This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft File: GhREUllzKqZzbCSCNEZZR_wjdNA.mft (raw, json) Hash identifier: SU6lyJrm8phfb+TZ+Aas2BUbketm4RFPvLQ6Qu2UenU= Subject key identifier: 69:EC:B3:85:3B:07:F0:EF:E0:9D:13:50:E3:2E:6D:6B:C5:34:28:EE Authority key identifier: 1A:14:44:52:59:73:2A:A6:73:6C:24:82:34:46:59:47:FC:23:74:D0 Certificate issuer: /CN=1a14445259732aa6736c248234465947fc2374d0 Certificate serial: 019B34C5B2D0E65381732C700DEBB0C51E3D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft Manifest number: 0E00 Signing time: Fri 19 Dec 2025 04:02:10 +0000 Manifest this update: Fri 19 Dec 2025 04:02:10 +0000 Manifest next update: Sat 20 Dec 2025 04:02:10 +0000 Files and hashes: 1: GhREUllzKqZzbCSCNEZZR_wjdNA.crl (hash: yrccXadpX/xA9HNRl5Kyp+9I6JsCO16mWMhv1aLpTTo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c5:b2:d0:e6:53:81:73:2c:70:0d:eb:b0:c5:1e:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1a14445259732aa6736c248234465947fc2374d0 Validity Not Before: Dec 19 04:02:10 2025 GMT Not After : Dec 20 04:02:10 2025 GMT Subject: CN=69ecb3853b07f0efe09d1350e32e6d6bc53428ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:4e:ef:63:89:b3:d8:4c:96:e5:b0:e3:e1:77: 03:e4:6b:97:8b:26:6e:00:73:8f:91:48:f3:4e:7a: ed:5e:98:5a:cb:eb:59:71:77:8a:37:dd:2d:32:b2: a6:e6:7b:41:4d:8a:2c:63:8c:5d:e2:59:98:ae:f0: 1f:45:86:27:64:a0:6e:1d:76:45:d3:ba:38:c7:1f: e0:77:43:e9:b6:c8:a9:cf:ff:aa:b9:a2:d0:d8:a6: 4f:00:a6:e5:d8:54:87:0c:72:12:a2:c6:66:55:c7: 21:ec:2a:10:37:01:1c:ed:57:c7:fe:e9:9e:81:5c: 3c:41:2a:cb:a7:c8:d9:df:38:b3:13:77:95:2d:df: 56:f1:80:19:80:f8:7a:53:40:84:11:12:17:d3:14: 1f:a3:72:09:57:32:c4:83:1d:3d:53:8a:c2:76:e6: 06:ab:7c:a4:02:4c:ba:5b:69:90:68:89:45:28:52: b4:e8:a0:6d:5b:e2:09:74:e0:09:98:2f:37:16:bb: 06:63:e6:bc:7c:fc:81:9c:4c:9b:cd:a5:f1:3b:9d: d6:03:86:95:91:4a:14:c6:10:5f:98:4f:a1:36:49: f7:4e:2c:97:a4:34:50:31:37:47:2d:2d:82:34:66: 49:37:61:46:db:a8:28:56:c4:21:8a:6f:69:5d:c8: e0:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:EC:B3:85:3B:07:F0:EF:E0:9D:13:50:E3:2E:6D:6B:C5:34:28:EE X509v3 Authority Key Identifier: keyid:1A:14:44:52:59:73:2A:A6:73:6C:24:82:34:46:59:47:FC:23:74:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GhREUllzKqZzbCSCNEZZR_wjdNA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d10841-7d44-46da-b29c-381f23f183d7/1/GhREUllzKqZzbCSCNEZZR_wjdNA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3e:dd:af:d5:23:5b:01:a9:f6:47:a1:51:44:e9:7e:c3:4d:1b: a3:04:e1:3c:d0:9e:df:6e:12:7d:cc:5e:dc:f9:f9:d2:18:a3: d8:17:39:d3:fd:d6:ef:5a:a9:3d:b2:12:be:24:24:f3:7e:db: 9f:43:8c:a8:e7:28:88:a8:1e:b7:bd:5b:39:59:b2:a7:18:05: e5:2a:47:ee:28:61:d5:3f:33:81:d1:15:23:90:9a:f6:25:7a: ac:e7:7a:31:72:f8:56:4b:6b:1e:9d:a7:18:4f:fa:fd:bd:91: 68:d8:a6:8c:21:a9:a1:9d:91:7c:d0:37:70:0e:60:eb:e0:00: d7:95:f4:b5:cf:36:11:9f:89:d6:8f:0c:58:06:10:b1:d4:eb: 6f:b0:a5:08:ff:06:02:11:20:3b:bb:d8:5f:99:e4:68:a2:e0: 90:84:68:9a:19:27:7b:73:96:63:3d:d7:a1:5b:88:7f:76:fd: 02:9d:f4:dd:c8:cb:1d:fc:66:8e:19:31:b3:62:67:eb:78:ae: 9d:1a:2a:27:ad:75:bb:72:17:cf:77:cc:21:ed:cc:98:10:7a: e5:71:c9:bc:c3:66:39:1b:ff:ec:e8:0a:e0:6d:cb:48:59:b5: c3:bf:9f:5e:69:73:3c:3b:fe:78:a0:50:d6:ec:e6:7a:37:fe: a4:31:da:6d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xbLQ5lOBcyxwDeuwxR49MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFhMTQ0NDUyNTk3MzJhYTY3MzZjMjQ4MjM0NDY1OTQ3ZmMy Mzc0ZDAwHhcNMjUxMjE5MDQwMjEwWhcNMjUxMjIwMDQwMjEwWjAzMTEwLwYDVQQD Eyg2OWVjYjM4NTNiMDdmMGVmZTA5ZDEzNTBlMzJlNmQ2YmM1MzQyOGVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsE7vY4mz2EyW5bDj4XcD5GuXiyZu AHOPkUjzTnrtXphay+tZcXeKN90tMrKm5ntBTYosY4xd4lmYrvAfRYYnZKBuHXZF 07o4xx/gd0Pptsipz/+quaLQ2KZPAKbl2FSHDHISosZmVcch7CoQNwEc7VfH/ume gVw8QSrLp8jZ3zizE3eVLd9W8YAZgPh6U0CEERIX0xQfo3IJVzLEgx09U4rCduYG q3ykAky6W2mQaIlFKFK06KBtW+IJdOAJmC83FrsGY+a8fPyBnEybzaXxO53WA4aV kUoUxhBfmE+hNkn3TiyXpDRQMTdHLS2CNGZJN2FG26goVsQhim9pXcjgcQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGnss4U7B/Dv4J0TUOMubWvFNCjuMB8GA1UdIwQY MBaAFBoURFJZcyqmc2wkgjRGWUf8I3TQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kMTA4NDEtN2Q0NC00NmRhLWIyOWMt MzgxZjIzZjE4M2Q3LzEvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi9kMTA4NDEtN2Q0NC00NmRhLWIyOWMtMzgxZjIzZjE4M2Q3 LzEvR2hSRVVsbHpLcVp6YkNTQ05FWlpSX3dqZE5BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPt2v1SNb Aan2R6FRROl+w00bowThPNCe324Sfcxe3Pn50hij2Bc50/3W71qpPbISviQk837b n0OMqOcoiKget71bOVmypxgF5SpH7ihh1T8zgdEVI5Ca9iV6rOd6MXL4VktrHp2n GE/6/b2RaNimjCGpoZ2RfNA3cA5g6+AA15X0tc82EZ+J1o8MWAYQsdTrb7ClCP8G AhEgO7vYX5nkaKLgkIRomhkne3OWYz3XoVuIf3b9Ap303cjLHfxmjhkxs2Jn63iu nRoqJ611u3IXz3fMIe3MmBB65XHJvMNmORv/7OgK4G3LSFm1w7+fXmlzPDv+eKBQ 1uzmejf+pDHabQ== -----END CERTIFICATE-----Generated at Fri Dec 19 08:21:09 2025 by rpki-client