This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft File: gTpCg40uRe1drUEUYG2XKaZQHSM.mft (raw, json) Hash identifier: hfyBzv3xxt+vFJO01oqsAi9ZrBq1CmHXN/osnswG+pA= Subject key identifier: 3B:70:35:31:90:A5:09:BF:70:28:84:79:AB:E9:B8:46:F6:07:A5:24 Authority key identifier: 81:3A:42:83:8D:2E:45:ED:5D:AD:41:14:60:6D:97:29:A6:50:1D:23 Certificate issuer: /CN=813a42838d2e45ed5dad4114606d9729a6501d23 Certificate serial: 019B33440C03AAF872D9B254D78A50E8FC54 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gTpCg40uRe1drUEUYG2XKaZQHSM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft Manifest number: 0FE2 Signing time: Thu 18 Dec 2025 21:00:56 +0000 Manifest this update: Thu 18 Dec 2025 21:00:56 +0000 Manifest next update: Fri 19 Dec 2025 21:00:56 +0000 Files and hashes: 1: gTpCg40uRe1drUEUYG2XKaZQHSM.crl (hash: gu9Z+puiG8ci5xzJPDYTF7kg8io0kZI6YEw+cp0/07w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.crl rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft rsync://rpki.ripe.net/repository/DEFAULT/gTpCg40uRe1drUEUYG2XKaZQHSM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 20:16:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:44:0c:03:aa:f8:72:d9:b2:54:d7:8a:50:e8:fc:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=813a42838d2e45ed5dad4114606d9729a6501d23 Validity Not Before: Dec 18 21:00:56 2025 GMT Not After : Dec 19 21:00:56 2025 GMT Subject: CN=3b70353190a509bf70288479abe9b846f607a524 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:da:9c:eb:b6:84:85:d4:1e:dc:52:e2:20:32: 76:b0:35:28:67:5c:06:fd:93:81:3d:b0:f8:83:76: 2f:e2:84:32:a0:87:47:07:d9:18:82:dc:c3:79:56: d2:3e:50:bb:0a:fc:94:75:f7:ed:f7:b5:ea:64:ae: 65:c6:46:1f:20:1e:0c:f6:ca:d4:7a:9b:92:c7:4f: ff:b8:69:9b:14:14:33:24:23:f4:53:79:7e:8b:d5: 3b:e0:cb:d6:cb:80:7d:02:60:8d:aa:4c:fb:2e:02: d6:43:47:8d:18:8f:44:e7:ce:ea:46:62:ca:eb:fa: 3e:e8:ec:2b:57:99:87:1d:7b:96:c6:1f:1f:8c:81: b6:af:45:75:e2:2c:f1:55:9f:8b:fe:9a:3f:e9:c5: a1:51:21:44:95:fd:eb:4a:55:a5:bb:d0:37:6d:4a: 1f:fa:c0:79:51:e1:47:14:d3:74:e1:b2:30:ac:ea: 9e:ba:bb:f1:d0:c4:41:f9:f3:10:cc:16:64:5e:ee: d3:91:b0:1a:f4:46:7d:10:ca:cc:3a:2d:bc:7d:4d: b9:8e:12:70:68:8b:f4:10:37:26:9c:d3:d4:78:e1: 54:47:1a:12:99:5c:9f:47:dd:da:4c:e6:5c:be:5a: 27:22:95:0a:d4:18:a3:68:ad:6b:93:8a:ad:1d:2a: e7:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:70:35:31:90:A5:09:BF:70:28:84:79:AB:E9:B8:46:F6:07:A5:24 X509v3 Authority Key Identifier: keyid:81:3A:42:83:8D:2E:45:ED:5D:AD:41:14:60:6D:97:29:A6:50:1D:23 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gTpCg40uRe1drUEUYG2XKaZQHSM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8c38a3-c204-4dcf-9c47-5348fe77ba73/1/gTpCg40uRe1drUEUYG2XKaZQHSM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 39:26:da:ef:82:3d:f0:88:67:60:bd:9a:f3:ee:93:d6:fe:31: 7c:e6:86:d1:f4:4d:8c:d3:50:ea:04:2e:fb:e1:06:e2:1c:0e: 4a:e7:73:94:0a:9f:1e:82:a0:33:f0:bb:7c:14:71:18:77:d7: c8:86:9c:b1:50:91:31:5e:b4:c7:34:67:46:8a:99:35:1f:de: d7:03:a2:61:c1:20:67:14:a2:7a:22:bf:e2:4f:3c:42:15:d3: 67:d1:df:3e:95:c0:2d:ec:e7:43:38:c8:46:61:83:1c:f7:99: 4a:21:90:df:d0:dd:c5:01:f8:0a:2b:e0:1a:46:05:27:ad:ba: 2c:97:96:c7:5f:e1:44:54:13:53:1b:2c:22:8b:b4:e8:2e:2e: 6a:ca:6e:e9:e5:2f:a0:52:2a:bd:ae:59:50:db:10:06:c8:80: 17:38:2d:ba:c6:59:ee:34:07:3a:18:7b:38:3d:1f:2f:73:67: 4c:86:86:07:d6:75:c6:6b:8d:b4:30:25:78:e2:51:4d:e6:d3: 22:80:f9:03:22:a7:ea:a6:16:31:84:28:c2:05:cb:53:07:49: a9:f7:5f:3e:15:e8:24:ba:ad:28:a6:c0:24:54:a2:03:40:ae: 64:73:0b:7e:71:5c:42:7d:ea:4b:f7:37:7d:ad:54:e1:ee:8f: d3:2d:0e:6e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszRAwDqvhy2bJU14pQ6PxUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgxM2E0MjgzOGQyZTQ1ZWQ1ZGFkNDExNDYwNmQ5NzI5YTY1 MDFkMjMwHhcNMjUxMjE4MjEwMDU2WhcNMjUxMjE5MjEwMDU2WjAzMTEwLwYDVQQD EygzYjcwMzUzMTkwYTUwOWJmNzAyODg0NzlhYmU5Yjg0NmY2MDdhNTI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNqc67aEhdQe3FLiIDJ2sDUoZ1wG /ZOBPbD4g3Yv4oQyoIdHB9kYgtzDeVbSPlC7CvyUdfft97XqZK5lxkYfIB4M9srU epuSx0//uGmbFBQzJCP0U3l+i9U74MvWy4B9AmCNqkz7LgLWQ0eNGI9E587qRmLK 6/o+6OwrV5mHHXuWxh8fjIG2r0V14izxVZ+L/po/6cWhUSFElf3rSlWlu9A3bUof +sB5UeFHFNN04bIwrOqeurvx0MRB+fMQzBZkXu7TkbAa9EZ9EMrMOi28fU25jhJw aIv0EDcmnNPUeOFURxoSmVyfR93aTOZcvlonIpUK1BijaK1rk4qtHSrnpwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDtwNTGQpQm/cCiEeavpuEb2B6UkMB8GA1UdIwQY MBaAFIE6QoONLkXtXa1BFGBtlymmUB0jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ1RwQ2c0MHVSZTFkclVFVVlHMlhLYVpRSFNNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84YzM4YTMtYzIwNC00ZGNmLTljNDct NTM0OGZlNzdiYTczLzEvZ1RwQ2c0MHVSZTFkclVFVVlHMlhLYVpRSFNNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi84YzM4YTMtYzIwNC00ZGNmLTljNDctNTM0OGZlNzdiYTcz LzEvZ1RwQ2c0MHVSZTFkclVFVVlHMlhLYVpRSFNNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOSba74I9 8IhnYL2a8+6T1v4xfOaG0fRNjNNQ6gQu++EG4hwOSudzlAqfHoKgM/C7fBRxGHfX yIacsVCRMV60xzRnRoqZNR/e1wOiYcEgZxSieiK/4k88QhXTZ9HfPpXALeznQzjI RmGDHPeZSiGQ39DdxQH4CivgGkYFJ626LJeWx1/hRFQTUxssIou06C4uaspu6eUv oFIqva5ZUNsQBsiAFzgtusZZ7jQHOhh7OD0fL3NnTIaGB9Z1xmuNtDAleOJRTebT IoD5AyKn6qYWMYQowgXLUwdJqfdfPhXoJLqtKKbAJFSiA0CuZHMLfnFcQn3qS/c3 fa1U4e6P0y0Obg== -----END CERTIFICATE-----Generated at Fri Dec 19 01:26:47 2025 by rpki-client