This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft File: gErnaxl1-0qMurIgcYnu0gIy_18.mft (raw, json) Hash identifier: 2HEjAzzs4sDV8ObpSi3f2DQioZT/SfDgKJxCxvKVo9I= Subject key identifier: A2:2B:45:04:1D:9A:F7:EB:67:70:17:0A:41:A9:09:06:EB:19:88:F5 Authority key identifier: 80:4A:E7:6B:19:75:FB:4A:8C:BA:B2:20:71:89:EE:D2:02:32:FF:5F Certificate issuer: /CN=804ae76b1975fb4a8cbab2207189eed20232ff5f Certificate serial: 019B97B010C9C5576D0517C4C29B6F710544 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft Manifest number: 05F9 Signing time: Wed 07 Jan 2026 09:00:56 +0000 Manifest this update: Wed 07 Jan 2026 09:00:56 +0000 Manifest next update: Thu 08 Jan 2026 09:00:56 +0000 Files and hashes: 1: gErnaxl1-0qMurIgcYnu0gIy_18.crl (hash: +cPBShBn6LrWAHiQcRN/vZdG8bJh/MF1bdHAOPkfcSQ=) 2: vyQcVp5C3AlRVA819dd3sJ607Q4.roa (hash: dbP286vqsPZG/vM7gj98tCGBen8qv4/fYnsiL/9MVjw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 09:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:97:b0:10:c9:c5:57:6d:05:17:c4:c2:9b:6f:71:05:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=804ae76b1975fb4a8cbab2207189eed20232ff5f Validity Not Before: Jan 7 09:00:56 2026 GMT Not After : Jan 8 09:00:56 2026 GMT Subject: CN=a22b45041d9af7eb6770170a41a90906eb1988f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:ea:21:84:9b:d5:e0:e9:d8:bc:4e:57:19:69: f1:54:d7:bb:a8:03:82:5b:2d:5e:ed:0b:76:c6:26: ef:b3:1a:ad:6c:6d:7a:58:f3:30:7a:e0:a4:b4:7a: 30:74:4b:cc:26:27:5e:f2:bd:ec:2c:c4:d5:0a:a0: 64:c6:a8:07:22:f1:c3:64:22:ea:d2:4d:17:3c:b8: bb:52:69:89:e6:64:87:11:68:23:a2:d7:92:ea:e5: e7:bf:51:88:78:f0:79:9b:81:9c:8b:1e:8c:25:ed: 5d:bc:be:16:b7:80:da:ab:ba:c3:67:6f:18:e5:4c: 8b:85:25:7f:62:4f:a7:a5:2d:5d:11:cc:51:44:26: 98:e0:ed:09:e9:73:b4:09:bb:83:85:fd:a1:31:50: 8e:e2:5c:8f:65:70:ef:16:16:a3:9b:91:25:f3:51: 42:d0:cf:39:63:ce:c7:c8:00:2a:a6:02:24:bd:39: c2:96:c1:62:85:1e:61:3d:78:e6:10:1f:ce:71:e5: 73:6e:c5:aa:ac:91:51:ec:04:7c:49:d0:39:26:fb: 6b:54:81:1c:89:4a:b1:9f:03:21:0f:7e:c5:49:c8: dd:c9:ce:b8:b2:1f:99:d9:28:f4:fe:aa:8c:95:58: cd:8b:0e:ed:b3:1f:d8:f8:04:9c:4e:88:df:87:5d: 77:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:2B:45:04:1D:9A:F7:EB:67:70:17:0A:41:A9:09:06:EB:19:88:F5 X509v3 Authority Key Identifier: keyid:80:4A:E7:6B:19:75:FB:4A:8C:BA:B2:20:71:89:EE:D2:02:32:FF:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:ca:1c:21:1d:37:86:c4:fc:be:36:ec:6a:35:3e:94:2d:89: 50:6a:f1:9a:0a:1d:e7:60:b2:c0:5d:58:6d:a2:2c:b9:38:a2: 0c:3e:1f:4e:e9:be:8a:67:52:31:dc:35:aa:90:47:d9:03:64: a6:14:3c:e5:22:91:bc:b9:09:08:8c:88:67:46:c6:94:31:5a: a2:ff:8c:b9:7e:aa:c8:69:a7:6f:ac:75:c4:ad:47:01:52:0a: de:c9:6e:c9:ab:bb:6e:d2:9a:5b:e7:6f:f2:86:ac:b6:2d:f8: 44:1e:a1:46:8b:f8:16:6b:f4:a6:54:e3:ed:27:a0:27:ca:e2: ef:bf:67:44:e1:08:01:22:ef:49:8e:da:b3:53:a1:7e:44:81: a2:75:51:c1:84:07:80:92:3f:88:45:18:0e:3e:b5:4e:e0:6b: 18:29:a5:90:09:8a:d9:d5:a4:4c:14:34:88:91:b5:82:98:32: b2:04:9c:90:e4:0f:be:ae:20:86:62:02:07:ed:2a:f8:04:d8: 96:1d:e5:28:e0:5f:1c:f2:24:0f:2a:dc:77:2e:1f:d2:3e:25: b4:f4:3a:d5:8e:d2:9b:c3:bc:87:25:80:a5:7a:c1:02:91:71: ca:fc:9d:54:61:84:2f:f6:23:b6:07:5f:fb:5f:5f:dd:a6:0f: 39:2d:1b:24 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuXsBDJxVdtBRfEwptvcQVEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgwNGFlNzZiMTk3NWZiNGE4Y2JhYjIyMDcxODllZWQyMDIz MmZmNWYwHhcNMjYwMTA3MDkwMDU2WhcNMjYwMTA4MDkwMDU2WjAzMTEwLwYDVQQD EyhhMjJiNDUwNDFkOWFmN2ViNjc3MDE3MGE0MWE5MDkwNmViMTk4OGY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuohhJvV4OnYvE5XGWnxVNe7qAOC Wy1e7Qt2xibvsxqtbG16WPMweuCktHowdEvMJide8r3sLMTVCqBkxqgHIvHDZCLq 0k0XPLi7UmmJ5mSHEWgjoteS6uXnv1GIePB5m4Gcix6MJe1dvL4Wt4Daq7rDZ28Y 5UyLhSV/Yk+npS1dEcxRRCaY4O0J6XO0CbuDhf2hMVCO4lyPZXDvFhajm5El81FC 0M85Y87HyAAqpgIkvTnClsFihR5hPXjmEB/OceVzbsWqrJFR7AR8SdA5JvtrVIEc iUqxnwMhD37FScjdyc64sh+Z2Sj0/qqMlVjNiw7tsx/Y+AScTojfh113UQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKIrRQQdmvfrZ3AXCkGpCQbrGYj1MB8GA1UdIwQY MBaAFIBK52sZdftKjLqyIHGJ7tICMv9fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82ODA5OTItMzhkYS00OThmLWEzNDkt OTQyMjcyOTNjODhlLzEvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC82ODA5OTItMzhkYS00OThmLWEzNDktOTQyMjcyOTNjODhl LzEvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ8ocIR03 hsT8vjbsajU+lC2JUGrxmgod52CywF1YbaIsuTiiDD4fTum+imdSMdw1qpBH2QNk phQ85SKRvLkJCIyIZ0bGlDFaov+MuX6qyGmnb6x1xK1HAVIK3sluyau7btKaW+dv 8oasti34RB6hRov4Fmv0plTj7SegJ8ri779nROEIASLvSY7as1OhfkSBonVRwYQH gJI/iEUYDj61TuBrGCmlkAmK2dWkTBQ0iJG1gpgysgSckOQPvq4ghmICB+0q+ATY lh3lKOBfHPIkDyrcdy4f0j4ltPQ61Y7Sm8O8hyWApXrBApFxyvydVGGEL/Yjtgdf +19f3aYPOS0bJA== -----END CERTIFICATE-----Generated at Wed Jan 7 15:26:00 2026 by rpki-client