This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/250423-fa91-4a22-b83a-83e47580b3ec/1/g4xPgQ16IKeDpPqxwDRGe4JQUbk.mft File: g4xPgQ16IKeDpPqxwDRGe4JQUbk.mft (raw, json) Hash identifier: DhKh8iXa8RfMT87Syh0dEQVG/vklPpjPBwDHJqJ9vRA= Subject key identifier: A9:FA:0B:D3:F8:71:59:14:C9:2A:E9:48:90:91:FE:41:8A:E0:A0:97 Authority key identifier: 83:8C:4F:81:0D:7A:20:A7:83:A4:FA:B1:C0:34:46:7B:82:50:51:B9 Certificate issuer: /CN=838c4f810d7a20a783a4fab1c034467b825051b9 Certificate serial: 019B4136CA567AB967A0B659AF81A562A076 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g4xPgQ16IKeDpPqxwDRGe4JQUbk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/250423-fa91-4a22-b83a-83e47580b3ec/1/g4xPgQ16IKeDpPqxwDRGe4JQUbk.mft Manifest number: 1789 Signing time: Sun 21 Dec 2025 14:01:08 +0000 Manifest this update: Sun 21 Dec 2025 14:01:08 +0000 Manifest next update: Mon 22 Dec 2025 14:01:08 +0000 Files and hashes: 1: JRNBLXBQWgTuBg1-jZxrM7iYCuQ.roa (hash: A/80zWYF3RYk10mzwst52/4Qz1yzT35DfBM28lDeN+s=) 2: g4xPgQ16IKeDpPqxwDRGe4JQUbk.crl (hash: A/4t7qY+5OXUwUqSKzrCgKVPeL4zgsy3E4kt058Y2Mo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/250423-fa91-4a22-b83a-83e47580b3ec/1/g4xPgQ16IKeDpPqxwDRGe4JQUbk.crl rsync://rpki.ripe.net/repository/DEFAULT/b7/250423-fa91-4a22-b83a-83e47580b3ec/1/g4xPgQ16IKeDpPqxwDRGe4JQUbk.mft rsync://rpki.ripe.net/repository/DEFAULT/g4xPgQ16IKeDpPqxwDRGe4JQUbk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:36:ca:56:7a:b9:67:a0:b6:59:af:81:a5:62:a0:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=838c4f810d7a20a783a4fab1c034467b825051b9 Validity Not Before: Dec 21 14:01:08 2025 GMT Not After : Dec 22 14:01:08 2025 GMT Subject: CN=a9fa0bd3f8715914c92ae9489091fe418ae0a097 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:78:7c:83:20:78:89:de:e4:85:5f:6d:28:0f: 51:6d:2e:b7:7c:8a:6f:ef:f4:10:5a:b3:57:70:a7: e9:0b:b4:d2:d6:d2:e0:d0:a5:4f:71:72:b9:f7:4e: ed:7e:b5:c0:51:2c:36:e9:b2:03:5d:db:44:f5:86: 0a:0b:a6:84:1c:b5:52:7d:7f:59:4e:6a:a0:ab:35: 6e:f3:3b:83:96:0a:76:3f:07:12:ee:b1:93:26:b1: ba:54:7c:b1:53:bf:fb:be:10:89:be:c6:da:82:61: d3:c8:05:f5:ea:03:d5:b1:85:af:3d:04:9c:61:31: 32:4e:1f:be:e7:ef:cf:32:fa:0c:59:e0:50:67:40: 75:54:e7:9d:93:37:a9:9a:07:ac:ef:96:30:4c:fd: 2e:6e:b8:30:f5:ed:75:3c:e6:7e:af:29:1a:5c:ac: a5:92:71:4a:79:b5:ec:a6:a1:d4:77:84:b8:31:62: 34:47:3e:90:43:f4:84:8f:fa:c2:b4:e4:73:e6:16: aa:0b:35:bc:a6:8a:f3:41:7e:e9:09:79:73:43:af: d9:1a:ae:76:b0:37:c0:f7:28:ad:bb:8c:f9:8e:3f: 3f:84:3d:0b:aa:da:aa:67:29:8d:18:c0:e7:11:74: 5a:22:d2:26:cf:8c:22:92:b5:02:69:99:84:96:65: ad:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:FA:0B:D3:F8:71:59:14:C9:2A:E9:48:90:91:FE:41:8A:E0:A0:97 X509v3 Authority Key Identifier: keyid:83:8C:4F:81:0D:7A:20:A7:83:A4:FA:B1:C0:34:46:7B:82:50:51:B9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g4xPgQ16IKeDpPqxwDRGe4JQUbk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/250423-fa91-4a22-b83a-83e47580b3ec/1/g4xPgQ16IKeDpPqxwDRGe4JQUbk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/250423-fa91-4a22-b83a-83e47580b3ec/1/g4xPgQ16IKeDpPqxwDRGe4JQUbk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:57:fd:f0:f4:cd:32:f1:a3:82:6e:11:16:86:cf:c4:61:a0: dc:36:6c:32:b5:ef:b2:84:cf:17:74:dd:2a:70:dc:4f:81:f8: 5e:f9:5a:e3:04:4d:52:e4:91:21:1e:54:f1:fa:ed:8a:f5:34: 94:85:bc:d0:db:0d:cd:ec:9b:a7:57:8c:4c:ff:d3:88:64:e8: ad:ff:ac:7f:da:9b:3b:7b:0d:dd:4a:93:6f:0d:81:1d:51:dd: d3:12:e4:88:aa:50:55:b3:db:91:0f:22:35:a8:05:5e:1a:9e: 52:bc:f6:7f:8d:d2:8c:a6:08:ab:a5:b2:6c:7f:6b:8f:16:3f: f4:4f:9e:e4:b2:4a:30:a0:a5:8b:7d:6c:f8:2c:76:10:b8:ae: 82:00:cc:e5:b9:88:dd:16:fa:fe:12:d8:0d:bd:6f:8a:e2:06: ec:4d:b4:3d:c7:11:cc:71:57:50:a2:01:8f:3a:0c:3d:38:09: 42:07:85:39:a0:e3:9e:a4:83:69:1a:3b:61:e1:12:c0:85:aa: 8e:c8:10:57:4c:e9:f7:5b:34:b1:7f:c1:d5:57:07:d9:c5:5c: 62:7b:d4:1a:c6:13:30:49:a8:65:6c:f8:60:80:b0:a8:4d:50: 3f:60:13:37:f4:4d:73:0f:d9:81:80:16:1e:b1:0a:14:19:e1: 8b:47:22:00 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtBNspWerlnoLZZr4GlYqB2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgzOGM0ZjgxMGQ3YTIwYTc4M2E0ZmFiMWMwMzQ0NjdiODI1 MDUxYjkwHhcNMjUxMjIxMTQwMTA4WhcNMjUxMjIyMTQwMTA4WjAzMTEwLwYDVQQD EyhhOWZhMGJkM2Y4NzE1OTE0YzkyYWU5NDg5MDkxZmU0MThhZTBhMDk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznh8gyB4id7khV9tKA9RbS63fIpv 7/QQWrNXcKfpC7TS1tLg0KVPcXK5907tfrXAUSw26bIDXdtE9YYKC6aEHLVSfX9Z TmqgqzVu8zuDlgp2PwcS7rGTJrG6VHyxU7/7vhCJvsbagmHTyAX16gPVsYWvPQSc YTEyTh++5+/PMvoMWeBQZ0B1VOedkzepmges75YwTP0ubrgw9e11POZ+rykaXKyl knFKebXspqHUd4S4MWI0Rz6QQ/SEj/rCtORz5haqCzW8porzQX7pCXlzQ6/ZGq52 sDfA9yitu4z5jj8/hD0LqtqqZymNGMDnEXRaItImz4wikrUCaZmElmWtzQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKn6C9P4cVkUySrpSJCR/kGK4KCXMB8GA1UdIwQY MBaAFIOMT4ENeiCng6T6scA0RnuCUFG5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZzR4UGdRMTZJS2VEcFBxeHdEUkdlNEpRVWJrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8yNTA0MjMtZmE5MS00YTIyLWI4M2Et ODNlNDc1ODBiM2VjLzEvZzR4UGdRMTZJS2VEcFBxeHdEUkdlNEpRVWJrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNy8yNTA0MjMtZmE5MS00YTIyLWI4M2EtODNlNDc1ODBiM2Vj LzEvZzR4UGdRMTZJS2VEcFBxeHdEUkdlNEpRVWJrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc1f98PTN MvGjgm4RFobPxGGg3DZsMrXvsoTPF3TdKnDcT4H4Xvla4wRNUuSRIR5U8frtivU0 lIW80NsNzeybp1eMTP/TiGTorf+sf9qbO3sN3UqTbw2BHVHd0xLkiKpQVbPbkQ8i NagFXhqeUrz2f43SjKYIq6WybH9rjxY/9E+e5LJKMKCli31s+Cx2ELiuggDM5bmI 3Rb6/hLYDb1viuIG7E20PccRzHFXUKIBjzoMPTgJQgeFOaDjnqSDaRo7YeESwIWq jsgQV0zp91s0sX/B1VcH2cVcYnvUGsYTMEmoZWz4YICwqE1QP2ATN/RNcw/ZgYAW HrEKFBnhi0ciAA== -----END CERTIFICATE-----Generated at Sun Dec 21 22:29:30 2025 by rpki-client