This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/nlAUVuEieYvbj3OVRb9hSMfNEWU.cer
File:                     nlAUVuEieYvbj3OVRb9hSMfNEWU.cer (raw, json)
Hash identifier:          tMl+ZZCLfKs2puuyludKcrcUGQd2rCNR0cMsIBbcUac=
Subject key identifier:   9E:50:14:56:E1:22:79:8B:DB:8F:73:95:45:BF:61:48:C7:CD:11:65
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B797DE778676ECA91B58E8E9E5198C342
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.komorebi.network/repo/komorebi/0/9E501456E122798BDB8F739545BF6148C7CD1165.mft
caRepository:             rsync://rpki.komorebi.network/repo/komorebi/0/
Notify URL:               https://rpki.komorebi.network:3030/rrdp/notification.xml
Certificate not before:   Thu 01 Jan 2026 12:17:33 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 199376
                          AS: 199762
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:79:7d:e7:78:67:6e:ca:91:b5:8e:8e:9e:51:98:c3:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 12:17:33 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=9e501456e122798bdb8f739545bf6148c7cd1165
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:6c:88:2d:ab:be:23:54:24:c3:67:ad:ab:5c:
                    75:4c:8e:a9:7f:01:1d:0a:74:cf:f7:d6:9a:e2:1c:
                    6b:b7:b8:41:0d:52:85:a1:35:00:d6:98:86:fa:04:
                    36:fa:56:ea:f6:67:61:dc:80:3b:a5:dd:82:51:ee:
                    7d:ea:24:8e:9a:52:23:d1:ce:8d:f1:bf:ac:fa:9a:
                    43:2e:22:c2:86:14:bc:ac:b4:a9:6b:16:d8:76:38:
                    eb:04:95:4e:df:d2:7e:9c:9e:c7:70:1a:c7:f3:51:
                    cc:e5:e4:00:b3:83:8e:f5:57:85:e2:58:d3:cd:35:
                    3e:85:46:a6:fc:ee:3a:5c:59:1a:ff:6c:57:4c:9d:
                    8d:c8:ca:47:b7:d0:00:7b:7a:6a:0b:75:8f:03:0b:
                    09:b0:d7:8b:80:59:76:09:88:f5:64:2f:35:f0:a0:
                    af:d6:f8:2c:e1:ac:62:27:e5:ca:a8:ef:9b:33:c4:
                    14:36:21:87:e7:3c:73:e3:86:46:4a:bc:41:d7:ea:
                    95:4c:93:8d:0b:00:01:9c:4b:21:04:2f:74:d3:bf:
                    c0:05:3a:2c:71:0f:83:65:f8:3c:68:10:47:75:91:
                    5a:45:c2:3e:d2:ba:91:a1:35:fa:c6:f4:56:e5:f5:
                    ae:d9:85:e8:a5:4b:40:00:af:bc:31:30:dc:28:f1:
                    3b:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:50:14:56:E1:22:79:8B:DB:8F:73:95:45:BF:61:48:C7:CD:11:65
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.komorebi.network/repo/komorebi/0/
                RPKI Manifest - URI:rsync://rpki.komorebi.network/repo/komorebi/0/9E501456E122798BDB8F739545BF6148C7CD1165.mft
                RPKI Notify - URI:https://rpki.komorebi.network:3030/rrdp/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  199376
                  199762

    Signature Algorithm: sha256WithRSAEncryption
         1c:a4:60:35:a6:e6:ec:08:35:fc:06:be:93:80:f5:b4:3c:33:
         c4:60:8b:86:d7:c0:9c:7f:fd:a6:58:64:05:00:ee:f8:72:f6:
         8b:cb:5c:03:69:c8:1d:4c:19:fc:4e:49:88:ad:aa:3c:ad:e7:
         de:c4:ca:cb:10:32:69:93:c6:1a:b8:12:d9:0f:21:4c:eb:1d:
         04:1d:23:7b:cf:d7:a7:2a:fe:47:75:9c:7d:ee:9c:8a:be:40:
         1c:d8:63:6f:7a:15:43:fa:67:ce:1b:7f:ef:a3:6c:71:31:05:
         05:63:42:72:c6:8e:0d:40:99:fe:d9:ee:63:22:6d:ab:88:13:
         91:17:71:92:74:7b:9f:52:59:99:46:49:c2:0f:9d:dc:ad:ef:
         fb:94:a6:8a:13:da:8b:a6:14:e2:12:a0:cb:6a:7c:97:1f:a0:
         ad:27:00:87:f0:7e:84:88:38:1f:86:3f:45:c7:64:59:43:40:
         4d:4c:0a:47:8f:19:af:4f:9f:05:f7:2b:36:0a:5d:37:88:3f:
         43:ee:8b:fb:f3:2b:ad:75:11:d0:44:6e:90:d1:a6:96:d1:c5:
         3d:f5:3f:66:11:92:1d:3f:df:0b:f0:72:8e:77:9f:89:0f:17:
         18:bd:95:f0:bc:5e:dd:71:c7:e9:0d:03:ec:c3:db:a6:37:b9:
         b1:9b:df:5f
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZt5fed4Z27KkbWOjp5RmMNCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMTIxNzMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTUwMTQ1NmUxMjI3OThiZGI4ZjczOTU0NWJmNjE0OGM3Y2QxMTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2yILau+I1Qkw2etq1x1TI6pfwEd
CnTP99aa4hxrt7hBDVKFoTUA1piG+gQ2+lbq9mdh3IA7pd2CUe596iSOmlIj0c6N
8b+s+ppDLiLChhS8rLSpaxbYdjjrBJVO39J+nJ7HcBrH81HM5eQAs4OO9VeF4ljT
zTU+hUam/O46XFka/2xXTJ2NyMpHt9AAe3pqC3WPAwsJsNeLgFl2CYj1ZC818KCv
1vgs4axiJ+XKqO+bM8QUNiGH5zxz44ZGSrxB1+qVTJONCwABnEshBC9007/ABTos
cQ+DZfg8aBBHdZFaRcI+0rqRoTX6xvRW5fWu2YXopUtAAK+8MTDcKPE7owIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFJ5QFFbhInmL249zlUW/YUjHzRFlMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwgfoGCCsGAQUFBwELBIHtMIHqMDoGCCsGAQUFBzAFhi5yc3lu
YzovL3Jwa2kua29tb3JlYmkubmV0d29yay9yZXBvL2tvbW9yZWJpLzAvMGYGCCsG
AQUFBzAKhlpyc3luYzovL3Jwa2kua29tb3JlYmkubmV0d29yay9yZXBvL2tvbW9y
ZWJpLzAvOUU1MDE0NTZFMTIyNzk4QkRCOEY3Mzk1NDVCRjYxNDhDN0NEMTE2NS5t
ZnQwRAYIKwYBBQUHMA2GOGh0dHBzOi8vcnBraS5rb21vcmViaS5uZXR3b3JrOjMw
MzAvcnJkcC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VI
SUpuSEMyUUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEIAQH/BBAwDqAMMAoCAwMK0AIDAwxSMA0GCSqGSIb3DQEBCwUAA4IB
AQAcpGA1pubsCDX8Br6TgPW0PDPEYIuG18Ccf/2mWGQFAO74cvaLy1wDacgdTBn8
TkmIrao8refexMrLEDJpk8YauBLZDyFM6x0EHSN7z9enKv5HdZx97pyKvkAc2GNv
ehVD+mfOG3/vo2xxMQUFY0Jyxo4NQJn+2e5jIm2riBORF3GSdHufUlmZRknCD53c
re/7lKaKE9qLphTiEqDLanyXH6CtJwCH8H6EiDgfhj9Fx2RZQ0BNTApHjxmvT58F
9ys2Cl03iD9D7ov78yutdRHQRG6Q0aaW0cU99T9mEZIdP98L8HKOd5+JDxcYvZXw
vF7dccfpDQPsw9umN7mxm99f
-----END CERTIFICATE-----