This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/qfCQLHsw_sPg3PXyO_7fUBgjQps.cer
File:                     qfCQLHsw_sPg3PXyO_7fUBgjQps.cer (raw, json)
Hash identifier:          dAd9eNpDRum5kndyoaxCry30zycXhzGfVxFUqR7yEzA=
Subject key identifier:   A9:F0:90:2C:7B:30:FE:C3:E0:DC:F5:F2:3B:FE:DF:50:18:23:42:9B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B77C690F95BE2676D64CD34839A3354F2
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/qfCQLHsw_sPg3PXyO_7fUBgjQps.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 04:17:40 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 214934
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 06:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:77:c6:90:f9:5b:e2:67:6d:64:cd:34:83:9a:33:54:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 04:17:40 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=a9f0902c7b30fec3e0dcf5f23bfedf501823429b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:96:e9:da:dd:f5:a7:08:3c:2d:48:8d:e1:74:
                    61:e3:5a:6d:91:c9:d4:07:59:8b:59:cb:9a:1d:37:
                    8a:15:80:41:96:78:ca:33:5c:e9:29:10:6a:61:c2:
                    76:f9:ce:59:20:ae:10:4d:f1:ae:22:6b:d4:8f:12:
                    24:5a:25:d1:47:02:1e:23:1d:dd:2a:1f:6c:fd:9e:
                    4d:fc:1e:76:db:80:39:e0:54:43:77:78:04:c2:bb:
                    8d:b9:ad:06:e5:b6:c2:27:e4:5c:00:1c:f0:9c:f5:
                    a1:46:b3:93:ec:f0:87:6b:6d:70:91:17:c1:31:87:
                    3b:72:98:37:e4:92:ac:df:05:99:a9:cd:06:d6:5b:
                    8b:5c:b1:db:08:25:b7:45:74:4c:aa:ce:06:04:12:
                    75:a5:e0:8d:d2:84:68:9b:a2:65:8a:21:a6:d8:47:
                    3d:24:64:da:02:16:ed:64:5e:5f:3e:35:ea:4d:19:
                    96:fe:7b:36:99:2b:4c:c3:29:7f:3a:31:40:47:f0:
                    4a:ee:f8:a3:93:ea:0a:61:71:b3:20:9e:4e:43:2a:
                    b1:1b:10:2f:d0:73:b1:51:bb:32:c4:eb:42:76:59:
                    1a:2f:c8:69:be:77:e5:c2:28:2a:d0:81:ad:8a:81:
                    7c:76:2a:38:49:14:e1:29:7d:f7:cf:0e:cf:e7:8e:
                    05:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:F0:90:2C:7B:30:FE:C3:E0:DC:F5:F2:3B:FE:DF:50:18:23:42:9B
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/d66ff3-b607-476e-8d5e-8968565df63a/1/qfCQLHsw_sPg3PXyO_7fUBgjQps.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  214934

    Signature Algorithm: sha256WithRSAEncryption
         16:6b:b1:d2:76:4a:d1:49:02:40:4d:d6:0a:e1:b4:e5:61:02:
         bf:79:5e:2e:21:d2:00:e5:7c:73:6e:fd:dd:e4:25:67:70:24:
         87:55:ad:3f:41:b9:2f:c0:84:0c:f3:a7:f8:90:19:0f:35:19:
         d5:fa:2a:5e:8b:bc:ef:8a:c0:ff:97:76:65:2e:e4:39:d5:18:
         e5:23:fa:7d:0c:3c:ae:ca:89:e8:d1:58:ac:97:a7:b8:56:54:
         8f:13:00:9a:75:be:65:73:d2:8d:0d:b0:10:f7:0e:3c:7f:96:
         77:5f:55:5d:39:c9:fc:85:0c:e7:9b:0b:dc:5d:0b:ac:6f:f2:
         7e:bc:eb:70:b1:b7:20:3d:71:7e:67:52:ef:4b:23:d7:53:be:
         4e:18:8f:e8:8a:55:10:f2:13:19:43:ff:5f:c7:c4:3b:aa:e9:
         76:86:45:89:60:23:dc:5f:8d:ef:cc:33:94:f8:96:e4:db:07:
         46:1f:7c:f3:c0:8c:34:b8:dc:60:52:ec:85:f2:2a:0e:2f:26:
         2d:e0:bd:51:21:f1:ec:bf:2c:79:f8:d7:49:f2:62:04:a5:99:
         43:19:65:05:80:76:68:52:37:e2:e3:03:09:53:86:a9:c3:c0:
         2c:e4:b3:ce:94:8e:07:1b:81:8b:06:2c:34:ef:e5:f3:db:5e:
         a1:3c:22:08
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt3xpD5W+JnbWTNNIOaM1TyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMDQxNzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWYwOTAyYzdiMzBmZWMzZTBkY2Y1ZjIzYmZlZGY1MDE4MjM0MjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJbp2t31pwg8LUiN4XRh41ptkcnU
B1mLWcuaHTeKFYBBlnjKM1zpKRBqYcJ2+c5ZIK4QTfGuImvUjxIkWiXRRwIeIx3d
Kh9s/Z5N/B5224A54FRDd3gEwruNua0G5bbCJ+RcABzwnPWhRrOT7PCHa21wkRfB
MYc7cpg35JKs3wWZqc0G1luLXLHbCCW3RXRMqs4GBBJ1peCN0oRom6JliiGm2Ec9
JGTaAhbtZF5fPjXqTRmW/ns2mStMwyl/OjFAR/BK7vijk+oKYXGzIJ5OQyqxGxAv
0HOxUbsyxOtCdlkaL8hpvnflwigq0IGtioF8dio4SRThKX33zw7P544F7wIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFKnwkCx7MP7D4Nz18jv+31AYI0KbMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQzL2Q2NmZm
My1iNjA3LTQ3NmUtOGQ1ZS04OTY4NTY1ZGY2M2EvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDMvZDY2ZmYz
LWI2MDctNDc2ZS04ZDVlLTg5Njg1NjVkZjYzYS8xL3FmQ1FMSHN3X3NQZzNQWHlP
XzdmVUJnalFwcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNHljANBgkqhkiG9w0BAQsFAAOCAQEAFmux0nZK0UkC
QE3WCuG05WECv3leLiHSAOV8c2793eQlZ3Akh1WtP0G5L8CEDPOn+JAZDzUZ1foq
Xou874rA/5d2ZS7kOdUY5SP6fQw8rsqJ6NFYrJenuFZUjxMAmnW+ZXPSjQ2wEPcO
PH+Wd19VXTnJ/IUM55sL3F0LrG/yfrzrcLG3ID1xfmdS70sj11O+ThiP6IpVEPIT
GUP/X8fEO6rpdoZFiWAj3F+N78wzlPiW5NsHRh9888CMNLjcYFLshfIqDi8mLeC9
USHx7L8sefjXSfJiBKWZQxllBYB2aFI34uMDCVOGqcPALOSzzpSOBxuBiwYsNO/l
89teoTwiCA==
-----END CERTIFICATE-----