This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft File: GAIUWTANFfrFUHBc9uJYmZ09hro.mft (raw, json) Hash identifier: H7ouar0ACSd2xCLOKI40jRn3t//aINwxWX9G1lFw6rw= Subject key identifier: E1:EC:4B:60:E9:7C:EB:C7:6C:F8:5D:A5:AD:8F:06:4C:79:14:D3:16 Authority key identifier: 18:02:14:59:30:0D:15:FA:C5:50:70:5C:F6:E2:58:99:9D:3D:86:BA Certificate issuer: /CN=18021459300d15fac550705cf6e258999d3d86ba Certificate serial: 019B37FD1676BDF5B2F07A129292A796AD4A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft Manifest number: 0C68 Signing time: Fri 19 Dec 2025 19:01:31 +0000 Manifest this update: Fri 19 Dec 2025 19:01:31 +0000 Manifest next update: Sat 20 Dec 2025 19:01:31 +0000 Files and hashes: 1: GAIUWTANFfrFUHBc9uJYmZ09hro.crl (hash: 98GFidygUYX6Hvlh0AjI0WDvEbAq+VmrtLFmql4wJfE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.crl rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:37:fd:16:76:bd:f5:b2:f0:7a:12:92:92:a7:96:ad:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=18021459300d15fac550705cf6e258999d3d86ba Validity Not Before: Dec 19 19:01:31 2025 GMT Not After : Dec 20 19:01:31 2025 GMT Subject: CN=e1ec4b60e97cebc76cf85da5ad8f064c7914d316 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:aa:a4:56:2b:f3:c5:95:7d:6a:2d:5e:ff:25: 9f:85:21:4c:6d:ab:27:ac:1d:05:4e:5f:d0:0c:20: 81:bc:21:09:f4:74:f2:ab:9c:dc:37:0d:6c:64:74: 52:6f:16:d3:e0:87:07:6b:69:53:33:4f:00:c0:49: e9:49:e5:e5:5e:64:14:06:35:95:25:b7:60:6e:eb: 19:c7:36:15:fa:62:9c:35:4c:92:3c:3f:fb:20:12: 45:72:e5:11:b8:c6:0a:82:3b:45:c6:03:11:8c:75: 8d:f4:c6:11:f7:bd:49:64:0f:43:d4:36:47:05:40: 70:7d:89:e9:17:53:3e:92:ae:a8:0c:05:d9:3c:89: a6:75:4b:87:82:3a:98:ac:a2:f2:c5:0f:3d:3a:08: 51:fd:67:e0:73:1a:1e:dc:cd:a3:1e:39:07:45:52: 8f:a9:1e:dc:c9:cb:b8:70:6f:34:37:2c:25:49:21: 57:0d:5b:6f:dd:3b:65:19:df:62:4c:e9:51:c4:73: 63:08:7b:8b:3f:14:cc:f4:26:63:29:72:54:34:6a: 7e:26:fb:ce:f5:0d:1f:94:02:8d:fa:8e:7b:cc:69: b2:86:39:83:a9:5e:0a:19:e0:d2:7f:60:38:20:f6: 1c:72:42:ef:5c:2a:e7:0b:25:7b:64:cd:c2:ef:79: de:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:EC:4B:60:E9:7C:EB:C7:6C:F8:5D:A5:AD:8F:06:4C:79:14:D3:16 X509v3 Authority Key Identifier: keyid:18:02:14:59:30:0D:15:FA:C5:50:70:5C:F6:E2:58:99:9D:3D:86:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 35:91:87:57:dc:bf:79:07:c3:e9:97:55:3d:71:a1:f8:77:df: 83:40:01:88:0f:d9:f8:61:54:a9:65:5e:4d:b3:e4:e0:fa:22: f1:94:64:47:29:25:ec:e8:9f:dd:4e:90:b7:72:d0:27:db:d4: be:e8:87:aa:d9:15:91:18:52:33:21:db:5a:b9:25:9f:f9:3f: 3c:fa:6f:73:b5:a0:73:8d:c5:6d:f5:31:ee:19:9e:91:4d:70: bf:df:47:7b:07:cd:ef:ab:cc:07:7c:23:ec:59:5a:ba:91:33: ca:97:cc:0b:8f:86:96:46:3e:77:d2:c8:61:b4:d9:97:d9:4f: 5e:bf:4a:38:99:e7:4a:9a:a8:66:44:cd:4b:46:12:ef:29:85: 39:a1:7f:59:5b:e0:20:e2:c1:96:20:17:1f:6a:7d:86:c6:46: d8:eb:c9:a9:25:17:d3:5f:6f:1c:3a:11:03:be:06:d1:88:01: eb:c6:fd:29:eb:2c:28:a6:1c:71:c5:e2:0b:37:1f:58:8b:44: 9c:ff:4f:bc:b1:fb:4c:df:bd:f3:4a:13:96:13:cc:a5:a7:45: 9a:4f:e2:cd:c0:71:ad:91:da:1c:f0:51:69:94:0b:b2:e4:db: f8:77:b0:bb:75:04:d6:13:58:e3:97:d6:5e:2a:13:0c:bd:a0: 81:84:d0:a4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs3/RZ2vfWy8HoSkpKnlq1KMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE4MDIxNDU5MzAwZDE1ZmFjNTUwNzA1Y2Y2ZTI1ODk5OWQz ZDg2YmEwHhcNMjUxMjE5MTkwMTMxWhcNMjUxMjIwMTkwMTMxWjAzMTEwLwYDVQQD EyhlMWVjNGI2MGU5N2NlYmM3NmNmODVkYTVhZDhmMDY0Yzc5MTRkMzE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKqkVivzxZV9ai1e/yWfhSFMbasn rB0FTl/QDCCBvCEJ9HTyq5zcNw1sZHRSbxbT4IcHa2lTM08AwEnpSeXlXmQUBjWV JbdgbusZxzYV+mKcNUySPD/7IBJFcuURuMYKgjtFxgMRjHWN9MYR971JZA9D1DZH BUBwfYnpF1M+kq6oDAXZPImmdUuHgjqYrKLyxQ89OghR/Wfgcxoe3M2jHjkHRVKP qR7cycu4cG80NywlSSFXDVtv3TtlGd9iTOlRxHNjCHuLPxTM9CZjKXJUNGp+JvvO 9Q0flAKN+o57zGmyhjmDqV4KGeDSf2A4IPYcckLvXCrnCyV7ZM3C73nebQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOHsS2DpfOvHbPhdpa2PBkx5FNMWMB8GA1UdIwQY MBaAFBgCFFkwDRX6xVBwXPbiWJmdPYa6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDMzMjctNzA4NC00Y2VkLTk5Njct OTIyNGNlMmU5NjVhLzEvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS83ZDMzMjctNzA4NC00Y2VkLTk5NjctOTIyNGNlMmU5NjVh LzEvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANZGHV9y/ eQfD6ZdVPXGh+Hffg0ABiA/Z+GFUqWVeTbPk4Poi8ZRkRykl7Oif3U6Qt3LQJ9vU vuiHqtkVkRhSMyHbWrkln/k/PPpvc7Wgc43FbfUx7hmekU1wv99HewfN76vMB3wj 7FlaupEzypfMC4+GlkY+d9LIYbTZl9lPXr9KOJnnSpqoZkTNS0YS7ymFOaF/WVvg IOLBliAXH2p9hsZG2OvJqSUX019vHDoRA74G0YgB68b9KessKKYcccXiCzcfWItE nP9PvLH7TN+980oTlhPMpadFmk/izcBxrZHaHPBRaZQLsuTb+Hewu3UE1hNY45fW XioTDL2ggYTQpA== -----END CERTIFICATE-----Generated at Sat Dec 20 00:53:33 2025 by rpki-client