This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/zltbNMXCbMP9SuDC5VH3ks7LbFM.cer
File:                     zltbNMXCbMP9SuDC5VH3ks7LbFM.cer (raw, json)
Hash identifier:          cye0toqZl3N/nU7UMUpCip7+99/Zrfp77PQL21JIIo0=
Subject key identifier:   CE:5B:5B:34:C5:C2:6C:C3:FD:4A:E0:C2:E5:51:F7:92:CE:CB:6C:53
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B76EB2505BBF1D6408508EC4DD92FBD70
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/7c/e53aa0-5048-408f-a3a8-09cbf7b242c3/1/zltbNMXCbMP9SuDC5VH3ks7LbFM.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/7c/e53aa0-5048-408f-a3a8-09cbf7b242c3/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Thu 01 Jan 2026 00:18:00 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    AS: 210013
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 27 Jan 2026 20:39:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:76:eb:25:05:bb:f1:d6:40:85:08:ec:4d:d9:2f:bd:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 00:18:00 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=ce5b5b34c5c26cc3fd4ae0c2e551f792cecb6c53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:72:e1:b1:50:8f:9f:c4:ab:69:97:2f:e3:ac:
                    a3:a7:82:e2:6d:6d:75:ec:9c:5d:97:23:74:a8:c7:
                    73:b7:d0:b9:96:ef:da:ed:a7:2a:f7:70:14:a7:e7:
                    26:27:74:dd:db:87:2b:01:1e:50:33:74:d5:4c:b2:
                    8c:37:49:79:04:c5:7b:cf:9e:02:e0:d5:7f:63:e9:
                    e8:1a:0d:de:f1:24:ee:67:e7:f1:a8:40:33:0b:b8:
                    b3:b1:28:1a:9b:36:95:c4:75:a6:73:82:56:c2:56:
                    0f:76:50:87:a4:42:f3:0d:93:ac:f0:9b:ec:72:31:
                    b6:61:69:90:c6:ed:2b:fe:c0:85:85:6c:2c:85:59:
                    a4:68:1b:e8:df:07:2a:e5:6c:8a:48:4c:df:2a:14:
                    40:0e:36:5b:2a:4d:e4:96:26:70:a8:e2:1d:75:88:
                    a9:08:9c:5d:ef:49:1e:44:df:95:f3:79:ca:5f:1e:
                    a8:73:a1:99:4b:21:e4:5a:33:07:49:f9:43:4f:98:
                    72:8e:6e:95:52:cb:24:54:4b:2e:73:55:a3:1a:1a:
                    39:38:cf:41:36:8b:06:48:27:1b:ed:da:0c:42:08:
                    92:ad:41:a6:00:09:84:e5:ec:31:d7:20:c3:b1:91:
                    99:1d:a0:fc:94:00:00:9b:d3:5e:63:b6:28:d7:28:
                    12:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:5B:5B:34:C5:C2:6C:C3:FD:4A:E0:C2:E5:51:F7:92:CE:CB:6C:53
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/e53aa0-5048-408f-a3a8-09cbf7b242c3/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/e53aa0-5048-408f-a3a8-09cbf7b242c3/1/zltbNMXCbMP9SuDC5VH3ks7LbFM.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  210013

    Signature Algorithm: sha256WithRSAEncryption
         95:8b:f3:1b:b3:8d:d8:2f:77:10:72:39:f1:32:54:c9:77:46:
         21:f3:c6:8a:89:b6:eb:0c:d9:23:25:dd:a5:02:c4:25:5e:c8:
         30:72:65:8e:94:12:ac:35:07:44:50:9e:b3:73:59:40:1d:4a:
         ab:4d:5d:e0:44:c6:02:3f:5c:b4:a4:53:4d:de:f4:ea:a0:01:
         9d:34:b7:22:4b:fc:9f:db:f2:05:56:a8:6e:7b:67:b4:8c:fd:
         d6:d1:33:d9:17:81:7f:8d:5a:47:22:72:26:72:d6:93:73:08:
         cd:a9:7d:a4:cd:9d:63:d6:4e:f6:c1:fc:59:bd:92:a6:f3:2f:
         df:65:30:c1:6c:41:8d:20:66:23:a8:8a:b5:bb:c4:ed:f6:1e:
         18:e3:96:34:7b:de:01:40:9b:3c:03:d4:b5:fc:78:a7:c3:ec:
         6f:60:73:e4:52:9f:59:f5:9c:cf:2a:11:4b:b0:09:db:8a:ab:
         4a:0e:98:0e:e1:6b:2b:e5:e8:ed:bc:88:85:20:ea:f1:1e:71:
         db:9d:7e:09:81:45:1c:15:e3:f4:26:22:31:37:4a:87:23:9b:
         76:c0:c4:9a:0b:7f:07:55:ee:b6:d3:1a:bc:8e:aa:94:24:4b:
         36:f3:f8:6a:7a:6c:20:6e:c4:fc:1b:8a:c1:e8:5d:f5:21:1d:
         7d:d8:97:c2
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZt26yUFu/HWQIUI7E3ZL71wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAxMDAxODAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTViNWIzNGM1YzI2Y2MzZmQ0YWUwYzJlNTUxZjc5MmNlY2I2YzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5HLhsVCPn8SraZcv46yjp4LibW11
7JxdlyN0qMdzt9C5lu/a7acq93AUp+cmJ3Td24crAR5QM3TVTLKMN0l5BMV7z54C
4NV/Y+noGg3e8STuZ+fxqEAzC7izsSgamzaVxHWmc4JWwlYPdlCHpELzDZOs8Jvs
cjG2YWmQxu0r/sCFhWwshVmkaBvo3wcq5WyKSEzfKhRADjZbKk3kliZwqOIddYip
CJxd70keRN+V83nKXx6oc6GZSyHkWjMHSflDT5hyjm6VUsskVEsuc1WjGho5OM9B
NosGSCcb7doMQgiSrUGmAAmE5ewx1yDDsZGZHaD8lAAAm9NeY7Yo1ygSdQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFM5bWzTFwmzD/UrgwuVR95LOy2xTMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdjL2U1M2Fh
MC01MDQ4LTQwOGYtYTNhOC0wOWNiZjdiMjQyYzMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2MvZTUzYWEw
LTUwNDgtNDA4Zi1hM2E4LTA5Y2JmN2IyNDJjMy8xL3psdGJOTVhDYk1QOVN1REM1
Vkgza3M3TGJGTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwM0XTANBgkqhkiG9w0BAQsFAAOCAQEAlYvzG7ON2C93
EHI58TJUyXdGIfPGiom26wzZIyXdpQLEJV7IMHJljpQSrDUHRFCes3NZQB1Kq01d
4ETGAj9ctKRTTd706qABnTS3Ikv8n9vyBVaobntntIz91tEz2ReBf41aRyJyJnLW
k3MIzal9pM2dY9ZO9sH8Wb2SpvMv32UwwWxBjSBmI6iKtbvE7fYeGOOWNHveAUCb
PAPUtfx4p8Psb2Bz5FKfWfWczyoRS7AJ24qrSg6YDuFrK+Xo7byIhSDq8R5x251+
CYFFHBXj9CYiMTdKhyObdsDEmgt/B1XuttMavI6qlCRLNvP4anpsIG7E/BuKwehd
9SEdfdiXwg==
-----END CERTIFICATE-----