This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.mft File: 1gTknpKDBavLjzLe8_78A-u83kQ.mft (raw, json) Hash identifier: WMLNGI9NQNroibaKNk5XyKBN0CRHyoJXf8Bu0zoixBA= Subject key identifier: 3D:61:E0:AB:DF:40:26:77:9A:23:C0:C2:4C:FC:96:06:8C:F9:5E:D4 Authority key identifier: D6:04:E4:9E:92:83:05:AB:CB:8F:32:DE:F3:FE:FC:03:EB:BC:DE:44 Certificate issuer: /CN=d604e49e928305abcb8f32def3fefc03ebbcde44 Certificate serial: 019B3A8FC6FB5B0EA69DA0D91ECC70521197 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gTknpKDBavLjzLe8_78A-u83kQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.mft Manifest number: 171A Signing time: Sat 20 Dec 2025 07:00:59 +0000 Manifest this update: Sat 20 Dec 2025 07:00:59 +0000 Manifest next update: Sun 21 Dec 2025 07:00:59 +0000 Files and hashes: 1: 1gTknpKDBavLjzLe8_78A-u83kQ.crl (hash: zld0z5CbizMatGNGMxweTChFD91+Ojjhqe5xJRI+/OU=) 2: pucl_qoNJsFNHYReBDscEGdx2N0.roa (hash: SiJfUuqs3fjKSI6Mo6WtKDUOtA0gOnKfbqvupwDeWPw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.crl rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.mft rsync://rpki.ripe.net/repository/DEFAULT/1gTknpKDBavLjzLe8_78A-u83kQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 07:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:8f:c6:fb:5b:0e:a6:9d:a0:d9:1e:cc:70:52:11:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d604e49e928305abcb8f32def3fefc03ebbcde44 Validity Not Before: Dec 20 07:00:59 2025 GMT Not After : Dec 21 07:00:59 2025 GMT Subject: CN=3d61e0abdf4026779a23c0c24cfc96068cf95ed4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:8d:d2:bd:00:fe:f0:95:a3:a2:ea:99:2e:11: 5d:53:15:24:2f:c9:54:03:f0:6f:73:a6:3a:f2:2d: 07:52:28:6d:02:0a:ad:3c:cd:5d:9f:9c:8d:5a:9c: 04:35:00:29:50:44:21:f0:5f:e7:8b:95:a0:c0:f7: ed:40:27:e5:dc:17:02:45:f0:23:37:5a:95:56:4e: 9c:24:f8:39:3e:f7:dc:77:18:c7:b0:5a:ad:59:48: 8d:e0:6e:f0:86:80:a9:b7:ab:23:38:3b:91:be:be: 77:cc:f7:32:e0:4a:ed:17:65:96:6a:fc:38:b2:69: 7c:89:dc:01:1c:1c:10:15:89:bf:fd:85:4e:ed:0e: e8:7b:4f:69:b5:1c:df:f1:bf:b4:65:89:2c:ad:21: 8c:4c:88:6e:26:98:47:ae:36:8f:74:82:f4:da:91: df:01:b4:72:b2:a1:97:f5:88:e4:b8:ca:04:19:dd: dd:2c:b0:08:3e:b6:b3:2c:a2:fd:cd:26:3e:67:48: 1d:49:ea:97:b4:ef:d5:3f:83:f4:2d:bb:3a:7f:20: ff:ed:6e:7e:0f:e5:db:30:42:71:00:98:25:70:7d: d4:f5:46:77:a6:fc:32:16:87:5c:32:46:38:ca:f7: 09:a8:d1:15:e5:49:3c:18:a8:e6:9c:79:ac:85:68: 43:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:61:E0:AB:DF:40:26:77:9A:23:C0:C2:4C:FC:96:06:8C:F9:5E:D4 X509v3 Authority Key Identifier: keyid:D6:04:E4:9E:92:83:05:AB:CB:8F:32:DE:F3:FE:FC:03:EB:BC:DE:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gTknpKDBavLjzLe8_78A-u83kQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7f:22:6a:87:e1:53:aa:86:01:76:3e:b7:e6:cb:1d:1b:73:15: c6:f4:67:d7:4d:ce:e2:6b:5f:10:1f:a3:4c:58:5c:55:63:35: 0f:0f:8f:a6:d3:dd:0a:c4:4b:4c:ee:01:ff:41:bf:68:c2:81: aa:21:d7:fc:5d:e2:d5:7c:15:35:1d:7d:fd:6b:c9:b4:8e:b0: 40:86:b1:c5:7b:8a:0d:34:62:7f:fe:77:a4:03:34:a2:9c:fa: 5b:0b:ac:1b:1b:94:cd:26:03:bb:ad:21:54:f7:98:e5:5b:d9: c2:73:ec:4d:51:5c:41:ea:f9:9a:77:29:b5:24:b5:47:65:8d: ce:61:f5:fd:77:3c:73:43:cc:5b:3f:7f:7e:7d:3f:e1:86:88: de:e2:2e:09:57:4e:42:7c:35:54:b9:d4:ee:a1:2c:e7:61:fb: 57:e1:40:b9:13:8f:36:ff:49:c2:2f:54:34:0d:ac:92:de:46: c4:1e:99:c4:37:a7:0a:00:69:1a:46:93:b2:c0:f4:89:fe:e3: c4:28:2d:6a:f5:88:37:1d:f5:b6:7b:b2:b8:27:51:14:da:c1: de:cd:55:fa:81:c8:94:02:18:19:bf:f4:10:48:df:90:1d:90: 82:ec:b2:e4:ec:fc:52:0f:ae:60:4c:1c:73:88:ae:ba:b2:a9: 61:95:d2:d3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6j8b7Ww6mnaDZHsxwUhGXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ2MDRlNDllOTI4MzA1YWJjYjhmMzJkZWYzZmVmYzAzZWJi Y2RlNDQwHhcNMjUxMjIwMDcwMDU5WhcNMjUxMjIxMDcwMDU5WjAzMTEwLwYDVQQD EygzZDYxZTBhYmRmNDAyNjc3OWEyM2MwYzI0Y2ZjOTYwNjhjZjk1ZWQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA543SvQD+8JWjouqZLhFdUxUkL8lU A/Bvc6Y68i0HUihtAgqtPM1dn5yNWpwENQApUEQh8F/ni5WgwPftQCfl3BcCRfAj N1qVVk6cJPg5PvfcdxjHsFqtWUiN4G7whoCpt6sjODuRvr53zPcy4ErtF2WWavw4 sml8idwBHBwQFYm//YVO7Q7oe09ptRzf8b+0ZYksrSGMTIhuJphHrjaPdIL02pHf AbRysqGX9YjkuMoEGd3dLLAIPrazLKL9zSY+Z0gdSeqXtO/VP4P0Lbs6fyD/7W5+ D+XbMEJxAJglcH3U9UZ3pvwyFodcMkY4yvcJqNEV5Uk8GKjmnHmshWhDlwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD1h4KvfQCZ3miPAwkz8lgaM+V7UMB8GA1UdIwQY MBaAFNYE5J6SgwWry48y3vP+/APrvN5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMWdUa25wS0RCYXZManpMZThfNzhBLXU4M2tRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9hODMwYTItMDI3MS00ZGU5LWJjMzgt MDNjODIxNTc0MjFhLzEvMWdUa25wS0RCYXZManpMZThfNzhBLXU4M2tRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMC9hODMwYTItMDI3MS00ZGU5LWJjMzgtMDNjODIxNTc0MjFh LzEvMWdUa25wS0RCYXZManpMZThfNzhBLXU4M2tRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfyJqh+FT qoYBdj635ssdG3MVxvRn103O4mtfEB+jTFhcVWM1Dw+PptPdCsRLTO4B/0G/aMKB qiHX/F3i1XwVNR19/WvJtI6wQIaxxXuKDTRif/53pAM0opz6WwusGxuUzSYDu60h VPeY5VvZwnPsTVFcQer5mncptSS1R2WNzmH1/Xc8c0PMWz9/fn0/4YaI3uIuCVdO Qnw1VLnU7qEs52H7V+FAuROPNv9Jwi9UNA2skt5GxB6ZxDenCgBpGkaTssD0if7j xCgtavWINx31tnuyuCdRFNrB3s1V+oHIlAIYGb/0EEjfkB2Qguyy5Oz8Ug+uYEwc c4iuurKpYZXS0w== -----END CERTIFICATE-----Generated at Sat Dec 20 14:50:42 2025 by rpki-client