This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/b7b3f5-5c0a-49f8-90db-c9670b2da320/1/GpvZxsEozNlD9_dyKSLGb2a07dU.mft File: GpvZxsEozNlD9_dyKSLGb2a07dU.mft (raw, json) Hash identifier: gTmou6/t9HyewTaKYby+lJrTSWwHjxFzmn+Yoq4mWLs= Subject key identifier: 5B:2A:34:BA:0E:E5:62:6D:13:CE:3D:4C:93:F9:36:40:04:16:BA:33 Authority key identifier: 1A:9B:D9:C6:C1:28:CC:D9:43:F7:F7:72:29:22:C6:6F:66:B4:ED:D5 Certificate issuer: /CN=1a9bd9c6c128ccd943f7f7722922c66f66b4edd5 Certificate serial: 019B5A1AB9FA6BC042C876F0987744F5927F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GpvZxsEozNlD9_dyKSLGb2a07dU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/b7b3f5-5c0a-49f8-90db-c9670b2da320/1/GpvZxsEozNlD9_dyKSLGb2a07dU.mft Manifest number: 2B Signing time: Fri 26 Dec 2025 10:00:59 +0000 Manifest this update: Fri 26 Dec 2025 10:00:59 +0000 Manifest next update: Sat 27 Dec 2025 10:00:59 +0000 Files and hashes: 1: GpvZxsEozNlD9_dyKSLGb2a07dU.crl (hash: j1aYUX6WOZNDwo+MV2kYxoqfyvwqULY1TryMpbAXznI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/b7b3f5-5c0a-49f8-90db-c9670b2da320/1/GpvZxsEozNlD9_dyKSLGb2a07dU.crl rsync://rpki.ripe.net/repository/DEFAULT/18/b7b3f5-5c0a-49f8-90db-c9670b2da320/1/GpvZxsEozNlD9_dyKSLGb2a07dU.mft rsync://rpki.ripe.net/repository/DEFAULT/GpvZxsEozNlD9_dyKSLGb2a07dU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:1a:b9:fa:6b:c0:42:c8:76:f0:98:77:44:f5:92:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1a9bd9c6c128ccd943f7f7722922c66f66b4edd5 Validity Not Before: Dec 26 10:00:59 2025 GMT Not After : Dec 27 10:00:59 2025 GMT Subject: CN=5b2a34ba0ee5626d13ce3d4c93f936400416ba33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:e3:82:3e:a8:d8:64:21:cd:67:4b:3c:48:e2: 91:a9:11:a1:5d:1e:e8:72:be:cc:12:09:53:2c:7a: f2:a4:21:b1:77:69:29:f1:18:0c:74:92:c2:f4:d4: a4:ba:3b:59:8e:3c:81:50:92:4e:58:1f:8b:95:91: 96:b9:14:80:c4:ec:bf:46:83:68:86:1e:d5:78:67: 16:b9:42:48:a5:17:b5:fd:4d:e3:1c:cd:dd:c6:23: 42:a4:bd:5f:99:a0:27:70:56:70:be:28:8f:a8:3f: 36:e3:a8:7b:45:5b:dd:94:88:47:34:b3:fd:5f:bf: de:79:cb:1b:49:2e:ed:1c:cf:02:aa:0b:e4:e3:75: 3c:02:75:b2:d0:58:44:ea:2c:81:1b:bd:ea:e0:0b: 94:d5:00:c2:a5:8b:cd:f5:b7:37:b3:61:eb:fd:fa: 2e:a6:d9:0f:83:f6:e8:5b:8e:24:c4:b7:32:63:0a: c8:bc:f7:24:64:1e:b4:b0:db:bb:bb:cc:6c:f0:b8: 6d:c5:32:5a:77:6e:79:14:65:28:b4:f2:82:9c:29: 9f:6f:fd:3c:1f:30:02:9e:4b:90:8c:f2:ee:86:01: 4d:cf:f9:53:90:28:02:e1:16:9f:e8:52:72:68:7b: 5f:c6:64:1a:72:72:4d:06:b4:cb:73:b9:60:b9:90: 76:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:2A:34:BA:0E:E5:62:6D:13:CE:3D:4C:93:F9:36:40:04:16:BA:33 X509v3 Authority Key Identifier: keyid:1A:9B:D9:C6:C1:28:CC:D9:43:F7:F7:72:29:22:C6:6F:66:B4:ED:D5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GpvZxsEozNlD9_dyKSLGb2a07dU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/b7b3f5-5c0a-49f8-90db-c9670b2da320/1/GpvZxsEozNlD9_dyKSLGb2a07dU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/18/b7b3f5-5c0a-49f8-90db-c9670b2da320/1/GpvZxsEozNlD9_dyKSLGb2a07dU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 48:94:a2:2c:82:01:e9:9d:e7:ff:6b:b5:b2:f3:9c:52:aa:15: 2a:c4:cd:ff:2c:25:80:d6:09:6b:8b:d5:fa:c6:a6:0e:30:07: 9c:47:86:dd:b8:00:09:01:45:4c:3f:40:2a:c7:40:71:32:38: 6f:ba:05:ba:9a:33:fe:63:ac:3b:54:36:6c:a7:83:ba:f0:0b: 18:dd:4c:51:f5:cf:3b:7b:dd:7a:23:b3:10:f7:b4:7b:35:31: cc:a7:9d:9f:9c:91:7a:ce:3b:9f:f3:2c:d1:24:8e:bf:75:52: 0f:ee:78:65:ac:26:13:78:22:25:ce:b5:e9:be:03:f3:0b:12: 6c:35:99:ff:12:2e:98:f8:2c:48:b7:72:17:c8:d7:f5:95:0f: 29:dc:1c:c9:7e:00:49:24:0d:83:2a:95:fe:c6:cd:f1:aa:31: ca:9a:07:d5:12:8e:61:e1:08:7e:00:33:41:f2:3e:5c:84:54: 47:8d:93:93:62:cf:03:cc:91:3e:3d:2d:d5:91:74:2f:36:b2: d9:57:f0:58:ef:f3:3e:5a:11:63:9c:a2:b6:a1:38:4f:70:2a: d8:65:1b:14:6d:1a:c1:04:db:2b:49:e3:d5:bb:94:87:4d:f0: 8a:2b:f9:aa:bf:bd:55:b2:7f:68:fe:ef:dc:12:53:5f:71:c6: d5:c8:cb:92 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaGrn6a8BCyHbwmHdE9ZJ/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFhOWJkOWM2YzEyOGNjZDk0M2Y3Zjc3MjI5MjJjNjZmNjZi NGVkZDUwHhcNMjUxMjI2MTAwMDU5WhcNMjUxMjI3MTAwMDU5WjAzMTEwLwYDVQQD Eyg1YjJhMzRiYTBlZTU2MjZkMTNjZTNkNGM5M2Y5MzY0MDA0MTZiYTMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquOCPqjYZCHNZ0s8SOKRqRGhXR7o cr7MEglTLHrypCGxd2kp8RgMdJLC9NSkujtZjjyBUJJOWB+LlZGWuRSAxOy/RoNo hh7VeGcWuUJIpRe1/U3jHM3dxiNCpL1fmaAncFZwviiPqD8246h7RVvdlIhHNLP9 X7/eecsbSS7tHM8Cqgvk43U8AnWy0FhE6iyBG73q4AuU1QDCpYvN9bc3s2Hr/fou ptkPg/boW44kxLcyYwrIvPckZB60sNu7u8xs8LhtxTJad255FGUotPKCnCmfb/08 HzACnkuQjPLuhgFNz/lTkCgC4Raf6FJyaHtfxmQacnJNBrTLc7lguZB2NQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFsqNLoO5WJtE849TJP5NkAEFrozMB8GA1UdIwQY MBaAFBqb2cbBKMzZQ/f3cikixm9mtO3VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR3B2WnhzRW96TmxEOV9keUtTTEdiMmEwN2RVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iN2IzZjUtNWMwYS00OWY4LTkwZGIt Yzk2NzBiMmRhMzIwLzEvR3B2WnhzRW96TmxEOV9keUtTTEdiMmEwN2RVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOC9iN2IzZjUtNWMwYS00OWY4LTkwZGItYzk2NzBiMmRhMzIw LzEvR3B2WnhzRW96TmxEOV9keUtTTEdiMmEwN2RVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASJSiLIIB 6Z3n/2u1svOcUqoVKsTN/ywlgNYJa4vV+samDjAHnEeG3bgACQFFTD9AKsdAcTI4 b7oFupoz/mOsO1Q2bKeDuvALGN1MUfXPO3vdeiOzEPe0ezUxzKedn5yRes47n/Ms 0SSOv3VSD+54ZawmE3giJc616b4D8wsSbDWZ/xIumPgsSLdyF8jX9ZUPKdwcyX4A SSQNgyqV/sbN8aoxypoH1RKOYeEIfgAzQfI+XIRUR42Tk2LPA8yRPj0t1ZF0Lzay 2VfwWO/zPloRY5yitqE4T3Aq2GUbFG0awQTbK0nj1buUh03wiiv5qr+9VbJ/aP7v 3BJTX3HG1cjLkg== -----END CERTIFICATE-----Generated at Fri Dec 26 15:43:18 2025 by rpki-client