This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f961af-e8dd-4f64-9547-7363373155be/1/gnSkfvUV7gcuLOK8w74KNN1zQfs.mft File: gnSkfvUV7gcuLOK8w74KNN1zQfs.mft (raw, json) Hash identifier: TKnZYLWFuSFOMj5zcA4V7Xi0ixW8Xt0QauoW0H4frhA= Subject key identifier: 99:53:89:E1:D2:E1:AF:63:A5:C8:66:F3:CF:66:30:D7:46:EE:F9:53 Authority key identifier: 82:74:A4:7E:F5:15:EE:07:2E:2C:E2:BC:C3:BE:0A:34:DD:73:41:FB Certificate issuer: /CN=8274a47ef515ee072e2ce2bcc3be0a34dd7341fb Certificate serial: 019B5ABF7B3F49799F29616426AE8FB9C292 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnSkfvUV7gcuLOK8w74KNN1zQfs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f961af-e8dd-4f64-9547-7363373155be/1/gnSkfvUV7gcuLOK8w74KNN1zQfs.mft Manifest number: E7 Signing time: Fri 26 Dec 2025 13:00:56 +0000 Manifest this update: Fri 26 Dec 2025 13:00:56 +0000 Manifest next update: Sat 27 Dec 2025 13:00:56 +0000 Files and hashes: 1: gnSkfvUV7gcuLOK8w74KNN1zQfs.crl (hash: 7imdzcZ0gcr6w9ce8TrPPcMq45HUtmcsTz1X931ubOQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/f961af-e8dd-4f64-9547-7363373155be/1/gnSkfvUV7gcuLOK8w74KNN1zQfs.crl rsync://rpki.ripe.net/repository/DEFAULT/22/f961af-e8dd-4f64-9547-7363373155be/1/gnSkfvUV7gcuLOK8w74KNN1zQfs.mft rsync://rpki.ripe.net/repository/DEFAULT/gnSkfvUV7gcuLOK8w74KNN1zQfs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:bf:7b:3f:49:79:9f:29:61:64:26:ae:8f:b9:c2:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8274a47ef515ee072e2ce2bcc3be0a34dd7341fb Validity Not Before: Dec 26 13:00:56 2025 GMT Not After : Dec 27 13:00:56 2025 GMT Subject: CN=995389e1d2e1af63a5c866f3cf6630d746eef953 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:f4:22:6e:dd:4d:a6:03:47:44:5e:e3:35:93: 0a:e8:d8:47:16:d4:30:25:1d:57:f3:f8:f1:d1:9b: d6:dc:ae:2d:75:9b:0a:41:88:ec:75:bf:79:be:a6: 98:9f:d7:d8:c7:dd:f2:2b:82:13:91:ad:04:08:b7: 32:90:64:cd:09:11:4b:af:19:a9:9d:85:29:5a:0e: ab:89:08:94:cc:26:43:2b:e7:27:da:23:76:c9:65: 91:9a:59:28:19:97:45:60:30:6c:c9:4d:8b:69:37: e9:50:e1:43:d6:f1:8f:22:85:55:4b:71:91:3a:cb: e8:e2:9d:9f:45:d3:cc:41:7a:ea:20:65:c2:9e:1b: 6f:a3:89:7d:7f:f1:92:d4:fb:33:ed:8c:ef:40:08: 60:45:9f:c6:e2:92:5e:d6:62:b5:a7:74:76:94:a0: e7:97:1c:b6:88:ed:5d:c4:fc:bd:87:54:1c:7a:9c: 27:5a:80:ec:4c:f1:05:27:ee:c5:4b:d6:78:be:67: 93:25:f4:f4:9d:60:8c:81:25:55:7f:36:80:58:f3: cc:a8:7e:63:79:a0:4b:23:34:b6:2e:2d:38:87:cf: ab:8e:75:b8:35:d3:74:f5:c5:da:15:82:42:2d:94: b7:4d:ae:ab:b8:e8:2f:f8:69:9f:4d:ba:27:1d:c8: 5c:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:53:89:E1:D2:E1:AF:63:A5:C8:66:F3:CF:66:30:D7:46:EE:F9:53 X509v3 Authority Key Identifier: keyid:82:74:A4:7E:F5:15:EE:07:2E:2C:E2:BC:C3:BE:0A:34:DD:73:41:FB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnSkfvUV7gcuLOK8w74KNN1zQfs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f961af-e8dd-4f64-9547-7363373155be/1/gnSkfvUV7gcuLOK8w74KNN1zQfs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f961af-e8dd-4f64-9547-7363373155be/1/gnSkfvUV7gcuLOK8w74KNN1zQfs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption cd:69:9b:9b:b6:96:ae:46:5d:a2:d8:48:29:34:68:ab:08:17: 93:2d:05:8a:18:61:71:89:05:3f:04:48:65:a8:ab:e2:61:8d: 59:3c:15:10:51:bb:c1:9a:ec:e2:52:d5:a9:b9:3d:b6:75:82: 9f:cd:d3:66:37:85:2f:96:ca:80:46:ac:b4:e6:e4:91:71:19: b6:75:d9:87:f6:2e:0e:6f:c3:02:36:a4:6f:5e:22:35:2c:d9: bc:7b:ea:01:16:99:12:c4:be:a0:dd:a9:47:4d:9a:af:f7:18: 9d:bc:cc:94:9e:d3:94:f4:2a:d3:57:31:2d:17:f9:e5:96:4a: ee:09:ab:db:21:e8:e3:c1:f9:77:72:5d:39:81:d2:a3:8e:bd: fc:21:fa:83:ae:bc:92:d9:7b:3b:25:c6:78:74:89:0c:0d:3f: 6e:22:8c:5a:71:a6:a6:ea:a3:50:7b:21:ed:45:ad:36:c5:b8: 1b:87:8d:2b:97:06:dd:23:c8:54:66:3b:32:51:1f:3f:9f:bc: 5e:31:ca:79:79:47:e9:98:14:b0:0e:81:5b:bb:23:66:cf:9a: a9:87:2c:8d:41:72:1e:65:b8:da:98:86:9a:f4:26:08:38:71: 82:31:bf:f5:66:b0:6b:7e:dd:bd:f8:05:5b:87:4e:cd:00:8d: be:82:b9:39 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtav3s/SXmfKWFkJq6PucKSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgyNzRhNDdlZjUxNWVlMDcyZTJjZTJiY2MzYmUwYTM0ZGQ3 MzQxZmIwHhcNMjUxMjI2MTMwMDU2WhcNMjUxMjI3MTMwMDU2WjAzMTEwLwYDVQQD Eyg5OTUzODllMWQyZTFhZjYzYTVjODY2ZjNjZjY2MzBkNzQ2ZWVmOTUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPQibt1NpgNHRF7jNZMK6NhHFtQw JR1X8/jx0ZvW3K4tdZsKQYjsdb95vqaYn9fYx93yK4ITka0ECLcykGTNCRFLrxmp nYUpWg6riQiUzCZDK+cn2iN2yWWRmlkoGZdFYDBsyU2LaTfpUOFD1vGPIoVVS3GR Osvo4p2fRdPMQXrqIGXCnhtvo4l9f/GS1Psz7YzvQAhgRZ/G4pJe1mK1p3R2lKDn lxy2iO1dxPy9h1QcepwnWoDsTPEFJ+7FS9Z4vmeTJfT0nWCMgSVVfzaAWPPMqH5j eaBLIzS2Li04h8+rjnW4NdN09cXaFYJCLZS3Ta6ruOgv+GmfTbonHchcUQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJlTieHS4a9jpchm889mMNdG7vlTMB8GA1UdIwQY MBaAFIJ0pH71Fe4HLizivMO+CjTdc0H7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ25Ta2Z2VVY3Z2N1TE9LOHc3NEtOTjF6UWZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mOTYxYWYtZThkZC00ZjY0LTk1NDct NzM2MzM3MzE1NWJlLzEvZ25Ta2Z2VVY3Z2N1TE9LOHc3NEtOTjF6UWZzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi9mOTYxYWYtZThkZC00ZjY0LTk1NDctNzM2MzM3MzE1NWJl LzEvZ25Ta2Z2VVY3Z2N1TE9LOHc3NEtOTjF6UWZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzWmbm7aW rkZdothIKTRoqwgXky0FihhhcYkFPwRIZair4mGNWTwVEFG7wZrs4lLVqbk9tnWC n83TZjeFL5bKgEastObkkXEZtnXZh/YuDm/DAjakb14iNSzZvHvqARaZEsS+oN2p R02ar/cYnbzMlJ7TlPQq01cxLRf55ZZK7gmr2yHo48H5d3JdOYHSo469/CH6g668 ktl7OyXGeHSJDA0/biKMWnGmpuqjUHsh7UWtNsW4G4eNK5cG3SPIVGY7MlEfP5+8 XjHKeXlH6ZgUsA6BW7sjZs+aqYcsjUFyHmW42piGmvQmCDhxgjG/9Wawa37dvfgF W4dOzQCNvoK5OQ== -----END CERTIFICATE-----Generated at Fri Dec 26 16:02:03 2025 by rpki-client