This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.cer
File:                     soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.cer (raw, json)
Hash identifier:          lB5ZkU547gYEZDUk1/Dnr7RKDgUVCCo0m+NziimLqsw=
Subject key identifier:   B2:84:CD:F0:50:74:43:E1:6E:50:9D:57:A2:29:E9:14:F7:35:66:A4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B76EB0AECB0DB8C39CA86AD6F70194C0E
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 00:17:53 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 213073
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:76:eb:0a:ec:b0:db:8c:39:ca:86:ad:6f:70:19:4c:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 00:17:53 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=b284cdf0507443e16e509d57a229e914f73566a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:af:3a:72:05:1f:3c:7f:f4:ee:11:22:a2:6c:
                    e6:ff:6a:72:b7:53:a2:f4:80:25:f3:f2:1b:0d:59:
                    87:87:cd:d0:2b:00:fa:40:5b:0b:5b:ce:d2:41:cc:
                    e7:35:13:cb:fe:62:e8:62:09:a4:06:9e:8c:97:59:
                    7b:70:ab:a3:5b:df:6e:94:91:99:b5:03:f5:19:bd:
                    f7:10:4b:5e:22:66:5d:90:ee:47:a5:33:04:1c:d3:
                    78:b8:c8:b8:95:cf:d4:84:02:f7:1a:b1:b4:67:59:
                    46:93:8f:d4:3e:f6:59:2d:ca:2a:6a:ac:5b:e3:5a:
                    bf:dc:f5:e2:51:c9:bc:6e:4e:0e:f1:6a:69:4e:f9:
                    51:5b:4d:c6:7e:3e:f2:1e:ca:76:16:66:04:95:20:
                    2d:b6:db:db:fe:3b:64:54:a7:d9:0a:33:7e:17:56:
                    c9:33:a6:2d:b1:58:6c:18:c1:ee:9c:2a:3d:02:aa:
                    78:e5:e1:16:be:17:b1:3c:cb:7d:9f:5d:88:9e:b2:
                    e0:cd:d4:d4:d9:e3:f9:cc:4f:1a:e7:8d:97:e1:a2:
                    2d:c4:34:4c:0f:16:83:be:1b:f5:a9:be:44:b1:73:
                    d2:a1:c9:c1:f2:77:06:d4:73:2f:e2:0e:90:0d:b6:
                    3a:b6:35:97:56:0c:eb:49:8b:f8:aa:c8:fd:d8:eb:
                    5b:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:84:CD:F0:50:74:43:E1:6E:50:9D:57:A2:29:E9:14:F7:35:66:A4
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/a3828d-0f51-4da0-8433-df56a241098f/1/soTN8FB0Q-FuUJ1XoinpFPc1ZqQ.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  213073

    Signature Algorithm: sha256WithRSAEncryption
         8a:e6:d2:c0:1e:12:2b:2d:6d:9c:6f:45:53:ee:fc:96:84:a6:
         65:39:10:ff:a5:b0:85:33:e0:3a:31:3d:48:a8:65:b8:e9:2f:
         22:46:fe:e1:55:d6:92:a8:71:4d:86:f4:b9:36:91:2a:16:0b:
         b1:75:ef:a6:a3:41:b1:6a:db:49:be:2a:35:ac:27:08:0e:75:
         79:41:33:0a:ef:55:3f:78:61:b4:d5:9b:85:2a:e7:b3:5e:99:
         01:17:49:8a:97:8e:71:86:a7:47:f3:ef:91:b9:56:40:95:69:
         2f:a9:99:2c:d8:18:ed:87:d0:18:ad:12:6b:11:de:bd:29:3c:
         26:58:39:21:65:58:18:2a:75:11:c6:98:fb:f2:08:f7:9e:89:
         ee:2f:de:8c:ae:db:78:7e:a4:54:6b:36:82:54:cb:ca:4b:2a:
         25:45:35:ea:dc:75:80:42:51:bd:04:01:56:8c:66:71:6b:7c:
         10:72:dc:17:31:64:87:4d:60:35:00:8c:18:56:28:9b:10:f7:
         d1:02:37:2f:94:51:e0:a3:77:44:5c:3d:a1:b7:cc:1e:c1:f9:
         6c:ff:ae:d6:f5:6f:f5:f1:a2:4f:df:5e:7b:e9:0e:c2:25:87:
         af:0b:17:8a:2d:19:0d:a7:04:bc:88:3d:cd:f3:48:db:8a:2d:
         47:2f:16:ae
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt26wrssNuMOcqGrW9wGUwOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMDAxNzUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjg0Y2RmMDUwNzQ0M2UxNmU1MDlkNTdhMjI5ZTkxNGY3MzU2NmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2K86cgUfPH/07hEiomzm/2pyt1Oi
9IAl8/IbDVmHh83QKwD6QFsLW87SQcznNRPL/mLoYgmkBp6Ml1l7cKujW99ulJGZ
tQP1Gb33EEteImZdkO5HpTMEHNN4uMi4lc/UhAL3GrG0Z1lGk4/UPvZZLcoqaqxb
41q/3PXiUcm8bk4O8WppTvlRW03Gfj7yHsp2FmYElSAtttvb/jtkVKfZCjN+F1bJ
M6YtsVhsGMHunCo9Aqp45eEWvhexPMt9n12InrLgzdTU2eP5zE8a542X4aItxDRM
DxaDvhv1qb5EsXPSocnB8ncG1HMv4g6QDbY6tjWXVgzrSYv4qsj92OtbWwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFLKEzfBQdEPhblCdV6Ip6RT3NWakMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBlL2EzODI4
ZC0wZjUxLTRkYTAtODQzMy1kZjU2YTI0MTA5OGYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUvYTM4Mjhk
LTBmNTEtNGRhMC04NDMzLWRmNTZhMjQxMDk4Zi8xL3NvVE44RkIwUS1GdVVKMVhv
aW5wRlBjMVpxUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNAUTANBgkqhkiG9w0BAQsFAAOCAQEAiubSwB4SKy1t
nG9FU+78loSmZTkQ/6WwhTPgOjE9SKhluOkvIkb+4VXWkqhxTYb0uTaRKhYLsXXv
pqNBsWrbSb4qNawnCA51eUEzCu9VP3hhtNWbhSrns16ZARdJipeOcYanR/PvkblW
QJVpL6mZLNgY7YfQGK0SaxHevSk8Jlg5IWVYGCp1EcaY+/II956J7i/ejK7beH6k
VGs2glTLyksqJUU16tx1gEJRvQQBVoxmcWt8EHLcFzFkh01gNQCMGFYomxD30QI3
L5RR4KN3RFw9obfMHsH5bP+u1vVv9fGiT99ee+kOwiWHrwsXii0ZDacEvIg9zfNI
24otRy8Wrg==
-----END CERTIFICATE-----