This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft File: gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft (raw, json) Hash identifier: QbVk/F+PqJBNHb6Cm1tRXgG78tFT42fcvaItkQiEb9I= Subject key identifier: 13:20:29:4F:D8:4E:69:CD:F4:63:B4:02:BB:9D:8B:0F:05:D7:A9:F0 Authority key identifier: 80:A9:21:40:84:33:B6:6E:A5:0A:40:00:AA:CE:10:D2:AD:D0:6A:85 Certificate issuer: /CN=80a921408433b66ea50a4000aace10d2add06a85 Certificate serial: 019B5418AE228C1FD43EB9429C425B641329 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gKkhQIQztm6lCkAAqs4Q0q3QaoU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft Manifest number: 05EC Signing time: Thu 25 Dec 2025 06:01:02 +0000 Manifest this update: Thu 25 Dec 2025 06:01:02 +0000 Manifest next update: Fri 26 Dec 2025 06:01:02 +0000 Files and hashes: 1: gKkhQIQztm6lCkAAqs4Q0q3QaoU.crl (hash: Minq8EASQWl12mkk26eMe+knqUCHK8autyretc5Ph5c=) 2: knOts_9A8gA0IVqYk7a99kaTuRI.roa (hash: kCE50cAQS4imaI4wXAlSfVZnkYJchZQUkd+tGc4tAWc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.crl rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft rsync://rpki.ripe.net/repository/DEFAULT/gKkhQIQztm6lCkAAqs4Q0q3QaoU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 06:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:54:18:ae:22:8c:1f:d4:3e:b9:42:9c:42:5b:64:13:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=80a921408433b66ea50a4000aace10d2add06a85 Validity Not Before: Dec 25 06:01:02 2025 GMT Not After : Dec 26 06:01:02 2025 GMT Subject: CN=1320294fd84e69cdf463b402bb9d8b0f05d7a9f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:d4:9a:56:c8:ff:f0:62:bc:53:bf:68:d9:04: 26:58:58:17:a2:ea:20:17:55:de:33:15:63:4e:db: 02:79:1f:d5:e2:12:91:6f:29:db:82:bb:02:93:f7: 8c:e7:b0:52:fe:cb:9b:54:82:e2:e8:df:a0:c9:96: 75:43:7a:a4:dc:a2:2e:93:74:7d:07:00:aa:33:62: 69:9e:11:51:d7:96:42:53:38:32:25:44:22:bb:06: 60:d5:15:8f:44:8d:cd:dc:b3:e8:e4:42:ce:4b:34: 09:15:68:30:3a:92:5f:e6:b1:25:fa:46:5c:20:b1: 5c:d6:5d:f9:ae:3f:e7:be:e9:31:af:b3:38:24:d9: 28:2d:73:45:9b:9e:bb:57:f5:58:e7:b2:be:23:e8: 60:98:71:53:1f:f2:25:f4:21:bb:71:6a:5c:c8:07: ff:01:dd:d7:2d:a7:32:4c:a3:9b:f9:be:34:94:8d: 4f:04:c2:d5:40:df:bb:13:77:05:4d:60:ab:8b:e0: 3c:76:10:b4:04:e3:87:54:c5:8b:5c:85:63:8b:6c: 20:13:fe:b7:56:22:8d:de:7b:6f:42:4a:96:73:0b: 91:d1:3f:b1:02:64:c8:70:f8:6f:e3:73:ab:a1:e3: 7f:43:82:b3:4d:6c:92:be:3e:86:e1:4c:d6:01:36: ae:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:20:29:4F:D8:4E:69:CD:F4:63:B4:02:BB:9D:8B:0F:05:D7:A9:F0 X509v3 Authority Key Identifier: keyid:80:A9:21:40:84:33:B6:6E:A5:0A:40:00:AA:CE:10:D2:AD:D0:6A:85 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gKkhQIQztm6lCkAAqs4Q0q3QaoU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3c:73:59:b9:aa:56:20:ec:ad:70:2d:6e:6f:1d:e3:b1:d2:ac: c8:53:a4:4f:5a:80:b8:cd:d4:ac:37:e9:a4:74:1e:8a:17:21: 23:04:9e:4f:a2:b2:c1:f4:a5:87:e5:c2:7a:4f:ca:f9:91:4a: 09:7f:12:68:06:9a:e6:de:dc:a0:d6:c1:c3:18:20:b4:24:9b: 62:32:af:b6:ba:c9:ab:d7:1f:53:c3:08:a1:b8:46:39:4a:eb: 35:e6:f7:92:e4:9e:96:78:34:a0:de:ef:cf:7a:c2:00:9d:4e: 2e:e4:80:b0:84:a7:5c:5e:de:06:97:cf:ed:3a:44:d4:24:da: ad:3b:97:56:e8:6e:9b:39:f5:8e:8b:66:1f:cc:2a:58:09:c2: 83:a7:b2:50:1d:2d:64:76:f7:7e:dd:8a:ff:b4:fa:eb:d3:89: 26:ec:b5:6c:ab:79:a1:21:0a:c4:ad:62:c3:5f:3d:cd:6d:e0: 5c:4a:fb:53:dd:e8:4f:07:90:a4:9b:f9:4a:cf:cb:b8:12:b6: b6:07:9a:de:50:50:82:e9:e2:be:f8:b8:39:2b:ee:bf:82:b2: 5d:86:ad:4a:7e:20:bd:73:2d:76:b0:d9:79:b3:9e:3d:d6:cc: 79:5a:eb:04:cb:f5:6b:60:7b:e8:47:be:c1:98:13:d2:bb:ee: ff:06:a9:6f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtUGK4ijB/UPrlCnEJbZBMpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgwYTkyMTQwODQzM2I2NmVhNTBhNDAwMGFhY2UxMGQyYWRk MDZhODUwHhcNMjUxMjI1MDYwMTAyWhcNMjUxMjI2MDYwMTAyWjAzMTEwLwYDVQQD EygxMzIwMjk0ZmQ4NGU2OWNkZjQ2M2I0MDJiYjlkOGIwZjA1ZDdhOWYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtSaVsj/8GK8U79o2QQmWFgXouog F1XeMxVjTtsCeR/V4hKRbynbgrsCk/eM57BS/subVILi6N+gyZZ1Q3qk3KIuk3R9 BwCqM2JpnhFR15ZCUzgyJUQiuwZg1RWPRI3N3LPo5ELOSzQJFWgwOpJf5rEl+kZc ILFc1l35rj/nvukxr7M4JNkoLXNFm567V/VY57K+I+hgmHFTH/Il9CG7cWpcyAf/ Ad3XLacyTKOb+b40lI1PBMLVQN+7E3cFTWCri+A8dhC0BOOHVMWLXIVji2wgE/63 ViKN3ntvQkqWcwuR0T+xAmTIcPhv43OroeN/Q4KzTWySvj6G4UzWATaubQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBMgKU/YTmnN9GO0Arudiw8F16nwMB8GA1UdIwQY MBaAFICpIUCEM7ZupQpAAKrOENKt0GqFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ0traFFJUXp0bTZsQ2tBQXFzNFEwcTNRYW9VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kODA5YjEtZmFmNy00MGMyLTk0YmEt ZjE4MTVhNDFhMDMzLzEvZ0traFFJUXp0bTZsQ2tBQXFzNFEwcTNRYW9VLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMS9kODA5YjEtZmFmNy00MGMyLTk0YmEtZjE4MTVhNDFhMDMz LzEvZ0traFFJUXp0bTZsQ2tBQXFzNFEwcTNRYW9VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPHNZuapW IOytcC1ubx3jsdKsyFOkT1qAuM3UrDfppHQeihchIwSeT6KywfSlh+XCek/K+ZFK CX8SaAaa5t7coNbBwxggtCSbYjKvtrrJq9cfU8MIobhGOUrrNeb3kuSelng0oN7v z3rCAJ1OLuSAsISnXF7eBpfP7TpE1CTarTuXVuhumzn1jotmH8wqWAnCg6eyUB0t ZHb3ft2K/7T669OJJuy1bKt5oSEKxK1iw189zW3gXEr7U93oTweQpJv5Ss/LuBK2 tgea3lBQgunivvi4OSvuv4KyXYatSn4gvXMtdrDZebOePdbMeVrrBMv1a2B76Ee+ wZgT0rvu/wapbw== -----END CERTIFICATE-----Generated at Thu Dec 25 14:37:41 2025 by rpki-client