This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/uR-NsC4ulx1U-Q7vEHCQOY_MPZI.cer
File:                     uR-NsC4ulx1U-Q7vEHCQOY_MPZI.cer (raw, json)
Hash identifier:          3x/+4PL1/BDmUU5elcCJ9jvtxrOrd92iEBQxhXVljmc=
Subject key identifier:   B9:1F:8D:B0:2E:2E:97:1D:54:F9:0E:EF:10:70:90:39:8F:CC:3D:92
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7B3540271FF4910805D37AECAE0034EF
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/42/ee68ac-36ba-49a1-9df9-62e19ef960a4/1/uR-NsC4ulx1U-Q7vEHCQOY_MPZI.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/42/ee68ac-36ba-49a1-9df9-62e19ef960a4/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 20:17:26 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 198510
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7b:35:40:27:1f:f4:91:08:05:d3:7a:ec:ae:00:34:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 20:17:26 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=b91f8db02e2e971d54f90eef107090398fcc3d92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:4a:cb:a7:35:6f:9e:da:f4:58:77:fe:d8:0a:
                    7d:5b:2a:8d:f4:fb:4c:cf:54:19:66:6e:82:4f:d5:
                    d3:9b:df:50:0a:65:e6:fa:34:d5:bf:55:70:01:23:
                    5c:6e:1d:a4:93:99:28:b3:06:8f:1d:ef:ed:a1:22:
                    ab:f4:9b:6e:9c:26:7b:33:54:e1:b5:7a:76:af:0a:
                    87:39:bb:95:96:a7:ad:06:8c:f9:45:c4:c6:c9:51:
                    74:78:7f:e6:5b:be:aa:b8:2f:84:b1:9f:ff:48:a6:
                    35:7b:a7:d6:10:1a:33:07:49:0b:8d:27:19:fc:e5:
                    32:40:b1:01:c5:74:0b:76:37:05:db:f8:87:98:bf:
                    e5:8d:ea:4c:3b:38:76:a0:53:ba:a3:0a:44:70:25:
                    23:80:da:cc:2a:f3:5a:f6:3a:03:02:91:d8:70:90:
                    3e:c7:4e:5d:33:ca:c3:12:ed:48:1a:0c:26:c2:c0:
                    ae:e2:4c:7e:7b:64:11:3b:7f:69:1a:8a:e5:a9:21:
                    72:57:39:03:96:9b:e2:22:89:80:68:51:8c:74:71:
                    84:0c:d6:4d:f0:f3:a7:49:af:49:d8:f3:49:81:63:
                    c0:52:0a:5b:5f:c6:a2:bb:84:92:a3:ec:51:51:30:
                    96:a5:09:bc:a4:40:8b:52:ee:d6:2d:62:68:b4:25:
                    56:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:1F:8D:B0:2E:2E:97:1D:54:F9:0E:EF:10:70:90:39:8F:CC:3D:92
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/ee68ac-36ba-49a1-9df9-62e19ef960a4/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/ee68ac-36ba-49a1-9df9-62e19ef960a4/1/uR-NsC4ulx1U-Q7vEHCQOY_MPZI.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  198510

    Signature Algorithm: sha256WithRSAEncryption
         10:2c:c8:65:cb:66:c9:0e:6b:57:e5:6e:59:c6:b5:e6:62:b9:
         e5:34:b9:fc:0c:0e:3b:1b:a4:38:cd:f5:cf:27:29:ee:48:26:
         20:46:01:ab:2f:40:c4:28:27:06:19:96:d6:3b:7f:ca:7e:99:
         7d:2a:89:69:84:dd:43:b4:42:57:f2:0c:8f:6c:f3:55:da:0a:
         ff:d6:2f:5e:d0:a5:e8:c0:32:72:90:b8:2b:63:5d:9d:13:97:
         4a:0d:f4:fe:bb:44:e3:3c:e3:23:59:b5:52:c4:c1:99:a9:8c:
         e2:13:e2:5c:25:eb:f5:28:73:3f:88:06:ac:b8:ec:d4:cc:82:
         85:74:03:06:dc:fc:6b:dd:04:ab:d9:25:fe:37:4d:85:a3:d7:
         ac:b3:73:ac:1c:b4:e6:72:e4:bb:9a:70:ae:c1:78:be:45:28:
         fa:33:04:1d:26:24:16:01:2c:9d:69:06:80:fe:d6:e2:cd:88:
         b6:61:6c:8b:20:7f:e8:24:25:36:e2:a3:7f:47:8e:0a:43:47:
         a9:fe:a3:51:23:23:cb:12:64:ca:0e:49:12:25:f8:7a:f5:8c:
         a4:11:2f:e4:51:79:23:5f:e1:2a:e2:bb:3a:d4:0f:09:e9:df:
         b7:c2:f1:e9:cb:23:c1:d2:6f:8c:db:6f:3f:61:00:23:85:67:
         ec:ff:f5:33
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt7NUAnH/SRCAXTeuyuADTvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMjAxNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTFmOGRiMDJlMmU5NzFkNTRmOTBlZWYxMDcwOTAzOThmY2MzZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukrLpzVvntr0WHf+2Ap9WyqN9PtM
z1QZZm6CT9XTm99QCmXm+jTVv1VwASNcbh2kk5koswaPHe/toSKr9JtunCZ7M1Th
tXp2rwqHObuVlqetBoz5RcTGyVF0eH/mW76quC+EsZ//SKY1e6fWEBozB0kLjScZ
/OUyQLEBxXQLdjcF2/iHmL/ljepMOzh2oFO6owpEcCUjgNrMKvNa9joDApHYcJA+
x05dM8rDEu1IGgwmwsCu4kx+e2QRO39pGorlqSFyVzkDlpviIomAaFGMdHGEDNZN
8POnSa9J2PNJgWPAUgpbX8aiu4SSo+xRUTCWpQm8pECLUu7WLWJotCVWHQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFLkfjbAuLpcdVPkO7xBwkDmPzD2SMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQyL2VlNjhh
Yy0zNmJhLTQ5YTEtOWRmOS02MmUxOWVmOTYwYTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDIvZWU2OGFj
LTM2YmEtNDlhMS05ZGY5LTYyZTE5ZWY5NjBhNC8xL3VSLU5zQzR1bHgxVS1RN3ZF
SENRT1lfTVBaSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMHbjANBgkqhkiG9w0BAQsFAAOCAQEAECzIZctmyQ5r
V+VuWca15mK55TS5/AwOOxukOM31zycp7kgmIEYBqy9AxCgnBhmW1jt/yn6ZfSqJ
aYTdQ7RCV/IMj2zzVdoK/9YvXtCl6MAycpC4K2NdnROXSg30/rtE4zzjI1m1UsTB
mamM4hPiXCXr9ShzP4gGrLjs1MyChXQDBtz8a90Eq9kl/jdNhaPXrLNzrBy05nLk
u5pwrsF4vkUo+jMEHSYkFgEsnWkGgP7W4s2ItmFsiyB/6CQlNuKjf0eOCkNHqf6j
USMjyxJkyg5JEiX4evWMpBEv5FF5I1/hKuK7OtQPCenft8Lx6csjwdJvjNtvP2EA
I4Vn7P/1Mw==
-----END CERTIFICATE-----