This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.mft File: G2kwH6jXiOAvfrL6iAIQkHQgbP4.mft (raw, json) Hash identifier: hHAZQmmqvBfE6aUCcbsbtRIJZ/bhhI6/nCtlZeabn5U= Subject key identifier: 5B:A2:45:B7:2E:16:56:C0:26:B8:F0:D0:85:8F:A4:F2:4B:14:BD:02 Authority key identifier: 1B:69:30:1F:A8:D7:88:E0:2F:7E:B2:FA:88:02:10:90:74:20:6C:FE Certificate issuer: /CN=1b69301fa8d788e02f7eb2fa8802109074206cfe Certificate serial: 019B405B258277746296C9798944F0956C0B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G2kwH6jXiOAvfrL6iAIQkHQgbP4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.mft Manifest number: 0330 Signing time: Sun 21 Dec 2025 10:01:13 +0000 Manifest this update: Sun 21 Dec 2025 10:01:13 +0000 Manifest next update: Mon 22 Dec 2025 10:01:13 +0000 Files and hashes: 1: G2kwH6jXiOAvfrL6iAIQkHQgbP4.crl (hash: Mie3rrhxjJm8ujBcVymE8ZU3E9cpr9IRXpLKLlulJ2g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.crl rsync://rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.mft rsync://rpki.ripe.net/repository/DEFAULT/G2kwH6jXiOAvfrL6iAIQkHQgbP4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 10:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:5b:25:82:77:74:62:96:c9:79:89:44:f0:95:6c:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1b69301fa8d788e02f7eb2fa8802109074206cfe Validity Not Before: Dec 21 10:01:13 2025 GMT Not After : Dec 22 10:01:13 2025 GMT Subject: CN=5ba245b72e1656c026b8f0d0858fa4f24b14bd02 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:68:4b:70:28:d8:74:69:fb:1d:93:c1:a0:30: 46:43:4b:8e:46:59:2b:9a:cf:94:4e:bd:a7:1d:bc: 87:fc:e6:0d:c9:74:79:b7:ef:3c:07:d7:f7:27:92: 53:32:3b:20:cc:c7:c7:58:84:9d:8a:88:cf:07:39: 9d:7e:79:20:c5:90:c8:e2:1b:94:80:3b:68:ea:cc: ad:f7:e8:e3:4a:3f:d2:07:eb:c6:ee:81:7f:29:41: 97:61:41:05:ac:fc:6e:5c:5f:0d:12:56:37:cc:c2: a5:af:92:3a:c3:7d:af:92:73:f1:2c:b7:b1:23:9d: b7:7b:e0:c3:d7:33:7b:d7:d0:a9:66:d6:a8:fe:61: bb:f8:1b:37:b0:30:cd:81:fe:fa:f3:c5:95:2d:9f: 65:91:25:19:cc:05:1f:92:6c:a9:60:fe:8e:73:5c: e7:78:32:48:17:34:20:0a:4d:d1:eb:d5:7d:9f:3b: 3f:45:cc:b1:6f:be:0a:97:6f:16:e4:7e:77:76:10: ac:bc:20:14:df:8c:27:2b:bf:6e:f7:a7:4f:88:dd: f6:cd:ad:08:1a:30:06:d6:76:7b:34:92:72:b3:51: ad:74:8a:69:a3:79:c1:5d:a0:0b:67:83:06:79:ff: 18:0c:72:9c:dc:48:57:dd:b3:d4:8e:9e:a0:43:20: 2d:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:A2:45:B7:2E:16:56:C0:26:B8:F0:D0:85:8F:A4:F2:4B:14:BD:02 X509v3 Authority Key Identifier: keyid:1B:69:30:1F:A8:D7:88:E0:2F:7E:B2:FA:88:02:10:90:74:20:6C:FE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G2kwH6jXiOAvfrL6iAIQkHQgbP4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption da:18:c1:a8:dc:05:8c:8e:e5:cb:77:93:7f:25:56:3f:0d:25: 10:8d:99:de:01:f5:5d:24:18:90:9e:a4:b2:28:98:12:8f:7c: a9:9a:3b:71:17:e2:85:a4:77:88:28:3a:d6:38:68:ae:41:04: 42:6e:e6:17:d8:46:a2:ba:6a:ad:b8:16:e0:90:23:54:58:cf: c1:b3:f3:ad:a7:3f:95:a1:e9:de:90:32:64:93:fc:45:e3:c0: 78:9e:4c:e3:4b:19:45:3d:26:1c:15:1c:93:58:7d:4e:d4:97: 57:99:52:9d:80:44:1c:ad:85:f5:40:b5:69:9f:34:d4:c0:98: 52:e1:b0:e3:dc:d3:f3:bc:17:ea:7b:56:40:76:25:4b:da:6d: 26:c1:7e:e7:3a:48:27:58:93:33:8a:f1:05:4e:c8:c5:73:25: 51:02:17:b1:e2:c5:24:6f:36:42:61:96:87:61:1c:0b:6f:af: 18:be:fe:89:61:d9:c5:72:83:50:5a:eb:c2:3b:c0:55:d9:99: 64:db:e5:68:79:ca:7c:20:2f:03:52:28:b7:93:f7:57:0c:ac: 82:e5:e0:e5:58:e7:63:be:f3:8d:a6:8b:f8:2f:6a:dc:77:f6: 9b:a6:5a:0f:c7:99:97:c9:f6:03:81:02:97:43:6c:61:04:d9: df:b5:5f:8a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAWyWCd3Rilsl5iUTwlWwLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiNjkzMDFmYThkNzg4ZTAyZjdlYjJmYTg4MDIxMDkwNzQy MDZjZmUwHhcNMjUxMjIxMTAwMTEzWhcNMjUxMjIyMTAwMTEzWjAzMTEwLwYDVQQD Eyg1YmEyNDViNzJlMTY1NmMwMjZiOGYwZDA4NThmYTRmMjRiMTRiZDAyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWhLcCjYdGn7HZPBoDBGQ0uORlkr ms+UTr2nHbyH/OYNyXR5t+88B9f3J5JTMjsgzMfHWISdiojPBzmdfnkgxZDI4huU gDto6syt9+jjSj/SB+vG7oF/KUGXYUEFrPxuXF8NElY3zMKlr5I6w32vknPxLLex I523e+DD1zN719CpZtao/mG7+Bs3sDDNgf7688WVLZ9lkSUZzAUfkmypYP6Oc1zn eDJIFzQgCk3R69V9nzs/Rcyxb74Kl28W5H53dhCsvCAU34wnK79u96dPiN32za0I GjAG1nZ7NJJys1GtdIppo3nBXaALZ4MGef8YDHKc3EhX3bPUjp6gQyAtlwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFuiRbcuFlbAJrjw0IWPpPJLFL0CMB8GA1UdIwQY MBaAFBtpMB+o14jgL36y+ogCEJB0IGz+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRzJrd0g2alhpT0F2ZnJMNmlBSVFrSFFnYlA0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS81ZDcyOGEtOTNkYS00ODBiLWE3MzUt NDE2YzI4Nzk4ZmUyLzEvRzJrd0g2alhpT0F2ZnJMNmlBSVFrSFFnYlA0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS81ZDcyOGEtOTNkYS00ODBiLWE3MzUtNDE2YzI4Nzk4ZmUy LzEvRzJrd0g2alhpT0F2ZnJMNmlBSVFrSFFnYlA0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2hjBqNwF jI7ly3eTfyVWPw0lEI2Z3gH1XSQYkJ6ksiiYEo98qZo7cRfihaR3iCg61jhorkEE Qm7mF9hGorpqrbgW4JAjVFjPwbPzrac/laHp3pAyZJP8RePAeJ5M40sZRT0mHBUc k1h9TtSXV5lSnYBEHK2F9UC1aZ801MCYUuGw49zT87wX6ntWQHYlS9ptJsF+5zpI J1iTM4rxBU7IxXMlUQIXseLFJG82QmGWh2EcC2+vGL7+iWHZxXKDUFrrwjvAVdmZ ZNvlaHnKfCAvA1Iot5P3VwysguXg5VjnY77zjaaL+C9q3Hf2m6ZaD8eZl8n2A4EC l0NsYQTZ37Vfig== -----END CERTIFICATE-----Generated at Sun Dec 21 19:49:46 2025 by rpki-client