This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6NZy-mCu5MJzoRUH9JtYTcVSxHI.cer
File:                     6NZy-mCu5MJzoRUH9JtYTcVSxHI.cer (raw, json)
Hash identifier:          SM5wbenof0ETTrvFxIjDw49tIDSouiQUhsDYY++Tvgg=
Subject key identifier:   E8:D6:72:FA:60:AE:E4:C2:73:A1:15:07:F4:9B:58:4D:C5:52:C4:72
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7F8558C5057E205D85033402E3F197FD
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/33/c4160d-772b-4567-a54e-751ac6807b04/1/6NZy-mCu5MJzoRUH9JtYTcVSxHI.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/33/c4160d-772b-4567-a54e-751ac6807b04/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 02 Jan 2026 16:23:24 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    IP: 2001:67c:e2c::/48
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 Jan 2026 16:30:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:85:58:c5:05:7e:20:5d:85:03:34:02:e3:f1:97:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 16:23:24 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e8d672fa60aee4c273a11507f49b584dc552c472
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:b8:c0:e5:49:d9:54:5d:b9:54:2d:d4:32:9d:
                    d6:9d:4d:00:e5:4e:ef:3e:8e:68:24:37:c0:ea:ac:
                    a3:66:11:d9:7a:e3:8b:10:5c:cd:d7:a4:e3:df:59:
                    26:9a:14:12:38:d3:34:86:43:b1:af:75:20:fd:eb:
                    43:72:86:8c:ce:e0:3b:23:8f:77:e6:33:f7:80:40:
                    a8:2a:c3:31:de:7b:02:5b:6c:50:58:94:d5:96:b5:
                    95:49:ea:69:83:9a:df:75:62:7e:92:29:52:35:48:
                    90:54:7f:31:60:b7:82:14:0b:d1:66:0b:33:59:62:
                    f3:23:d4:3c:76:4c:06:3f:6b:b8:00:5c:04:fa:dd:
                    de:36:fb:f3:cd:04:14:f6:4e:9b:f4:75:54:c8:49:
                    2e:63:56:ad:d4:4d:16:3d:3d:34:78:c4:97:b1:d2:
                    25:61:aa:31:c2:b1:97:1c:df:b4:6c:15:63:60:61:
                    68:1a:72:38:2e:5e:44:5c:b4:46:80:db:76:0c:d9:
                    1c:bb:7c:b9:52:ee:fe:c4:48:07:52:82:7b:3c:3d:
                    70:d2:de:c8:04:05:fc:46:ee:04:66:95:fe:f8:7d:
                    15:35:ce:fc:cc:97:12:e4:21:4d:77:a5:1c:81:12:
                    1d:43:ac:d2:cb:34:47:e0:e4:60:72:bc:89:4c:8b:
                    7e:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:D6:72:FA:60:AE:E4:C2:73:A1:15:07:F4:9B:58:4D:C5:52:C4:72
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c4160d-772b-4567-a54e-751ac6807b04/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c4160d-772b-4567-a54e-751ac6807b04/1/6NZy-mCu5MJzoRUH9JtYTcVSxHI.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:e2c::/48

    Signature Algorithm: sha256WithRSAEncryption
         58:b4:e0:23:76:34:52:dc:66:4d:3b:59:a4:51:32:08:9b:1f:
         8d:2d:f9:32:3a:ae:e9:b0:b0:d3:7d:75:26:54:8b:c6:40:c3:
         34:01:50:97:34:70:07:44:26:e7:bb:6d:14:ad:25:a7:cf:c9:
         58:fd:56:64:87:17:4c:f4:3d:de:97:46:89:8a:02:75:f2:16:
         0a:47:9d:5c:99:34:98:c6:bb:da:41:6e:ca:2e:4c:6a:b3:41:
         ad:c6:2f:9f:82:82:c9:75:ac:19:25:e1:29:d7:09:ce:a2:67:
         dc:01:62:12:06:fc:fb:71:51:48:69:f8:92:f0:2d:7f:dc:6c:
         a1:90:2a:6f:11:ba:2c:d4:d9:80:2d:41:2a:31:ee:7c:ea:30:
         8b:ea:d9:22:89:4c:de:df:b2:ff:a3:0b:97:5c:e1:78:a4:16:
         bb:16:f8:25:c0:6b:60:e5:ef:3b:f9:2f:eb:3f:f4:35:78:40:
         e0:fd:4c:ec:d4:19:eb:c4:8b:de:e0:20:9e:b8:69:62:d8:bf:
         57:26:92:18:5c:dd:70:70:80:ce:7f:9f:a5:f2:3c:c7:36:35:
         90:ff:a5:78:1e:60:3d:80:44:65:b5:11:99:61:4a:0e:30:bd:
         e2:b1:b5:48:a8:18:0e:74:d8:2f:3e:1d:d1:36:d1:72:91:5a:
         aa:72:96:3a
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAZt/hVjFBX4gXYUDNALj8Zf9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMTYyMzI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGQ2NzJmYTYwYWVlNGMyNzNhMTE1MDdmNDliNTg0ZGM1NTJjNDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4bjA5UnZVF25VC3UMp3WnU0A5U7v
Po5oJDfA6qyjZhHZeuOLEFzN16Tj31kmmhQSONM0hkOxr3Ug/etDcoaMzuA7I493
5jP3gECoKsMx3nsCW2xQWJTVlrWVSeppg5rfdWJ+kilSNUiQVH8xYLeCFAvRZgsz
WWLzI9Q8dkwGP2u4AFwE+t3eNvvzzQQU9k6b9HVUyEkuY1at1E0WPT00eMSXsdIl
YaoxwrGXHN+0bBVjYGFoGnI4Ll5EXLRGgNt2DNkcu3y5Uu7+xEgHUoJ7PD1w0t7I
BAX8Ru4EZpX++H0VNc78zJcS5CFNd6UcgRIdQ6zSyzRH4ORgcryJTIt+QwIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFOjWcvpgruTCc6EVB/SbWE3FUsRyMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzL2M0MTYw
ZC03NzJiLTQ1NjctYTU0ZS03NTFhYzY4MDdiMDQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMvYzQxNjBk
LTc3MmItNDU2Ny1hNTRlLTc1MWFjNjgwN2IwNC8xLzZOWnktbUN1NU1Kem9SVUg5
SnRZVGNWU3hISS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfA4sMA0GCSqGSIb3DQEBCwUAA4IBAQBY
tOAjdjRS3GZNO1mkUTIImx+NLfkyOq7psLDTfXUmVIvGQMM0AVCXNHAHRCbnu20U
rSWnz8lY/VZkhxdM9D3el0aJigJ18hYKR51cmTSYxrvaQW7KLkxqs0Gtxi+fgoLJ
dawZJeEp1wnOomfcAWISBvz7cVFIafiS8C1/3GyhkCpvEbos1NmALUEqMe586jCL
6tkiiUze37L/owuXXOF4pBa7FvglwGtg5e87+S/rP/Q1eEDg/Uzs1BnrxIve4CCe
uGli2L9XJpIYXN1wcIDOf5+l8jzHNjWQ/6V4HmA9gERltRGZYUoOML3isbVIqBgO
dNgvPh3RNtFykVqqcpY6
-----END CERTIFICATE-----