This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft File: gEH-6hI_ywfocqjLS92at7jaL88.mft (raw, json) Hash identifier: qvb/BVP25hm0aczdLW12E+9eQbqnCx9h21sD/T+90NU= Subject key identifier: 1E:60:AD:A2:28:EB:2C:B4:55:06:1C:2D:52:9C:71:EF:1A:DB:A0:F3 Authority key identifier: 80:41:FE:EA:12:3F:CB:07:E8:72:A8:CB:4B:DD:9A:B7:B8:DA:2F:CF Certificate issuer: /CN=8041feea123fcb07e872a8cb4bdd9ab7b8da2fcf Certificate serial: 019B48B91DD05E1B2C5F0A183D92E817DFBE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gEH-6hI_ywfocqjLS92at7jaL88.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft Manifest number: 0BA5 Signing time: Tue 23 Dec 2025 01:00:49 +0000 Manifest this update: Tue 23 Dec 2025 01:00:49 +0000 Manifest next update: Wed 24 Dec 2025 01:00:49 +0000 Files and hashes: 1: 5QlNV7-3Q34zZfQ5XbNLc8wKA40.roa (hash: T1GmpANOUDoxZLUDnHoNMN2ENMK9C/xESzMwTNL0s2Y=) 2: gEH-6hI_ywfocqjLS92at7jaL88.crl (hash: RWIU3jHmp1eQLWPgEB8U6W3AagbkfpAgyJ3+eF5BsZ4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.crl rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft rsync://rpki.ripe.net/repository/DEFAULT/gEH-6hI_ywfocqjLS92at7jaL88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 23:03:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:b9:1d:d0:5e:1b:2c:5f:0a:18:3d:92:e8:17:df:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8041feea123fcb07e872a8cb4bdd9ab7b8da2fcf Validity Not Before: Dec 23 01:00:49 2025 GMT Not After : Dec 24 01:00:49 2025 GMT Subject: CN=1e60ada228eb2cb455061c2d529c71ef1adba0f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:d3:44:e3:f8:cf:be:52:5d:8e:2e:5c:ac:27: d3:ac:f3:15:69:1a:e7:3c:c9:53:64:f9:cb:2e:8b: ff:5a:f6:1b:78:39:17:b1:5b:b2:e9:33:d5:7a:47: 20:30:c4:55:f1:17:b2:20:0c:45:43:a4:47:2f:9a: bb:6d:78:f7:4e:83:aa:00:73:4a:90:df:be:a2:a3: 93:41:f5:7d:2a:53:72:bd:f2:05:66:2c:d1:ec:bd: f8:47:37:64:f3:3e:1d:69:20:fb:4b:03:eb:fd:7a: e3:af:07:c0:65:5e:f0:0d:f1:2c:b6:c0:e7:e1:de: 24:11:18:16:4a:df:fc:60:50:4f:83:10:62:25:89: 51:52:8f:09:98:54:77:86:cd:74:ed:e0:f0:f3:84: cd:3c:07:71:e5:b5:49:26:52:7d:a9:fc:2a:bc:cf: b6:73:d3:3d:2e:7b:c3:ca:d8:fb:1f:47:56:c9:b3: 88:d6:62:23:8d:ca:3e:5f:e5:2e:db:2f:f7:fc:34: c1:2d:df:e0:62:7c:44:e3:1c:61:bf:61:f6:22:07: 7a:16:8a:99:25:f3:e9:cc:89:31:71:cd:1e:c2:67: e2:b7:33:85:32:04:d3:de:6f:ec:74:fd:f1:64:0a: e6:5e:1f:8b:a4:5c:91:55:5f:d2:20:ab:2e:84:37: 0d:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:60:AD:A2:28:EB:2C:B4:55:06:1C:2D:52:9C:71:EF:1A:DB:A0:F3 X509v3 Authority Key Identifier: keyid:80:41:FE:EA:12:3F:CB:07:E8:72:A8:CB:4B:DD:9A:B7:B8:DA:2F:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gEH-6hI_ywfocqjLS92at7jaL88.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:e9:6e:e0:e8:cd:bf:85:39:78:73:8c:cf:f6:06:98:c3:10: e5:2e:c4:08:60:3f:14:03:f5:61:0e:7f:32:e8:35:b6:17:7f: d8:d9:f7:b5:47:d6:0f:e7:77:2d:c8:a8:63:01:11:73:e1:f0: d5:39:1f:3b:30:4b:2c:e2:3f:37:32:8c:93:f2:57:c8:55:40: 87:2d:6c:ed:5e:8f:cd:9b:83:27:24:5d:2b:20:cb:2b:8b:2e: f2:f8:66:f1:5c:0f:05:03:d1:5c:72:24:6d:bf:32:a5:e4:a1: 6d:98:d5:fe:11:8e:a8:48:de:bb:88:5e:74:79:e1:19:d7:da: ee:8d:15:92:4d:28:e3:19:05:66:a2:b3:bb:4f:c2:d7:28:e9: 48:2f:d2:33:ec:67:e0:ea:94:3b:90:5d:44:76:41:5f:d4:a8: 06:e3:43:ec:0f:9b:93:da:c6:7c:f5:a4:75:a6:9f:b7:a2:8c: 04:a2:5f:a7:a3:ca:4d:15:fa:84:bf:8b:88:97:44:42:1e:cf: 72:f2:42:52:9b:9c:ec:bd:32:d0:c8:4e:b5:2e:8b:e7:48:97: 3e:39:e0:40:8b:0a:83:e1:df:75:25:67:da:35:b3:57:e7:25: ba:43:a9:22:da:30:d1:40:10:30:19:ff:f8:7e:ab:6f:f3:45: e8:37:e1:ba -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIuR3QXhssXwoYPZLoF9++MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgwNDFmZWVhMTIzZmNiMDdlODcyYThjYjRiZGQ5YWI3Yjhk YTJmY2YwHhcNMjUxMjIzMDEwMDQ5WhcNMjUxMjI0MDEwMDQ5WjAzMTEwLwYDVQQD EygxZTYwYWRhMjI4ZWIyY2I0NTUwNjFjMmQ1MjljNzFlZjFhZGJhMGYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNNE4/jPvlJdji5crCfTrPMVaRrn PMlTZPnLLov/WvYbeDkXsVuy6TPVekcgMMRV8ReyIAxFQ6RHL5q7bXj3ToOqAHNK kN++oqOTQfV9KlNyvfIFZizR7L34Rzdk8z4daSD7SwPr/XrjrwfAZV7wDfEstsDn 4d4kERgWSt/8YFBPgxBiJYlRUo8JmFR3hs107eDw84TNPAdx5bVJJlJ9qfwqvM+2 c9M9LnvDytj7H0dWybOI1mIjjco+X+Uu2y/3/DTBLd/gYnxE4xxhv2H2Igd6FoqZ JfPpzIkxcc0ewmfitzOFMgTT3m/sdP3xZArmXh+LpFyRVV/SIKsuhDcNKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB5graIo6yy0VQYcLVKcce8a26DzMB8GA1UdIwQY MBaAFIBB/uoSP8sH6HKoy0vdmre42i/PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ0VILTZoSV95d2ZvY3FqTFM5MmF0N2phTDg4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9kMzE3Y2EtMzk2MS00ZmUwLWJkZTgt ZjdjNTAxNDE4ZTU2LzEvZ0VILTZoSV95d2ZvY3FqTFM5MmF0N2phTDg4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZi9kMzE3Y2EtMzk2MS00ZmUwLWJkZTgtZjdjNTAxNDE4ZTU2 LzEvZ0VILTZoSV95d2ZvY3FqTFM5MmF0N2phTDg4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWelu4OjN v4U5eHOMz/YGmMMQ5S7ECGA/FAP1YQ5/Mug1thd/2Nn3tUfWD+d3LcioYwERc+Hw 1TkfOzBLLOI/NzKMk/JXyFVAhy1s7V6PzZuDJyRdKyDLK4su8vhm8VwPBQPRXHIk bb8ypeShbZjV/hGOqEjeu4hedHnhGdfa7o0Vkk0o4xkFZqKzu0/C1yjpSC/SM+xn 4OqUO5BdRHZBX9SoBuND7A+bk9rGfPWkdaaft6KMBKJfp6PKTRX6hL+LiJdEQh7P cvJCUpuc7L0y0MhOtS6L50iXPjngQIsKg+HfdSVn2jWzV+clukOpItow0UAQMBn/ +H6rb/NF6Dfhug== -----END CERTIFICATE-----Generated at Tue Dec 23 06:05:14 2025 by rpki-client