This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yGdv_eMX8uwbgQDS2dRKPn2PeNY.cer
File:                     yGdv_eMX8uwbgQDS2dRKPn2PeNY.cer (raw, json)
Hash identifier:          8pWQoPLT0cWFBvtUSGYKOYAaQF/r1U0lu7w9Aag0pt0=
Subject key identifier:   C8:67:6F:FD:E3:17:F2:EC:1B:81:00:D2:D9:D4:4A:3E:7D:8F:78:D6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7C127158ABEF400077282719A92E5BC6
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 02 Jan 2026 00:19:02 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 34323
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Feb 2026 06:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7c:12:71:58:ab:ef:40:00:77:28:27:19:a9:2e:5b:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 00:19:02 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=c8676ffde317f2ec1b8100d2d9d44a3e7d8f78d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:38:74:f7:aa:7f:5d:ac:a6:8d:b3:3c:5e:b8:
                    db:20:f3:d5:4b:c9:bd:cc:35:8a:1f:f7:af:2f:9d:
                    f0:af:10:0c:24:a0:cd:ba:15:61:e2:1c:f2:ac:a5:
                    f9:a0:65:0d:aa:e5:3f:9c:7d:28:a6:d1:1c:5d:48:
                    61:9e:42:92:3f:b6:b6:3e:fe:82:b3:c5:94:eb:db:
                    3b:f8:75:11:45:85:9e:a3:a7:38:87:de:3f:47:39:
                    98:ba:81:b3:98:80:1c:28:8e:6a:fd:ac:3e:45:d7:
                    97:e9:4d:2a:38:bd:0c:64:28:30:1b:3b:43:9b:e0:
                    57:b9:61:9b:45:4a:ea:b1:9e:2d:60:da:b2:b4:b7:
                    a6:85:09:0d:a1:ad:39:1b:28:e2:9e:4c:a4:10:07:
                    7b:99:1c:06:60:02:1c:dc:11:0c:a2:52:f9:6d:0e:
                    d7:9f:fb:fd:de:10:49:92:a7:1b:fa:62:cb:31:7b:
                    1f:77:66:02:db:e7:c9:57:7f:fd:e6:cd:c2:87:d3:
                    5f:c7:90:6d:f6:79:ee:f1:7a:25:d6:c9:ad:d2:15:
                    38:96:9b:17:e5:27:eb:c1:71:89:b2:8b:12:6e:c2:
                    39:36:a4:b6:44:a8:83:97:42:85:2d:3c:6f:11:2d:
                    f5:76:2a:79:4f:70:4c:8f:92:27:b6:03:da:25:25:
                    0c:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:67:6F:FD:E3:17:F2:EC:1B:81:00:D2:D9:D4:4A:3E:7D:8F:78:D6
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  34323

    Signature Algorithm: sha256WithRSAEncryption
         7f:bb:55:24:2b:a3:9b:e5:fd:09:62:f1:c4:d4:1a:7a:d1:1b:
         f7:20:70:7f:14:70:0f:57:82:3a:58:ca:47:44:fb:40:5d:8d:
         e4:11:88:26:59:81:49:ee:00:14:df:c1:40:ef:52:68:67:1e:
         1c:f9:0c:23:b6:29:3b:fc:b7:8b:71:03:df:e7:52:9b:10:ce:
         20:c3:ba:43:49:f6:b7:d8:d6:29:a5:5c:1c:e1:a3:2d:9f:30:
         1f:8f:70:7e:79:12:8d:15:5d:e9:24:e7:07:d1:d6:e1:5e:af:
         58:ab:83:42:3d:e0:04:d0:1b:06:00:b8:5a:19:3d:cf:f2:d5:
         20:bc:40:db:08:f4:4e:bf:f6:d9:2a:61:fe:09:1f:1a:c6:d8:
         32:4d:57:f3:46:9c:d0:63:ce:09:74:f4:be:72:56:37:44:07:
         6a:12:7f:21:5b:2e:d4:f9:c1:23:fe:ef:2e:31:b7:e5:41:a7:
         17:4e:c7:56:d0:81:1f:62:6b:b1:67:d4:8e:2f:6d:84:b6:85:
         86:f1:ce:f2:c1:03:26:a8:84:87:2a:4e:2d:62:2d:53:00:58:
         86:a5:e2:bd:b8:62:43:e8:e2:dd:17:be:cf:e8:70:e1:7e:eb:
         f3:3e:5f:3f:3a:de:e2:29:79:ed:3d:67:62:02:2a:64:b6:73:
         69:83:c5:02
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt8EnFYq+9AAHcoJxmpLlvGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMDAxOTAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODY3NmZmZGUzMTdmMmVjMWI4MTAwZDJkOWQ0NGEzZTdkOGY3OGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjh096p/XaymjbM8XrjbIPPVS8m9
zDWKH/evL53wrxAMJKDNuhVh4hzyrKX5oGUNquU/nH0optEcXUhhnkKSP7a2Pv6C
s8WU69s7+HURRYWeo6c4h94/RzmYuoGzmIAcKI5q/aw+RdeX6U0qOL0MZCgwGztD
m+BXuWGbRUrqsZ4tYNqytLemhQkNoa05GyjinkykEAd7mRwGYAIc3BEMolL5bQ7X
n/v93hBJkqcb+mLLMXsfd2YC2+fJV3/95s3Ch9Nfx5Bt9nnu8Xol1smt0hU4lpsX
5SfrwXGJsosSbsI5NqS2RKiDl0KFLTxvES31dip5T3BMj5IntgPaJSUMxwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFMhnb/3jF/LsG4EA0tnUSj59j3jWMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RhLzQ5YjMw
Ny1mZGNhLTRjNTctYWZkZi03MDk3OTNjZDAxMjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGEvNDliMzA3
LWZkY2EtNGM1Ny1hZmRmLTcwOTc5M2NkMDEyMy8xL3lHZHZfZU1YOHV3YmdRRFMy
ZFJLUG4yUGVOWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCGEzANBgkqhkiG9w0BAQsFAAOCAQEAf7tVJCujm+X9
CWLxxNQaetEb9yBwfxRwD1eCOljKR0T7QF2N5BGIJlmBSe4AFN/BQO9SaGceHPkM
I7YpO/y3i3ED3+dSmxDOIMO6Q0n2t9jWKaVcHOGjLZ8wH49wfnkSjRVd6STnB9HW
4V6vWKuDQj3gBNAbBgC4Whk9z/LVILxA2wj0Tr/22Sph/gkfGsbYMk1X80ac0GPO
CXT0vnJWN0QHahJ/IVsu1PnBI/7vLjG35UGnF07HVtCBH2JrsWfUji9thLaFhvHO
8sEDJqiEhypOLWItUwBYhqXivbhiQ+ji3Re+z+hw4X7r8z5fPzre4il57T1nYgIq
ZLZzaYPFAg==
-----END CERTIFICATE-----