This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/ba6634-e915-4036-a997-6d521bc474f4/1/gSdW6ySj41K9bonR9aoISIlhpnQ.mft File: gSdW6ySj41K9bonR9aoISIlhpnQ.mft (raw, json) Hash identifier: M5537S7CHeE1x7pFqAlOdHVG8LhAt9Yn/yAI5sJ/JHU= Subject key identifier: DF:E0:54:11:49:B0:0F:05:D2:8F:33:43:E2:B5:88:1C:E4:6A:D0:C0 Authority key identifier: 81:27:56:EB:24:A3:E3:52:BD:6E:89:D1:F5:AA:08:48:89:61:A6:74 Certificate issuer: /CN=812756eb24a3e352bd6e89d1f5aa08488961a674 Certificate serial: 019B3C7ED83C710F3B68362F90EC04B65F9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gSdW6ySj41K9bonR9aoISIlhpnQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/ba6634-e915-4036-a997-6d521bc474f4/1/gSdW6ySj41K9bonR9aoISIlhpnQ.mft Manifest number: 0A9F Signing time: Sat 20 Dec 2025 16:01:44 +0000 Manifest this update: Sat 20 Dec 2025 16:01:44 +0000 Manifest next update: Sun 21 Dec 2025 16:01:44 +0000 Files and hashes: 1: gSdW6ySj41K9bonR9aoISIlhpnQ.crl (hash: IhL4l+WbMB4GRy8+KwmChgxUuO51Jal/wJ6QlMYAhaI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/ba6634-e915-4036-a997-6d521bc474f4/1/gSdW6ySj41K9bonR9aoISIlhpnQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b2/ba6634-e915-4036-a997-6d521bc474f4/1/gSdW6ySj41K9bonR9aoISIlhpnQ.mft rsync://rpki.ripe.net/repository/DEFAULT/gSdW6ySj41K9bonR9aoISIlhpnQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7e:d8:3c:71:0f:3b:68:36:2f:90:ec:04:b6:5f:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=812756eb24a3e352bd6e89d1f5aa08488961a674 Validity Not Before: Dec 20 16:01:44 2025 GMT Not After : Dec 21 16:01:44 2025 GMT Subject: CN=dfe0541149b00f05d28f3343e2b5881ce46ad0c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:5a:fa:34:3b:cc:95:c8:68:9a:b1:17:e6:01: ee:6e:b4:88:88:11:ae:73:19:ba:20:ff:b0:97:1a: cb:02:9c:7c:48:23:80:39:11:3c:ba:01:59:ff:5a: 56:fa:82:3b:69:e9:b5:79:5d:05:f3:f5:70:83:a9: 92:21:71:97:cb:c9:3e:df:31:da:ec:0a:b5:05:3d: 36:d3:c0:22:37:df:75:ab:8a:72:82:14:3e:ad:98: a3:1c:21:91:84:4d:c9:4c:1b:73:44:c2:a1:b9:cc: f7:bc:ce:a5:21:7c:71:1f:4c:60:63:bc:82:10:94: 78:2c:16:38:f4:ac:70:6f:66:0e:11:aa:ab:6e:43: d4:87:99:01:86:96:c3:f8:28:fe:ee:1f:70:5a:e3: bd:48:dc:04:3e:1d:a4:b4:f4:69:77:c1:ba:34:7b: ba:85:f3:e0:a1:43:07:d3:3f:fe:48:43:28:70:99: 5c:a0:4f:d0:f5:2b:8f:7f:dd:c2:6c:ac:eb:34:43: 99:42:be:b6:01:d8:8a:09:c0:c0:90:93:05:fa:91: 92:9b:b9:66:f3:a8:25:6c:43:f0:64:3d:23:9b:49: 09:2e:7b:fd:f1:4c:1a:25:a6:ee:bf:9d:e6:dc:8c: a0:13:ac:4a:d9:83:27:55:ea:3d:e1:68:14:0c:36: f2:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:E0:54:11:49:B0:0F:05:D2:8F:33:43:E2:B5:88:1C:E4:6A:D0:C0 X509v3 Authority Key Identifier: keyid:81:27:56:EB:24:A3:E3:52:BD:6E:89:D1:F5:AA:08:48:89:61:A6:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gSdW6ySj41K9bonR9aoISIlhpnQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/ba6634-e915-4036-a997-6d521bc474f4/1/gSdW6ySj41K9bonR9aoISIlhpnQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/ba6634-e915-4036-a997-6d521bc474f4/1/gSdW6ySj41K9bonR9aoISIlhpnQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 03:da:04:df:2b:54:e1:51:32:56:08:3f:52:e1:c8:3c:a4:63: b4:f9:cc:77:85:c8:81:1a:0d:01:e0:71:9c:be:a9:cf:90:63: 75:40:28:67:1c:71:5b:9e:87:37:ba:03:7e:31:6c:7a:03:59: 9c:76:07:3b:f4:49:0a:5b:ab:3e:93:bc:2e:ca:4a:11:2a:06: fe:91:44:0d:7b:ea:2d:11:a7:47:d2:6d:c8:24:9c:06:7f:22: e9:c9:b2:30:03:b5:d0:60:46:95:64:31:67:64:43:62:3d:98: 48:69:8f:bc:1b:0d:25:73:31:85:b5:4b:04:36:cc:9e:1c:9d: cc:da:1a:59:84:b3:fc:c7:da:9d:3a:9f:a5:ef:c6:3d:dc:5f: 0e:41:38:b7:98:90:8c:4d:e4:ac:7f:7a:67:41:a6:17:99:be: 11:8c:51:06:29:7c:25:c3:76:e9:b7:f4:73:07:cc:61:27:f7: d1:28:2c:51:b9:32:b6:d5:75:ae:e6:30:65:97:00:31:5b:2d: 1b:98:49:d5:07:23:06:cd:c6:79:8b:29:70:de:f1:05:2a:d4: e1:f2:83:93:a4:9e:4b:2a:51:21:40:fe:44:0d:20:fe:ed:07: 62:de:ac:2c:f1:ff:2d:c7:e1:6a:28:ac:bc:30:bd:b6:9a:44: a6:4a:54:d3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8ftg8cQ87aDYvkOwEtl+bMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgxMjc1NmViMjRhM2UzNTJiZDZlODlkMWY1YWEwODQ4ODk2 MWE2NzQwHhcNMjUxMjIwMTYwMTQ0WhcNMjUxMjIxMTYwMTQ0WjAzMTEwLwYDVQQD EyhkZmUwNTQxMTQ5YjAwZjA1ZDI4ZjMzNDNlMmI1ODgxY2U0NmFkMGMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Vr6NDvMlchomrEX5gHubrSIiBGu cxm6IP+wlxrLApx8SCOAORE8ugFZ/1pW+oI7aem1eV0F8/Vwg6mSIXGXy8k+3zHa 7Aq1BT0208AiN991q4pyghQ+rZijHCGRhE3JTBtzRMKhucz3vM6lIXxxH0xgY7yC EJR4LBY49Kxwb2YOEaqrbkPUh5kBhpbD+Cj+7h9wWuO9SNwEPh2ktPRpd8G6NHu6 hfPgoUMH0z/+SEMocJlcoE/Q9SuPf93CbKzrNEOZQr62AdiKCcDAkJMF+pGSm7lm 86glbEPwZD0jm0kJLnv98UwaJabuv53m3IygE6xK2YMnVeo94WgUDDby1QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN/gVBFJsA8F0o8zQ+K1iBzkatDAMB8GA1UdIwQY MBaAFIEnVusko+NSvW6J0fWqCEiJYaZ0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ1NkVzZ5U2o0MUs5Ym9uUjlhb0lTSWxocG5RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9iYTY2MzQtZTkxNS00MDM2LWE5OTct NmQ1MjFiYzQ3NGY0LzEvZ1NkVzZ5U2o0MUs5Ym9uUjlhb0lTSWxocG5RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMi9iYTY2MzQtZTkxNS00MDM2LWE5OTctNmQ1MjFiYzQ3NGY0 LzEvZ1NkVzZ5U2o0MUs5Ym9uUjlhb0lTSWxocG5RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA9oE3ytU 4VEyVgg/UuHIPKRjtPnMd4XIgRoNAeBxnL6pz5BjdUAoZxxxW56HN7oDfjFsegNZ nHYHO/RJClurPpO8LspKESoG/pFEDXvqLRGnR9JtyCScBn8i6cmyMAO10GBGlWQx Z2RDYj2YSGmPvBsNJXMxhbVLBDbMnhydzNoaWYSz/MfanTqfpe/GPdxfDkE4t5iQ jE3krH96Z0GmF5m+EYxRBil8JcN26bf0cwfMYSf30SgsUbkyttV1ruYwZZcAMVst G5hJ1QcjBs3GeYspcN7xBSrU4fKDk6SeSypRIUD+RA0g/u0HYt6sLPH/Lcfhaiis vDC9tppEpkpU0w== -----END CERTIFICATE-----Generated at Sun Dec 21 00:41:50 2025 by rpki-client