This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft File: GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft (raw, json) Hash identifier: 2X/yVPHOa4YjpH/FVBwMf8czlkoNudnLFuNftqGLeSA= Subject key identifier: 7B:A4:16:B5:A9:92:A4:7D:36:EB:E6:F7:98:1F:7A:B7:6F:56:7A:EF Authority key identifier: 18:77:B1:9D:48:47:FC:3F:49:5A:F9:36:C5:B1:A1:92:8C:91:27:48 Certificate issuer: /CN=1877b19d4847fc3f495af936c5b1a1928c912748 Certificate serial: 019B488226792DAE51D91718D7F3A41A762B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft Manifest number: 178B Signing time: Tue 23 Dec 2025 00:00:47 +0000 Manifest this update: Tue 23 Dec 2025 00:00:47 +0000 Manifest next update: Wed 24 Dec 2025 00:00:47 +0000 Files and hashes: 1: GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl (hash: sfi/Dqhc44KjaoSXnkEcdXuxSMV9NuvCf/pv34xTthM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:82:26:79:2d:ae:51:d9:17:18:d7:f3:a4:1a:76:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1877b19d4847fc3f495af936c5b1a1928c912748 Validity Not Before: Dec 23 00:00:47 2025 GMT Not After : Dec 24 00:00:47 2025 GMT Subject: CN=7ba416b5a992a47d36ebe6f7981f7ab76f567aef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:f1:fe:db:2b:c7:16:78:6a:7e:dd:25:d6:0e: 30:79:f7:6d:b2:f1:90:46:0e:0c:96:79:e1:c2:a3: dd:52:6b:4a:5e:de:38:ae:98:88:48:59:6b:f5:7b: b5:8b:45:39:1d:b3:80:48:9b:33:02:35:04:81:70: ae:22:3e:86:01:c1:03:91:92:b7:1b:c1:f6:65:7e: 58:3e:f7:cc:4e:c8:92:61:da:55:ea:5e:88:11:c8: d7:19:c8:33:a6:f3:4e:4c:39:77:b9:36:95:d9:ea: ad:6e:26:a6:53:65:1d:d4:da:d6:66:e3:60:9e:b2: ff:1e:41:5f:1b:07:0c:81:1d:93:c7:95:39:4b:31: ad:79:3d:52:3f:51:f6:af:af:c5:87:a3:aa:7d:3c: ef:65:f4:f1:70:49:04:e3:ff:34:dc:47:35:08:71: 55:e8:76:11:7b:dc:81:46:45:76:4b:02:ed:b3:be: f1:79:a0:22:ca:fb:c9:a2:50:5f:af:d0:f4:77:38: e2:a1:a1:3f:f1:3d:77:5f:44:5d:65:62:31:ba:87: 8c:6a:d5:3c:eb:92:70:64:fc:ff:4a:3e:17:ce:e0: 7b:de:50:cc:8b:22:0d:8e:77:94:71:1b:f7:b4:5a: bc:b0:c7:22:f0:97:9a:75:b7:37:62:bd:48:25:34: 4e:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:A4:16:B5:A9:92:A4:7D:36:EB:E6:F7:98:1F:7A:B7:6F:56:7A:EF X509v3 Authority Key Identifier: keyid:18:77:B1:9D:48:47:FC:3F:49:5A:F9:36:C5:B1:A1:92:8C:91:27:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 76:d2:1d:b1:25:b8:31:6f:66:09:d6:ac:f0:ed:51:b0:51:8d: da:6e:af:32:ad:65:da:0b:fe:e4:42:8a:72:3b:d6:67:41:88: b0:e6:15:22:24:7f:41:28:42:ab:f4:1b:31:32:60:c8:73:d7: f0:a4:2f:6a:e8:ef:49:5d:e7:c1:53:35:c4:fd:df:90:21:8d: 9f:08:30:f2:7f:8c:4e:e5:3a:eb:86:c2:51:f5:65:ec:cc:c5: 4f:65:a6:37:98:e2:50:67:54:d8:06:31:b2:7e:d7:95:9a:fb: bb:a1:0a:c3:7d:f2:da:6f:e3:ef:a9:7e:42:4e:cd:07:50:f2: f1:a7:ed:c1:6b:eb:7e:e2:d3:2e:14:9b:7f:f2:37:e8:71:c7: 22:c4:e2:a0:83:3a:bc:d8:93:98:c8:b7:5b:65:2f:22:1d:4f: 1b:b6:b0:90:7d:86:50:6d:ba:e6:04:82:43:df:0c:2f:1e:f5: d4:63:3f:8a:1b:cc:ce:02:c4:b8:42:ba:7f:a8:86:52:67:99: a6:b7:80:a7:94:1c:7c:43:29:03:20:08:23:76:cf:cb:d8:3e: 94:70:84:8a:82:f5:02:37:5b:e3:f5:de:93:01:31:c7:ab:72: 3d:48:8d:ca:dc:7d:2e:21:e7:4b:65:42:9e:59:05:b1:c2:0a: 5e:a0:3c:f9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIgiZ5La5R2RcY1/OkGnYrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE4NzdiMTlkNDg0N2ZjM2Y0OTVhZjkzNmM1YjFhMTkyOGM5 MTI3NDgwHhcNMjUxMjIzMDAwMDQ3WhcNMjUxMjI0MDAwMDQ3WjAzMTEwLwYDVQQD Eyg3YmE0MTZiNWE5OTJhNDdkMzZlYmU2Zjc5ODFmN2FiNzZmNTY3YWVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPH+2yvHFnhqft0l1g4wefdtsvGQ Rg4MlnnhwqPdUmtKXt44rpiISFlr9Xu1i0U5HbOASJszAjUEgXCuIj6GAcEDkZK3 G8H2ZX5YPvfMTsiSYdpV6l6IEcjXGcgzpvNOTDl3uTaV2eqtbiamU2Ud1NrWZuNg nrL/HkFfGwcMgR2Tx5U5SzGteT1SP1H2r6/Fh6OqfTzvZfTxcEkE4/803Ec1CHFV 6HYRe9yBRkV2SwLts77xeaAiyvvJolBfr9D0dzjioaE/8T13X0RdZWIxuoeMatU8 65JwZPz/Sj4XzuB73lDMiyINjneUcRv3tFq8sMci8Jeadbc3Yr1IJTRORQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHukFrWpkqR9Nuvm95gferdvVnrvMB8GA1UdIwQY MBaAFBh3sZ1IR/w/SVr5NsWxoZKMkSdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9jMTIyYTctNTcxMi00YmJkLWI2Mzgt YWM5YTkzMTcxYWE1LzEvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC9jMTIyYTctNTcxMi00YmJkLWI2MzgtYWM5YTkzMTcxYWE1 LzEvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdtIdsSW4 MW9mCdas8O1RsFGN2m6vMq1l2gv+5EKKcjvWZ0GIsOYVIiR/QShCq/QbMTJgyHPX 8KQvaujvSV3nwVM1xP3fkCGNnwgw8n+MTuU664bCUfVl7MzFT2WmN5jiUGdU2AYx sn7XlZr7u6EKw33y2m/j76l+Qk7NB1Dy8aftwWvrfuLTLhSbf/I36HHHIsTioIM6 vNiTmMi3W2UvIh1PG7awkH2GUG265gSCQ98MLx711GM/ihvMzgLEuEK6f6iGUmeZ preAp5QcfEMpAyAII3bPy9g+lHCEioL1Ajdb4/XekwExx6tyPUiNytx9LiHnS2VC nlkFscIKXqA8+Q== -----END CERTIFICATE-----Generated at Tue Dec 23 09:14:27 2025 by rpki-client