This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/e8922d-b304-4188-bda6-dc6b1ff72c18/1/G_GA7KTkQF6Heotjkjp1iNd-OdI.mft File: G_GA7KTkQF6Heotjkjp1iNd-OdI.mft (raw, json) Hash identifier: iL9u0UanzNeCkrZeM9/2nU8AEhxRnbp0eqmeO+Dfxz8= Subject key identifier: D7:0D:56:80:88:74:4D:83:BC:EB:57:7D:24:7B:BE:F9:6B:50:E9:8D Authority key identifier: 1B:F1:80:EC:A4:E4:40:5E:87:7A:8B:63:92:3A:75:88:D7:7E:39:D2 Certificate issuer: /CN=1bf180eca4e4405e877a8b63923a7588d77e39d2 Certificate serial: 019B5FE58B09C30C0DF9DA8809254FB93C97 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G_GA7KTkQF6Heotjkjp1iNd-OdI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/e8922d-b304-4188-bda6-dc6b1ff72c18/1/G_GA7KTkQF6Heotjkjp1iNd-OdI.mft Manifest number: 06F1 Signing time: Sat 27 Dec 2025 13:00:37 +0000 Manifest this update: Sat 27 Dec 2025 13:00:37 +0000 Manifest next update: Sun 28 Dec 2025 13:00:37 +0000 Files and hashes: 1: G_GA7KTkQF6Heotjkjp1iNd-OdI.crl (hash: gL1yYG3nEGHOEFGDBOSIiidXUZvEJcjXeIIwGb0Do54=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/e8922d-b304-4188-bda6-dc6b1ff72c18/1/G_GA7KTkQF6Heotjkjp1iNd-OdI.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/e8922d-b304-4188-bda6-dc6b1ff72c18/1/G_GA7KTkQF6Heotjkjp1iNd-OdI.mft rsync://rpki.ripe.net/repository/DEFAULT/G_GA7KTkQF6Heotjkjp1iNd-OdI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 28 Dec 2025 08:42:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5f:e5:8b:09:c3:0c:0d:f9:da:88:09:25:4f:b9:3c:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1bf180eca4e4405e877a8b63923a7588d77e39d2 Validity Not Before: Dec 27 13:00:37 2025 GMT Not After : Dec 28 13:00:37 2025 GMT Subject: CN=d70d568088744d83bceb577d247bbef96b50e98d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:9f:1c:69:00:85:48:28:65:cd:5c:1b:a0:79: 56:61:3a:f4:53:cd:ed:66:74:d5:2b:63:ba:18:83: 66:7f:14:ca:39:c3:c6:71:4a:65:9d:ab:e8:cb:47: e9:fd:29:76:c7:2b:dd:be:68:01:21:ef:12:53:1b: cc:35:eb:47:57:44:f0:cb:5a:ef:c9:09:f6:2d:d0: d9:a1:79:8e:31:b7:73:62:6b:3f:69:07:24:b3:da: 68:79:cf:7b:d1:fa:8f:53:bd:57:29:ab:fa:67:9d: bc:1d:80:e6:93:3a:27:1d:d2:9e:1a:66:dd:ec:db: bd:31:37:5f:f4:03:6a:19:93:86:87:98:1e:c8:be: 3a:6e:ec:d3:27:b9:a0:9c:e6:9f:8d:06:4e:5a:1d: da:48:ea:92:90:81:7a:c8:4e:e3:50:9f:12:5f:a1: cc:7d:15:e6:47:6d:2d:2a:95:39:09:d3:0f:56:39: 5b:05:e5:d9:74:d6:0f:b5:8c:f7:91:e4:ff:87:17: 03:f2:9e:14:7c:27:e4:99:6d:6a:e2:39:b1:53:28: bf:dc:ba:aa:0e:8f:82:10:eb:a4:87:d3:07:0c:cb: 28:e7:c6:cf:e6:5b:e6:97:6e:9f:64:75:27:cd:b2: 1e:b4:2e:35:56:ff:db:89:d2:c5:da:2c:de:39:f3: 4b:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:0D:56:80:88:74:4D:83:BC:EB:57:7D:24:7B:BE:F9:6B:50:E9:8D X509v3 Authority Key Identifier: keyid:1B:F1:80:EC:A4:E4:40:5E:87:7A:8B:63:92:3A:75:88:D7:7E:39:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_GA7KTkQF6Heotjkjp1iNd-OdI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e8922d-b304-4188-bda6-dc6b1ff72c18/1/G_GA7KTkQF6Heotjkjp1iNd-OdI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e8922d-b304-4188-bda6-dc6b1ff72c18/1/G_GA7KTkQF6Heotjkjp1iNd-OdI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9e:46:fe:a8:47:28:3f:c0:51:a9:28:15:64:99:1d:96:c2:01: c8:4d:fa:fb:fb:64:2c:29:67:34:ba:3e:0f:af:93:d2:98:9d: 09:00:d2:79:d3:b9:4a:2e:35:67:4a:00:5e:54:9d:3e:98:80: dc:7b:22:ec:4e:35:7d:91:8c:49:54:69:0b:7e:61:b3:3c:62: 13:6d:1e:18:af:da:60:4a:27:23:ef:75:9d:67:f8:05:c9:98: e4:03:d4:fe:37:20:f5:60:7d:3d:cb:f0:eb:25:dd:39:a4:c7: b3:eb:8a:57:51:04:96:63:82:4b:6a:fa:4f:8e:88:40:2e:61: 72:3c:af:48:67:b6:88:3b:2e:fa:a6:82:9f:20:77:c3:17:62: 7b:e6:27:32:67:d7:15:dc:df:00:bb:89:5e:4b:92:63:4c:99: 5f:95:8a:33:44:ee:b0:f2:3a:38:f0:03:f7:df:e1:14:1d:30: 8d:f1:1a:6b:c4:5b:1f:ab:f7:7a:b3:c7:a9:7e:a0:ff:51:8e: 2c:da:3a:7d:a1:31:bf:d2:10:d9:b7:b8:65:2d:a1:6c:47:d5: 7c:64:42:c5:d7:09:47:c7:0a:a0:66:75:e1:c8:cb:94:64:94: f5:90:b7:50:a8:49:f2:e1:03:5e:d4:6e:87:26:cd:1e:82:ba: 71:e5:d8:9d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtf5YsJwwwN+dqICSVPuTyXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiZjE4MGVjYTRlNDQwNWU4NzdhOGI2MzkyM2E3NTg4ZDc3 ZTM5ZDIwHhcNMjUxMjI3MTMwMDM3WhcNMjUxMjI4MTMwMDM3WjAzMTEwLwYDVQQD EyhkNzBkNTY4MDg4NzQ0ZDgzYmNlYjU3N2QyNDdiYmVmOTZiNTBlOThkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq58caQCFSChlzVwboHlWYTr0U83t ZnTVK2O6GINmfxTKOcPGcUplnavoy0fp/Sl2xyvdvmgBIe8SUxvMNetHV0Twy1rv yQn2LdDZoXmOMbdzYms/aQcks9poec970fqPU71XKav6Z528HYDmkzonHdKeGmbd 7Nu9MTdf9ANqGZOGh5geyL46buzTJ7mgnOafjQZOWh3aSOqSkIF6yE7jUJ8SX6HM fRXmR20tKpU5CdMPVjlbBeXZdNYPtYz3keT/hxcD8p4UfCfkmW1q4jmxUyi/3Lqq Do+CEOukh9MHDMso58bP5lvml26fZHUnzbIetC41Vv/bidLF2izeOfNLIQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNcNVoCIdE2DvOtXfSR7vvlrUOmNMB8GA1UdIwQY MBaAFBvxgOyk5EBeh3qLY5I6dYjXfjnSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR19HQTdLVGtRRjZIZW90amtqcDFpTmQtT2RJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lODkyMmQtYjMwNC00MTg4LWJkYTYt ZGM2YjFmZjcyYzE4LzEvR19HQTdLVGtRRjZIZW90amtqcDFpTmQtT2RJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS9lODkyMmQtYjMwNC00MTg4LWJkYTYtZGM2YjFmZjcyYzE4 LzEvR19HQTdLVGtRRjZIZW90amtqcDFpTmQtT2RJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnkb+qEco P8BRqSgVZJkdlsIByE36+/tkLClnNLo+D6+T0pidCQDSedO5Si41Z0oAXlSdPpiA 3Hsi7E41fZGMSVRpC35hszxiE20eGK/aYEonI+91nWf4BcmY5APU/jcg9WB9Pcvw 6yXdOaTHs+uKV1EElmOCS2r6T46IQC5hcjyvSGe2iDsu+qaCnyB3wxdie+YnMmfX FdzfALuJXkuSY0yZX5WKM0TusPI6OPAD99/hFB0wjfEaa8RbH6v3erPHqX6g/1GO LNo6faExv9IQ2be4ZS2hbEfVfGRCxdcJR8cKoGZ14cjLlGSU9ZC3UKhJ8uEDXtRu hybNHoK6ceXYnQ== -----END CERTIFICATE-----Generated at Sat Dec 27 16:04:33 2025 by rpki-client