49:70:7b:42:72:67:11:b8:7c:
                    b1:5c:94:d4:e8:39:8e:0b:c8:68:3d:58:4f:5a:18:
                    e7:7f:24:92:47:45:03:bb:00:cb:b0:23:4c:eb:4e:
                    04:6e:f5:74:59:ea:01:c8:9d:c1:2b:0c:db:20:a5:
                    14:17:6d:d7:cf:01:99:b1:b5:d6:58:e0:d4:4e:e3:
                    a0:ce:61:1f:ee:8a:5c:b7:3b:ec:93:5a:ce:22:b4:
                    a4:bc:25:ae:6f:76:6c:bf:65:a3:4d:9d:34:4b:df:
                    13:c2:88:76:b0:7b:29:3f:bd:90:0e:cb:99:77:81:
                    78:f8:47:bb:b1:e8:89:47:47:05:71:c3:f8:00:7b:
                    44:82:63:2d:16:6c:61:d4:ea:56:65:15:75:27:66:
                    98:de:63:b5:0f:67:6f:d7:b7:56:a0:17:e4:21:99:
                    c6:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:B2:12:F1:79:EB:91:38:8F:A1:72:53:C3:AC:BF:9D:7A:CF:54:2A
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/bf4fb5-3d3c-4735-aebc-1623942828c0/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/bf4fb5-3d3c-4735-aebc-1623942828c0/1/jbIS8XnrkTiPoXJTw6y_nXrPVCo.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  202306

    Signature Algorithm: sha256WithRSAEncryption
         38:83:92:69:34:6b:55:3b:bc:0c:ec:87:e0:5a:50:8e:30:c7:
         72:64:71:48:b6:ec:bf:f1:b0:4d:e5:00:81:fa:3e:db:e4:c2:
         dc:11:9c:fb:05:26:93:10:e2:f0:f6:f7:90:db:83:66:23:3e:
         8f:2b:49:7d:23:38:8d:71:69:16:fb:65:48:05:63:3a:40:75:
         e0:7b:f3:1c:95:9b:cb:d6:5b:4e:1b:f2:5b:ec:b5:4c:76:ca:
         b3:64:73:90:6e:e5:14:ea:96:1d:15:35:db:16:3a:4d:0c:95:
         fd:99:66:84:18:94:d5:86:d7:45:ae:7c:56:22:a0:d6:5c:2f:
         5c:67:e3:4c:d8:11:9e:0b:a6:82:8a:45:a1:b3:d3:39:12:62:
         8f:50:65:34:fd:68:f7:d8:7c:89:e3:47:65:07:e4:d3:eb:56:
         90:80:f8:a0:2c:05:62:4c:a5:ee:bd:38:3c:a4:bd:f6:00:3c:
         a0:91:e6:8a:2a:e7:ce:76:97:42:2d:cf:e3:13:47:be:a0:44:
         d7:f9:dd:44:0f:63:b1:6d:6f:ab:3a:ea:30:7b:0a:f9:5b:8e:
         95:85:6a:39:5f:52:f6:86:32:f9:e6:96:4d:7a:33:c8:6c:eb:
         d8:ba:9d:ae:9d:a1:d7:65:da:d9:02:87:f2:18:2b:c9:d5:f8:
         a0:1d:2f:59
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZvSkvA6VfREAsm5TAnWk8TPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTE4MTkyNjQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGIyMTJmMTc5ZWI5MTM4OGZhMTcyNTNjM2FjYmY5ZDdhY2Y1NDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVTc0dTl1UVfgjnbU5m++90Y8Y3O
Z1POUdl3mgINdNk1HaXggSk4QYJAM2iRUMGSiDGZHsE1YTNknUK38C/J0r54wucq
ChvZMPNYv9dRIU7uR8aGzacOEwXrWAjmao1JcHtCcmcRuHyxXJTU6DmOC8hoPVhP
WhjnfySSR0UDuwDLsCNM604EbvV0WeoByJ3BKwzbIKUUF23XzwGZsbXWWODUTuOg
zmEf7opctzvsk1rOIrSkvCWub3Zsv2WjTZ00S98Twoh2sHspP72QDsuZd4F4+Ee7
seiJR0cFccP4AHtEgmMtFmxh1OpWZRV1J2aY3mO1D2dv17dWoBfkIZnGAwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFI2yEvF565E4j6FyU8Osv516z1QqMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IyL2JmNGZi
NS0zZDNjLTQ3MzUtYWViYy0xNjIzOTQyODI4YzAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIvYmY0ZmI1
LTNkM2MtNDczNS1hZWJjLTE2MjM5NDI4MjhjMC8xL2piSVM4WG5ya1RpUG9YSlR3
NnlfblhyUFZDby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMWQjANBgkqhkiG9w0BAQsFAAOCAQEAOIOSaTRrVTu8
DOyH4FpQjjDHcmRxSLbsv/GwTeUAgfo+2+TC3BGc+wUmkxDi8Pb3kNuDZiM+jytJ
fSM4jXFpFvtlSAVjOkB14HvzHJWby9ZbThvyW+y1THbKs2RzkG7lFOqWHRU12xY6
TQyV/ZlmhBiU1YbXRa58ViKg1lwvXGfjTNgRngumgopFobPTORJij1BlNP1o99h8
ieNHZQfk0+tWkID4oCwFYkyl7r04PKS99gA8oJHmiirnznaXQi3P4xNHvqBE1/nd
RA9jsW1vqzrqMHsK+VuOlYVqOV9S9oYy+eaWTXozyGzr2Lqdrp2h12Xa2QKH8hgr
ydX4oB0vWQ==
-----END CERTIFICATE-----