This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/04b91a-e349-40cd-b901-1f13f55d0059/1/gzVETFgRYcWIroS-AZZbyOg3gLg.mft File: gzVETFgRYcWIroS-AZZbyOg3gLg.mft (raw, json) Hash identifier: s0uPUqQ3/Jk1zKCzaiuWnDJLyqrhOlzaIsCoBacbBY8= Subject key identifier: DC:6D:F6:2A:6E:05:4C:6F:BC:99:6E:5E:82:78:4A:6B:57:9A:01:B5 Authority key identifier: 83:35:44:4C:58:11:61:C5:88:AE:84:BE:01:96:5B:C8:E8:37:80:B8 Certificate issuer: /CN=8335444c581161c588ae84be01965bc8e83780b8 Certificate serial: 019B3DC824B94FB47D9A924688DD1435074D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzVETFgRYcWIroS-AZZbyOg3gLg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/04b91a-e349-40cd-b901-1f13f55d0059/1/gzVETFgRYcWIroS-AZZbyOg3gLg.mft Manifest number: 14B3 Signing time: Sat 20 Dec 2025 22:01:25 +0000 Manifest this update: Sat 20 Dec 2025 22:01:25 +0000 Manifest next update: Sun 21 Dec 2025 22:01:25 +0000 Files and hashes: 1: 52xHcZKMiLkJfC48D6ah-VZ8yTA.roa (hash: jrz3bp7KHkqbn8SdD2JCqFdwlcK3RRhyL/xchThJ/cc=) 2: gzVETFgRYcWIroS-AZZbyOg3gLg.crl (hash: o+8i8u7CQJthJPCuvnEX3k4FfHRgklt6jzxO9mqvRlo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/04b91a-e349-40cd-b901-1f13f55d0059/1/gzVETFgRYcWIroS-AZZbyOg3gLg.crl rsync://rpki.ripe.net/repository/DEFAULT/30/04b91a-e349-40cd-b901-1f13f55d0059/1/gzVETFgRYcWIroS-AZZbyOg3gLg.mft rsync://rpki.ripe.net/repository/DEFAULT/gzVETFgRYcWIroS-AZZbyOg3gLg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 22:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:c8:24:b9:4f:b4:7d:9a:92:46:88:dd:14:35:07:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8335444c581161c588ae84be01965bc8e83780b8 Validity Not Before: Dec 20 22:01:25 2025 GMT Not After : Dec 21 22:01:25 2025 GMT Subject: CN=dc6df62a6e054c6fbc996e5e82784a6b579a01b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:d8:59:89:44:db:f0:23:0b:57:a3:b6:5b:90: 11:8f:fd:47:75:0d:d2:ca:39:fc:ed:12:22:33:1c: 8e:39:1b:69:93:ae:99:5a:29:25:b6:2e:11:01:40: fa:df:12:e9:c8:55:26:53:1c:8c:4c:46:ff:0f:68: 87:c3:e7:9e:84:e9:d8:8a:8d:31:01:aa:98:5b:d3: a3:73:fc:04:ed:56:a5:7e:2c:b7:5b:4f:b0:3f:c0: 99:fa:9f:2c:ac:5b:e8:7a:07:04:aa:d2:e5:46:37: 0b:b2:ab:f2:ce:ea:cf:79:63:39:8b:e2:59:2e:ac: 50:50:72:04:c1:8a:00:96:11:23:42:da:76:32:7e: 83:14:c3:c9:5c:e7:fb:b7:0b:3a:5e:8b:a0:2b:4d: 31:ca:83:d1:5e:a5:93:e9:89:cb:ec:95:cf:fa:3e: 02:15:11:46:3f:be:76:4d:a9:96:bc:37:6a:78:1c: 84:a0:b3:e4:33:ee:be:c1:62:0a:45:05:79:18:da: f4:e4:1b:52:09:73:20:f7:7e:d5:6c:38:75:9f:61: bc:fd:ae:9e:c9:89:1d:1a:90:5a:32:d0:6c:89:69: e6:f6:9d:32:1b:b3:17:f7:9b:83:b6:0c:85:f1:0f: 8a:06:80:3d:ca:65:3c:6d:5c:d8:52:7b:ac:47:4d: 81:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:6D:F6:2A:6E:05:4C:6F:BC:99:6E:5E:82:78:4A:6B:57:9A:01:B5 X509v3 Authority Key Identifier: keyid:83:35:44:4C:58:11:61:C5:88:AE:84:BE:01:96:5B:C8:E8:37:80:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzVETFgRYcWIroS-AZZbyOg3gLg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/04b91a-e349-40cd-b901-1f13f55d0059/1/gzVETFgRYcWIroS-AZZbyOg3gLg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/30/04b91a-e349-40cd-b901-1f13f55d0059/1/gzVETFgRYcWIroS-AZZbyOg3gLg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0c:a1:8c:52:f9:38:9f:d4:d6:b5:d2:0d:4e:90:40:32:ad:fc: ff:52:e2:72:af:c3:c4:a8:23:24:ab:ca:1f:08:97:fb:b8:37: 4d:76:c4:d5:ca:5f:60:dd:c2:89:8b:18:bd:cc:a1:8b:c8:18: 17:d5:cb:6f:1d:38:81:02:b5:cf:57:fa:3a:8b:3c:96:6a:5f: d9:89:10:c5:6f:9e:a1:ed:da:01:05:e7:df:0a:8e:b0:81:0e: df:13:89:4c:c9:1b:bd:96:3a:9d:40:dc:ef:10:0e:42:15:fa: 2b:b0:4d:24:8a:e3:50:a4:29:e3:19:ab:e1:d0:5f:12:de:bc: 48:5b:d9:96:2f:d3:4c:c5:1c:14:1b:9f:d6:58:3d:30:31:39: e4:27:90:bc:3b:38:09:31:09:f3:0b:45:80:c9:e4:38:06:fa: 3e:03:cf:b6:25:62:c0:6d:7f:b8:24:7f:32:8f:f8:ef:69:c7: a7:c7:fc:fb:ca:0b:d4:a3:97:5f:fa:2a:bf:dd:e3:4f:61:c2: 9c:4e:09:d4:93:36:62:16:31:4a:89:6d:e9:2d:1a:d3:7f:2e: eb:fe:94:b1:8f:a4:5f:ca:59:65:ac:ee:39:76:a7:de:15:ad: 66:63:68:ea:ec:49:10:c8:00:a9:fe:73:d7:8d:49:f9:80:6c: 16:a7:8b:00 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9yCS5T7R9mpJGiN0UNQdNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgzMzU0NDRjNTgxMTYxYzU4OGFlODRiZTAxOTY1YmM4ZTgz NzgwYjgwHhcNMjUxMjIwMjIwMTI1WhcNMjUxMjIxMjIwMTI1WjAzMTEwLwYDVQQD EyhkYzZkZjYyYTZlMDU0YzZmYmM5OTZlNWU4Mjc4NGE2YjU3OWEwMWI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9hZiUTb8CMLV6O2W5ARj/1HdQ3S yjn87RIiMxyOORtpk66ZWiklti4RAUD63xLpyFUmUxyMTEb/D2iHw+eehOnYio0x AaqYW9Ojc/wE7Valfiy3W0+wP8CZ+p8srFvoegcEqtLlRjcLsqvyzurPeWM5i+JZ LqxQUHIEwYoAlhEjQtp2Mn6DFMPJXOf7tws6XougK00xyoPRXqWT6YnL7JXP+j4C FRFGP752TamWvDdqeByEoLPkM+6+wWIKRQV5GNr05BtSCXMg937VbDh1n2G8/a6e yYkdGpBaMtBsiWnm9p0yG7MX95uDtgyF8Q+KBoA9ymU8bVzYUnusR02B8QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNxt9ipuBUxvvJluXoJ4SmtXmgG1MB8GA1UdIwQY MBaAFIM1RExYEWHFiK6EvgGWW8joN4C4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ3pWRVRGZ1JZY1dJcm9TLUFaWmJ5T2czZ0xnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wNGI5MWEtZTM0OS00MGNkLWI5MDEt MWYxM2Y1NWQwMDU5LzEvZ3pWRVRGZ1JZY1dJcm9TLUFaWmJ5T2czZ0xnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMC8wNGI5MWEtZTM0OS00MGNkLWI5MDEtMWYxM2Y1NWQwMDU5 LzEvZ3pWRVRGZ1JZY1dJcm9TLUFaWmJ5T2czZ0xnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADKGMUvk4 n9TWtdINTpBAMq38/1Licq/DxKgjJKvKHwiX+7g3TXbE1cpfYN3CiYsYvcyhi8gY F9XLbx04gQK1z1f6Oos8lmpf2YkQxW+eoe3aAQXn3wqOsIEO3xOJTMkbvZY6nUDc 7xAOQhX6K7BNJIrjUKQp4xmr4dBfEt68SFvZli/TTMUcFBuf1lg9MDE55CeQvDs4 CTEJ8wtFgMnkOAb6PgPPtiViwG1/uCR/Mo/472nHp8f8+8oL1KOXX/oqv93jT2HC nE4J1JM2YhYxSolt6S0a038u6/6UsY+kX8pZZazuOXan3hWtZmNo6uxJEMgAqf5z 141J+YBsFqeLAA== -----END CERTIFICATE-----Generated at Sun Dec 21 06:05:39 2025 by rpki-client