This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/gBbMsax3x8AqTt5gbfH375c6C_k.mft File: gBbMsax3x8AqTt5gbfH375c6C_k.mft (raw, json) Hash identifier: +8D4ZriAWGhX8J58Cz8B0vKhWo+kcFOBe0xP/UpHNlk= Subject key identifier: 2B:3B:E5:9B:00:B6:09:A2:6A:85:57:12:6C:14:D6:EB:14:92:A7:0C Authority key identifier: 80:16:CC:B1:AC:77:C7:C0:2A:4E:DE:60:6D:F1:F7:EF:97:3A:0B:F9 Certificate issuer: /CN=8016ccb1ac77c7c02a4ede606df1f7ef973a0bf9 Certificate serial: 019B39EB13D9F4D2D37DD4E135D8558C984F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gBbMsax3x8AqTt5gbfH375c6C_k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/gBbMsax3x8AqTt5gbfH375c6C_k.mft Manifest number: 1233 Signing time: Sat 20 Dec 2025 04:01:05 +0000 Manifest this update: Sat 20 Dec 2025 04:01:05 +0000 Manifest next update: Sun 21 Dec 2025 04:01:05 +0000 Files and hashes: 1: Ax6Vm0VTZQY0FLe1VYl0Sd0_sqo.roa (hash: X5Han0rbC/tYWBQcqeDkAJUru7qclM/G19tIpVV4C6g=) 2: gBbMsax3x8AqTt5gbfH375c6C_k.crl (hash: FH5Ui7187Cm1+GEarBpFRp9p46tEuogSychvk15kn2Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/gBbMsax3x8AqTt5gbfH375c6C_k.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/gBbMsax3x8AqTt5gbfH375c6C_k.mft rsync://rpki.ripe.net/repository/DEFAULT/gBbMsax3x8AqTt5gbfH375c6C_k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 04:01:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:eb:13:d9:f4:d2:d3:7d:d4:e1:35:d8:55:8c:98:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8016ccb1ac77c7c02a4ede606df1f7ef973a0bf9 Validity Not Before: Dec 20 04:01:05 2025 GMT Not After : Dec 21 04:01:05 2025 GMT Subject: CN=2b3be59b00b609a26a8557126c14d6eb1492a70c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:4a:bf:95:ea:e2:b9:af:bc:45:5a:7c:c7:79: ca:06:11:3e:0e:1f:25:4d:ab:32:49:66:eb:f2:f4: cb:94:df:b7:65:1b:9f:b3:74:19:72:b7:05:b1:8d: 17:bc:87:76:16:81:50:1d:b0:ba:f4:a8:90:80:f3: b8:cf:28:ee:e4:d5:4c:7e:ed:04:9f:9a:34:32:9f: 8e:d8:ce:df:c6:4a:97:f9:64:56:95:d6:7f:34:5e: ee:a8:a8:de:2e:d8:94:08:be:7c:45:b5:47:1b:7c: 5f:cf:25:01:5e:c6:75:b7:3b:6c:b7:fb:7b:67:f5: f4:34:e8:84:19:ce:2c:ac:bd:3d:80:38:71:a1:3e: fe:99:f2:91:5c:aa:09:6a:d2:59:17:f4:01:69:3e: 3b:a5:73:97:cb:7a:c1:7a:35:81:e2:f0:02:f0:5c: 85:8f:e8:12:c0:d0:5a:5f:ed:27:1c:6b:44:db:8a: 41:c4:e5:97:0d:ee:70:62:77:db:42:2b:9a:ed:86: 91:2a:69:e7:81:80:d0:ab:95:6e:5f:ab:c3:ae:86: 0f:4d:0c:71:93:86:13:68:fc:bf:5a:80:a0:fa:62: 45:6e:61:a3:04:60:1f:30:a2:80:68:47:cd:cb:49: 20:64:83:43:81:b7:66:a2:55:e7:36:0c:41:ad:a6: 23:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:3B:E5:9B:00:B6:09:A2:6A:85:57:12:6C:14:D6:EB:14:92:A7:0C X509v3 Authority Key Identifier: keyid:80:16:CC:B1:AC:77:C7:C0:2A:4E:DE:60:6D:F1:F7:EF:97:3A:0B:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gBbMsax3x8AqTt5gbfH375c6C_k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/gBbMsax3x8AqTt5gbfH375c6C_k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/gBbMsax3x8AqTt5gbfH375c6C_k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:e5:e7:f2:0b:ca:b3:b1:bb:07:7f:df:1c:01:20:43:4a:0d: d3:95:0f:80:98:01:1a:3a:7b:5e:47:77:9a:97:46:bb:ce:5c: 73:83:82:50:eb:94:b4:b1:c3:6a:b3:29:79:ba:2e:7c:75:f8: 1c:9d:dd:03:aa:fd:29:ac:d4:87:db:b0:9d:f3:3b:6b:f7:1d: 7c:ac:c3:46:2d:3b:17:c2:d7:a8:b6:3d:8a:6c:10:5b:c2:9e: d7:4b:3c:ce:ec:e4:ff:7d:e5:16:b3:31:19:d4:45:90:a4:21: a1:c1:72:84:77:0c:37:5f:33:c0:92:93:95:ae:57:36:c4:86: fe:7e:68:0a:04:ef:ae:29:57:a4:1b:01:45:3f:fc:3f:ff:00: 30:02:d8:b4:68:65:cf:f7:dc:7f:d0:ee:e9:d8:d8:3e:1d:1f: 6a:89:3d:cf:79:92:b2:14:ab:b7:40:56:0c:a9:53:7d:a7:bf: 17:2b:01:9a:45:18:01:55:88:61:39:da:a6:d7:de:3e:49:b0: 79:1e:3f:dc:30:2f:93:70:cc:c2:cb:53:0e:0c:52:04:dd:8d: bf:0b:18:09:99:1e:f1:9e:a8:77:ec:50:e9:20:d4:95:1e:3f: 3c:77:45:69:08:07:8d:b0:b8:47:80:61:c1:90:fd:77:f1:6a: f2:d5:59:a1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs56xPZ9NLTfdThNdhVjJhPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgwMTZjY2IxYWM3N2M3YzAyYTRlZGU2MDZkZjFmN2VmOTcz YTBiZjkwHhcNMjUxMjIwMDQwMTA1WhcNMjUxMjIxMDQwMTA1WjAzMTEwLwYDVQQD EygyYjNiZTU5YjAwYjYwOWEyNmE4NTU3MTI2YzE0ZDZlYjE0OTJhNzBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00q/leriua+8RVp8x3nKBhE+Dh8l TasySWbr8vTLlN+3ZRufs3QZcrcFsY0XvId2FoFQHbC69KiQgPO4zyju5NVMfu0E n5o0Mp+O2M7fxkqX+WRWldZ/NF7uqKjeLtiUCL58RbVHG3xfzyUBXsZ1tztst/t7 Z/X0NOiEGc4srL09gDhxoT7+mfKRXKoJatJZF/QBaT47pXOXy3rBejWB4vAC8FyF j+gSwNBaX+0nHGtE24pBxOWXDe5wYnfbQiua7YaRKmnngYDQq5VuX6vDroYPTQxx k4YTaPy/WoCg+mJFbmGjBGAfMKKAaEfNy0kgZINDgbdmolXnNgxBraYj9wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCs75ZsAtgmiaoVXEmwU1usUkqcMMB8GA1UdIwQY MBaAFIAWzLGsd8fAKk7eYG3x9++XOgv5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ0JiTXNheDN4OEFxVHQ1Z2JmSDM3NWM2Q19rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9hYmMwZjgtMWYxZi00YzY1LWJiODUt YTk2NmFlODU2OTI2LzEvZ0JiTXNheDN4OEFxVHQ1Z2JmSDM3NWM2Q19rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC9hYmMwZjgtMWYxZi00YzY1LWJiODUtYTk2NmFlODU2OTI2 LzEvZ0JiTXNheDN4OEFxVHQ1Z2JmSDM3NWM2Q19rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATeXn8gvK s7G7B3/fHAEgQ0oN05UPgJgBGjp7Xkd3mpdGu85cc4OCUOuUtLHDarMpeboufHX4 HJ3dA6r9KazUh9uwnfM7a/cdfKzDRi07F8LXqLY9imwQW8Ke10s8zuzk/33lFrMx GdRFkKQhocFyhHcMN18zwJKTla5XNsSG/n5oCgTvrilXpBsBRT/8P/8AMALYtGhl z/fcf9Du6djYPh0faok9z3mSshSrt0BWDKlTfae/FysBmkUYAVWIYTnaptfePkmw eR4/3DAvk3DMwstTDgxSBN2NvwsYCZke8Z6od+xQ6SDUlR4/PHdFaQgHjbC4R4Bh wZD9d/Fq8tVZoQ== -----END CERTIFICATE-----Generated at Sat Dec 20 12:38:05 2025 by rpki-client