This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft File: gTpCg40uRe1drUEUYG2XKaZQHSM.mft (raw, json) Hash identifier: /prxd83ZTlXbbixjmZ182P8FR+s5njqNhOdNceKn6Ds= Subject key identifier: 35:19:99:A3:E7:1B:CE:4F:A5:A2:51:FE:17:CF:A4:7B:EF:D8:0C:DE Authority key identifier: 81:3A:42:83:8D:2E:45:ED:5D:AD:41:14:60:6D:97:29:A6:50:1D:23 Certificate issuer: /CN=813a42838d2e45ed5dad4114606d9729a6501d23 Certificate serial: 019B5418FEBB027E70BECB9AF4B1955B5820 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gTpCg40uRe1drUEUYG2XKaZQHSM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft Manifest number: 0FF3 Signing time: Thu 25 Dec 2025 06:01:22 +0000 Manifest this update: Thu 25 Dec 2025 06:01:22 +0000 Manifest next update: Fri 26 Dec 2025 06:01:22 +0000 Files and hashes: 1: gTpCg40uRe1drUEUYG2XKaZQHSM.crl (hash: Ru8g+k6H+lDc0TBm+Xf8LkUkrohbfELWabgK1lwTLkU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.crl rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft rsync://rpki.ripe.net/repository/DEFAULT/gTpCg40uRe1drUEUYG2XKaZQHSM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 01:21:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:54:18:fe:bb:02:7e:70:be:cb:9a:f4:b1:95:5b:58:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=813a42838d2e45ed5dad4114606d9729a6501d23 Validity Not Before: Dec 25 06:01:22 2025 GMT Not After : Dec 26 06:01:22 2025 GMT Subject: CN=351999a3e71bce4fa5a251fe17cfa47befd80cde Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:7e:e1:e1:36:28:7b:ba:11:ea:e8:ee:e9:d0: cd:08:4c:d2:98:51:d4:6a:cd:ff:66:46:ed:98:7e: 06:05:03:f1:71:88:af:2e:5b:1a:1f:8c:fc:4b:8a: bc:e2:db:d7:dd:d1:0f:9e:12:df:6b:2b:76:69:23: 2a:db:0f:55:75:4e:e2:78:f9:84:ad:c3:e0:aa:a4: b2:61:a0:8e:67:00:87:dc:f8:ed:37:eb:17:42:31: 7b:4b:64:5c:c7:8f:16:75:19:08:e5:a0:5a:32:e5: 23:24:00:56:11:89:4a:91:0f:85:e5:1b:81:d6:42: f6:bc:2b:c7:f5:f1:4b:99:b0:df:62:2b:af:3d:54: b4:d3:af:eb:68:68:cc:4c:aa:70:01:84:aa:35:05: a3:b7:55:af:98:49:fb:b3:06:de:6e:dc:6a:52:9f: 63:94:2c:71:b0:19:ae:05:a3:19:56:cd:cf:62:46: ae:46:b6:16:1e:5d:b7:e2:c9:b7:fe:a3:e3:37:cb: 24:a5:78:c5:6b:56:9f:9c:5c:b2:3c:15:0e:64:91: 7b:e6:9a:d0:42:c1:c4:2e:3b:9f:22:86:48:e6:bd: d5:37:a2:52:ae:fa:21:ae:2c:c6:a1:29:c9:72:c9: 0f:fd:f9:16:42:73:77:24:00:78:8b:51:96:dc:3c: 56:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:19:99:A3:E7:1B:CE:4F:A5:A2:51:FE:17:CF:A4:7B:EF:D8:0C:DE X509v3 Authority Key Identifier: keyid:81:3A:42:83:8D:2E:45:ED:5D:AD:41:14:60:6D:97:29:A6:50:1D:23 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gTpCg40uRe1drUEUYG2XKaZQHSM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:4c:38:e9:36:9c:7a:e2:4b:9d:68:c1:92:18:ec:15:48:bf: 8b:80:6e:a0:36:64:1e:56:09:3a:6c:1c:76:bb:cf:4f:76:49: ca:bd:a1:e8:90:26:d2:4e:5e:d7:cc:bc:27:a4:eb:08:11:b0: 2d:a8:7d:b4:be:99:43:92:08:8b:ad:d2:50:5f:5a:68:78:69: 59:66:7d:42:e7:8e:3c:f8:4f:99:2d:3b:c5:0e:7a:8d:e4:a5: 49:61:5a:67:b9:fb:59:8c:b7:33:6f:77:2e:1e:fd:97:0c:4b: b2:ca:23:52:3e:b5:9b:1e:99:25:1c:e0:bb:bf:2a:b7:7c:70: 31:48:b1:48:e4:b7:cc:35:dc:2b:d3:50:f4:8f:28:15:1c:e6: e8:0b:e1:97:48:c4:a7:9d:9f:80:a1:62:ee:d6:15:16:6f:05: 4f:d9:07:0c:9a:ed:63:65:90:69:ac:d3:9c:f6:ef:bc:f5:ff: 22:75:c5:c6:b5:f5:98:69:75:57:cb:67:ac:88:bb:36:d6:8c: fc:b3:d3:83:9c:b4:9c:1c:1c:34:60:9e:f8:f8:0f:cd:7f:30: 81:65:2e:62:96:a3:db:20:77:73:f1:50:62:2a:4f:40:e7:5d: 6b:27:8e:91:0b:79:23:c2:67:61:a2:a6:e1:c3:f3:97:4b:f3: 63:40:45:17 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtUGP67An5wvsua9LGVW1ggMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgxM2E0MjgzOGQyZTQ1ZWQ1ZGFkNDExNDYwNmQ5NzI5YTY1 MDFkMjMwHhcNMjUxMjI1MDYwMTIyWhcNMjUxMjI2MDYwMTIyWjAzMTEwLwYDVQQD EygzNTE5OTlhM2U3MWJjZTRmYTVhMjUxZmUxN2NmYTQ3YmVmZDgwY2RlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtX7h4TYoe7oR6uju6dDNCEzSmFHU as3/ZkbtmH4GBQPxcYivLlsaH4z8S4q84tvX3dEPnhLfayt2aSMq2w9VdU7iePmE rcPgqqSyYaCOZwCH3PjtN+sXQjF7S2Rcx48WdRkI5aBaMuUjJABWEYlKkQ+F5RuB 1kL2vCvH9fFLmbDfYiuvPVS006/raGjMTKpwAYSqNQWjt1WvmEn7swbebtxqUp9j lCxxsBmuBaMZVs3PYkauRrYWHl234sm3/qPjN8skpXjFa1afnFyyPBUOZJF75prQ QsHELjufIoZI5r3VN6JSrvohrizGoSnJcskP/fkWQnN3JAB4i1GW3DxW4QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDUZmaPnG85PpaJR/hfPpHvv2AzeMB8GA1UdIwQY MBaAFIE6QoONLkXtXa1BFGBtlymmUB0jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ1RwQ2c0MHVSZTFkclVFVVlHMlhLYVpRSFNNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84YzM4YTMtYzIwNC00ZGNmLTljNDct NTM0OGZlNzdiYTczLzEvZ1RwQ2c0MHVSZTFkclVFVVlHMlhLYVpRSFNNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi84YzM4YTMtYzIwNC00ZGNmLTljNDctNTM0OGZlNzdiYTcz LzEvZ1RwQ2c0MHVSZTFkclVFVVlHMlhLYVpRSFNNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWUw46Tac euJLnWjBkhjsFUi/i4BuoDZkHlYJOmwcdrvPT3ZJyr2h6JAm0k5e18y8J6TrCBGw Lah9tL6ZQ5IIi63SUF9aaHhpWWZ9QueOPPhPmS07xQ56jeSlSWFaZ7n7WYy3M293 Lh79lwxLssojUj61mx6ZJRzgu78qt3xwMUixSOS3zDXcK9NQ9I8oFRzm6Avhl0jE p52fgKFi7tYVFm8FT9kHDJrtY2WQaazTnPbvvPX/InXFxrX1mGl1V8tnrIi7NtaM /LPTg5y0nBwcNGCe+PgPzX8wgWUuYpaj2yB3c/FQYipPQOddayeOkQt5I8JnYaKm 4cPzl0vzY0BFFw== -----END CERTIFICATE-----Generated at Thu Dec 25 07:11:08 2025 by rpki-client