This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lvdSOnszLr3xFKXAjcHV8yy9c8Y.cer
File:                     lvdSOnszLr3xFKXAjcHV8yy9c8Y.cer (raw, json)
Hash identifier:          nulxehfBSauW1QMgIoC/t4ZrHh39iT3WMMrIfyBUUS8=
Subject key identifier:   96:F7:52:3A:7B:33:2E:BD:F1:14:A5:C0:8D:C1:D5:F3:2C:BD:73:C6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       019B7F1577B63FE8660D584065374592CFAF
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/c5/0f95e9-b4db-47ab-be55-36057e354876/1/lvdSOnszLr3xFKXAjcHV8yy9c8Y.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/c5/0f95e9-b4db-47ab-be55-36057e354876/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Fri 02 Jan 2026 14:21:11 +0000
Certificate not after:    Thu 01 Jul 2027 00:00:00 +0000
Subordinate resources:    IP: 188.65.161.0/24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 Jan 2026 21:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:7f:15:77:b6:3f:e8:66:0d:58:40:65:37:45:92:cf:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  2 14:21:11 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=96f7523a7b332ebdf114a5c08dc1d5f32cbd73c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:0b:a2:be:02:b5:5e:b4:7b:9d:8d:f7:8d:19:
                    20:22:4a:db:39:42:cb:4b:51:a8:0e:ed:1e:66:3a:
                    d7:14:22:8c:62:46:24:e7:29:f7:98:11:ea:27:67:
                    d7:6a:ed:a2:5d:4d:d8:d8:9f:35:5e:53:a7:99:16:
                    bb:b0:8b:d5:66:b8:4c:bf:f4:16:94:bf:62:66:2a:
                    6b:0b:fc:7d:4a:ff:63:b0:8c:26:97:2b:7c:85:3b:
                    d6:8d:eb:aa:38:c0:a7:be:36:75:56:c0:23:f1:c9:
                    b9:5e:f3:54:49:95:fa:2e:59:7b:4e:6b:d2:45:ba:
                    51:80:ba:04:00:b0:ad:02:8f:97:2e:8b:44:08:9e:
                    f3:eb:a8:43:16:7b:15:d1:2d:51:ba:e3:7b:56:0c:
                    a6:3e:e0:7f:ed:ed:59:c1:d5:65:f0:8c:57:dc:ee:
                    9a:d4:d2:c8:69:b3:ae:d9:e4:45:61:5d:15:40:e4:
                    88:28:ba:45:db:00:24:f1:5a:95:ef:1c:db:2a:4c:
                    8d:1e:38:98:32:8a:98:40:c1:bc:c0:3c:c1:cf:ca:
                    b9:61:22:aa:fd:76:a9:7f:02:5a:3d:ec:a5:2f:0f:
                    88:50:9a:1d:4e:e1:81:f6:2f:a7:79:65:9e:37:08:
                    7c:ec:b3:26:e4:82:db:38:f0:47:ae:45:1c:1c:9f:
                    df:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:F7:52:3A:7B:33:2E:BD:F1:14:A5:C0:8D:C1:D5:F3:2C:BD:73:C6
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0f95e9-b4db-47ab-be55-36057e354876/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0f95e9-b4db-47ab-be55-36057e354876/1/lvdSOnszLr3xFKXAjcHV8yy9c8Y.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.65.161.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:2f:20:cf:13:ef:39:ca:7b:b4:28:79:9a:67:65:57:53:55:
         48:5d:18:8e:83:65:b9:d2:07:44:53:81:da:f5:82:f9:b3:32:
         20:93:7b:a3:38:ea:22:80:45:d0:56:a8:08:71:e7:cb:9c:c3:
         e1:04:5f:11:85:96:1e:aa:04:53:d2:01:da:d1:17:69:e0:f4:
         1d:71:74:7f:e6:18:f5:8d:f6:7a:a2:c1:c5:ff:b1:9b:d6:c2:
         b3:ce:37:28:1c:f9:5a:a5:9c:60:e0:bf:3a:f6:93:40:17:94:
         b1:44:a0:18:4e:b0:54:58:1a:24:03:66:55:48:17:c9:d8:58:
         0d:9e:a2:f0:e1:ad:db:fa:49:2d:33:63:75:4d:fb:3c:c4:64:
         f0:1e:7f:11:ee:53:b8:74:d1:e1:70:8a:ca:39:8d:bc:d1:dc:
         56:50:55:69:71:3b:fd:24:c7:32:03:39:9d:17:d5:75:f1:f5:
         21:26:77:1a:fb:67:b9:d2:7c:7e:93:c4:a8:90:e8:d7:99:7b:
         fa:a5:c2:92:92:1d:f7:48:4d:9f:a5:29:a0:ff:ff:5c:d9:10:
         37:da:fb:56:b9:09:db:dd:0b:d0:a8:c4:5d:28:8d:ef:12:5c:
         4b:f0:82:1f:5a:a4:31:03:1a:3b:62:e8:26:7e:ff:3c:f4:3a:
         97:07:3f:a8
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZt/FXe2P+hmDVhAZTdFks+vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjYwMTAyMTQyMTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmY3NTIzYTdiMzMyZWJkZjExNGE1YzA4ZGMxZDVmMzJjYmQ3M2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwuivgK1XrR7nY33jRkgIkrbOULL
S1GoDu0eZjrXFCKMYkYk5yn3mBHqJ2fXau2iXU3Y2J81XlOnmRa7sIvVZrhMv/QW
lL9iZiprC/x9Sv9jsIwmlyt8hTvWjeuqOMCnvjZ1VsAj8cm5XvNUSZX6Lll7TmvS
RbpRgLoEALCtAo+XLotECJ7z66hDFnsV0S1RuuN7VgymPuB/7e1ZwdVl8IxX3O6a
1NLIabOu2eRFYV0VQOSIKLpF2wAk8VqV7xzbKkyNHjiYMoqYQMG8wDzBz8q5YSKq
/XapfwJaPeylLw+IUJodTuGB9i+neWWeNwh87LMm5ILbOPBHrkUcHJ/fzwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFJb3Ujp7My698RSlwI3B1fMsvXPGMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M1LzBmOTVl
OS1iNGRiLTQ3YWItYmU1NS0zNjA1N2UzNTQ4NzYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUvMGY5NWU5
LWI0ZGItNDdhYi1iZTU1LTM2MDU3ZTM1NDg3Ni8xL2x2ZFNPbnN6THIzeEZLWEFq
Y0hWOHl5OWM4WS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAvEGhMA0GCSqGSIb3DQEBCwUAA4IBAQAELyDP
E+85ynu0KHmaZ2VXU1VIXRiOg2W50gdEU4Ha9YL5szIgk3ujOOoigEXQVqgIcefL
nMPhBF8RhZYeqgRT0gHa0Rdp4PQdcXR/5hj1jfZ6osHF/7Gb1sKzzjcoHPlapZxg
4L869pNAF5SxRKAYTrBUWBokA2ZVSBfJ2FgNnqLw4a3b+kktM2N1Tfs8xGTwHn8R
7lO4dNHhcIrKOY280dxWUFVpcTv9JMcyAzmdF9V18fUhJnca+2e50nx+k8SokOjX
mXv6pcKSkh33SE2fpSmg//9c2RA32vtWuQnb3QvQqMRdKI3vElxL8IIfWqQxAxo7
Yugmfv889DqXBz+o
-----END CERTIFICATE-----