This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft File: 1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft (raw, json) Hash identifier: PPCb4zoTXdq2Ij9YVO5hKFwPC3+pcRKZJB/XqzEof1A= Subject key identifier: 3F:76:4D:04:17:42:27:92:BE:A3:28:CC:38:39:06:56:9E:6A:2C:42 Authority key identifier: D6:0C:E3:44:38:60:A7:F7:0D:43:35:07:76:90:9A:48:10:A4:86:21 Certificate issuer: /CN=d60ce3443860a7f70d43350776909a4810a48621 Certificate serial: 019B405A99E022590D5C3A4478510A943B4D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft Manifest number: 0CCF Signing time: Sun 21 Dec 2025 10:00:37 +0000 Manifest this update: Sun 21 Dec 2025 10:00:37 +0000 Manifest next update: Mon 22 Dec 2025 10:00:37 +0000 Files and hashes: 1: 1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl (hash: h2fsMcxhR9O9MWZGqvGbCHL/XY+uD5jSRfwI8PcpwU8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 10:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:5a:99:e0:22:59:0d:5c:3a:44:78:51:0a:94:3b:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d60ce3443860a7f70d43350776909a4810a48621 Validity Not Before: Dec 21 10:00:37 2025 GMT Not After : Dec 22 10:00:37 2025 GMT Subject: CN=3f764d0417422792bea328cc383906569e6a2c42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:91:8b:1a:91:38:95:52:53:3e:e6:cf:f2:7d: 22:ef:da:14:88:99:fc:6d:de:14:c0:13:58:f7:8c: fc:3b:f7:d5:2c:c5:f4:19:1a:0b:eb:ec:ee:da:62: 9e:08:21:ca:ed:0c:1e:8f:b5:1f:4d:6b:21:93:31: ba:6b:71:13:80:5b:91:97:d5:fc:5c:9b:db:79:b3: a8:ce:b6:56:e5:8d:29:54:64:71:a6:b7:81:e4:84: 1f:5d:f1:95:13:69:76:69:6a:2d:e4:6d:38:77:3a: 6b:58:a2:d5:b0:05:ca:f7:c9:7c:a0:6a:4b:a8:f0: 49:31:a5:86:dd:ce:5a:3a:ad:08:f0:0d:19:f8:22: 8c:4a:27:0c:f3:92:ec:59:30:8b:92:08:b8:52:72: 0e:0b:79:c1:7b:c3:a8:53:da:0e:73:62:45:c2:c9: f6:58:c7:4a:69:d3:d4:e7:46:90:ff:14:f0:eb:52: 9b:63:aa:e4:11:88:cb:74:3c:30:2a:84:8a:75:96: 6c:cc:40:5c:3c:98:be:53:b1:88:7e:cf:2b:4f:96: 07:e7:b2:33:90:ca:a2:96:c3:df:eb:e7:5d:f1:3b: 47:b3:1f:b0:cb:c0:ab:1d:83:9b:21:d8:63:ea:3e: 3f:b1:a1:70:df:34:28:d8:34:10:2d:8a:bc:38:39: d1:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:76:4D:04:17:42:27:92:BE:A3:28:CC:38:39:06:56:9E:6A:2C:42 X509v3 Authority Key Identifier: keyid:D6:0C:E3:44:38:60:A7:F7:0D:43:35:07:76:90:9A:48:10:A4:86:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:f6:e9:63:b0:35:f4:5e:c8:15:6a:0f:58:81:7e:2b:12:f9: 40:07:b5:3b:c2:8b:9f:86:d6:ad:39:aa:61:b7:02:9c:10:a3: 99:41:6d:92:14:5a:44:3e:8b:a1:21:25:d9:98:d0:2c:e5:08: 65:dc:bc:e5:ae:07:b2:32:01:9e:04:98:f5:7a:a8:b6:b0:08: 0d:2e:2d:5b:e3:41:29:5b:78:8c:12:a6:f3:90:19:5d:ba:a8: 04:1d:54:b4:08:0e:ca:44:dd:db:25:fa:1e:04:25:fb:83:85: 2c:50:98:be:31:13:3c:7e:c2:54:3f:d6:0f:49:55:52:3d:fa: ba:78:6a:8e:67:bc:f8:fe:0f:31:f7:90:b9:02:35:30:49:d5: e2:fc:14:f3:2b:5a:2b:6f:f3:a7:02:e6:d2:ca:7e:24:7f:c8: c1:29:8b:d6:a4:62:b9:a6:a4:93:d5:5e:49:cd:cd:58:c6:45: 46:37:83:5a:d6:a1:b6:7e:75:52:d7:c2:53:57:be:e5:ca:65: 47:64:84:3c:0e:ec:f6:e7:22:79:6b:af:c8:c0:d2:40:a4:2d: 5b:5f:a7:4c:30:f6:cb:b1:c4:4a:ee:53:71:2b:a7:87:ae:12: 24:7f:75:fb:dc:bd:45:cf:88:d8:2b:47:b8:b1:48:5a:dd:d5: 53:8d:c9:ef -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAWpngIlkNXDpEeFEKlDtNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ2MGNlMzQ0Mzg2MGE3ZjcwZDQzMzUwNzc2OTA5YTQ4MTBh NDg2MjEwHhcNMjUxMjIxMTAwMDM3WhcNMjUxMjIyMTAwMDM3WjAzMTEwLwYDVQQD EygzZjc2NGQwNDE3NDIyNzkyYmVhMzI4Y2MzODM5MDY1NjllNmEyYzQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupGLGpE4lVJTPubP8n0i79oUiJn8 bd4UwBNY94z8O/fVLMX0GRoL6+zu2mKeCCHK7Qwej7UfTWshkzG6a3ETgFuRl9X8 XJvbebOozrZW5Y0pVGRxpreB5IQfXfGVE2l2aWot5G04dzprWKLVsAXK98l8oGpL qPBJMaWG3c5aOq0I8A0Z+CKMSicM85LsWTCLkgi4UnIOC3nBe8OoU9oOc2JFwsn2 WMdKadPU50aQ/xTw61KbY6rkEYjLdDwwKoSKdZZszEBcPJi+U7GIfs8rT5YH57Iz kMqilsPf6+dd8TtHsx+wy8CrHYObIdhj6j4/saFw3zQo2DQQLYq8ODnREQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD92TQQXQieSvqMozDg5BlaeaixCMB8GA1UdIwQY MBaAFNYM40Q4YKf3DUM1B3aQmkgQpIYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wODY0YzMtODYwYi00MWMwLTk0MTct ZGFmZmU1MmI5ZjBkLzEvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNy8wODY0YzMtODYwYi00MWMwLTk0MTctZGFmZmU1MmI5ZjBk LzEvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc/bpY7A1 9F7IFWoPWIF+KxL5QAe1O8KLn4bWrTmqYbcCnBCjmUFtkhRaRD6LoSEl2ZjQLOUI Zdy85a4HsjIBngSY9XqotrAIDS4tW+NBKVt4jBKm85AZXbqoBB1UtAgOykTd2yX6 HgQl+4OFLFCYvjETPH7CVD/WD0lVUj36unhqjme8+P4PMfeQuQI1MEnV4vwU8yta K2/zpwLm0sp+JH/IwSmL1qRiuaakk9VeSc3NWMZFRjeDWtahtn51UtfCU1e+5cpl R2SEPA7s9ucieWuvyMDSQKQtW1+nTDD2y7HESu5TcSunh64SJH91+9y9Rc+I2CtH uLFIWt3VU43J7w== -----END CERTIFICATE-----Generated at Sun Dec 21 19:08:32 2025 by rpki-client