This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft File: 2Gcf4VfnflYoTFTVLi3w1_4609k.mft (raw, json) Hash identifier: gCPMTUusC4IiE12J9O9izqFhsmB95Wn9DCNy4AVtaDo= Subject key identifier: B0:27:8A:CC:48:47:94:96:AF:EA:19:9F:46:42:E0:1A:28:35:2B:39 Authority key identifier: D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9 Certificate issuer: /CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9 Certificate serial: 019B37FCF9F1A1DEB960B3525EB6F59F79E8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft Manifest number: 1417 Signing time: Fri 19 Dec 2025 19:01:24 +0000 Manifest this update: Fri 19 Dec 2025 19:01:24 +0000 Manifest next update: Sat 20 Dec 2025 19:01:24 +0000 Files and hashes: 1: 2Gcf4VfnflYoTFTVLi3w1_4609k.crl (hash: 0X6vMa/NDd0GeajiUNdrAymnUo1hQp8cZc2kr50Sf5o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:37:fc:f9:f1:a1:de:b9:60:b3:52:5e:b6:f5:9f:79:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9 Validity Not Before: Dec 19 19:01:24 2025 GMT Not After : Dec 20 19:01:24 2025 GMT Subject: CN=b0278acc48479496afea199f4642e01a28352b39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:6b:6d:36:ca:1e:86:a5:24:30:43:6b:23:76: 68:80:78:24:f5:04:db:6c:c8:d7:0b:ee:dc:55:22: a5:b9:da:c3:6f:16:9c:94:74:7b:e3:a2:76:64:e4: 2b:8e:5a:05:37:40:60:37:29:e2:2d:ab:ae:75:c6: b2:58:c6:59:f8:06:11:1c:db:cd:60:c9:f9:6f:3d: a1:17:7e:ab:af:b3:e8:1c:12:70:ea:bc:59:9d:1e: 0c:33:86:c5:6b:f3:d5:2f:f8:17:8a:b5:8b:c1:e4: ef:a9:ff:eb:76:bc:7e:64:c3:a6:07:c2:ef:99:36: 66:cc:b5:04:bc:0f:c6:f3:05:f9:ff:de:4c:21:51: 17:6c:52:6c:8f:55:78:33:18:97:70:04:97:46:d7: 2d:f1:71:8f:1a:d0:d7:6b:fa:dd:18:87:f3:d3:91: 36:27:1c:04:23:62:d8:2c:0b:c5:db:f3:a8:07:96: 7d:2f:6e:d8:00:ff:3f:f2:71:cb:e3:64:84:df:2b: 39:fd:8c:a2:69:57:e5:3d:42:73:8f:20:66:96:63: d6:14:59:b0:9b:bb:a6:f5:78:41:08:fc:38:59:04: 0f:ab:39:c0:9c:c6:88:07:83:1b:d3:89:d9:f4:0c: 30:a7:d7:a2:b1:c6:3b:e6:88:80:b0:21:d6:5b:ff: 5d:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:27:8A:CC:48:47:94:96:AF:EA:19:9F:46:42:E0:1A:28:35:2B:39 X509v3 Authority Key Identifier: keyid:D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 55:f8:ce:95:c9:e0:b1:9c:28:1c:39:0a:02:d9:1e:a9:9e:b5: 19:2e:bf:81:c0:97:69:1f:95:fd:d0:e3:eb:5c:6f:25:97:fb: 4b:8a:0a:0b:76:09:c0:7c:09:a2:98:1d:b4:14:68:3e:55:67: d6:68:cb:2c:c0:65:e5:54:ee:55:7e:0a:c9:c0:0c:ca:f7:8c: 63:2f:b1:60:81:92:e8:e9:8b:90:84:e6:55:39:72:23:df:3a: 2e:11:39:86:86:a5:92:73:fd:5f:41:cf:ad:6e:cb:74:83:1c: 58:cc:be:15:2b:bf:e6:fb:4d:b6:e1:5a:15:95:b4:9d:5c:94: fb:e2:27:c8:77:68:7b:c4:f9:81:75:01:44:27:63:1d:8e:6e: 53:bf:1e:4c:70:2b:db:da:e8:f0:79:64:11:04:ab:34:23:4e: dc:22:30:cd:2f:f7:02:80:ef:bf:c2:3d:9a:4c:36:36:67:21: 2d:19:27:84:e8:da:96:ce:4a:13:0f:bc:b2:87:49:09:8c:84: 36:bc:79:62:97:fa:a5:7b:45:25:4e:df:2e:63:ab:d6:5e:eb: 44:24:0e:30:ec:e5:38:e8:b3:24:02:01:1b:cf:17:a4:e7:5d: 14:fe:74:d5:60:33:e8:06:25:7d:a1:5c:3d:48:10:91:51:78: 0d:e6:0e:aa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs3/Pnxod65YLNSXrb1n3noMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4NjcxZmUxNTdlNzdlNTYyODRjNTRkNTJlMmRmMGQ3ZmUz YWQzZDkwHhcNMjUxMjE5MTkwMTI0WhcNMjUxMjIwMTkwMTI0WjAzMTEwLwYDVQQD EyhiMDI3OGFjYzQ4NDc5NDk2YWZlYTE5OWY0NjQyZTAxYTI4MzUyYjM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22ttNsoehqUkMENrI3ZogHgk9QTb bMjXC+7cVSKludrDbxaclHR746J2ZOQrjloFN0BgNyniLauudcayWMZZ+AYRHNvN YMn5bz2hF36rr7PoHBJw6rxZnR4MM4bFa/PVL/gXirWLweTvqf/rdrx+ZMOmB8Lv mTZmzLUEvA/G8wX5/95MIVEXbFJsj1V4MxiXcASXRtct8XGPGtDXa/rdGIfz05E2 JxwEI2LYLAvF2/OoB5Z9L27YAP8/8nHL42SE3ys5/YyiaVflPUJzjyBmlmPWFFmw m7um9XhBCPw4WQQPqznAnMaIB4Mb04nZ9Awwp9eiscY75oiAsCHWW/9dBwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLAnisxIR5SWr+oZn0ZC4BooNSs5MB8GA1UdIwQY MBaAFNhnH+FX535WKExU1S4t8Nf+OtPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMt MWVhYmZmYWFmZjE5LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMtMWVhYmZmYWFmZjE5 LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVfjOlcng sZwoHDkKAtkeqZ61GS6/gcCXaR+V/dDj61xvJZf7S4oKC3YJwHwJopgdtBRoPlVn 1mjLLMBl5VTuVX4KycAMyveMYy+xYIGS6OmLkITmVTlyI986LhE5hoalknP9X0HP rW7LdIMcWMy+FSu/5vtNtuFaFZW0nVyU++InyHdoe8T5gXUBRCdjHY5uU78eTHAr 29ro8HlkEQSrNCNO3CIwzS/3AoDvv8I9mkw2NmchLRknhOjals5KEw+8sodJCYyE Nrx5Ypf6pXtFJU7fLmOr1l7rRCQOMOzlOOizJAIBG88XpOddFP501WAz6AYlfaFc PUgQkVF4DeYOqg== -----END CERTIFICATE-----Generated at Sat Dec 20 00:52:24 2025 by rpki-client