This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft File: GAIUWTANFfrFUHBc9uJYmZ09hro.mft (raw, json) Hash identifier: rBLMpZHf1PdODsdZy+f26/KFKWGeVvn1l7kyTkl4XdM= Subject key identifier: 3A:2C:8F:9E:BE:73:EA:F7:77:1F:4D:66:19:69:3B:DC:20:CD:40:90 Authority key identifier: 18:02:14:59:30:0D:15:FA:C5:50:70:5C:F6:E2:58:99:9D:3D:86:BA Certificate issuer: /CN=18021459300d15fac550705cf6e258999d3d86ba Certificate serial: 019B4B4C52E3E0CEA4A6404CD660B3140C76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft Manifest number: 0C72 Signing time: Tue 23 Dec 2025 13:00:51 +0000 Manifest this update: Tue 23 Dec 2025 13:00:51 +0000 Manifest next update: Wed 24 Dec 2025 13:00:51 +0000 Files and hashes: 1: GAIUWTANFfrFUHBc9uJYmZ09hro.crl (hash: egtnA4PxjV6Z20snki/BMzW5N0LCxIhbmUE5xUV2N1M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.crl rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 13:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4b:4c:52:e3:e0:ce:a4:a6:40:4c:d6:60:b3:14:0c:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=18021459300d15fac550705cf6e258999d3d86ba Validity Not Before: Dec 23 13:00:51 2025 GMT Not After : Dec 24 13:00:51 2025 GMT Subject: CN=3a2c8f9ebe73eaf7771f4d6619693bdc20cd4090 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:7f:34:c7:f8:ba:84:52:fe:98:83:4e:ec:b9: ae:8e:ac:3b:70:a6:93:73:cd:f8:5e:72:3e:c3:83: 8d:55:65:43:80:c0:cf:29:88:2d:df:a8:50:94:4e: ac:ec:f0:33:f4:54:36:f3:47:00:78:fd:1f:47:93: 51:44:01:9c:c7:f6:af:90:e9:0f:00:1d:ef:e5:ab: 11:d5:bb:69:2d:0b:ae:a9:99:5a:a8:9f:52:16:45: f6:4f:1c:bb:a4:36:09:23:16:ab:d7:c3:29:2e:84: 18:35:35:24:46:9b:df:36:dc:a8:68:be:26:45:b9: 46:a6:c5:03:35:80:d3:34:1c:46:9c:f0:fc:60:58: 61:2d:9b:74:b2:a3:b3:1d:87:6e:7b:2b:c3:ca:31: 40:27:97:46:6b:ac:58:24:c3:48:6b:3f:92:8a:bb: 41:93:3c:48:fa:1c:3d:cb:86:7f:68:d4:3a:f8:15: 94:1a:ed:02:7b:05:0c:73:81:6d:63:b4:08:9b:88: 80:c2:2a:a4:73:2a:54:25:6d:1b:ba:4e:50:db:64: 6d:7a:cf:71:a2:b4:13:ce:cf:d4:3c:1a:76:41:11: 7e:c8:e4:8b:57:3f:79:ee:b4:88:86:fc:3c:b4:2e: 07:1e:6b:75:ff:62:a2:16:d4:41:40:67:fa:25:28: 65:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:2C:8F:9E:BE:73:EA:F7:77:1F:4D:66:19:69:3B:DC:20:CD:40:90 X509v3 Authority Key Identifier: keyid:18:02:14:59:30:0D:15:FA:C5:50:70:5C:F6:E2:58:99:9D:3D:86:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:04:c5:fc:12:e3:e3:65:5d:88:00:b4:dc:e2:a2:70:54:df: 20:14:86:c6:ca:82:03:4a:ed:60:04:35:f3:9d:54:d0:23:ff: aa:4d:2e:e4:e7:80:9d:80:45:5e:8c:84:4b:72:5b:0a:0c:be: c2:0f:56:2a:c7:15:be:6d:dd:d8:aa:b1:da:4c:a3:68:9b:6c: 44:b9:18:4b:35:70:da:14:a0:4e:20:3c:79:e3:c3:bb:3c:d0: 60:79:d4:bc:d4:28:11:95:ca:b2:cb:34:50:3e:5d:bc:a9:c7: f8:3d:f0:45:6d:bd:a8:b5:36:4c:f1:60:84:6f:e9:c1:f7:c2: d5:9a:40:88:3b:42:56:6d:a5:0f:24:41:ed:f8:20:8e:65:a8: b2:16:ec:58:74:31:87:5d:ae:61:8a:f2:40:e3:d0:88:c0:a4: 2f:39:fa:34:27:8d:aa:f4:b9:a1:47:b1:11:d2:c1:22:d0:c3: e0:41:c2:49:5f:91:f2:60:7a:ad:a1:a8:d2:ec:19:83:16:54: bc:dd:47:8a:d4:65:f9:f5:5e:7d:d2:1a:19:16:df:07:b2:35: 99:aa:9e:38:14:f0:d1:fc:d0:95:8d:1d:df:67:1f:2e:30:33: a4:f5:49:6e:d7:ea:33:59:4e:a0:75:55:c7:b4:c1:ce:2f:90: 96:62:c5:80 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtLTFLj4M6kpkBM1mCzFAx2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE4MDIxNDU5MzAwZDE1ZmFjNTUwNzA1Y2Y2ZTI1ODk5OWQz ZDg2YmEwHhcNMjUxMjIzMTMwMDUxWhcNMjUxMjI0MTMwMDUxWjAzMTEwLwYDVQQD EygzYTJjOGY5ZWJlNzNlYWY3NzcxZjRkNjYxOTY5M2JkYzIwY2Q0MDkwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArH80x/i6hFL+mINO7Lmujqw7cKaT c834XnI+w4ONVWVDgMDPKYgt36hQlE6s7PAz9FQ280cAeP0fR5NRRAGcx/avkOkP AB3v5asR1btpLQuuqZlaqJ9SFkX2Txy7pDYJIxar18MpLoQYNTUkRpvfNtyoaL4m RblGpsUDNYDTNBxGnPD8YFhhLZt0sqOzHYdueyvDyjFAJ5dGa6xYJMNIaz+SirtB kzxI+hw9y4Z/aNQ6+BWUGu0CewUMc4FtY7QIm4iAwiqkcypUJW0buk5Q22Rtes9x orQTzs/UPBp2QRF+yOSLVz957rSIhvw8tC4HHmt1/2KiFtRBQGf6JShlmwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDosj56+c+r3dx9NZhlpO9wgzUCQMB8GA1UdIwQY MBaAFBgCFFkwDRX6xVBwXPbiWJmdPYa6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDMzMjctNzA4NC00Y2VkLTk5Njct OTIyNGNlMmU5NjVhLzEvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS83ZDMzMjctNzA4NC00Y2VkLTk5NjctOTIyNGNlMmU5NjVh LzEvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhQTF/BLj 42VdiAC03OKicFTfIBSGxsqCA0rtYAQ1851U0CP/qk0u5OeAnYBFXoyES3JbCgy+ wg9WKscVvm3d2Kqx2kyjaJtsRLkYSzVw2hSgTiA8eePDuzzQYHnUvNQoEZXKsss0 UD5dvKnH+D3wRW29qLU2TPFghG/pwffC1ZpAiDtCVm2lDyRB7fggjmWoshbsWHQx h12uYYryQOPQiMCkLzn6NCeNqvS5oUexEdLBItDD4EHCSV+R8mB6raGo0uwZgxZU vN1HitRl+fVefdIaGRbfB7I1maqeOBTw0fzQlY0d32cfLjAzpPVJbtfqM1lOoHVV x7TBzi+QlmLFgA== -----END CERTIFICATE-----Generated at Tue Dec 23 16:48:21 2025 by rpki-client