This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/vrPkQJXzjKOIg2v2Zbb58JjcV5Q.cer
File:                     vrPkQJXzjKOIg2v2Zbb58JjcV5Q.cer (raw, json)
Hash identifier:          q1iDMlMjeKozlD191KD/v+ilAXCGxD7lMYHkl1yFEIM=
Subject key identifier:   BE:B3:E4:40:95:F3:8C:A3:88:83:6B:F6:65:B6:F9:F0:98:DC:57:94
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7E37FBA9DFEE9AA66ABDA18086D641B4
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/3f/65a525-a259-4023-9f95-a6a494562e1d/1/vrPkQJXzjKOIg2v2Zbb58JjcV5Q.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/3f/65a525-a259-4023-9f95-a6a494562e1d/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 02 Jan 2026 10:19:16 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 204549
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 06:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7e:37:fb:a9:df:ee:9a:a6:6a:bd:a1:80:86:d6:41:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 10:19:16 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=beb3e44095f38ca388836bf665b6f9f098dc5794
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:f3:5b:0d:4d:89:be:60:af:0c:d4:20:39:79:
                    c5:20:0c:e5:f9:2d:72:8e:de:09:6d:3a:3d:e6:83:
                    35:23:55:ed:2d:4f:51:25:28:8f:44:e1:a5:a3:a3:
                    f6:75:39:0f:59:2d:4b:d7:5c:5a:3f:3f:2e:b1:43:
                    b3:3f:b6:12:e2:22:96:86:20:ed:bc:b8:bf:03:52:
                    ff:cb:7b:be:67:40:a6:2a:47:93:df:44:1c:0f:35:
                    13:4d:1e:94:73:9d:21:a9:de:40:ba:64:6e:75:ad:
                    26:ae:b5:a4:63:fa:de:88:f8:ae:6c:8f:8d:7b:d7:
                    e3:db:41:b9:ad:f4:bc:7a:7e:c1:64:b0:7a:08:5c:
                    d1:31:90:0e:80:ca:84:bd:e1:09:17:ad:88:57:f6:
                    5f:42:0a:7c:33:3a:eb:4b:80:c6:23:c3:17:f1:de:
                    d6:8d:52:14:e5:6b:92:fe:c4:c0:85:e6:f8:7f:59:
                    58:ba:b6:47:a4:e6:44:85:8c:07:39:5e:28:22:d5:
                    51:a1:fe:d4:7d:06:18:66:33:07:ef:a6:bc:37:3b:
                    8c:eb:50:f5:a1:66:2b:94:b7:aa:68:7c:2f:d9:03:
                    07:2d:96:63:3d:19:a3:ce:f0:58:5f:40:da:b4:21:
                    f8:31:4c:1b:46:43:d3:cc:dd:10:da:2a:d8:be:bb:
                    d4:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:B3:E4:40:95:F3:8C:A3:88:83:6B:F6:65:B6:F9:F0:98:DC:57:94
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/65a525-a259-4023-9f95-a6a494562e1d/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/65a525-a259-4023-9f95-a6a494562e1d/1/vrPkQJXzjKOIg2v2Zbb58JjcV5Q.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  204549

    Signature Algorithm: sha256WithRSAEncryption
         73:91:eb:e0:d6:cf:b2:75:aa:e2:40:15:44:68:45:0e:1f:2f:
         a6:6c:34:81:53:02:7a:df:f5:8a:4d:2e:37:1d:08:fe:27:0e:
         98:32:c0:c1:87:ec:32:11:00:f9:be:8a:28:99:7b:7c:bc:0e:
         0b:2c:09:97:ef:f9:41:f3:14:94:60:cb:d8:23:87:df:2f:b2:
         d1:e0:c2:e4:2f:2f:f5:79:26:98:cf:34:a7:c7:10:e6:11:94:
         d7:ed:da:87:a2:b3:14:e0:97:67:b4:b7:b8:72:a5:a0:b5:75:
         ac:ff:42:e1:a9:89:a4:4b:0b:f6:fc:39:82:dc:b1:17:31:bd:
         2d:6e:dd:56:72:71:5e:eb:11:31:8a:bd:0f:08:91:5f:62:90:
         d1:7d:1c:61:10:da:15:8b:e5:c8:eb:50:53:c1:d0:3a:65:e7:
         9f:a5:b0:c2:62:96:d6:61:40:f7:b3:c0:53:78:7f:b0:d5:7c:
         12:0c:bc:43:8a:04:0a:e6:01:bd:12:21:ac:46:97:04:fe:e4:
         75:55:10:2d:87:ce:e9:4e:cc:4c:3b:25:34:0d:32:b5:f7:da:
         33:0f:e7:62:38:11:ce:e3:57:01:70:50:ed:9b:ea:8b:57:43:
         ec:34:d0:aa:40:fa:22:3e:36:18:9d:35:66:fb:88:37:3f:d3:
         c0:17:a1:43
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt+N/up3+6apmq9oYCG1kG0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMTAxOTE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWIzZTQ0MDk1ZjM4Y2EzODg4MzZiZjY2NWI2ZjlmMDk4ZGM1Nzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/NbDU2JvmCvDNQgOXnFIAzl+S1y
jt4JbTo95oM1I1XtLU9RJSiPROGlo6P2dTkPWS1L11xaPz8usUOzP7YS4iKWhiDt
vLi/A1L/y3u+Z0CmKkeT30QcDzUTTR6Uc50hqd5AumRuda0mrrWkY/reiPiubI+N
e9fj20G5rfS8en7BZLB6CFzRMZAOgMqEveEJF62IV/ZfQgp8MzrrS4DGI8MX8d7W
jVIU5WuS/sTAheb4f1lYurZHpOZEhYwHOV4oItVRof7UfQYYZjMH76a8NzuM61D1
oWYrlLeqaHwv2QMHLZZjPRmjzvBYX0DatCH4MUwbRkPTzN0Q2irYvrvUcQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFL6z5ECV84yjiINr9mW2+fCY3FeUMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNmLzY1YTUy
NS1hMjU5LTQwMjMtOWY5NS1hNmE0OTQ1NjJlMWQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2YvNjVhNTI1
LWEyNTktNDAyMy05Zjk1LWE2YTQ5NDU2MmUxZC8xL3ZyUGtRSlh6aktPSWcydjJa
YmI1OEpqY1Y1US5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMfBTANBgkqhkiG9w0BAQsFAAOCAQEAc5Hr4NbPsnWq
4kAVRGhFDh8vpmw0gVMCet/1ik0uNx0I/icOmDLAwYfsMhEA+b6KKJl7fLwOCywJ
l+/5QfMUlGDL2COH3y+y0eDC5C8v9XkmmM80p8cQ5hGU1+3ah6KzFOCXZ7S3uHKl
oLV1rP9C4amJpEsL9vw5gtyxFzG9LW7dVnJxXusRMYq9DwiRX2KQ0X0cYRDaFYvl
yOtQU8HQOmXnn6WwwmKW1mFA97PAU3h/sNV8Egy8Q4oECuYBvRIhrEaXBP7kdVUQ
LYfO6U7MTDslNA0ytffaMw/nYjgRzuNXAXBQ7Zvqi1dD7DTQqkD6Ij42GJ01ZvuI
Nz/TwBehQw==
-----END CERTIFICATE-----