This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/mAO6qFdULHWMJI0xHmOX_OSDgBo.cer
File:                     mAO6qFdULHWMJI0xHmOX_OSDgBo.cer (raw, json)
Hash identifier:          AO02hpAzK5oRh4Xk24+xGToYts4jjgAb8ZFVIPJpzFA=
Subject key identifier:   98:03:BA:A8:57:54:2C:75:8C:24:8D:31:1E:63:97:FC:E4:83:80:1A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7B36415C3C52191F60369579704E306D
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/54/bb7d83-a3df-4b75-8569-bd9b355d32e8/1/mAO6qFdULHWMJI0xHmOX_OSDgBo.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/54/bb7d83-a3df-4b75-8569-bd9b355d32e8/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 20:18:31 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 210683
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:36:41:5c:3c:52:19:1f:60:36:95:79:70:4e:30:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 20:18:31 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=9803baa857542c758c248d311e6397fce483801a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:aa:08:5c:52:d6:28:de:07:6b:93:0a:8e:d0:
                    7a:28:46:66:cd:fd:56:50:fe:35:73:b7:f0:d4:d1:
                    c1:c3:a3:cf:8a:0d:56:1b:2a:5b:29:bf:42:ba:61:
                    a5:85:cb:42:4c:3b:8f:22:17:17:46:7b:73:23:41:
                    43:bf:c6:d2:03:e7:24:39:83:80:d7:95:32:ee:26:
                    05:c2:60:9d:cd:89:1c:6a:7d:da:ed:8c:ae:e6:bf:
                    e9:41:92:7e:e2:f9:b1:85:ed:a5:bb:16:ac:9e:29:
                    3a:2a:f0:0d:84:8c:cf:16:7e:66:f6:9f:29:60:44:
                    72:70:8a:f7:c7:94:fd:7c:73:23:34:30:85:0f:4c:
                    61:c6:cf:2d:24:9f:3f:97:e0:1b:ef:e1:3d:52:01:
                    66:20:ae:bf:3b:b7:98:9a:1a:9a:50:48:ab:75:6c:
                    c5:a6:e4:4e:3c:44:d4:bd:5e:ae:86:0f:26:72:dd:
                    cf:7f:54:9d:0c:a3:96:e1:7e:08:08:2d:ab:2f:23:
                    80:00:00:8b:2a:3d:41:ae:26:32:ad:e9:ac:d8:b3:
                    c6:f6:d5:20:8b:1c:76:39:58:86:e4:67:9a:c4:1e:
                    6f:be:f3:6c:c0:67:d8:99:4d:3b:b7:ab:91:85:e8:
                    24:07:42:d8:99:27:82:7a:1f:81:a9:73:41:35:d0:
                    e7:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:03:BA:A8:57:54:2C:75:8C:24:8D:31:1E:63:97:FC:E4:83:80:1A
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/bb7d83-a3df-4b75-8569-bd9b355d32e8/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/bb7d83-a3df-4b75-8569-bd9b355d32e8/1/mAO6qFdULHWMJI0xHmOX_OSDgBo.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  210683

    Signature Algorithm: sha256WithRSAEncryption
         13:04:47:1e:b6:0d:bf:d4:67:4b:ad:f1:94:4c:0e:2f:ac:3e:
         82:35:5d:d5:cd:e7:4f:c0:1e:c2:ec:37:87:75:96:12:33:86:
         18:e4:22:86:47:36:40:48:94:15:1c:b7:30:1a:f8:6e:e1:a3:
         9e:52:75:df:12:62:2c:4d:e3:b8:51:ec:94:4c:dd:e5:2b:52:
         0a:5a:1f:31:5a:88:40:48:c3:b8:8f:b8:63:7a:97:52:44:e8:
         24:77:dd:20:94:db:a7:84:12:a8:4a:37:af:3f:08:87:0c:e4:
         ff:19:34:fb:a5:f0:01:7e:67:b8:0d:22:40:6b:d3:ac:d3:c4:
         22:0a:9e:6f:b5:b4:e9:25:04:e8:20:fd:a1:b7:37:eb:ea:d6:
         09:a1:fd:27:fb:2d:1f:08:a9:e8:d0:bb:50:f5:d4:85:16:a5:
         dd:f4:26:89:65:50:79:8e:0f:a7:07:a5:e8:aa:16:e5:dc:08:
         32:19:fd:65:dd:c4:0a:3e:9a:eb:00:10:8a:19:bf:25:87:f6:
         7e:0d:9a:98:9b:e9:db:d4:4d:ee:81:17:d6:6f:a9:49:4f:b2:
         53:80:60:b8:39:a1:d8:1a:9b:57:29:d8:77:50:41:d1:0f:55:
         4c:ab:e4:1f:cb:45:0b:53:70:a2:28:58:4c:9f:7e:b8:73:3e:
         d6:20:d7:ce
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt7NkFcPFIZH2A2lXlwTjBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMjAxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODAzYmFhODU3NTQyYzc1OGMyNDhkMzExZTYzOTdmY2U0ODM4MDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6oIXFLWKN4Ha5MKjtB6KEZmzf1W
UP41c7fw1NHBw6PPig1WGypbKb9CumGlhctCTDuPIhcXRntzI0FDv8bSA+ckOYOA
15Uy7iYFwmCdzYkcan3a7Yyu5r/pQZJ+4vmxhe2luxasnik6KvANhIzPFn5m9p8p
YERycIr3x5T9fHMjNDCFD0xhxs8tJJ8/l+Ab7+E9UgFmIK6/O7eYmhqaUEirdWzF
puROPETUvV6uhg8mct3Pf1SdDKOW4X4ICC2rLyOAAACLKj1BriYyrems2LPG9tUg
ixx2OViG5GeaxB5vvvNswGfYmU07t6uRhegkB0LYmSeCeh+BqXNBNdDnJwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFJgDuqhXVCx1jCSNMR5jl/zkg4AaMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU0L2JiN2Q4
My1hM2RmLTRiNzUtODU2OS1iZDliMzU1ZDMyZTgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQvYmI3ZDgz
LWEzZGYtNGI3NS04NTY5LWJkOWIzNTVkMzJlOC8xL21BTzZxRmRVTEhXTUpJMHhI
bU9YX09TRGdCby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwM2+zANBgkqhkiG9w0BAQsFAAOCAQEAEwRHHrYNv9Rn
S63xlEwOL6w+gjVd1c3nT8Aewuw3h3WWEjOGGOQihkc2QEiUFRy3MBr4buGjnlJ1
3xJiLE3juFHslEzd5StSClofMVqIQEjDuI+4Y3qXUkToJHfdIJTbp4QSqEo3rz8I
hwzk/xk0+6XwAX5nuA0iQGvTrNPEIgqeb7W06SUE6CD9obc36+rWCaH9J/stHwip
6NC7UPXUhRal3fQmiWVQeY4Ppwel6KoW5dwIMhn9Zd3ECj6a6wAQihm/JYf2fg2a
mJvp29RN7oEX1m+pSU+yU4BguDmh2BqbVynYd1BB0Q9VTKvkH8tFC1NwoihYTJ9+
uHM+1iDXzg==
-----END CERTIFICATE-----