This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft File: G2t-l-0j1mqR-4qRv9nGdxEpsas.mft (raw, json) Hash identifier: BWYOvaC+HoLb+hM6S1Mqm+DWa0r486edsrfbyPuwxmc= Subject key identifier: 31:0F:E0:C3:BD:5F:54:22:51:39:C9:44:9E:48:4C:5E:95:DB:CB:6D Authority key identifier: 1B:6B:7E:97:ED:23:D6:6A:91:FB:8A:91:BF:D9:C6:77:11:29:B1:AB Certificate issuer: /CN=1b6b7e97ed23d66a91fb8a91bfd9c6771129b1ab Certificate serial: 019B7E9585178113A8E355A39F72FF309A2C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G2t-l-0j1mqR-4qRv9nGdxEpsas.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft Manifest number: 10A3 Signing time: Fri 02 Jan 2026 12:01:26 +0000 Manifest this update: Fri 02 Jan 2026 12:01:26 +0000 Manifest next update: Sat 03 Jan 2026 12:01:26 +0000 Files and hashes: 1: G2t-l-0j1mqR-4qRv9nGdxEpsas.crl (hash: 3L2DYq4KrFZsW/HnQ6jWiUCS0/5IAgKbkhLom7xj9fs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.crl rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft rsync://rpki.ripe.net/repository/DEFAULT/G2t-l-0j1mqR-4qRv9nGdxEpsas.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 12:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:95:85:17:81:13:a8:e3:55:a3:9f:72:ff:30:9a:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1b6b7e97ed23d66a91fb8a91bfd9c6771129b1ab Validity Not Before: Jan 2 12:01:26 2026 GMT Not After : Jan 3 12:01:26 2026 GMT Subject: CN=310fe0c3bd5f54225139c9449e484c5e95dbcb6d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:b3:c0:0b:85:97:1e:b7:70:d5:95:c6:9e:ba: 9e:3c:99:72:35:c0:e9:e2:31:d3:f8:07:f2:8f:5e: 4a:2a:e3:39:08:67:cb:3a:33:bb:41:2e:50:38:45: 49:4c:59:45:1d:88:9c:69:f3:8f:21:7d:aa:95:27: dd:55:5f:6d:cf:f0:8a:eb:d6:28:83:f5:97:0a:ae: f8:e8:8b:9e:15:bb:8a:5f:be:93:86:fb:ab:3f:57: 03:7c:15:56:e1:6b:4c:a3:3d:fa:ce:8f:70:b1:45: 37:97:0c:a5:60:34:89:38:a3:9a:ef:57:09:64:98: bf:e7:02:e3:2b:51:2c:71:e9:ae:6e:e8:b4:a2:1a: 18:61:9d:72:53:0b:1a:9b:7e:66:04:0c:e1:4e:94: 16:1b:34:3f:97:07:58:ce:1b:6c:88:f2:40:8f:85: d4:a2:aa:a0:02:ed:39:50:36:3d:48:14:3b:cd:d5: 31:01:ff:2f:81:08:97:f6:de:be:26:d6:84:dc:14: 47:cb:cd:e2:82:42:2a:c3:91:fc:e1:3e:a2:42:1a: 57:96:59:40:47:47:74:b2:49:04:5b:c6:f2:e9:0a: 81:b0:e8:06:fc:09:56:8a:36:b0:67:75:26:47:29: 60:1e:28:3f:33:69:f5:80:5a:3b:c3:b6:ee:31:76: 3b:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:0F:E0:C3:BD:5F:54:22:51:39:C9:44:9E:48:4C:5E:95:DB:CB:6D X509v3 Authority Key Identifier: keyid:1B:6B:7E:97:ED:23:D6:6A:91:FB:8A:91:BF:D9:C6:77:11:29:B1:AB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G2t-l-0j1mqR-4qRv9nGdxEpsas.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ae:f5:da:e5:3e:92:37:ea:11:9c:e1:18:b3:5c:39:5d:af:8d: ec:bb:85:0b:ce:06:5b:b7:3b:4b:d6:6d:04:b2:ab:ca:5b:70: 7c:b3:ee:93:77:7b:4c:e4:00:df:84:36:aa:65:c6:06:77:96: 9b:bd:5e:12:a1:bf:0e:85:fa:e7:55:14:4e:6c:5b:73:fa:21: 8c:45:8c:f8:d7:1f:19:c2:4f:30:4d:54:8f:ac:f4:27:60:af: 4a:be:ff:66:51:fd:86:ac:28:f0:c2:c7:9f:c1:41:52:e7:fa: 95:58:e4:55:d7:d9:f8:b9:59:fa:f8:18:54:6b:dd:09:ea:10: f7:a9:91:71:f1:69:63:a8:86:b7:7b:65:50:8c:db:56:02:e1: 46:2e:f5:ce:35:43:55:11:46:5f:f5:34:0e:6b:3d:10:76:63: b8:6a:29:34:31:99:7a:cb:9d:55:3f:a3:9e:7a:1c:20:76:7b: 0c:9e:d8:96:8f:40:ba:d5:85:00:c7:27:e1:f6:bd:ad:c1:c4: 5e:7a:4e:4f:ae:72:87:9e:33:d7:57:25:33:5b:d2:69:e9:ca: 1a:f6:07:b8:ca:1c:79:e9:27:f1:de:0f:47:00:9a:82:bf:6f: 6e:83:74:69:be:3d:23:61:cb:1c:56:dc:6b:49:ec:dd:cd:18: c9:eb:52:91 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt+lYUXgROo41Wjn3L/MJosMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiNmI3ZTk3ZWQyM2Q2NmE5MWZiOGE5MWJmZDljNjc3MTEy OWIxYWIwHhcNMjYwMTAyMTIwMTI2WhcNMjYwMTAzMTIwMTI2WjAzMTEwLwYDVQQD EygzMTBmZTBjM2JkNWY1NDIyNTEzOWM5NDQ5ZTQ4NGM1ZTk1ZGJjYjZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrPAC4WXHrdw1ZXGnrqePJlyNcDp 4jHT+Afyj15KKuM5CGfLOjO7QS5QOEVJTFlFHYicafOPIX2qlSfdVV9tz/CK69Yo g/WXCq746IueFbuKX76ThvurP1cDfBVW4WtMoz36zo9wsUU3lwylYDSJOKOa71cJ ZJi/5wLjK1Escemubui0ohoYYZ1yUwsam35mBAzhTpQWGzQ/lwdYzhtsiPJAj4XU oqqgAu05UDY9SBQ7zdUxAf8vgQiX9t6+JtaE3BRHy83igkIqw5H84T6iQhpXlllA R0d0skkEW8by6QqBsOgG/AlWijawZ3UmRylgHig/M2n1gFo7w7buMXY79QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDEP4MO9X1QiUTnJRJ5ITF6V28ttMB8GA1UdIwQY MBaAFBtrfpftI9ZqkfuKkb/ZxncRKbGrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRzJ0LWwtMGoxbXFSLTRxUnY5bkdkeEVwc2FzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iYjBlMDAtYTI0ZC00OTM1LThjMDct MTM2MTU1MGNiM2Q1LzEvRzJ0LWwtMGoxbXFSLTRxUnY5bkdkeEVwc2FzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ny9iYjBlMDAtYTI0ZC00OTM1LThjMDctMTM2MTU1MGNiM2Q1 LzEvRzJ0LWwtMGoxbXFSLTRxUnY5bkdkeEVwc2FzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArvXa5T6S N+oRnOEYs1w5Xa+N7LuFC84GW7c7S9ZtBLKryltwfLPuk3d7TOQA34Q2qmXGBneW m71eEqG/DoX651UUTmxbc/ohjEWM+NcfGcJPME1Uj6z0J2CvSr7/ZlH9hqwo8MLH n8FBUuf6lVjkVdfZ+LlZ+vgYVGvdCeoQ96mRcfFpY6iGt3tlUIzbVgLhRi71zjVD VRFGX/U0Dms9EHZjuGopNDGZesudVT+jnnocIHZ7DJ7Ylo9AutWFAMcn4fa9rcHE XnpOT65yh54z11clM1vSaenKGvYHuMoceekn8d4PRwCagr9vboN0ab49I2HLHFbc a0ns3c0YyetSkQ== -----END CERTIFICATE-----Generated at Fri Jan 2 18:29:01 2026 by rpki-client