This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/6cfc59-4595-4bd3-8a22-09619fe64d73/1/gHxaewQd3kDvSjWe6yGZ1Foz0dM.mft File: gHxaewQd3kDvSjWe6yGZ1Foz0dM.mft (raw, json) Hash identifier: NszOFU7j4ZMXpuqNSmCKfvXpNvz+EzKQfRMLAS7Uo1Y= Subject key identifier: 50:49:D3:FC:6E:79:76:65:D4:F1:70:C3:84:3E:B4:11:2B:95:6F:61 Authority key identifier: 80:7C:5A:7B:04:1D:DE:40:EF:4A:35:9E:EB:21:99:D4:5A:33:D1:D3 Certificate issuer: /CN=807c5a7b041dde40ef4a359eeb2199d45a33d1d3 Certificate serial: 019B5ABF35DC58A3BF6C71C2431A0B2FAD1F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gHxaewQd3kDvSjWe6yGZ1Foz0dM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/6cfc59-4595-4bd3-8a22-09619fe64d73/1/gHxaewQd3kDvSjWe6yGZ1Foz0dM.mft Manifest number: 7C Signing time: Fri 26 Dec 2025 13:00:39 +0000 Manifest this update: Fri 26 Dec 2025 13:00:39 +0000 Manifest next update: Sat 27 Dec 2025 13:00:39 +0000 Files and hashes: 1: gHxaewQd3kDvSjWe6yGZ1Foz0dM.crl (hash: GTj9UQV1n5EdS/3OEFbTDDceOhf+9QXVIAq9yp82Uus=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/6cfc59-4595-4bd3-8a22-09619fe64d73/1/gHxaewQd3kDvSjWe6yGZ1Foz0dM.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/6cfc59-4595-4bd3-8a22-09619fe64d73/1/gHxaewQd3kDvSjWe6yGZ1Foz0dM.mft rsync://rpki.ripe.net/repository/DEFAULT/gHxaewQd3kDvSjWe6yGZ1Foz0dM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:bf:35:dc:58:a3:bf:6c:71:c2:43:1a:0b:2f:ad:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=807c5a7b041dde40ef4a359eeb2199d45a33d1d3 Validity Not Before: Dec 26 13:00:39 2025 GMT Not After : Dec 27 13:00:39 2025 GMT Subject: CN=5049d3fc6e797665d4f170c3843eb4112b956f61 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:0b:a7:8b:5b:ad:4f:f4:f7:cd:42:aa:e1:05: 00:c3:57:da:c3:b0:f6:d4:fa:34:db:f4:73:7c:bc: d9:c9:c6:77:f8:59:64:9c:cd:dd:d8:57:21:d2:51: 95:22:fd:4e:94:f9:f3:65:ad:fd:e6:6e:5b:ba:5f: 62:5f:4c:f2:61:0d:21:7b:a1:ab:f3:72:cf:e1:03: 2e:17:d1:e7:2b:04:41:04:06:93:ec:f9:9c:b0:0e: ee:38:03:ba:45:71:2c:44:02:96:80:0d:79:8c:90: 4a:4f:69:2c:d0:03:3f:6f:0a:6b:de:e2:cd:b9:ef: 04:4a:24:37:25:ef:00:1b:c0:c4:d8:48:61:04:5f: 57:2c:c6:d9:55:d9:d4:8d:f9:b9:49:97:0a:56:fb: 82:a4:fa:56:4a:88:29:99:18:f0:26:d4:0d:40:53: d5:20:33:fb:32:65:a4:80:a9:c1:94:cb:af:70:32: ed:5a:a5:e1:a4:da:ba:5d:ae:05:c7:06:16:48:7f: 18:5c:b1:43:24:3c:23:d0:f8:16:5a:de:9b:e3:56: 22:6f:1a:73:b2:54:96:76:8e:50:e3:33:c6:14:d1: 71:b9:e8:f2:c2:07:5d:27:c6:e8:8f:bf:f9:8e:de: 0f:ad:38:0d:14:79:20:85:12:4b:bd:e3:1b:11:c6: 33:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:49:D3:FC:6E:79:76:65:D4:F1:70:C3:84:3E:B4:11:2B:95:6F:61 X509v3 Authority Key Identifier: keyid:80:7C:5A:7B:04:1D:DE:40:EF:4A:35:9E:EB:21:99:D4:5A:33:D1:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gHxaewQd3kDvSjWe6yGZ1Foz0dM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/6cfc59-4595-4bd3-8a22-09619fe64d73/1/gHxaewQd3kDvSjWe6yGZ1Foz0dM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/6cfc59-4595-4bd3-8a22-09619fe64d73/1/gHxaewQd3kDvSjWe6yGZ1Foz0dM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:53:13:65:4a:ba:bc:54:d5:45:55:4e:b6:b6:61:69:66:ca: 3b:45:b1:67:75:c3:43:ff:71:18:38:4f:b8:e5:58:4e:38:1d: 5a:57:86:2a:4e:70:62:5a:28:ad:4e:fe:c6:b0:00:ae:7f:0c: 6a:27:11:0d:36:bc:f9:c6:83:da:c4:40:e6:47:60:94:3b:f8: 9f:e8:f0:5d:31:ac:33:4e:36:33:50:27:d5:05:8e:d9:da:fa: 73:56:b5:71:0c:bb:54:e1:6a:0a:a3:f0:5a:96:8e:e8:ae:0a: cf:ab:32:ad:7b:7d:49:02:58:55:f9:d0:3e:42:aa:ea:d3:b0: 3f:08:5c:df:97:d4:38:a5:8e:a5:23:60:ee:7a:1e:9a:5b:fa: 10:db:70:b2:92:40:0d:b3:f2:c9:cc:28:18:6a:8f:a5:44:b9: 02:a7:59:ea:7f:3d:9d:9d:ec:29:98:b2:81:5f:2f:02:66:36: a0:32:52:9f:76:49:50:ea:ec:c6:8f:42:73:9d:fc:29:d7:6e: c1:d2:66:15:3f:5e:ba:00:f9:0b:5c:94:65:37:c4:5f:37:f9: 7e:bc:14:6b:29:84:a1:e6:59:8b:8e:9e:c8:3f:0f:8e:d5:db: 0d:ff:5c:c0:4b:12:d3:36:ec:fb:b4:61:d5:aa:e2:f4:6e:2e: 97:e1:7c:ee -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtavzXcWKO/bHHCQxoLL60fMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgwN2M1YTdiMDQxZGRlNDBlZjRhMzU5ZWViMjE5OWQ0NWEz M2QxZDMwHhcNMjUxMjI2MTMwMDM5WhcNMjUxMjI3MTMwMDM5WjAzMTEwLwYDVQQD Eyg1MDQ5ZDNmYzZlNzk3NjY1ZDRmMTcwYzM4NDNlYjQxMTJiOTU2ZjYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzguni1utT/T3zUKq4QUAw1faw7D2 1Po02/RzfLzZycZ3+FlknM3d2Fch0lGVIv1OlPnzZa395m5bul9iX0zyYQ0he6Gr 83LP4QMuF9HnKwRBBAaT7PmcsA7uOAO6RXEsRAKWgA15jJBKT2ks0AM/bwpr3uLN ue8ESiQ3Je8AG8DE2EhhBF9XLMbZVdnUjfm5SZcKVvuCpPpWSogpmRjwJtQNQFPV IDP7MmWkgKnBlMuvcDLtWqXhpNq6Xa4FxwYWSH8YXLFDJDwj0PgWWt6b41Yibxpz slSWdo5Q4zPGFNFxuejywgddJ8boj7/5jt4PrTgNFHkghRJLveMbEcYzrwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFBJ0/xueXZl1PFww4Q+tBErlW9hMB8GA1UdIwQY MBaAFIB8WnsEHd5A70o1nushmdRaM9HTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ0h4YWV3UWQza0R2U2pXZTZ5R1oxRm96MGRNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy82Y2ZjNTktNDU5NS00YmQzLThhMjIt MDk2MTlmZTY0ZDczLzEvZ0h4YWV3UWQza0R2U2pXZTZ5R1oxRm96MGRNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy82Y2ZjNTktNDU5NS00YmQzLThhMjItMDk2MTlmZTY0ZDcz LzEvZ0h4YWV3UWQza0R2U2pXZTZ5R1oxRm96MGRNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYVMTZUq6 vFTVRVVOtrZhaWbKO0WxZ3XDQ/9xGDhPuOVYTjgdWleGKk5wYloorU7+xrAArn8M aicRDTa8+caD2sRA5kdglDv4n+jwXTGsM042M1An1QWO2dr6c1a1cQy7VOFqCqPw WpaO6K4Kz6syrXt9SQJYVfnQPkKq6tOwPwhc35fUOKWOpSNg7noemlv6ENtwspJA DbPyycwoGGqPpUS5AqdZ6n89nZ3sKZiygV8vAmY2oDJSn3ZJUOrsxo9Cc538Kddu wdJmFT9eugD5C1yUZTfEXzf5frwUaymEoeZZi46eyD8PjtXbDf9cwEsS0zbs+7Rh 1ari9G4ul+F87g== -----END CERTIFICATE-----Generated at Fri Dec 26 16:00:24 2025 by rpki-client