This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft File: GyN3Poe34e0LVeFQuncWsYJbPiY.mft (raw, json) Hash identifier: RNGm1GHo8/1oILJ02ADygQ7qGr55I+Ob+5og2xg1nyw= Subject key identifier: F6:34:35:82:B3:3C:9D:18:EA:48:5D:E8:2D:DC:94:DC:BF:CA:E8:90 Authority key identifier: 1B:23:77:3E:87:B7:E1:ED:0B:55:E1:50:BA:77:16:B1:82:5B:3E:26 Certificate issuer: /CN=1b23773e87b7e1ed0b55e150ba7716b1825b3e26 Certificate serial: 019AF31BF57CE09C30C6E6D11A646CFAA750 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft Manifest number: 14A0 Signing time: Sat 06 Dec 2025 10:01:27 +0000 Manifest this update: Sat 06 Dec 2025 10:01:27 +0000 Manifest next update: Sun 07 Dec 2025 10:01:27 +0000 Files and hashes: 1: GyN3Poe34e0LVeFQuncWsYJbPiY.crl (hash: Vjchy1/PRIrLpzSqhMfGzSG8Cn3u3UXnvhf2IdAqRiA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.crl rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:f5:7c:e0:9c:30:c6:e6:d1:1a:64:6c:fa:a7:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1b23773e87b7e1ed0b55e150ba7716b1825b3e26 Validity Not Before: Dec 6 10:01:27 2025 GMT Not After : Dec 7 10:01:27 2025 GMT Subject: CN=f6343582b33c9d18ea485de82ddc94dcbfcae890 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:59:a7:94:89:01:2a:9e:08:97:b3:ec:a1:bc: ca:05:26:46:5f:1b:a9:86:ac:9a:85:48:18:b6:78: 0f:9a:18:80:8a:6f:d0:d2:8a:2b:0d:c8:c6:03:05: 53:d4:4a:44:a5:0c:e9:59:36:74:45:4d:cc:7c:49: 51:67:3e:37:9e:81:6b:39:3c:f6:32:c9:95:de:50: 40:2e:3f:62:7a:29:f9:a9:1e:e1:74:b1:23:e9:2d: 10:e3:e9:b8:76:4d:1f:69:b5:1d:cd:b0:2c:1e:e3: 41:de:97:a2:67:f8:d7:8e:0b:4c:03:25:b4:64:bb: 12:24:b9:ed:2c:2e:fe:99:77:3d:f0:59:22:0e:7f: 1d:6d:62:94:08:15:66:68:c8:0c:c1:e3:93:40:8e: cc:b0:87:d6:61:13:0e:41:79:d8:61:45:5c:ad:24: be:bc:18:84:08:6b:77:9e:4a:08:3d:e1:6f:ca:17: 08:39:a7:65:02:c3:65:96:e9:7d:97:26:d9:de:52: d9:78:5b:52:62:38:78:b9:9b:97:2f:7a:31:d4:c4: 87:84:2c:77:21:96:af:06:8c:1b:45:10:c2:fd:76: c2:81:c6:a6:9f:e2:6a:7e:bc:c7:ac:8d:db:e0:26: 53:1b:18:c6:81:1c:c9:f4:52:32:79:ce:89:00:fd: 8f:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:34:35:82:B3:3C:9D:18:EA:48:5D:E8:2D:DC:94:DC:BF:CA:E8:90 X509v3 Authority Key Identifier: keyid:1B:23:77:3E:87:B7:E1:ED:0B:55:E1:50:BA:77:16:B1:82:5B:3E:26 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GyN3Poe34e0LVeFQuncWsYJbPiY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/a48846-885a-490d-8577-dc9ba431d57a/1/GyN3Poe34e0LVeFQuncWsYJbPiY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 93:9c:b5:98:9a:9f:ba:84:67:20:64:14:60:a9:e2:42:f0:fd: 1d:57:4e:52:0d:69:9c:9f:70:60:5f:9d:cc:f0:1b:44:14:58: a5:8d:20:c8:b6:db:f0:f8:50:ca:08:22:49:63:d3:21:1f:b9: 5f:54:3e:ee:dd:f7:8e:c9:01:b0:8d:41:ce:68:ce:cc:84:46: 85:7a:74:ba:ae:b5:d6:01:ca:72:bf:8d:56:83:58:30:91:df: 5c:82:28:64:fe:6e:32:f8:93:c6:cb:74:14:8e:57:9c:04:2d: a5:d7:fd:da:26:c0:78:f2:d4:3a:e8:ea:4d:36:c4:f4:a2:9a: e6:c9:1c:41:d3:be:3b:fa:a2:3d:c3:74:6e:b2:4a:26:46:2a: a1:d7:15:8f:8d:f6:da:e0:2b:81:5d:88:e8:22:a0:0b:d6:17: 8c:af:51:47:39:89:61:79:df:e5:1c:19:4f:80:c5:78:1b:20: e6:6b:b4:59:cb:79:63:fc:e2:4a:4f:b0:5d:2e:47:e7:d2:4d: 81:5c:48:36:fd:d1:7b:96:eb:48:01:ad:5a:fd:61:a6:f4:f2: a6:53:a0:33:9a:d6:b1:dd:5f:90:a3:f8:db:36:03:92:a2:7d: fd:ec:80:21:3e:43:72:27:d0:ae:ad:0b:38:c7:d7:d4:39:47: 04:51:17:2c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG/V84JwwxubRGmRs+qdQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiMjM3NzNlODdiN2UxZWQwYjU1ZTE1MGJhNzcxNmIxODI1 YjNlMjYwHhcNMjUxMjA2MTAwMTI3WhcNMjUxMjA3MTAwMTI3WjAzMTEwLwYDVQQD EyhmNjM0MzU4MmIzM2M5ZDE4ZWE0ODVkZTgyZGRjOTRkY2JmY2FlODkwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlmnlIkBKp4Il7PsobzKBSZGXxup hqyahUgYtngPmhiAim/Q0oorDcjGAwVT1EpEpQzpWTZ0RU3MfElRZz43noFrOTz2 MsmV3lBALj9iein5qR7hdLEj6S0Q4+m4dk0fabUdzbAsHuNB3peiZ/jXjgtMAyW0 ZLsSJLntLC7+mXc98FkiDn8dbWKUCBVmaMgMweOTQI7MsIfWYRMOQXnYYUVcrSS+ vBiECGt3nkoIPeFvyhcIOadlAsNllul9lybZ3lLZeFtSYjh4uZuXL3ox1MSHhCx3 IZavBowbRRDC/XbCgcamn+JqfrzHrI3b4CZTGxjGgRzJ9FIyec6JAP2PDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPY0NYKzPJ0Y6khd6C3clNy/yuiQMB8GA1UdIwQY MBaAFBsjdz6Ht+HtC1XhULp3FrGCWz4mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9hNDg4NDYtODg1YS00OTBkLTg1Nzct ZGM5YmE0MzFkNTdhLzEvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi9hNDg4NDYtODg1YS00OTBkLTg1NzctZGM5YmE0MzFkNTdh LzEvR3lOM1BvZTM0ZTBMVmVGUXVuY1dzWUpiUGlZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk5y1mJqf uoRnIGQUYKniQvD9HVdOUg1pnJ9wYF+dzPAbRBRYpY0gyLbb8PhQyggiSWPTIR+5 X1Q+7t33jskBsI1BzmjOzIRGhXp0uq611gHKcr+NVoNYMJHfXIIoZP5uMviTxst0 FI5XnAQtpdf92ibAePLUOujqTTbE9KKa5skcQdO+O/qiPcN0brJKJkYqodcVj432 2uArgV2I6CKgC9YXjK9RRzmJYXnf5RwZT4DFeBsg5mu0Wct5Y/ziSk+wXS5H59JN gVxINv3Re5brSAGtWv1hpvTyplOgM5rWsd1fkKP42zYDkqJ9/eyAIT5DcifQrq0L OMfX1DlHBFEXLA== -----END CERTIFICATE-----Generated at Sat Dec 6 15:31:00 2025 by rpki-client