This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/698bec-a0f0-42f7-99fa-28516bb7505c/1/GHpwT0heEd7avFYmTl2AwUh-CEI.mft File: GHpwT0heEd7avFYmTl2AwUh-CEI.mft (raw, json) Hash identifier: DB7KM/T/d2QbUpp/lNRsClOGlisbtQyRs91JYcNJT3w= Subject key identifier: F4:C0:E6:76:C9:89:29:DB:01:BF:28:77:15:F6:34:E6:80:88:BD:A1 Authority key identifier: 18:7A:70:4F:48:5E:11:DE:DA:BC:56:26:4E:5D:80:C1:48:7E:08:42 Certificate issuer: /CN=187a704f485e11dedabc56264e5d80c1487e0842 Certificate serial: 019B3DFE69D62FC66FC836CCCFE945FE941C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GHpwT0heEd7avFYmTl2AwUh-CEI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/698bec-a0f0-42f7-99fa-28516bb7505c/1/GHpwT0heEd7avFYmTl2AwUh-CEI.mft Manifest number: 02C3 Signing time: Sat 20 Dec 2025 23:00:41 +0000 Manifest this update: Sat 20 Dec 2025 23:00:41 +0000 Manifest next update: Sun 21 Dec 2025 23:00:41 +0000 Files and hashes: 1: GHpwT0heEd7avFYmTl2AwUh-CEI.crl (hash: 8l8rzLpB5kTna7ZMvXxUKGeLS0SudnJLHAEze2YBRFs=) 2: vvdAJvoqdhRnHyNRnR9QwCmshOA.roa (hash: yno5bMF5UsFhgiWOHsRLetn5+9bEbKawwZrFBu7TWWg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/698bec-a0f0-42f7-99fa-28516bb7505c/1/GHpwT0heEd7avFYmTl2AwUh-CEI.crl rsync://rpki.ripe.net/repository/DEFAULT/ed/698bec-a0f0-42f7-99fa-28516bb7505c/1/GHpwT0heEd7avFYmTl2AwUh-CEI.mft rsync://rpki.ripe.net/repository/DEFAULT/GHpwT0heEd7avFYmTl2AwUh-CEI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 23:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:fe:69:d6:2f:c6:6f:c8:36:cc:cf:e9:45:fe:94:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=187a704f485e11dedabc56264e5d80c1487e0842 Validity Not Before: Dec 20 23:00:41 2025 GMT Not After : Dec 21 23:00:41 2025 GMT Subject: CN=f4c0e676c98929db01bf287715f634e68088bda1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:2c:8e:67:82:21:5d:f1:dd:fe:08:ca:1f:5f: 46:6d:52:36:ba:db:e2:ca:f8:02:f3:71:f7:87:33: f2:76:39:52:0d:97:85:2b:17:22:3b:b3:44:96:e8: 34:1f:84:aa:52:14:62:90:d0:1e:12:89:75:b4:0f: 96:e2:4e:83:76:be:36:40:ec:b6:a3:67:a7:0e:98: 3a:c6:db:39:0f:9a:29:09:0e:95:1f:6f:49:4d:d5: c4:94:25:79:e9:3e:cd:ef:ad:69:89:8c:97:9c:cb: 18:be:1b:72:ab:0c:0e:c3:72:85:95:7f:4c:93:79: a6:4b:82:00:4e:cb:99:d9:ef:c5:6c:29:4e:28:a2: 5d:38:33:d5:3b:23:42:2d:3c:67:2c:74:e3:8f:2d: 83:0a:1d:b1:b7:cb:3e:40:fa:c1:e7:b6:ed:32:63: 4f:a1:e4:cf:6c:d2:6a:65:41:12:39:20:ac:9d:4d: b8:d1:24:e4:28:aa:f4:95:b4:6c:75:cf:1d:ba:f8: 78:88:e8:d0:a7:b0:37:3f:8e:b3:f2:81:83:35:5a: 2f:3e:22:f7:24:ce:6e:d4:60:21:50:fc:76:9a:dd: 04:3f:fa:de:33:db:3a:b6:c6:64:1c:aa:cf:2a:89: 82:c7:22:7b:00:cf:50:61:21:02:75:4e:de:9e:61: 1c:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:C0:E6:76:C9:89:29:DB:01:BF:28:77:15:F6:34:E6:80:88:BD:A1 X509v3 Authority Key Identifier: keyid:18:7A:70:4F:48:5E:11:DE:DA:BC:56:26:4E:5D:80:C1:48:7E:08:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GHpwT0heEd7avFYmTl2AwUh-CEI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/698bec-a0f0-42f7-99fa-28516bb7505c/1/GHpwT0heEd7avFYmTl2AwUh-CEI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/698bec-a0f0-42f7-99fa-28516bb7505c/1/GHpwT0heEd7avFYmTl2AwUh-CEI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 70:57:fb:67:b2:ce:4c:31:5d:65:97:52:38:39:a8:95:8b:65: f9:ec:95:80:6d:31:a2:ca:c8:10:97:55:20:21:14:87:bd:46: 48:c6:a6:d0:d8:5b:a5:1a:f0:ed:e4:35:0a:0e:5e:fb:2d:03: 49:17:f1:a8:ef:13:d8:20:c6:ce:94:1a:0e:71:5a:a0:f9:46: 53:50:51:c4:21:4c:b5:20:0e:40:8e:2a:06:b9:bb:f0:02:f8: 9a:1d:92:d7:54:22:0e:9c:6b:d0:67:95:c5:4a:e7:b5:d3:8a: 7d:c0:5a:2f:d9:0c:e6:3d:30:27:63:bb:ad:93:fe:60:d5:fe: df:28:92:f4:16:01:c5:1b:dc:98:8b:b8:52:73:6d:b3:3e:27: 9b:cc:a3:a3:4d:0d:f9:f7:09:38:3d:e5:d8:f0:e8:50:0e:9a: 24:54:e4:fe:0b:77:16:ea:8f:af:ea:ba:80:7c:e9:12:2b:08: ca:ef:22:e8:96:2c:b7:3c:3a:80:4d:60:f9:c6:de:67:00:1a: 9c:26:62:f3:ac:48:ea:6e:94:1a:79:c9:5f:aa:80:bc:9c:20: 78:73:c6:bd:43:3d:07:04:37:27:00:f1:3b:43:54:1b:2d:c8: d6:b6:5e:19:e7:ab:f7:e2:f5:65:41:4c:cc:61:39:39:03:67: 0e:de:6f:ce -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9/mnWL8ZvyDbMz+lF/pQcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE4N2E3MDRmNDg1ZTExZGVkYWJjNTYyNjRlNWQ4MGMxNDg3 ZTA4NDIwHhcNMjUxMjIwMjMwMDQxWhcNMjUxMjIxMjMwMDQxWjAzMTEwLwYDVQQD EyhmNGMwZTY3NmM5ODkyOWRiMDFiZjI4NzcxNWY2MzRlNjgwODhiZGExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7CyOZ4IhXfHd/gjKH19GbVI2utvi yvgC83H3hzPydjlSDZeFKxciO7NElug0H4SqUhRikNAeEol1tA+W4k6Ddr42QOy2 o2enDpg6xts5D5opCQ6VH29JTdXElCV56T7N761piYyXnMsYvhtyqwwOw3KFlX9M k3mmS4IATsuZ2e/FbClOKKJdODPVOyNCLTxnLHTjjy2DCh2xt8s+QPrB57btMmNP oeTPbNJqZUESOSCsnU240STkKKr0lbRsdc8duvh4iOjQp7A3P46z8oGDNVovPiL3 JM5u1GAhUPx2mt0EP/reM9s6tsZkHKrPKomCxyJ7AM9QYSECdU7enmEcOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPTA5nbJiSnbAb8odxX2NOaAiL2hMB8GA1UdIwQY MBaAFBh6cE9IXhHe2rxWJk5dgMFIfghCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR0hwd1QwaGVFZDdhdkZZbVRsMkF3VWgtQ0VJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC82OThiZWMtYTBmMC00MmY3LTk5ZmEt Mjg1MTZiYjc1MDVjLzEvR0hwd1QwaGVFZDdhdkZZbVRsMkF3VWgtQ0VJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZC82OThiZWMtYTBmMC00MmY3LTk5ZmEtMjg1MTZiYjc1MDVj LzEvR0hwd1QwaGVFZDdhdkZZbVRsMkF3VWgtQ0VJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcFf7Z7LO TDFdZZdSODmolYtl+eyVgG0xosrIEJdVICEUh71GSMam0NhbpRrw7eQ1Cg5e+y0D SRfxqO8T2CDGzpQaDnFaoPlGU1BRxCFMtSAOQI4qBrm78AL4mh2S11QiDpxr0GeV xUrntdOKfcBaL9kM5j0wJ2O7rZP+YNX+3yiS9BYBxRvcmIu4UnNtsz4nm8yjo00N +fcJOD3l2PDoUA6aJFTk/gt3FuqPr+q6gHzpEisIyu8i6JYstzw6gE1g+cbeZwAa nCZi86xI6m6UGnnJX6qAvJwgeHPGvUM9BwQ3JwDxO0NUGy3I1rZeGeer9+L1ZUFM zGE5OQNnDt5vzg== -----END CERTIFICATE-----Generated at Sun Dec 21 05:49:08 2025 by rpki-client