This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft File: GWa02kiR-4CQGCvDO0m1liT8nZs.mft (raw, json) Hash identifier: FkqtxTSUhTXndWNmmFSIiptpcuYUUkzsyPrTG0ZD4Tg= Subject key identifier: E0:BB:A8:64:90:B0:34:C7:BA:F2:59:1F:C5:C8:5B:D2:4C:61:B8:64 Authority key identifier: 19:66:B4:DA:48:91:FB:80:90:18:2B:C3:3B:49:B5:96:24:FC:9D:9B Certificate issuer: /CN=1966b4da4891fb8090182bc33b49b59624fc9d9b Certificate serial: 019B5D529074F0EC99F7A9CCC4FFC99367EA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft Manifest number: 1685 Signing time: Sat 27 Dec 2025 01:00:50 +0000 Manifest this update: Sat 27 Dec 2025 01:00:50 +0000 Manifest next update: Sun 28 Dec 2025 01:00:50 +0000 Files and hashes: 1: GWa02kiR-4CQGCvDO0m1liT8nZs.crl (hash: F8qVw9baGWcmfFN/BDh8AxSai53t1Lr6qsdzvhy8tYM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.crl rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 28 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5d:52:90:74:f0:ec:99:f7:a9:cc:c4:ff:c9:93:67:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1966b4da4891fb8090182bc33b49b59624fc9d9b Validity Not Before: Dec 27 01:00:50 2025 GMT Not After : Dec 28 01:00:50 2025 GMT Subject: CN=e0bba86490b034c7baf2591fc5c85bd24c61b864 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:89:bc:00:94:c7:3b:3e:35:99:ca:e4:7b:60: 45:2b:c5:56:d5:d7:fa:ba:34:e9:38:5c:28:0e:d1: 37:d5:b2:5b:d4:92:65:da:27:86:c6:07:c3:4a:84: f6:11:77:54:83:bb:1c:30:84:af:cc:31:dd:7a:16: de:fd:18:e8:48:5f:94:19:a1:bf:13:9f:e5:f1:48: 75:a6:e7:17:78:bd:60:d7:17:f3:5c:83:5f:81:a6: d7:ac:90:22:8c:44:5c:2e:bd:a0:54:d7:da:58:96: 6f:92:7f:a5:38:f6:dd:e4:fe:28:0a:74:6c:bc:14: 39:2d:c4:b2:ed:8c:76:f2:3b:5e:34:ec:6c:b9:ce: 03:ae:9e:bc:74:c6:e2:ad:a5:d3:ab:5b:05:ed:40: 2b:d2:dc:2c:74:da:01:07:88:a2:ad:70:99:1b:d9: 9b:f6:7c:8f:d5:be:c8:3c:e6:8c:1b:1f:50:27:36: 9d:9c:b9:4e:d6:9b:e4:84:28:5a:44:e3:6c:95:f9: 06:93:be:c7:e8:00:24:48:21:7e:86:1a:66:33:0a: 54:6e:1b:39:1b:14:30:fc:42:0a:c3:be:d2:48:02: fc:07:24:08:b2:e9:9e:2e:8e:5d:e0:a0:fc:9c:75: 33:dc:89:c0:8c:6c:4a:d0:24:8b:53:4e:4e:f5:e3: 3b:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:BB:A8:64:90:B0:34:C7:BA:F2:59:1F:C5:C8:5B:D2:4C:61:B8:64 X509v3 Authority Key Identifier: keyid:19:66:B4:DA:48:91:FB:80:90:18:2B:C3:3B:49:B5:96:24:FC:9D:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GWa02kiR-4CQGCvDO0m1liT8nZs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/413e91-acfe-47e1-add2-79d5b46d9c0e/1/GWa02kiR-4CQGCvDO0m1liT8nZs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 55:52:3b:f4:ed:dc:61:b9:71:bf:b4:be:24:68:d6:1b:52:2d: 60:23:75:c2:16:d7:f6:33:de:2d:18:55:ba:15:c0:4b:91:32: aa:40:88:45:c1:3b:0e:0a:24:b8:36:f7:b5:c2:e5:af:b6:46: 0e:d0:31:61:54:b4:d8:12:a8:4e:82:d6:b7:de:1c:e8:5f:5a: 42:f6:a7:2f:34:62:e4:8c:2b:db:21:7c:0c:2a:3b:2c:fe:ec: a7:13:f9:13:87:99:db:cf:71:de:4f:2f:02:8a:e6:5d:7d:21: c7:e4:ac:9f:48:61:ac:eb:8e:9a:11:91:12:ca:a8:2f:94:c4: e3:8a:2b:d7:fe:7e:5a:de:2b:e2:73:e4:2e:a9:9a:66:b2:0b: 17:2f:25:02:d7:1a:1b:e0:9d:91:6c:fb:95:7b:83:7f:69:79: 8f:c8:e4:1f:0f:5d:01:eb:23:a0:67:68:b9:d0:06:fe:2d:cb: 99:da:6b:15:69:ae:62:b4:d0:b0:03:a0:20:9c:e9:43:6f:50: 02:fc:6c:3c:f0:93:c9:96:0c:9d:64:e4:55:0c:be:1b:02:60: 87:1e:64:8e:86:d7:f4:ee:b6:10:6b:8b:12:b3:18:3e:85:73: 1e:9f:8e:bc:a3:1c:de:88:19:99:6a:0d:ed:74:db:b1:ef:5b: ff:6e:f7:aa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtdUpB08OyZ96nMxP/Jk2fqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE5NjZiNGRhNDg5MWZiODA5MDE4MmJjMzNiNDliNTk2MjRm YzlkOWIwHhcNMjUxMjI3MDEwMDUwWhcNMjUxMjI4MDEwMDUwWjAzMTEwLwYDVQQD EyhlMGJiYTg2NDkwYjAzNGM3YmFmMjU5MWZjNWM4NWJkMjRjNjFiODY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsom8AJTHOz41mcrke2BFK8VW1df6 ujTpOFwoDtE31bJb1JJl2ieGxgfDSoT2EXdUg7scMISvzDHdehbe/RjoSF+UGaG/ E5/l8Uh1pucXeL1g1xfzXINfgabXrJAijERcLr2gVNfaWJZvkn+lOPbd5P4oCnRs vBQ5LcSy7Yx28jteNOxsuc4Drp68dMbiraXTq1sF7UAr0twsdNoBB4iirXCZG9mb 9nyP1b7IPOaMGx9QJzadnLlO1pvkhChaRONslfkGk77H6AAkSCF+hhpmMwpUbhs5 GxQw/EIKw77SSAL8ByQIsumeLo5d4KD8nHUz3InAjGxK0CSLU05O9eM7UwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOC7qGSQsDTHuvJZH8XIW9JMYbhkMB8GA1UdIwQY MBaAFBlmtNpIkfuAkBgrwztJtZYk/J2bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80MTNlOTEtYWNmZS00N2UxLWFkZDIt NzlkNWI0NmQ5YzBlLzEvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS80MTNlOTEtYWNmZS00N2UxLWFkZDItNzlkNWI0NmQ5YzBl LzEvR1dhMDJraVItNENRR0N2RE8wbTFsaVQ4blpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVVI79O3c Yblxv7S+JGjWG1ItYCN1whbX9jPeLRhVuhXAS5EyqkCIRcE7DgokuDb3tcLlr7ZG DtAxYVS02BKoToLWt94c6F9aQvanLzRi5Iwr2yF8DCo7LP7spxP5E4eZ289x3k8v AormXX0hx+Ssn0hhrOuOmhGREsqoL5TE44or1/5+Wt4r4nPkLqmaZrILFy8lAtca G+CdkWz7lXuDf2l5j8jkHw9dAesjoGdoudAG/i3LmdprFWmuYrTQsAOgIJzpQ29Q AvxsPPCTyZYMnWTkVQy+GwJghx5kjobX9O62EGuLErMYPoVzHp+OvKMc3ogZmWoN 7XTbse9b/273qg== -----END CERTIFICATE-----Generated at Sat Dec 27 07:03:33 2025 by rpki-client