This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft File: G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft (raw, json) Hash identifier: fd7gMA27l2pOyMq9FudVxdZNEdpPeG3p9R/T4iY2e4o= Subject key identifier: 1A:0F:2D:FA:C0:9B:79:D9:2D:E2:4B:69:42:8E:EB:BF:0F:FD:21:D7 Authority key identifier: 1B:F9:2C:29:94:FF:B5:35:7F:8D:C4:62:79:BD:D9:9B:E3:A5:6C:BD Certificate issuer: /CN=1bf92c2994ffb5357f8dc46279bdd99be3a56cbd Certificate serial: 019B631E24FC0195A728C1CA76DD0CA6D396 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft Manifest number: 0F34 Signing time: Sun 28 Dec 2025 04:01:18 +0000 Manifest this update: Sun 28 Dec 2025 04:01:18 +0000 Manifest next update: Mon 29 Dec 2025 04:01:18 +0000 Files and hashes: 1: G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl (hash: p+PIFqh9nWTTDTKX25VRIRVp1Jjb0rxNTZ4VLWZgb3A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:63:1e:24:fc:01:95:a7:28:c1:ca:76:dd:0c:a6:d3:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1bf92c2994ffb5357f8dc46279bdd99be3a56cbd Validity Not Before: Dec 28 04:01:18 2025 GMT Not After : Dec 29 04:01:18 2025 GMT Subject: CN=1a0f2dfac09b79d92de24b69428eebbf0ffd21d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:dd:7c:57:6f:31:d0:a8:85:d8:85:98:32:2f: ec:21:f7:80:d1:24:d3:39:34:4c:3e:1e:65:3d:4f: 35:5b:26:db:ff:cf:a6:ca:3f:4f:cd:5f:41:93:67: 90:82:47:98:bc:1e:1b:f0:78:e9:4f:d3:31:40:80: d3:04:e4:d2:28:7b:e0:da:1a:12:0d:fc:8f:c0:c7: c6:f8:81:fd:e9:b2:ab:94:df:a1:17:2a:62:c7:90: cc:10:f9:42:ce:a8:b4:9c:ce:36:50:dd:b3:7d:d4: 8e:bf:7c:97:59:cf:db:3b:b2:2c:5f:ee:aa:71:b8: 6e:9d:4c:95:79:a3:1e:6a:ae:0b:c6:d7:87:9b:99: fb:5e:26:fb:12:16:d1:e5:af:be:96:15:91:c1:11: 41:a7:9a:ee:4c:7a:67:1e:b5:c4:7f:7d:7b:68:ea: 11:42:93:3a:e3:f3:48:c4:b4:b2:da:5b:7e:85:e9: a1:1a:df:95:7d:9b:4d:be:15:1f:16:84:4c:ae:2c: 4d:3f:0c:9a:38:d7:42:17:05:2a:44:4c:2b:f4:03: 12:94:18:db:0f:c0:e7:5a:d9:f3:b3:85:d6:41:86: fc:c6:27:fb:1f:44:8d:a2:c3:aa:b2:49:61:2f:29: 8c:76:68:5b:21:8d:9d:d2:79:da:5c:d7:f2:1d:a9: 39:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:0F:2D:FA:C0:9B:79:D9:2D:E2:4B:69:42:8E:EB:BF:0F:FD:21:D7 X509v3 Authority Key Identifier: keyid:1B:F9:2C:29:94:FF:B5:35:7F:8D:C4:62:79:BD:D9:9B:E3:A5:6C:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:37:17:03:03:36:32:89:e2:24:c9:a4:e4:82:42:ad:b1:f5: 02:2c:c8:4d:75:f2:5e:e7:b6:25:73:58:ba:3c:ae:23:d2:62: 9e:59:8c:a4:f1:19:0f:ab:0a:8a:a3:99:6c:6b:b5:f1:27:1d: ed:24:f5:9b:c9:d4:10:45:f3:ec:27:c7:ab:0a:d3:02:5e:65: c1:08:9c:5b:ca:ca:b3:3c:29:80:ee:8c:88:f8:a1:cf:07:91: 36:ae:7b:6d:24:65:86:da:00:ee:63:69:ee:79:95:34:06:27: fe:b9:59:6b:e0:8c:77:03:fa:2c:0d:08:02:d4:2d:ba:27:51: ed:34:23:e4:68:79:5f:94:b0:7b:7c:8a:00:33:9c:99:75:08: 85:43:db:b8:96:55:88:03:44:04:a7:57:36:be:ed:66:55:3a: b6:e0:3b:41:85:20:bc:46:70:3f:0f:a6:5b:30:35:b0:c3:02: 9e:ea:bb:6a:24:7c:07:f2:57:ea:78:b8:45:eb:df:48:fc:51: 22:eb:50:63:90:60:8e:90:05:1a:ef:67:13:ca:73:7e:21:77: c4:97:51:8b:6f:74:8b:11:ba:1b:d4:b1:61:95:32:4e:50:94: 66:20:35:07:83:86:3b:84:cc:c0:ba:fa:d9:76:ee:c6:ca:81: 4e:b4:84:21 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtjHiT8AZWnKMHKdt0MptOWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiZjkyYzI5OTRmZmI1MzU3ZjhkYzQ2Mjc5YmRkOTliZTNh NTZjYmQwHhcNMjUxMjI4MDQwMTE4WhcNMjUxMjI5MDQwMTE4WjAzMTEwLwYDVQQD EygxYTBmMmRmYWMwOWI3OWQ5MmRlMjRiNjk0MjhlZWJiZjBmZmQyMWQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyN18V28x0KiF2IWYMi/sIfeA0STT OTRMPh5lPU81Wybb/8+myj9PzV9Bk2eQgkeYvB4b8HjpT9MxQIDTBOTSKHvg2hoS DfyPwMfG+IH96bKrlN+hFypix5DMEPlCzqi0nM42UN2zfdSOv3yXWc/bO7IsX+6q cbhunUyVeaMeaq4LxteHm5n7Xib7EhbR5a++lhWRwRFBp5ruTHpnHrXEf317aOoR QpM64/NIxLSy2lt+hemhGt+VfZtNvhUfFoRMrixNPwyaONdCFwUqREwr9AMSlBjb D8DnWtnzs4XWQYb8xif7H0SNosOqsklhLymMdmhbIY2d0nnaXNfyHak5pwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBoPLfrAm3nZLeJLaUKO678P/SHXMB8GA1UdIwQY MBaAFBv5LCmU/7U1f43EYnm92ZvjpWy9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ZjczNjEtYjFlNi00MDE5LWFkNjMt MjAwNTk5NGRmNDcxLzEvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMS83ZjczNjEtYjFlNi00MDE5LWFkNjMtMjAwNTk5NGRmNDcx LzEvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAETcXAwM2 MoniJMmk5IJCrbH1AizITXXyXue2JXNYujyuI9JinlmMpPEZD6sKiqOZbGu18Scd 7ST1m8nUEEXz7CfHqwrTAl5lwQicW8rKszwpgO6MiPihzweRNq57bSRlhtoA7mNp 7nmVNAYn/rlZa+CMdwP6LA0IAtQtuidR7TQj5Gh5X5Swe3yKADOcmXUIhUPbuJZV iANEBKdXNr7tZlU6tuA7QYUgvEZwPw+mWzA1sMMCnuq7aiR8B/JX6ni4RevfSPxR IutQY5BgjpAFGu9nE8pzfiF3xJdRi290ixG6G9SxYZUyTlCUZiA1B4OGO4TMwLr6 2XbuxsqBTrSEIQ== -----END CERTIFICATE-----Generated at Sun Dec 28 09:44:53 2025 by rpki-client