This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/vln_z7TGm3nZrNy-apTbidUjYI4.cer
File:                     vln_z7TGm3nZrNy-apTbidUjYI4.cer (raw, json)
Hash identifier:          apO32DaLhh4QfSRlA3soCOtQM8UaiIeuedwX+ELag9g=
Subject key identifier:   BE:59:FF:CF:B4:C6:9B:79:D9:AC:DC:BE:6A:94:DB:89:D5:23:60:8E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7EA5904EC7009CCCE41B404445A7F09E
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/5e/1ccc69-986a-4bad-bd3a-9b6a0f369bcd/1/vln_z7TGm3nZrNy-apTbidUjYI4.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/5e/1ccc69-986a-4bad-bd3a-9b6a0f369bcd/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 02 Jan 2026 12:18:58 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 198734
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 15:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:a5:90:4e:c7:00:9c:cc:e4:1b:40:44:45:a7:f0:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 12:18:58 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=be59ffcfb4c69b79d9acdcbe6a94db89d523608e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:7a:27:37:71:b9:b2:af:93:03:24:cc:e3:38:
                    e7:2a:f3:4c:2a:90:cc:87:1f:25:3a:fe:c8:57:92:
                    b0:86:9e:c8:2a:25:1f:69:2d:8f:19:3f:8a:ac:5e:
                    61:fa:b8:d7:5c:ed:e5:49:09:47:b1:87:68:ab:dc:
                    fb:8e:68:ed:ea:8e:5d:8b:19:00:b7:f7:d6:63:b5:
                    a8:2f:f9:b1:07:e5:22:c1:0b:48:65:27:a4:00:5e:
                    11:d9:f9:bc:d1:a7:02:0d:e8:8b:ec:bb:9f:e9:cf:
                    c8:ba:e9:3f:0c:0b:7a:10:b7:a8:5f:2c:71:38:2d:
                    53:b6:7b:27:6c:7a:32:16:54:00:87:96:7e:cb:3b:
                    1a:27:8c:66:43:9b:70:3a:3c:0a:00:7a:3c:99:75:
                    ef:30:c6:de:3d:37:ae:a3:d8:37:61:70:7c:b6:15:
                    50:b8:0b:6f:9c:d7:ea:24:ec:14:2a:df:37:56:40:
                    2b:d9:5a:90:a8:68:dc:54:a1:94:41:b8:10:18:89:
                    a7:bb:df:d0:e0:85:62:5c:6b:f1:73:19:fb:ec:d6:
                    78:25:76:d6:4b:1a:44:16:d1:b5:6d:9e:2b:63:40:
                    f8:de:08:17:05:fa:0e:cf:a1:ae:70:b8:52:18:50:
                    8f:a7:64:28:2e:d7:6a:c9:ef:2e:5a:cf:59:0f:c7:
                    bb:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:59:FF:CF:B4:C6:9B:79:D9:AC:DC:BE:6A:94:DB:89:D5:23:60:8E
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1ccc69-986a-4bad-bd3a-9b6a0f369bcd/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1ccc69-986a-4bad-bd3a-9b6a0f369bcd/1/vln_z7TGm3nZrNy-apTbidUjYI4.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  198734

    Signature Algorithm: sha256WithRSAEncryption
         af:a7:1d:6b:77:1f:73:b7:14:dd:9e:5d:e2:4b:0d:54:d4:aa:
         95:ce:45:23:17:70:b2:57:df:78:21:6a:77:56:ed:6d:54:cb:
         b5:62:f0:7b:7b:ac:df:93:d3:f7:0b:72:69:cf:36:df:44:e2:
         fc:71:0f:a6:5f:88:1d:61:99:98:24:18:b7:37:a2:60:fe:02:
         3c:09:3c:41:12:09:6b:15:46:7e:da:1b:7b:e1:c6:62:dc:e8:
         0c:87:55:b6:e6:50:33:ae:bc:f0:c3:d2:78:5f:ac:39:dc:54:
         40:e1:16:10:88:2a:76:4c:dc:86:6d:99:19:b2:5a:c7:1b:87:
         a5:2a:22:b8:4e:94:44:ec:99:52:30:05:43:50:23:e6:55:b4:
         64:ca:ab:c9:88:cf:f7:6f:92:b8:b0:0c:fb:39:af:f4:8e:03:
         7f:62:46:a5:d8:8c:6e:1e:14:81:74:47:ca:80:05:7d:4a:ab:
         65:7b:2d:00:ed:8d:56:fc:3f:bc:36:03:d7:1a:ba:48:aa:78:
         33:1f:69:08:64:1f:a9:c8:b5:b7:bc:99:93:fd:4f:22:e9:84:
         30:d0:89:5c:4a:ef:ff:7f:28:3f:e3:99:16:61:2e:17:5c:d0:
         11:70:a7:88:3d:b6:0f:56:13:33:0d:61:0c:51:7b:64:63:b7:
         35:24:7b:08
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt+pZBOxwCczOQbQERFp/CeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMTIxODU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTU5ZmZjZmI0YzY5Yjc5ZDlhY2RjYmU2YTk0ZGI4OWQ1MjM2MDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3onN3G5sq+TAyTM4zjnKvNMKpDM
hx8lOv7IV5Kwhp7IKiUfaS2PGT+KrF5h+rjXXO3lSQlHsYdoq9z7jmjt6o5dixkA
t/fWY7WoL/mxB+UiwQtIZSekAF4R2fm80acCDeiL7Luf6c/Iuuk/DAt6ELeoXyxx
OC1TtnsnbHoyFlQAh5Z+yzsaJ4xmQ5twOjwKAHo8mXXvMMbePTeuo9g3YXB8thVQ
uAtvnNfqJOwUKt83VkAr2VqQqGjcVKGUQbgQGImnu9/Q4IViXGvxcxn77NZ4JXbW
SxpEFtG1bZ4rY0D43ggXBfoOz6GucLhSGFCPp2QoLtdqye8uWs9ZD8e7CwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFL5Z/8+0xpt52azcvmqU24nVI2COMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVlLzFjY2M2
OS05ODZhLTRiYWQtYmQzYS05YjZhMGYzNjliY2QvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUvMWNjYzY5
LTk4NmEtNGJhZC1iZDNhLTliNmEwZjM2OWJjZC8xL3Zsbl96N1RHbTNuWnJOeS1h
cFRiaWRVallJNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMITjANBgkqhkiG9w0BAQsFAAOCAQEAr6cda3cfc7cU
3Z5d4ksNVNSqlc5FIxdwslffeCFqd1btbVTLtWLwe3us35PT9wtyac8230Ti/HEP
pl+IHWGZmCQYtzeiYP4CPAk8QRIJaxVGftobe+HGYtzoDIdVtuZQM6688MPSeF+s
OdxUQOEWEIgqdkzchm2ZGbJaxxuHpSoiuE6UROyZUjAFQ1Aj5lW0ZMqryYjP92+S
uLAM+zmv9I4Df2JGpdiMbh4UgXRHyoAFfUqrZXstAO2NVvw/vDYD1xq6SKp4Mx9p
CGQfqci1t7yZk/1PIumEMNCJXErv/38oP+OZFmEuF1zQEXCniD22D1YTMw1hDFF7
ZGO3NSR7CA==
-----END CERTIFICATE-----