This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft File: G7Qd9-pn1O3-D60S99XOzYPhjZo.mft (raw, json) Hash identifier: MIt0XN1pdP2zLdyKI4VrVFVPjirFjsSXHXUrA2/rFPo= Subject key identifier: 6B:8D:98:A8:D4:74:CA:34:EE:45:21:D7:A0:D4:C5:9E:81:73:B8:1F Authority key identifier: 1B:B4:1D:F7:EA:67:D4:ED:FE:0F:AD:12:F7:D5:CE:CD:83:E1:8D:9A Certificate issuer: /CN=1bb41df7ea67d4edfe0fad12f7d5cecd83e18d9a Certificate serial: 019B330D1B53444C28DE1FA5918306623C01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft Manifest number: 0560 Signing time: Thu 18 Dec 2025 20:00:55 +0000 Manifest this update: Thu 18 Dec 2025 20:00:55 +0000 Manifest next update: Fri 19 Dec 2025 20:00:55 +0000 Files and hashes: 1: G7Qd9-pn1O3-D60S99XOzYPhjZo.crl (hash: ELLayxNBdmAR0dN4L9GWvb6xPeox1MKJACJ83JdtsV0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.crl rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 20:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:0d:1b:53:44:4c:28:de:1f:a5:91:83:06:62:3c:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1bb41df7ea67d4edfe0fad12f7d5cecd83e18d9a Validity Not Before: Dec 18 20:00:55 2025 GMT Not After : Dec 19 20:00:55 2025 GMT Subject: CN=6b8d98a8d474ca34ee4521d7a0d4c59e8173b81f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:85:ad:59:cb:31:63:4c:57:cb:ef:c3:4d:53:36: 9b:51:66:1e:f0:01:b8:30:45:cf:3f:f8:36:ed:1c: f3:51:c2:d8:c4:2b:e1:ce:18:14:3f:9d:57:ec:fd: 17:cb:d1:33:f3:86:4c:6e:99:d7:9c:93:00:7c:62: c8:a8:e1:7f:eb:3f:3b:28:7d:ec:b7:95:38:a0:14: b6:1e:23:a2:67:00:13:3b:86:71:1a:e2:58:99:6b: a4:f4:d9:a0:73:5a:2a:8b:ae:42:fa:38:eb:71:18: 2f:b7:bc:95:71:83:de:a1:5e:79:46:1a:af:a9:de: 94:3e:5c:2a:3e:f3:9a:51:ec:b2:12:23:d0:7b:18: f5:58:48:09:20:b3:72:e0:d1:f2:41:5a:d0:14:c4: b2:ce:cc:c4:58:c9:86:82:73:75:37:7e:cd:2b:d5: 0e:ab:78:ce:cb:78:60:41:3a:1e:05:56:1c:e7:67: 07:e5:c7:73:66:c3:b4:e3:31:5f:12:85:5f:e9:04: 4f:47:31:9c:2b:e8:63:8c:04:2f:ce:3b:f2:16:8d: 8d:b1:fd:6c:75:0b:b1:62:d1:95:1a:a2:67:32:e5: 26:9d:46:d2:75:be:f9:97:e1:0d:fd:4d:f9:e5:a6: 2b:b2:25:0d:96:8d:09:b7:a0:76:43:aa:df:0e:9a: 42:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:8D:98:A8:D4:74:CA:34:EE:45:21:D7:A0:D4:C5:9E:81:73:B8:1F X509v3 Authority Key Identifier: keyid:1B:B4:1D:F7:EA:67:D4:ED:FE:0F:AD:12:F7:D5:CE:CD:83:E1:8D:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:f8:3d:6d:2a:ee:6f:c8:b6:82:94:3a:50:70:05:58:ba:9e: 8f:f7:3d:c5:44:21:53:28:3d:7a:ba:1e:e6:07:92:df:d1:70: c9:4f:94:ac:82:e4:28:b2:06:8c:b0:7f:f8:2d:8b:6e:41:7e: ef:c2:69:8a:14:a9:4f:36:d6:01:63:9a:4b:f9:fe:30:e7:24: 8a:1a:28:af:05:3d:6e:23:13:a7:47:fd:86:16:82:2d:93:e8: ca:1a:93:9a:1d:20:ff:e2:30:c5:d7:d7:64:be:5e:45:c8:0f: d8:0d:7b:86:8e:8f:41:0e:08:07:9d:78:01:83:52:e4:b4:1d: c9:7e:9d:2b:98:2f:9f:46:65:ea:fc:e3:f3:9c:77:03:8d:27: 6a:aa:d6:9c:54:2f:62:1b:d2:12:95:f1:fc:d1:26:b2:35:5f: fe:f0:86:36:06:94:64:69:e2:fa:d4:63:78:2a:a5:09:e5:ae: 21:f5:54:0e:62:13:b1:11:08:64:94:d7:1d:36:7e:90:6b:98: 00:61:f7:d3:b4:b3:c7:9d:4c:bd:61:b5:c4:67:60:3f:3d:51: 46:9c:7e:ff:07:85:93:df:26:e0:62:4a:e4:e9:7c:6c:90:80: d8:77:8e:a1:63:50:de:28:b1:5d:6f:35:83:e1:cf:04:31:b7: 08:7e:59:0e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszDRtTREwo3h+lkYMGYjwBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiYjQxZGY3ZWE2N2Q0ZWRmZTBmYWQxMmY3ZDVjZWNkODNl MThkOWEwHhcNMjUxMjE4MjAwMDU1WhcNMjUxMjE5MjAwMDU1WjAzMTEwLwYDVQQD Eyg2YjhkOThhOGQ0NzRjYTM0ZWU0NTIxZDdhMGQ0YzU5ZTgxNzNiODFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAha1ZyzFjTFfL78NNUzabUWYe8AG4 MEXPP/g27RzzUcLYxCvhzhgUP51X7P0Xy9Ez84ZMbpnXnJMAfGLIqOF/6z87KH3s t5U4oBS2HiOiZwATO4ZxGuJYmWuk9Nmgc1oqi65C+jjrcRgvt7yVcYPeoV55Rhqv qd6UPlwqPvOaUeyyEiPQexj1WEgJILNy4NHyQVrQFMSyzszEWMmGgnN1N37NK9UO q3jOy3hgQToeBVYc52cH5cdzZsO04zFfEoVf6QRPRzGcK+hjjAQvzjvyFo2Nsf1s dQuxYtGVGqJnMuUmnUbSdb75l+EN/U355aYrsiUNlo0Jt6B2Q6rfDppC0wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGuNmKjUdMo07kUh16DUxZ6Bc7gfMB8GA1UdIwQY MBaAFBu0HffqZ9Tt/g+tEvfVzs2D4Y2aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80NTkzOTYtZGU5MC00Y2M4LWE1NDIt M2U2ZTdjZGVmNzNlLzEvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYy80NTkzOTYtZGU5MC00Y2M4LWE1NDItM2U2ZTdjZGVmNzNl LzEvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALvg9bSru b8i2gpQ6UHAFWLqej/c9xUQhUyg9eroe5geS39FwyU+UrILkKLIGjLB/+C2LbkF+ 78JpihSpTzbWAWOaS/n+MOckihoorwU9biMTp0f9hhaCLZPoyhqTmh0g/+IwxdfX ZL5eRcgP2A17ho6PQQ4IB514AYNS5LQdyX6dK5gvn0Zl6vzj85x3A40naqrWnFQv YhvSEpXx/NEmsjVf/vCGNgaUZGni+tRjeCqlCeWuIfVUDmITsREIZJTXHTZ+kGuY AGH307Szx51MvWG1xGdgPz1RRpx+/weFk98m4GJK5Ol8bJCA2HeOoWNQ3iixXW81 g+HPBDG3CH5ZDg== -----END CERTIFICATE-----Generated at Fri Dec 19 04:53:19 2025 by rpki-client