This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/k6Ip4mayVYiZ81R-5j2E7WWUdos.cer
File:                     k6Ip4mayVYiZ81R-5j2E7WWUdos.cer (raw, json)
Hash identifier:          kLcvmQpZ9fA6BAf/eonirtmh8df2qfh8nQrAW7WMYjU=
Subject key identifier:   93:A2:29:E2:66:B2:55:88:99:F3:54:7E:E6:3D:84:ED:65:94:76:8B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B79ED2FAC9254C77AB03BCBDB43545C50
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/k6Ip4mayVYiZ81R-5j2E7WWUdos.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 14:19:06 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    IP: 185.1.174.0/24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:ed:2f:ac:92:54:c7:7a:b0:3b:cb:db:43:54:5c:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 14:19:06 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=93a229e266b2558899f3547ee63d84ed6594768b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:73:ec:72:c4:fb:8f:e2:54:e1:e7:85:a8:c0:
                    a7:45:b3:43:aa:ff:7f:d2:1b:37:87:d1:6b:6e:32:
                    94:af:1d:93:53:7e:36:2f:85:f8:79:14:a8:0b:3b:
                    44:87:00:cd:6e:4c:96:94:44:a6:0d:5f:e5:d8:d3:
                    10:bb:b0:70:92:cf:71:78:89:2f:60:25:98:40:d7:
                    48:65:3d:30:2f:f6:b7:79:30:ab:92:75:df:94:e1:
                    10:f3:76:30:85:05:cf:44:25:d8:02:45:67:35:94:
                    5e:6b:ee:b7:56:b7:5c:80:68:16:f1:c9:f9:33:ef:
                    06:69:1a:1c:90:49:d5:1f:6a:49:34:26:f8:f8:83:
                    41:c4:42:2b:c9:2f:9d:52:91:0e:2b:f8:a8:50:66:
                    4e:81:46:dc:a5:90:4e:bb:36:9a:1e:7b:28:72:17:
                    99:e0:fd:01:95:12:d1:bd:7e:89:11:53:01:74:64:
                    b9:16:43:18:5c:5e:a9:50:91:b2:4e:b8:88:39:30:
                    1d:62:96:39:a9:fb:35:5d:4c:2f:f4:35:0c:a7:1b:
                    0b:fc:01:74:c9:da:57:6c:2a:a5:ec:8c:b3:da:55:
                    e8:b5:dc:0b:c7:4b:50:ba:50:c7:fc:c4:7d:43:63:
                    a3:74:66:00:d2:9d:b3:fa:53:66:da:f8:01:53:33:
                    ad:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:A2:29:E2:66:B2:55:88:99:F3:54:7E:E6:3D:84:ED:65:94:76:8B
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/k6Ip4mayVYiZ81R-5j2E7WWUdos.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.1.174.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:65:b7:66:06:85:e3:47:5f:43:8b:b1:67:a7:e0:d2:30:1c:
         58:f1:58:47:11:82:4b:8d:ac:35:53:1c:80:7c:6b:a8:94:dd:
         f5:d0:4b:06:32:ba:5c:46:58:a6:2b:f2:cd:fb:c3:15:4f:af:
         27:41:e7:79:0c:ce:46:91:f1:9b:8c:38:2a:8e:bc:1b:6f:c2:
         ff:26:a7:94:3a:2d:ea:5c:6f:c7:95:4b:32:6d:af:ff:4d:95:
         93:9f:66:8f:27:68:2c:57:78:f0:ca:82:71:1c:89:34:fa:53:
         aa:cd:cb:d1:0f:9b:13:72:39:2a:03:63:ed:dc:dc:6f:60:d0:
         c5:d1:1e:e6:7e:9a:ed:27:fd:31:a2:76:85:8f:dd:bf:4a:2b:
         e6:7c:07:14:80:a1:b4:fe:bb:95:9b:50:b6:66:a8:ea:fc:fb:
         40:4b:88:11:47:45:99:54:0a:ea:f5:a6:4e:3a:73:73:57:27:
         72:90:8b:e5:ce:c7:f4:1d:53:22:c7:3b:ba:29:d7:93:90:3b:
         62:2f:8e:72:a8:a2:6e:aa:82:75:e7:4a:60:f2:0e:1e:6d:45:
         db:66:b6:6d:00:e3:7e:c1:b2:42:ef:65:19:17:70:9f:db:76:
         84:2d:3a:c7:19:85:3a:dd:05:4a:e0:1b:41:6a:d3:09:13:b7:
         da:11:b1:33
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZt57S+sklTHerA7y9tDVFxQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMTQxOTA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2EyMjllMjY2YjI1NTg4OTlmMzU0N2VlNjNkODRlZDY1OTQ3NjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnPscsT7j+JU4eeFqMCnRbNDqv9/
0hs3h9FrbjKUrx2TU342L4X4eRSoCztEhwDNbkyWlESmDV/l2NMQu7Bwks9xeIkv
YCWYQNdIZT0wL/a3eTCrknXflOEQ83YwhQXPRCXYAkVnNZRea+63VrdcgGgW8cn5
M+8GaRockEnVH2pJNCb4+INBxEIryS+dUpEOK/ioUGZOgUbcpZBOuzaaHnsocheZ
4P0BlRLRvX6JEVMBdGS5FkMYXF6pUJGyTriIOTAdYpY5qfs1XUwv9DUMpxsL/AF0
ydpXbCql7Iyz2lXotdwLx0tQulDH/MR9Q2OjdGYA0p2z+lNm2vgBUzOtUwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFJOiKeJmslWImfNUfuY9hO1llHaLMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E0L2M0MDcz
YS05MjNiLTRlY2YtOTU2Ni00ZDc3N2NhY2Q5YTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQvYzQwNzNh
LTkyM2ItNGVjZi05NTY2LTRkNzc3Y2FjZDlhNC8xL2s2SXA0bWF5VllpWjgxUi01
ajJFN1dXVWRvcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAuQGuMA0GCSqGSIb3DQEBCwUAA4IBAQBQZbdm
BoXjR19Di7Fnp+DSMBxY8VhHEYJLjaw1UxyAfGuolN310EsGMrpcRlimK/LN+8MV
T68nQed5DM5GkfGbjDgqjrwbb8L/JqeUOi3qXG/HlUsyba//TZWTn2aPJ2gsV3jw
yoJxHIk0+lOqzcvRD5sTcjkqA2Pt3NxvYNDF0R7mfprtJ/0xonaFj92/SivmfAcU
gKG0/ruVm1C2Zqjq/PtAS4gRR0WZVArq9aZOOnNzVydykIvlzsf0HVMixzu6KdeT
kDtiL45yqKJuqoJ150pg8g4ebUXbZrZtAON+wbJC72UZF3Cf23aELTrHGYU63QVK
4BtBatMJE7faEbEz
-----END CERTIFICATE-----