This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/b56881-e919-445a-9923-89a9023261f1/1/gSBe85sNP11y-h2XHUGR4Lomhr8.mft File: gSBe85sNP11y-h2XHUGR4Lomhr8.mft (raw, json) Hash identifier: ZUJ15Xhfh9sb/zPozx8rA/zgrgmzIJ6Xv7mubgJzYsg= Subject key identifier: 7F:CF:A5:D6:FC:C4:D9:6D:ED:13:24:AD:1C:1C:4A:98:30:F1:8A:46 Authority key identifier: 81:20:5E:F3:9B:0D:3F:5D:72:FA:1D:97:1D:41:91:E0:BA:26:86:BF Certificate issuer: /CN=81205ef39b0d3f5d72fa1d971d4191e0ba2686bf Certificate serial: 019B3EA362CD1F25D259086E5AC1365EA36B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gSBe85sNP11y-h2XHUGR4Lomhr8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/b56881-e919-445a-9923-89a9023261f1/1/gSBe85sNP11y-h2XHUGR4Lomhr8.mft Manifest number: 0E6F Signing time: Sun 21 Dec 2025 02:00:53 +0000 Manifest this update: Sun 21 Dec 2025 02:00:53 +0000 Manifest next update: Mon 22 Dec 2025 02:00:53 +0000 Files and hashes: 1: gSBe85sNP11y-h2XHUGR4Lomhr8.crl (hash: hiqSephX/DU3W4X/NDiEBhClybvXqMyFRxHsCmNmkT0=) 2: tejhqyIYcfJnZD52AowM2BpZATQ.roa (hash: oI2/9MVukstCSiurn/ztv7Ci6tJsVocDaOvri7bb8FY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/b56881-e919-445a-9923-89a9023261f1/1/gSBe85sNP11y-h2XHUGR4Lomhr8.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/b56881-e919-445a-9923-89a9023261f1/1/gSBe85sNP11y-h2XHUGR4Lomhr8.mft rsync://rpki.ripe.net/repository/DEFAULT/gSBe85sNP11y-h2XHUGR4Lomhr8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:a3:62:cd:1f:25:d2:59:08:6e:5a:c1:36:5e:a3:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=81205ef39b0d3f5d72fa1d971d4191e0ba2686bf Validity Not Before: Dec 21 02:00:53 2025 GMT Not After : Dec 22 02:00:53 2025 GMT Subject: CN=7fcfa5d6fcc4d96ded1324ad1c1c4a9830f18a46 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:2a:89:7b:77:0b:42:19:15:68:c8:5a:8a:2b: 74:cd:f9:db:9e:09:41:8e:36:95:8d:42:8a:c2:32: 14:f7:a3:e8:3a:fe:95:d1:e9:ac:87:f0:ea:96:11: 20:dd:99:35:49:17:6c:58:08:0c:eb:96:99:4e:13: 47:03:e1:cc:b0:6e:fb:30:dc:59:b1:f4:cd:e2:39: 4b:6c:c5:1c:43:a1:50:97:54:ad:c5:82:27:9c:16: 87:c5:e5:a4:5d:30:fe:01:ad:8e:40:2e:de:db:4b: 66:fe:85:4e:e8:af:df:ad:cc:63:90:3f:ec:78:bb: 65:91:96:71:25:24:57:01:8e:e6:93:d0:55:f8:f9: 0f:41:4b:7d:35:c9:2f:34:90:c7:17:e9:84:57:ed: 4a:e3:03:06:a3:c8:c2:72:bb:32:9c:37:98:c3:b6: 06:ed:3a:dc:86:24:fa:10:5b:07:08:b6:74:3c:27: d6:e7:c9:e0:9f:18:a3:31:8d:15:c9:17:e2:35:76: 61:bc:c9:4c:55:b7:14:bb:2f:a1:c2:4c:5b:71:8e: 8e:d3:7a:1a:51:90:da:a6:00:72:8b:d1:80:58:32: 9c:8e:51:41:1e:f2:a6:4c:02:3f:df:aa:df:60:bf: 47:89:61:de:e6:84:7d:7b:2d:2a:be:40:81:1d:65: bf:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:CF:A5:D6:FC:C4:D9:6D:ED:13:24:AD:1C:1C:4A:98:30:F1:8A:46 X509v3 Authority Key Identifier: keyid:81:20:5E:F3:9B:0D:3F:5D:72:FA:1D:97:1D:41:91:E0:BA:26:86:BF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gSBe85sNP11y-h2XHUGR4Lomhr8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/b56881-e919-445a-9923-89a9023261f1/1/gSBe85sNP11y-h2XHUGR4Lomhr8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/b56881-e919-445a-9923-89a9023261f1/1/gSBe85sNP11y-h2XHUGR4Lomhr8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 68:a2:f3:11:db:98:47:fb:66:b6:32:b8:4c:ee:a1:29:d2:6b: d0:c1:21:48:c7:63:e9:ab:c8:06:b6:1a:55:55:5c:f7:e2:c8: fb:31:7c:12:03:7c:2b:25:a9:07:8c:31:0b:55:e8:ac:d9:7e: 09:0e:7a:d8:a7:7f:9c:65:69:83:f5:b2:f1:42:52:ef:9f:2d: ef:4e:5d:02:8b:36:a8:62:cc:e2:c7:e9:1b:10:d5:fd:8b:96: 58:95:03:a0:51:13:d3:5a:d4:0e:70:61:37:4f:10:08:4d:ed: 6a:ab:ce:36:71:b7:9e:c1:81:d1:d1:7b:32:0c:42:f1:6e:ed: 4f:44:bc:04:c9:48:83:3a:65:b3:fc:98:21:37:e9:70:c1:65: 76:db:60:89:0a:aa:c8:56:8d:a8:28:a2:79:c2:fc:9a:ef:27: ac:eb:7f:0b:e3:c2:9a:8d:07:0f:69:1b:f5:79:66:03:27:0b: a3:a8:01:f3:e5:3a:44:5b:d1:39:b3:61:a3:77:43:b0:be:25: 99:69:39:2a:44:c5:c6:f8:cf:dd:1d:ec:8a:ea:1b:01:3c:1d: b2:6c:d5:63:bd:d2:7b:e0:4c:83:9b:6f:ed:59:1c:00:db:05: 2a:ea:e4:16:a6:a5:65:71:95:88:47:c1:d8:e9:3a:78:be:6e: 28:a5:6e:be -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+o2LNHyXSWQhuWsE2XqNrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgxMjA1ZWYzOWIwZDNmNWQ3MmZhMWQ5NzFkNDE5MWUwYmEy Njg2YmYwHhcNMjUxMjIxMDIwMDUzWhcNMjUxMjIyMDIwMDUzWjAzMTEwLwYDVQQD Eyg3ZmNmYTVkNmZjYzRkOTZkZWQxMzI0YWQxYzFjNGE5ODMwZjE4YTQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyqJe3cLQhkVaMhaiit0zfnbnglB jjaVjUKKwjIU96PoOv6V0emsh/DqlhEg3Zk1SRdsWAgM65aZThNHA+HMsG77MNxZ sfTN4jlLbMUcQ6FQl1StxYInnBaHxeWkXTD+Aa2OQC7e20tm/oVO6K/frcxjkD/s eLtlkZZxJSRXAY7mk9BV+PkPQUt9NckvNJDHF+mEV+1K4wMGo8jCcrsynDeYw7YG 7TrchiT6EFsHCLZ0PCfW58ngnxijMY0VyRfiNXZhvMlMVbcUuy+hwkxbcY6O03oa UZDapgByi9GAWDKcjlFBHvKmTAI/36rfYL9HiWHe5oR9ey0qvkCBHWW/fwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH/Ppdb8xNlt7RMkrRwcSpgw8YpGMB8GA1UdIwQY MBaAFIEgXvObDT9dcvodlx1BkeC6Joa/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ1NCZTg1c05QMTF5LWgyWEhVR1I0TG9taHI4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iNTY4ODEtZTkxOS00NDVhLTk5MjMt ODlhOTAyMzI2MWYxLzEvZ1NCZTg1c05QMTF5LWgyWEhVR1I0TG9taHI4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy9iNTY4ODEtZTkxOS00NDVhLTk5MjMtODlhOTAyMzI2MWYx LzEvZ1NCZTg1c05QMTF5LWgyWEhVR1I0TG9taHI4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaKLzEduY R/tmtjK4TO6hKdJr0MEhSMdj6avIBrYaVVVc9+LI+zF8EgN8KyWpB4wxC1XorNl+ CQ562Kd/nGVpg/Wy8UJS758t705dAos2qGLM4sfpGxDV/YuWWJUDoFET01rUDnBh N08QCE3taqvONnG3nsGB0dF7MgxC8W7tT0S8BMlIgzpls/yYITfpcMFldttgiQqq yFaNqCiiecL8mu8nrOt/C+PCmo0HD2kb9XlmAycLo6gB8+U6RFvRObNho3dDsL4l mWk5KkTFxvjP3R3siuobATwdsmzVY73Se+BMg5tv7VkcANsFKurkFqalZXGViEfB 2Ok6eL5uKKVuvg== -----END CERTIFICATE-----Generated at Sun Dec 21 10:34:20 2025 by rpki-client