This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/bf4793-0c84-422c-9b8e-260de6cbf456/1/1GRmfDSn27AvBTC85ILRGtQkh70.mft File: 1GRmfDSn27AvBTC85ILRGtQkh70.mft (raw, json) Hash identifier: Gw3/26SymknzNq6NCRUFrJfxuESRISY8GtcNyzlMfms= Subject key identifier: 42:84:D0:58:C8:33:C5:B0:23:36:9D:AE:DA:1D:12:B7:0A:D6:A8:FD Authority key identifier: D4:64:66:7C:34:A7:DB:B0:2F:05:30:BC:E4:82:D1:1A:D4:24:87:BD Certificate issuer: /CN=d464667c34a7dbb02f0530bce482d11ad42487bd Certificate serial: 019B3569C27C2D8AAAE848647B53AB185B64 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1GRmfDSn27AvBTC85ILRGtQkh70.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/bf4793-0c84-422c-9b8e-260de6cbf456/1/1GRmfDSn27AvBTC85ILRGtQkh70.mft Manifest number: 0A6F Signing time: Fri 19 Dec 2025 07:01:22 +0000 Manifest this update: Fri 19 Dec 2025 07:01:22 +0000 Manifest next update: Sat 20 Dec 2025 07:01:22 +0000 Files and hashes: 1: 1GRmfDSn27AvBTC85ILRGtQkh70.crl (hash: glT8E7yvszlo0c+/RqnIFfmhlaJ3SpyBmXnBv98F1i4=) 2: ngLzTXL9yL8qZxP4JODs6i0oJzI.roa (hash: D6+JXEaHb1tO3mpKT7yT9VZcfkQ3PmJxwgv/yQik0ys=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/bf4793-0c84-422c-9b8e-260de6cbf456/1/1GRmfDSn27AvBTC85ILRGtQkh70.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/bf4793-0c84-422c-9b8e-260de6cbf456/1/1GRmfDSn27AvBTC85ILRGtQkh70.mft rsync://rpki.ripe.net/repository/DEFAULT/1GRmfDSn27AvBTC85ILRGtQkh70.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:69:c2:7c:2d:8a:aa:e8:48:64:7b:53:ab:18:5b:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d464667c34a7dbb02f0530bce482d11ad42487bd Validity Not Before: Dec 19 07:01:22 2025 GMT Not After : Dec 20 07:01:22 2025 GMT Subject: CN=4284d058c833c5b023369daeda1d12b70ad6a8fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:a1:4f:60:5f:c1:e9:d6:b4:99:8c:e7:d2:aa: 65:13:11:1f:58:46:b7:50:43:99:cd:dd:70:5d:d8: 89:cb:2b:e2:0c:31:57:92:a2:5b:df:df:ea:c8:69: 2f:fc:c8:05:de:31:fb:12:f2:26:e3:d1:a5:42:d5: 13:4d:09:f2:96:00:7d:86:10:b5:f4:66:ac:c2:75: 9c:0e:7c:b3:58:8a:2b:64:2e:72:d7:06:5a:db:7f: 33:a3:a9:12:95:0b:f1:60:d4:ff:27:cc:bb:d1:12: 36:44:9a:77:f3:6e:b6:3e:34:f9:b2:0f:db:c2:ce: 09:64:c1:84:e5:90:89:f2:24:3f:8b:f1:dc:61:ba: a3:6e:b8:02:20:f8:df:42:c6:04:40:3d:78:1f:ae: 7d:b6:d8:5a:dc:11:3e:58:67:fa:c9:90:3d:89:fa: 78:af:c6:e6:93:49:81:b0:3e:97:e5:de:5c:bb:25: eb:bc:c7:fb:9a:f0:08:1a:3c:a8:e7:2e:81:8c:7a: 5f:25:cc:1f:f7:53:24:2f:c2:2e:9d:59:e6:31:f4: 5b:98:76:2e:9c:5c:a0:2c:d8:d8:57:2c:2a:e4:28: 07:2f:b4:ec:ee:dc:69:f9:80:61:1e:40:01:b2:3e: ea:d2:b4:17:94:d9:ab:4e:39:a5:ad:0d:fd:e2:93: ab:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:84:D0:58:C8:33:C5:B0:23:36:9D:AE:DA:1D:12:B7:0A:D6:A8:FD X509v3 Authority Key Identifier: keyid:D4:64:66:7C:34:A7:DB:B0:2F:05:30:BC:E4:82:D1:1A:D4:24:87:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1GRmfDSn27AvBTC85ILRGtQkh70.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/bf4793-0c84-422c-9b8e-260de6cbf456/1/1GRmfDSn27AvBTC85ILRGtQkh70.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/bf4793-0c84-422c-9b8e-260de6cbf456/1/1GRmfDSn27AvBTC85ILRGtQkh70.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:d1:3c:ea:4f:3f:1c:e4:11:c9:f2:14:a0:59:3f:41:7b:d4: b3:e4:e5:97:70:33:c2:f5:0b:35:cb:64:56:e8:b7:74:22:93: 53:11:a6:2d:4c:b8:a3:32:a6:71:4e:07:fa:e7:31:30:87:e7: 7f:80:12:f0:14:81:a3:84:29:8a:a0:13:c7:eb:ed:e0:5d:f0: 2d:7e:21:a7:fb:de:85:99:11:50:4c:b7:31:86:1b:d9:2c:9f: 73:7d:26:86:8a:ab:1b:37:80:77:64:bd:70:de:19:a4:41:7c: 1e:e5:1f:57:4d:85:75:58:d6:b2:32:74:0d:ec:08:50:e8:b3: 64:56:ad:f0:62:dc:ac:c4:51:48:ba:5a:0d:7f:4e:98:1e:91: 6f:5e:2b:b3:b2:03:71:83:42:67:10:49:55:83:ab:25:09:86: 1f:1a:3c:d4:7b:1c:72:79:d9:3e:62:22:2f:33:6b:09:6c:f2: 20:60:e8:92:1a:29:46:b6:f9:a2:0b:36:1b:7a:61:b8:7c:47: 6c:c6:b1:51:7e:d7:8d:cf:e7:81:da:98:62:6d:c0:f4:51:19: 9b:73:69:f3:0f:fb:ab:19:77:b7:3f:4c:75:f2:09:53:ae:66: c1:5d:d8:ba:74:94:0a:dd:c6:e0:3f:f8:2f:ab:df:25:f1:c8: 65:17:dd:e7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs1acJ8LYqq6Ehke1OrGFtkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0NjQ2NjdjMzRhN2RiYjAyZjA1MzBiY2U0ODJkMTFhZDQy NDg3YmQwHhcNMjUxMjE5MDcwMTIyWhcNMjUxMjIwMDcwMTIyWjAzMTEwLwYDVQQD Eyg0Mjg0ZDA1OGM4MzNjNWIwMjMzNjlkYWVkYTFkMTJiNzBhZDZhOGZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraFPYF/B6da0mYzn0qplExEfWEa3 UEOZzd1wXdiJyyviDDFXkqJb39/qyGkv/MgF3jH7EvIm49GlQtUTTQnylgB9hhC1 9GaswnWcDnyzWIorZC5y1wZa238zo6kSlQvxYNT/J8y70RI2RJp38262PjT5sg/b ws4JZMGE5ZCJ8iQ/i/HcYbqjbrgCIPjfQsYEQD14H659ttha3BE+WGf6yZA9ifp4 r8bmk0mBsD6X5d5cuyXrvMf7mvAIGjyo5y6BjHpfJcwf91MkL8IunVnmMfRbmHYu nFygLNjYVywq5CgHL7Ts7txp+YBhHkABsj7q0rQXlNmrTjmlrQ394pOrgQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEKE0FjIM8WwIzadrtodErcK1qj9MB8GA1UdIwQY MBaAFNRkZnw0p9uwLwUwvOSC0RrUJIe9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUdSbWZEU24yN0F2QlRDODVJTFJHdFFraDcwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iZjQ3OTMtMGM4NC00MjJjLTliOGUt MjYwZGU2Y2JmNDU2LzEvMUdSbWZEU24yN0F2QlRDODVJTFJHdFFraDcwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi9iZjQ3OTMtMGM4NC00MjJjLTliOGUtMjYwZGU2Y2JmNDU2 LzEvMUdSbWZEU24yN0F2QlRDODVJTFJHdFFraDcwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiNE86k8/ HOQRyfIUoFk/QXvUs+Tll3AzwvULNctkVui3dCKTUxGmLUy4ozKmcU4H+ucxMIfn f4AS8BSBo4QpiqATx+vt4F3wLX4hp/vehZkRUEy3MYYb2Syfc30mhoqrGzeAd2S9 cN4ZpEF8HuUfV02FdVjWsjJ0DewIUOizZFat8GLcrMRRSLpaDX9OmB6Rb14rs7ID cYNCZxBJVYOrJQmGHxo81HsccnnZPmIiLzNrCWzyIGDokhopRrb5ogs2G3phuHxH bMaxUX7Xjc/ngdqYYm3A9FEZm3Np8w/7qxl3tz9MdfIJU65mwV3YunSUCt3G4D/4 L6vfJfHIZRfd5w== -----END CERTIFICATE-----Generated at Fri Dec 19 11:26:43 2025 by rpki-client