This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/obeZgyScHV-GGfE1xtbn43379WI.cer
File:                     obeZgyScHV-GGfE1xtbn43379WI.cer (raw, json)
Hash identifier:          ELWQLT8+U5O33e6qGsZ6tkJfHfLKwnnmUW7PkcSUr+Q=
Subject key identifier:   A1:B7:99:83:24:9C:1D:5F:86:19:F1:35:C6:D6:E7:E3:7D:FB:F5:62
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7AC8CC4394B423B46D4B330AF01AA6CE
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/fe/122d89-8e43-40c3-9cef-b33916b9f839/1/obeZgyScHV-GGfE1xtbn43379WI.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/fe/122d89-8e43-40c3-9cef-b33916b9f839/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 18:18:58 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 200094
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7a:c8:cc:43:94:b4:23:b4:6d:4b:33:0a:f0:1a:a6:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 18:18:58 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=a1b79983249c1d5f8619f135c6d6e7e37dfbf562
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:ea:46:49:01:3d:b0:60:83:04:cb:30:06:96:
                    3f:a6:6a:a3:78:f1:d6:e1:c3:e0:33:87:13:fd:30:
                    0e:95:16:15:f4:a0:f3:62:ee:5e:1c:d6:7c:e2:b8:
                    78:93:2a:b8:11:b4:3c:00:93:b5:63:83:75:54:98:
                    c8:6a:47:4c:79:72:a7:db:d6:98:15:b1:59:d0:f2:
                    2a:b4:a5:91:6c:70:2c:48:2f:6d:56:b0:df:5d:77:
                    17:87:96:80:38:fd:50:d8:26:1f:28:14:5c:bb:49:
                    ee:36:a9:34:54:c8:01:2a:c5:49:4f:5b:08:40:66:
                    ff:0f:d8:60:10:3a:dd:26:65:5b:12:7f:22:94:3a:
                    00:2f:df:1a:20:8a:8d:73:4e:b4:2f:41:72:4f:f7:
                    dd:c1:22:61:b8:5a:df:82:75:21:02:ad:b0:50:c4:
                    5a:5b:55:39:9a:0c:02:54:b2:f3:74:43:07:31:f3:
                    8e:6c:ca:c1:8e:84:7b:62:ca:6a:0e:c7:3c:2d:e8:
                    42:15:59:c7:73:16:fb:8b:ef:9d:3f:e4:94:50:a8:
                    06:8d:70:19:86:21:88:76:26:bc:0a:31:42:59:d1:
                    60:a1:eb:4d:7c:af:f3:d2:2b:5a:cc:78:6c:60:ea:
                    aa:21:5c:08:ef:2c:f9:cc:8c:15:18:95:f2:50:bf:
                    72:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:B7:99:83:24:9C:1D:5F:86:19:F1:35:C6:D6:E7:E3:7D:FB:F5:62
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/122d89-8e43-40c3-9cef-b33916b9f839/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/122d89-8e43-40c3-9cef-b33916b9f839/1/obeZgyScHV-GGfE1xtbn43379WI.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  200094

    Signature Algorithm: sha256WithRSAEncryption
         0b:09:58:5f:7f:9e:4a:a5:00:f3:9a:80:60:0d:ad:d1:7c:46:
         60:cf:3d:39:b1:b8:5d:48:b6:66:da:36:eb:58:43:af:63:52:
         cb:fb:8f:81:88:9b:fc:da:58:83:7e:fa:dd:8d:40:0b:95:a5:
         c8:f0:6b:32:13:90:bc:b5:be:ff:09:86:ec:08:3c:2f:8d:1d:
         48:71:12:86:94:7f:4b:c1:33:ac:ae:3a:ce:34:02:96:d9:42:
         63:97:94:ab:45:12:72:08:db:1c:68:76:65:20:41:97:5a:1d:
         58:b6:c2:10:21:a7:ac:b1:9b:40:a4:0b:7f:b5:ef:2f:5e:c6:
         a8:f4:76:c3:6a:c8:a7:24:30:90:06:1f:ba:6b:25:a5:0d:67:
         60:ee:fc:49:b9:c9:e3:9d:51:ba:4b:9d:2c:de:c4:0b:e7:93:
         aa:8d:aa:ef:42:8e:5a:4f:09:32:24:14:c6:79:47:8f:26:64:
         31:33:fe:ce:b6:71:ff:a1:17:bd:9c:18:d6:92:f3:2e:f3:74:
         81:79:fe:09:b9:3e:a3:5f:b0:76:04:ae:69:c4:c0:f7:bd:02:
         b8:a1:37:3e:18:15:8b:e0:25:86:e2:16:6c:61:ab:c4:0d:f8:
         7c:d0:6b:f3:d4:1a:21:2a:00:9b:16:70:b5:25:54:ac:5a:93:
         ef:1d:7d:47
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt6yMxDlLQjtG1LMwrwGqbOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMTgxODU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWI3OTk4MzI0OWMxZDVmODYxOWYxMzVjNmQ2ZTdlMzdkZmJmNTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiepGSQE9sGCDBMswBpY/pmqjePHW
4cPgM4cT/TAOlRYV9KDzYu5eHNZ84rh4kyq4EbQ8AJO1Y4N1VJjIakdMeXKn29aY
FbFZ0PIqtKWRbHAsSC9tVrDfXXcXh5aAOP1Q2CYfKBRcu0nuNqk0VMgBKsVJT1sI
QGb/D9hgEDrdJmVbEn8ilDoAL98aIIqNc060L0FyT/fdwSJhuFrfgnUhAq2wUMRa
W1U5mgwCVLLzdEMHMfOObMrBjoR7YspqDsc8LehCFVnHcxb7i++dP+SUUKgGjXAZ
hiGIdia8CjFCWdFgoetNfK/z0itazHhsYOqqIVwI7yz5zIwVGJXyUL9yfwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFKG3mYMknB1fhhnxNcbW5+N9+/ViMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZlLzEyMmQ4
OS04ZTQzLTQwYzMtOWNlZi1iMzM5MTZiOWY4MzkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUvMTIyZDg5
LThlNDMtNDBjMy05Y2VmLWIzMzkxNmI5ZjgzOS8xL29iZVpneVNjSFYtR0dmRTF4
dGJuNDMzNzlXSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMNnjANBgkqhkiG9w0BAQsFAAOCAQEACwlYX3+eSqUA
85qAYA2t0XxGYM89ObG4XUi2Zto261hDr2NSy/uPgYib/NpYg3763Y1AC5WlyPBr
MhOQvLW+/wmG7Ag8L40dSHEShpR/S8EzrK46zjQCltlCY5eUq0UScgjbHGh2ZSBB
l1odWLbCECGnrLGbQKQLf7XvL17GqPR2w2rIpyQwkAYfumslpQ1nYO78SbnJ451R
ukudLN7EC+eTqo2q70KOWk8JMiQUxnlHjyZkMTP+zrZx/6EXvZwY1pLzLvN0gXn+
Cbk+o1+wdgSuacTA970CuKE3PhgVi+AlhuIWbGGrxA34fNBr89QaISoAmxZwtSVU
rFqT7x19Rw==
-----END CERTIFICATE-----