This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/13d50b-7db3-4d10-8a4e-6eb3aa6a21af/1/gNZ6hECc7boCLusDW9itYg1oPqc.mft File: gNZ6hECc7boCLusDW9itYg1oPqc.mft (raw, json) Hash identifier: Ev5ahOa8zUjRFIMgDt6MN8zvK1WteBwvyA420lHQbCs= Subject key identifier: 20:FA:2A:62:03:CA:46:96:8C:F3:E4:D6:E5:76:23:16:81:EC:2B:64 Authority key identifier: 80:D6:7A:84:40:9C:ED:BA:02:2E:EB:03:5B:D8:AD:62:0D:68:3E:A7 Certificate issuer: /CN=80d67a84409cedba022eeb035bd8ad620d683ea7 Certificate serial: 019B3C7DBCC776A46D63BCE6D9CBE7EAD8FF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gNZ6hECc7boCLusDW9itYg1oPqc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/13d50b-7db3-4d10-8a4e-6eb3aa6a21af/1/gNZ6hECc7boCLusDW9itYg1oPqc.mft Manifest number: 171D Signing time: Sat 20 Dec 2025 16:00:31 +0000 Manifest this update: Sat 20 Dec 2025 16:00:31 +0000 Manifest next update: Sun 21 Dec 2025 16:00:31 +0000 Files and hashes: 1: HckIWldHWwqX0CJ7X-XU88JAoY8.roa (hash: 0kYehz1g3idStzqPQ6DNbC0IwoRnTc8QtqRoQ8JJZs8=) 2: gNZ6hECc7boCLusDW9itYg1oPqc.crl (hash: YcWbk3Qr3Yu62ZcRsVciI29yTApf4WBCJ2319acoDKM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/13d50b-7db3-4d10-8a4e-6eb3aa6a21af/1/gNZ6hECc7boCLusDW9itYg1oPqc.crl rsync://rpki.ripe.net/repository/DEFAULT/1d/13d50b-7db3-4d10-8a4e-6eb3aa6a21af/1/gNZ6hECc7boCLusDW9itYg1oPqc.mft rsync://rpki.ripe.net/repository/DEFAULT/gNZ6hECc7boCLusDW9itYg1oPqc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7d:bc:c7:76:a4:6d:63:bc:e6:d9:cb:e7:ea:d8:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=80d67a84409cedba022eeb035bd8ad620d683ea7 Validity Not Before: Dec 20 16:00:31 2025 GMT Not After : Dec 21 16:00:31 2025 GMT Subject: CN=20fa2a6203ca46968cf3e4d6e576231681ec2b64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:27:8c:16:1e:b0:6e:c3:e7:ca:18:56:7a:3f: 06:92:e7:37:89:d5:10:6c:7b:df:c1:56:2f:88:21: fc:51:27:61:ed:66:f2:f5:49:32:bf:7a:96:e4:4a: 5d:96:34:b3:b4:7f:da:8a:f7:9e:79:ef:ce:b2:69: 77:8a:67:cc:fc:c1:bd:0d:28:4b:4c:6e:65:be:ab: 66:d1:76:ce:ec:f0:61:43:16:17:07:fd:5f:b4:c9: 5c:cc:19:b8:3f:23:98:b3:cd:4b:ea:79:42:4e:e7: a3:b3:04:f9:0f:e1:52:e4:91:8d:d0:6b:ef:67:a4: f8:55:c1:ff:f1:c8:78:26:db:01:c5:64:52:79:25: ab:ca:47:09:7c:2b:0f:9b:0c:a7:2d:32:1d:5e:dc: 21:1c:ba:7f:54:4c:ee:26:a3:a7:16:c4:a2:5b:de: fd:7b:0d:a9:dc:e1:2a:72:37:ac:4a:78:3d:61:4c: 50:4f:2f:e1:e4:f5:14:ba:ec:63:6d:80:ae:79:b2: 77:89:ed:da:b8:f5:aa:ad:6f:06:96:a0:77:a5:bc: e0:3a:7c:39:99:32:e0:f6:e7:94:2e:cf:71:86:78: 50:7c:98:ae:83:a7:1e:b0:5e:61:2d:37:da:d2:5b: e6:b5:28:0b:c8:79:8f:cc:d0:fa:df:6a:35:c2:3c: cc:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:FA:2A:62:03:CA:46:96:8C:F3:E4:D6:E5:76:23:16:81:EC:2B:64 X509v3 Authority Key Identifier: keyid:80:D6:7A:84:40:9C:ED:BA:02:2E:EB:03:5B:D8:AD:62:0D:68:3E:A7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gNZ6hECc7boCLusDW9itYg1oPqc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/13d50b-7db3-4d10-8a4e-6eb3aa6a21af/1/gNZ6hECc7boCLusDW9itYg1oPqc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/13d50b-7db3-4d10-8a4e-6eb3aa6a21af/1/gNZ6hECc7boCLusDW9itYg1oPqc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a8:65:49:9f:05:6f:99:ad:9f:bf:67:4b:4f:90:fa:0b:35:d1: 6c:67:39:55:f8:80:5b:a6:c9:4d:32:65:be:17:fc:30:fd:47: f0:c9:d1:81:0e:f8:50:a2:cb:a4:87:d3:9a:90:52:fe:44:cf: 04:98:51:d0:37:c8:d9:97:d5:47:d7:e7:21:ba:15:2a:04:7a: 13:29:1b:cd:d7:24:7b:aa:5c:8d:7a:d2:ca:c9:6e:43:18:48: 51:0a:c1:ab:8f:b9:a0:e2:79:dd:91:fe:66:0f:05:cc:45:6b: 59:22:7a:5d:18:79:6d:ff:1f:96:fa:a1:87:13:1b:f8:67:6c: e0:24:f0:44:d2:a6:20:f4:f8:ab:b6:40:f1:4e:cb:3f:a6:cd: 43:99:b8:ec:a7:62:e8:e5:16:91:fc:e7:e0:c2:77:7b:4e:58: 95:2f:05:ed:a5:10:33:f2:cc:2e:7a:0d:51:3a:41:52:d9:e4: 99:5a:1e:b7:23:05:16:52:cb:fd:ed:03:e2:87:e1:bf:bb:5a: 28:57:f2:3c:b7:43:63:8c:7e:1a:9d:02:16:5f:27:c2:06:f8: 53:8c:69:0b:8c:3f:8f:5b:c8:79:73:18:b3:a9:3c:11:91:36: ae:50:74:1c:46:84:d4:6d:ad:d2:db:0d:c3:3d:6e:d1:a6:de: 35:66:5b:d9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8fbzHdqRtY7zm2cvn6tj/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgwZDY3YTg0NDA5Y2VkYmEwMjJlZWIwMzViZDhhZDYyMGQ2 ODNlYTcwHhcNMjUxMjIwMTYwMDMxWhcNMjUxMjIxMTYwMDMxWjAzMTEwLwYDVQQD EygyMGZhMmE2MjAzY2E0Njk2OGNmM2U0ZDZlNTc2MjMxNjgxZWMyYjY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxieMFh6wbsPnyhhWej8Gkuc3idUQ bHvfwVYviCH8USdh7Wby9Ukyv3qW5EpdljSztH/aiveeee/Osml3imfM/MG9DShL TG5lvqtm0XbO7PBhQxYXB/1ftMlczBm4PyOYs81L6nlCTuejswT5D+FS5JGN0Gvv Z6T4VcH/8ch4JtsBxWRSeSWrykcJfCsPmwynLTIdXtwhHLp/VEzuJqOnFsSiW979 ew2p3OEqcjesSng9YUxQTy/h5PUUuuxjbYCuebJ3ie3auPWqrW8GlqB3pbzgOnw5 mTLg9ueULs9xhnhQfJiug6cesF5hLTfa0lvmtSgLyHmPzND632o1wjzMkQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCD6KmIDykaWjPPk1uV2IxaB7CtkMB8GA1UdIwQY MBaAFIDWeoRAnO26Ai7rA1vYrWINaD6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ05aNmhFQ2M3Ym9DTHVzRFc5aXRZZzFvUHFjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xM2Q1MGItN2RiMy00ZDEwLThhNGUt NmViM2FhNmEyMWFmLzEvZ05aNmhFQ2M3Ym9DTHVzRFc5aXRZZzFvUHFjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZC8xM2Q1MGItN2RiMy00ZDEwLThhNGUtNmViM2FhNmEyMWFm LzEvZ05aNmhFQ2M3Ym9DTHVzRFc5aXRZZzFvUHFjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqGVJnwVv ma2fv2dLT5D6CzXRbGc5VfiAW6bJTTJlvhf8MP1H8MnRgQ74UKLLpIfTmpBS/kTP BJhR0DfI2ZfVR9fnIboVKgR6Eykbzdcke6pcjXrSysluQxhIUQrBq4+5oOJ53ZH+ Zg8FzEVrWSJ6XRh5bf8flvqhhxMb+Gds4CTwRNKmIPT4q7ZA8U7LP6bNQ5m47Kdi 6OUWkfzn4MJ3e05YlS8F7aUQM/LMLnoNUTpBUtnkmVoetyMFFlLL/e0D4ofhv7ta KFfyPLdDY4x+Gp0CFl8nwgb4U4xpC4w/j1vIeXMYs6k8EZE2rlB0HEaE1G2t0tsN wz1u0abeNWZb2Q== -----END CERTIFICATE-----Generated at Sun Dec 21 00:53:01 2025 by rpki-client