This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft File: gTpCg40uRe1drUEUYG2XKaZQHSM.mft (raw, json) Hash identifier: sX20dz+Hbw2yHu52BEPjQtcp5ojnVrl9jXkEZKXoYdw= Subject key identifier: 4E:21:CA:7F:BC:FA:E0:28:49:C9:38:D3:DF:A9:2C:56:69:B1:35:8B Authority key identifier: 81:3A:42:83:8D:2E:45:ED:5D:AD:41:14:60:6D:97:29:A6:50:1D:23 Certificate issuer: /CN=813a42838d2e45ed5dad4114606d9729a6501d23 Certificate serial: 019B4C5F54B4EEC39B58E2C9FDDC768A267C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gTpCg40uRe1drUEUYG2XKaZQHSM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft Manifest number: 0FEF Signing time: Tue 23 Dec 2025 18:01:14 +0000 Manifest this update: Tue 23 Dec 2025 18:01:14 +0000 Manifest next update: Wed 24 Dec 2025 18:01:14 +0000 Files and hashes: 1: gTpCg40uRe1drUEUYG2XKaZQHSM.crl (hash: KjM4W4mWc5dH37fWZ+qI3nIlmRk01rw6B1CUloti9C0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.crl rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft rsync://rpki.ripe.net/repository/DEFAULT/gTpCg40uRe1drUEUYG2XKaZQHSM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 18:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4c:5f:54:b4:ee:c3:9b:58:e2:c9:fd:dc:76:8a:26:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=813a42838d2e45ed5dad4114606d9729a6501d23 Validity Not Before: Dec 23 18:01:14 2025 GMT Not After : Dec 24 18:01:14 2025 GMT Subject: CN=4e21ca7fbcfae02849c938d3dfa92c5669b1358b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:43:ed:65:0a:c9:02:5c:f8:d6:b6:ad:4a:4b: 75:57:2e:0b:4f:92:90:b8:41:e6:2e:b8:3b:1a:6b: 78:56:e7:d2:95:c8:48:ba:47:62:b2:61:26:2d:cc: 78:1e:6a:1c:a3:7b:4c:b8:3f:c5:71:12:4b:db:9a: 18:65:99:47:85:eb:25:0f:75:e7:79:96:24:f4:f6: 14:f4:03:58:8f:30:b6:92:de:54:1f:a9:fc:c7:4f: c7:8a:df:df:8a:82:77:e8:65:a8:67:52:26:cf:dc: 77:f9:ca:d6:b6:41:f5:5f:8b:94:86:67:be:00:bf: d1:e4:d7:c5:73:5c:63:81:9a:b5:ca:2a:23:7c:17: 7e:d1:d7:b2:45:db:a6:b1:41:52:ca:77:9c:f1:88: 91:de:ed:69:a0:d9:ad:24:0c:3f:c6:79:52:6f:cc: b0:f0:c9:a3:48:d3:a1:f0:fd:53:8a:e8:3e:f6:79: 73:81:f9:15:ae:ca:ee:18:b9:84:10:3e:37:57:58: 26:de:61:63:1b:8e:68:52:0d:65:c0:33:c3:98:df: 66:78:e3:ee:2a:66:4d:4f:07:80:3e:5e:a6:e3:f0: c4:97:44:19:d6:6c:d9:c7:bd:b4:8c:95:1e:43:8e: 7e:28:0d:e6:82:b4:a5:52:77:39:b0:d1:ba:76:dd: 34:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:21:CA:7F:BC:FA:E0:28:49:C9:38:D3:DF:A9:2C:56:69:B1:35:8B X509v3 Authority Key Identifier: keyid:81:3A:42:83:8D:2E:45:ED:5D:AD:41:14:60:6D:97:29:A6:50:1D:23 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gTpCg40uRe1drUEUYG2XKaZQHSM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 16:2f:12:6e:b0:b9:b6:64:4f:07:57:84:d6:5f:bf:8a:4c:cd: 9a:5e:99:b9:f2:a0:25:33:3f:22:90:bc:0b:ea:25:7d:4f:ae: 4c:f5:04:d0:e6:13:f1:7e:5d:d3:0f:92:ea:5c:f5:8e:00:32: 70:b0:27:30:73:2c:1f:29:e9:27:82:e3:26:f6:26:0f:ad:b0: db:ee:d1:cc:94:74:93:0c:07:4d:e3:38:fb:98:18:ac:9a:0f: fa:f3:e3:09:7d:7e:94:60:4b:a9:ce:e4:46:25:13:5d:a6:c2: 9d:d3:08:0e:d6:1a:1d:a1:f6:e9:a8:03:d5:09:f4:a1:2d:72: e4:37:80:19:81:47:13:0a:b9:ac:be:6e:10:1b:e8:80:10:68: 88:23:d0:b4:de:d6:91:d5:f4:85:c3:18:fd:98:90:02:8d:e1: 2a:df:b5:27:d7:96:28:c0:54:79:6f:77:dd:57:d5:7a:7a:7b: d5:35:27:db:92:5d:f6:7c:51:fc:ed:0e:37:77:6d:60:9d:b0: f3:84:d6:eb:88:d4:35:a1:88:92:20:b6:47:23:86:b1:51:4d: 8a:44:40:aa:1a:f8:96:8a:fb:d6:0c:37:6f:12:98:38:ca:de: 8a:d8:f2:89:3f:03:b7:f3:54:15:dc:ff:9a:e8:60:2b:67:54: 50:cc:50:dd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtMX1S07sObWOLJ/dx2iiZ8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgxM2E0MjgzOGQyZTQ1ZWQ1ZGFkNDExNDYwNmQ5NzI5YTY1 MDFkMjMwHhcNMjUxMjIzMTgwMTE0WhcNMjUxMjI0MTgwMTE0WjAzMTEwLwYDVQQD Eyg0ZTIxY2E3ZmJjZmFlMDI4NDljOTM4ZDNkZmE5MmM1NjY5YjEzNThiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUPtZQrJAlz41ratSkt1Vy4LT5KQ uEHmLrg7Gmt4VufSlchIukdismEmLcx4Hmoco3tMuD/FcRJL25oYZZlHheslD3Xn eZYk9PYU9ANYjzC2kt5UH6n8x0/Hit/fioJ36GWoZ1Imz9x3+crWtkH1X4uUhme+ AL/R5NfFc1xjgZq1yiojfBd+0deyRdumsUFSynec8YiR3u1poNmtJAw/xnlSb8yw 8MmjSNOh8P1Tiug+9nlzgfkVrsruGLmEED43V1gm3mFjG45oUg1lwDPDmN9meOPu KmZNTweAPl6m4/DEl0QZ1mzZx720jJUeQ45+KA3mgrSlUnc5sNG6dt00zQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE4hyn+8+uAoSck409+pLFZpsTWLMB8GA1UdIwQY MBaAFIE6QoONLkXtXa1BFGBtlymmUB0jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ1RwQ2c0MHVSZTFkclVFVVlHMlhLYVpRSFNNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84YzM4YTMtYzIwNC00ZGNmLTljNDct NTM0OGZlNzdiYTczLzEvZ1RwQ2c0MHVSZTFkclVFVVlHMlhLYVpRSFNNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi84YzM4YTMtYzIwNC00ZGNmLTljNDctNTM0OGZlNzdiYTcz LzEvZ1RwQ2c0MHVSZTFkclVFVVlHMlhLYVpRSFNNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFi8SbrC5 tmRPB1eE1l+/ikzNml6ZufKgJTM/IpC8C+olfU+uTPUE0OYT8X5d0w+S6lz1jgAy cLAnMHMsHynpJ4LjJvYmD62w2+7RzJR0kwwHTeM4+5gYrJoP+vPjCX1+lGBLqc7k RiUTXabCndMIDtYaHaH26agD1Qn0oS1y5DeAGYFHEwq5rL5uEBvogBBoiCPQtN7W kdX0hcMY/ZiQAo3hKt+1J9eWKMBUeW933VfVenp71TUn25Jd9nxR/O0ON3dtYJ2w 84TW64jUNaGIkiC2RyOGsVFNikRAqhr4lor71gw3bxKYOMreitjyiT8Dt/NUFdz/ muhgK2dUUMxQ3Q== -----END CERTIFICATE-----Generated at Wed Dec 24 03:01:32 2025 by rpki-client