This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/3a944b-b428-4547-b7fb-38f7c6ac9b66/1/GTWdi0RPJzSynpueCQG-CLAPQOM.mft File: GTWdi0RPJzSynpueCQG-CLAPQOM.mft (raw, json) Hash identifier: bZ7kd8jDTMh/IJ713mumWTF+p7uPG0R39ZFu1AiSH94= Subject key identifier: 13:D7:16:5E:2F:0F:D8:98:E1:45:CD:17:B4:6B:AE:16:72:EB:E9:5F Authority key identifier: 19:35:9D:8B:44:4F:27:34:B2:9E:9B:9E:09:01:BE:08:B0:0F:40:E3 Certificate issuer: /CN=19359d8b444f2734b29e9b9e0901be08b00f40e3 Certificate serial: 019B323160E02915E5853BF3CA5AF20465A3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GTWdi0RPJzSynpueCQG-CLAPQOM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/3a944b-b428-4547-b7fb-38f7c6ac9b66/1/GTWdi0RPJzSynpueCQG-CLAPQOM.mft Manifest number: 1301 Signing time: Thu 18 Dec 2025 16:00:55 +0000 Manifest this update: Thu 18 Dec 2025 16:00:55 +0000 Manifest next update: Fri 19 Dec 2025 16:00:55 +0000 Files and hashes: 1: GTWdi0RPJzSynpueCQG-CLAPQOM.crl (hash: 7025ttbHQnV7iJ+BWRm6yZM+XVCGm0uH+w3/Y3wkAIY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/3a944b-b428-4547-b7fb-38f7c6ac9b66/1/GTWdi0RPJzSynpueCQG-CLAPQOM.crl rsync://rpki.ripe.net/repository/DEFAULT/69/3a944b-b428-4547-b7fb-38f7c6ac9b66/1/GTWdi0RPJzSynpueCQG-CLAPQOM.mft rsync://rpki.ripe.net/repository/DEFAULT/GTWdi0RPJzSynpueCQG-CLAPQOM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 16:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:31:60:e0:29:15:e5:85:3b:f3:ca:5a:f2:04:65:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=19359d8b444f2734b29e9b9e0901be08b00f40e3 Validity Not Before: Dec 18 16:00:55 2025 GMT Not After : Dec 19 16:00:55 2025 GMT Subject: CN=13d7165e2f0fd898e145cd17b46bae1672ebe95f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:bf:d9:be:b8:ff:63:f3:c3:34:f1:38:48:c4: 87:68:51:92:2d:8b:3e:9d:5a:c0:93:bd:34:2c:35: 79:e4:9d:54:5f:9c:4f:46:0f:7c:fa:fd:12:5e:79: 4b:e8:20:d1:87:bf:f1:8b:6f:98:01:27:33:40:95: fc:07:96:76:41:fd:a3:68:af:0f:c9:4b:d8:27:d7: 8b:48:80:b2:87:bf:80:6d:a0:9d:36:37:c8:8e:7b: 57:2b:9a:ee:02:8b:e6:fc:5c:59:1b:89:53:f3:11: 8a:18:bd:ce:ef:b6:fd:d8:d6:58:f6:80:59:5f:db: 39:e1:d9:f9:f7:90:62:9f:b5:3e:de:e6:ba:66:8b: 42:1a:89:55:3d:7d:16:e4:1a:d3:01:e0:0f:9f:d2: d3:2c:7d:1d:19:3d:4d:fa:9e:1d:db:92:ee:37:f6: 29:6a:bc:d2:14:2c:bf:50:e9:97:c5:25:5d:e4:1b: a9:d7:b6:c1:9f:c2:cc:f8:08:98:e0:b1:fb:db:b6: 60:4c:8c:b6:62:f9:ed:b8:54:a3:a8:b5:30:8c:7f: bd:6c:55:59:3e:fd:92:29:b0:83:d7:22:79:85:f1: 9a:5a:79:41:7e:31:1e:1b:c0:45:85:51:2b:70:8c: 8e:11:2f:91:1e:ba:46:5a:49:06:da:52:14:01:07: 49:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:D7:16:5E:2F:0F:D8:98:E1:45:CD:17:B4:6B:AE:16:72:EB:E9:5F X509v3 Authority Key Identifier: keyid:19:35:9D:8B:44:4F:27:34:B2:9E:9B:9E:09:01:BE:08:B0:0F:40:E3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GTWdi0RPJzSynpueCQG-CLAPQOM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3a944b-b428-4547-b7fb-38f7c6ac9b66/1/GTWdi0RPJzSynpueCQG-CLAPQOM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3a944b-b428-4547-b7fb-38f7c6ac9b66/1/GTWdi0RPJzSynpueCQG-CLAPQOM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3e:28:e1:76:3a:27:c2:98:44:13:1e:5c:ef:ef:ba:b8:d4:18: 87:c1:ef:dc:82:99:a4:55:15:54:f6:c9:7f:0e:0b:2c:b5:37: fa:10:98:5b:48:df:14:a8:2d:57:ac:65:b3:87:1b:02:34:83: d6:c0:d3:28:c8:81:f0:1f:54:62:ca:86:b9:6f:3c:52:9f:91: 24:e3:d4:8c:17:36:38:99:66:57:6a:59:4d:40:2e:06:6f:9e: 2a:48:dd:54:5d:98:74:73:c4:81:5a:33:e6:9c:f9:ea:e9:ee: 95:56:3b:5e:62:ed:e5:4c:14:98:6e:11:37:49:5c:d4:1e:3f: 35:55:01:f3:86:27:3d:4f:68:90:6a:fc:7b:72:31:42:d8:a8: 1d:08:fe:73:ab:14:b6:44:e8:05:76:64:37:fb:da:63:5d:f8: 91:43:cc:a9:29:3c:9c:8c:8e:46:66:f4:31:33:4d:4e:2f:56: bf:9a:00:3c:04:39:09:2d:d8:23:56:b3:4b:44:31:e1:1b:f8: 75:af:e2:95:16:41:55:4c:8b:4f:2b:55:9c:a0:9f:ae:9a:ca: 32:a1:bf:f0:e0:ce:26:ca:89:ec:5e:59:50:11:12:54:db:bf: 5c:ef:b6:e8:95:74:22:0c:7f:df:49:49:b0:3e:47:1c:f4:68: c3:d6:f4:d4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsyMWDgKRXlhTvzylryBGWjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE5MzU5ZDhiNDQ0ZjI3MzRiMjllOWI5ZTA5MDFiZTA4YjAw ZjQwZTMwHhcNMjUxMjE4MTYwMDU1WhcNMjUxMjE5MTYwMDU1WjAzMTEwLwYDVQQD EygxM2Q3MTY1ZTJmMGZkODk4ZTE0NWNkMTdiNDZiYWUxNjcyZWJlOTVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1r/Zvrj/Y/PDNPE4SMSHaFGSLYs+ nVrAk700LDV55J1UX5xPRg98+v0SXnlL6CDRh7/xi2+YASczQJX8B5Z2Qf2jaK8P yUvYJ9eLSICyh7+AbaCdNjfIjntXK5ruAovm/FxZG4lT8xGKGL3O77b92NZY9oBZ X9s54dn595Bin7U+3ua6ZotCGolVPX0W5BrTAeAPn9LTLH0dGT1N+p4d25LuN/Yp arzSFCy/UOmXxSVd5Bup17bBn8LM+AiY4LH727ZgTIy2YvntuFSjqLUwjH+9bFVZ Pv2SKbCD1yJ5hfGaWnlBfjEeG8BFhVErcIyOES+RHrpGWkkG2lIUAQdJGQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBPXFl4vD9iY4UXNF7RrrhZy6+lfMB8GA1UdIwQY MBaAFBk1nYtETyc0sp6bngkBvgiwD0DjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR1RXZGkwUlBKelN5bnB1ZUNRRy1DTEFQUU9NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zYTk0NGItYjQyOC00NTQ3LWI3ZmIt MzhmN2M2YWM5YjY2LzEvR1RXZGkwUlBKelN5bnB1ZUNRRy1DTEFQUU9NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OS8zYTk0NGItYjQyOC00NTQ3LWI3ZmItMzhmN2M2YWM5YjY2 LzEvR1RXZGkwUlBKelN5bnB1ZUNRRy1DTEFQUU9NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPijhdjon wphEEx5c7++6uNQYh8Hv3IKZpFUVVPbJfw4LLLU3+hCYW0jfFKgtV6xls4cbAjSD 1sDTKMiB8B9UYsqGuW88Up+RJOPUjBc2OJlmV2pZTUAuBm+eKkjdVF2YdHPEgVoz 5pz56unulVY7XmLt5UwUmG4RN0lc1B4/NVUB84YnPU9okGr8e3IxQtioHQj+c6sU tkToBXZkN/vaY134kUPMqSk8nIyORmb0MTNNTi9Wv5oAPAQ5CS3YI1azS0Qx4Rv4 da/ilRZBVUyLTytVnKCfrprKMqG/8ODOJsqJ7F5ZUBESVNu/XO+26JV0Igx/30lJ sD5HHPRow9b01A== -----END CERTIFICATE-----Generated at Fri Dec 19 00:13:02 2025 by rpki-client