This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.mft File: GyceKuYih3VSuJ28R016EwWEpI4.mft (raw, json) Hash identifier: IV5hZg8be9TEkaud3wkJrLSdpVPcPtuG/AiNauCZw9s= Subject key identifier: 2A:5D:70:1A:7D:76:D1:48:35:7A:B5:15:20:91:2B:C8:F8:05:F9:83 Authority key identifier: 1B:27:1E:2A:E6:22:87:75:52:B8:9D:BC:47:4D:7A:13:05:84:A4:8E Certificate issuer: /CN=1b271e2ae622877552b89dbc474d7a130584a48e Certificate serial: 019B5A522DF005FCDC62F27E62D1BC0206F7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GyceKuYih3VSuJ28R016EwWEpI4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.mft Manifest number: 0BA4 Signing time: Fri 26 Dec 2025 11:01:33 +0000 Manifest this update: Fri 26 Dec 2025 11:01:33 +0000 Manifest next update: Sat 27 Dec 2025 11:01:33 +0000 Files and hashes: 1: GyceKuYih3VSuJ28R016EwWEpI4.crl (hash: BtbcEktfgnM5YiLUSVmzBTBnF3pPXxvDTpzY77tTZgw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.crl rsync://rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.mft rsync://rpki.ripe.net/repository/DEFAULT/GyceKuYih3VSuJ28R016EwWEpI4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:52:2d:f0:05:fc:dc:62:f2:7e:62:d1:bc:02:06:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1b271e2ae622877552b89dbc474d7a130584a48e Validity Not Before: Dec 26 11:01:33 2025 GMT Not After : Dec 27 11:01:33 2025 GMT Subject: CN=2a5d701a7d76d148357ab51520912bc8f805f983 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:ba:14:e1:50:0b:e9:1b:39:b0:49:eb:d8:ca: 89:6c:79:60:f8:9c:ce:fe:95:e2:4f:b1:0c:68:62: 60:19:78:d0:e1:af:3e:ed:cf:3c:93:1d:70:26:60: f5:a8:6f:b2:3c:b8:43:e1:e6:18:b7:9f:4c:15:aa: 72:b4:83:81:43:e3:c8:76:4a:e1:43:cf:41:d5:ed: a2:c8:8f:8e:ba:cb:a4:90:1d:bb:28:00:8a:c9:3e: b1:a2:1b:5d:4f:de:91:be:c4:f7:cc:aa:09:74:68: ed:cd:5e:d0:45:38:e3:c4:a1:e4:04:fd:7e:85:84: e0:a7:2a:46:4a:a7:cc:78:e9:70:2d:a7:a0:89:26: d6:00:f7:8c:06:e6:d5:94:6c:21:5a:37:f8:19:d0: 8b:7a:9f:17:ac:b8:16:43:77:3b:fe:ff:85:89:ba: 0e:de:db:b3:81:7a:4d:c3:81:03:e3:9b:d1:32:fc: 57:09:66:d9:81:74:2f:0c:4e:12:c7:28:e1:64:9e: ae:c9:30:2e:90:42:8a:25:85:03:f5:28:e1:a9:29: a4:42:0f:3d:68:b6:3b:e7:9d:28:e5:3e:0a:18:2f: ad:90:ef:e5:f1:e1:cd:86:46:85:ee:c6:e2:1a:79: 76:48:7d:c5:3e:d4:64:ca:c2:f4:ac:c0:7b:ce:37: fa:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:5D:70:1A:7D:76:D1:48:35:7A:B5:15:20:91:2B:C8:F8:05:F9:83 X509v3 Authority Key Identifier: keyid:1B:27:1E:2A:E6:22:87:75:52:B8:9D:BC:47:4D:7A:13:05:84:A4:8E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GyceKuYih3VSuJ28R016EwWEpI4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/20d6a8-c4e2-47e3-90df-1c8ed36d2566/1/GyceKuYih3VSuJ28R016EwWEpI4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a2:aa:a7:2c:91:c2:d6:f3:0f:97:96:f8:91:ed:23:52:1f:b7: 57:62:05:d4:92:bd:85:a6:bf:fd:28:73:52:24:76:36:39:f5: 79:6b:ef:fd:e7:a1:c9:57:b9:14:4e:04:56:b0:dc:97:61:c4: 95:97:79:5c:6e:17:37:50:ac:57:dc:23:de:01:29:e6:fd:88: 52:82:9f:48:d2:4b:85:d8:5b:5d:35:a7:24:9d:73:0d:df:e3: 1b:4a:c1:5c:c1:75:ff:32:63:e5:70:e1:9a:bc:0f:9b:83:aa: 0c:e1:44:c7:84:6e:af:b2:36:3e:b1:8b:bf:d6:c0:ba:a6:0d: 92:cf:45:46:3f:c4:02:a7:57:46:e1:e0:08:b4:fa:13:b9:e6: 4a:d9:d4:d7:3a:11:59:40:83:43:19:f6:10:06:78:4a:d5:59: 51:a5:c7:c2:c5:20:9a:1f:7c:c0:84:41:18:1c:aa:68:54:31: 17:e2:04:b7:8a:c5:ca:42:78:63:be:17:d1:d9:5a:79:74:ff: d1:c3:bd:50:dd:f6:5b:cf:35:65:01:00:d8:95:5e:ac:31:70: 94:b0:ae:34:e1:e9:2b:58:98:8b:42:a8:c1:f3:0a:e3:0c:e9: 0a:fb:39:48:ea:36:9a:ef:b4:48:6f:a5:bb:b7:29:cc:8f:d1: 1a:d7:c5:7c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUi3wBfzcYvJ+YtG8Agb3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiMjcxZTJhZTYyMjg3NzU1MmI4OWRiYzQ3NGQ3YTEzMDU4 NGE0OGUwHhcNMjUxMjI2MTEwMTMzWhcNMjUxMjI3MTEwMTMzWjAzMTEwLwYDVQQD EygyYTVkNzAxYTdkNzZkMTQ4MzU3YWI1MTUyMDkxMmJjOGY4MDVmOTgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlboU4VAL6Rs5sEnr2MqJbHlg+JzO /pXiT7EMaGJgGXjQ4a8+7c88kx1wJmD1qG+yPLhD4eYYt59MFapytIOBQ+PIdkrh Q89B1e2iyI+OusukkB27KACKyT6xohtdT96RvsT3zKoJdGjtzV7QRTjjxKHkBP1+ hYTgpypGSqfMeOlwLaegiSbWAPeMBubVlGwhWjf4GdCLep8XrLgWQ3c7/v+FiboO 3tuzgXpNw4ED45vRMvxXCWbZgXQvDE4SxyjhZJ6uyTAukEKKJYUD9SjhqSmkQg89 aLY7550o5T4KGC+tkO/l8eHNhkaF7sbiGnl2SH3FPtRkysL0rMB7zjf6hQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCpdcBp9dtFINXq1FSCRK8j4BfmDMB8GA1UdIwQY MBaAFBsnHirmIod1UridvEdNehMFhKSOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR3ljZUt1WWloM1ZTdUoyOFIwMTZFd1dFcEk0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8yMGQ2YTgtYzRlMi00N2UzLTkwZGYt MWM4ZWQzNmQyNTY2LzEvR3ljZUt1WWloM1ZTdUoyOFIwMTZFd1dFcEk0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi8yMGQ2YTgtYzRlMi00N2UzLTkwZGYtMWM4ZWQzNmQyNTY2 LzEvR3ljZUt1WWloM1ZTdUoyOFIwMTZFd1dFcEk0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoqqnLJHC 1vMPl5b4ke0jUh+3V2IF1JK9haa//ShzUiR2Njn1eWvv/eehyVe5FE4EVrDcl2HE lZd5XG4XN1CsV9wj3gEp5v2IUoKfSNJLhdhbXTWnJJ1zDd/jG0rBXMF1/zJj5XDh mrwPm4OqDOFEx4Rur7I2PrGLv9bAuqYNks9FRj/EAqdXRuHgCLT6E7nmStnU1zoR WUCDQxn2EAZ4StVZUaXHwsUgmh98wIRBGByqaFQxF+IEt4rFykJ4Y74X0dlaeXT/ 0cO9UN32W881ZQEA2JVerDFwlLCuNOHpK1iYi0KowfMK4wzpCvs5SOo2mu+0SG+l u7cpzI/RGtfFfA== -----END CERTIFICATE-----Generated at Fri Dec 26 15:45:03 2025 by rpki-client