This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/b485d9-eedc-4706-a9e6-41de97dc9b6c/1/1GmGfR1pPnmmpe6QFOQT8DnrUNg.mft File: 1GmGfR1pPnmmpe6QFOQT8DnrUNg.mft (raw, json) Hash identifier: cYOYYnXNBKZ/tJ8DFaLaJLsZQE71JbAse+SE4qUjkCo= Subject key identifier: 28:AC:1B:4E:83:D6:07:B8:3A:E2:7C:CE:41:AF:C0:A4:95:B3:77:30 Authority key identifier: D4:69:86:7D:1D:69:3E:79:A6:A5:EE:90:14:E4:13:F0:39:EB:50:D8 Certificate issuer: /CN=d469867d1d693e79a6a5ee9014e413f039eb50d8 Certificate serial: 019B32319298EB942C1614C0AD2224EAF5DE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1GmGfR1pPnmmpe6QFOQT8DnrUNg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/b485d9-eedc-4706-a9e6-41de97dc9b6c/1/1GmGfR1pPnmmpe6QFOQT8DnrUNg.mft Manifest number: 11B3 Signing time: Thu 18 Dec 2025 16:01:08 +0000 Manifest this update: Thu 18 Dec 2025 16:01:08 +0000 Manifest next update: Fri 19 Dec 2025 16:01:08 +0000 Files and hashes: 1: 1GmGfR1pPnmmpe6QFOQT8DnrUNg.crl (hash: fEzaTzC9nJJIF4glRO4ohxI7d6Nl+o1E14VPlpPOZCI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/b485d9-eedc-4706-a9e6-41de97dc9b6c/1/1GmGfR1pPnmmpe6QFOQT8DnrUNg.crl rsync://rpki.ripe.net/repository/DEFAULT/5c/b485d9-eedc-4706-a9e6-41de97dc9b6c/1/1GmGfR1pPnmmpe6QFOQT8DnrUNg.mft rsync://rpki.ripe.net/repository/DEFAULT/1GmGfR1pPnmmpe6QFOQT8DnrUNg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 16:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:31:92:98:eb:94:2c:16:14:c0:ad:22:24:ea:f5:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d469867d1d693e79a6a5ee9014e413f039eb50d8 Validity Not Before: Dec 18 16:01:08 2025 GMT Not After : Dec 19 16:01:08 2025 GMT Subject: CN=28ac1b4e83d607b83ae27cce41afc0a495b37730 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:b6:fd:17:27:9f:84:87:6f:bf:fc:07:77:d2: 14:93:d6:3b:01:04:c5:9d:df:b5:68:21:6b:8c:6f: c8:65:48:6c:68:cb:6b:7d:fb:93:b4:d6:e3:39:98: 01:16:6e:79:15:8a:b1:4c:5e:eb:60:76:d7:df:1d: 7f:0d:f5:66:69:64:ab:d2:15:27:66:b8:04:37:9e: 69:1c:64:de:38:00:e0:b6:74:df:6a:12:a7:4a:09: 99:1e:70:5a:4b:b1:d7:f4:62:a1:e7:bc:8a:87:35: d9:9c:12:db:34:ec:bf:ca:79:cb:32:9a:35:56:8c: a3:b8:88:27:94:63:5c:d9:60:0a:3a:8c:bb:6b:b8: 2a:15:a9:aa:71:d6:b0:21:37:54:9b:a7:7a:bb:f8: a7:44:aa:12:33:15:60:c9:29:ae:b9:ee:87:00:6b: cb:b3:bc:a3:16:4d:88:45:ca:e8:dd:70:64:8a:ab: f7:21:4d:bf:7e:dc:75:f4:6b:48:5a:02:78:92:1e: 3f:7c:3a:d5:41:2d:29:50:82:e6:e0:9f:da:5e:9d: a6:4c:fb:db:d2:d8:77:47:5b:a2:9e:5b:27:82:bc: a9:7b:03:c2:8d:3d:0c:01:db:2c:d3:a6:3d:b8:e8: ad:d5:1f:f0:47:13:c4:2f:4a:93:39:4a:5b:a0:76: 2c:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:AC:1B:4E:83:D6:07:B8:3A:E2:7C:CE:41:AF:C0:A4:95:B3:77:30 X509v3 Authority Key Identifier: keyid:D4:69:86:7D:1D:69:3E:79:A6:A5:EE:90:14:E4:13:F0:39:EB:50:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1GmGfR1pPnmmpe6QFOQT8DnrUNg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/b485d9-eedc-4706-a9e6-41de97dc9b6c/1/1GmGfR1pPnmmpe6QFOQT8DnrUNg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/b485d9-eedc-4706-a9e6-41de97dc9b6c/1/1GmGfR1pPnmmpe6QFOQT8DnrUNg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 32:d4:9c:e4:7a:09:06:75:47:16:4f:21:33:65:69:3a:5e:a6: ec:36:76:f9:a3:34:79:15:dc:ac:ce:6b:f8:87:57:e8:ab:8f: ed:a9:fe:af:2f:ec:e7:11:fd:54:90:e4:8a:f2:2e:01:9e:f4: 6e:3f:8b:9f:9d:6c:c9:96:26:60:0f:4f:ac:93:f2:05:da:e9: b3:5f:8b:6f:c1:13:1f:fb:6c:16:22:c0:c8:80:80:b5:4a:cb: 08:33:88:44:9b:98:62:06:b1:9c:b5:d8:b6:b7:b7:4b:9f:79: 81:fc:41:fc:31:42:d2:a6:28:b2:ae:f9:7d:90:8c:3a:b3:30: 50:7b:51:ff:bf:ba:52:77:48:52:e6:00:62:16:c9:c4:67:55: 37:0e:ca:50:38:28:4f:79:e1:02:28:ec:0d:8f:41:a1:85:56: 62:12:8f:fc:73:1e:bc:59:9d:54:5f:a9:a7:3e:03:ac:d1:64: 15:19:95:20:13:ae:a5:14:1b:30:71:db:c2:3d:a0:6a:9e:31: cc:2d:00:c4:73:d5:32:fa:c8:cd:68:38:2a:99:ce:2d:a4:7c: 43:92:34:53:14:33:d3:64:d6:79:77:b0:95:09:b6:87:65:2c: f3:27:ad:1c:44:b8:93:6d:b8:0b:32:85:f9:84:26:cf:a1:6b: 54:8e:c1:e7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsyMZKY65QsFhTArSIk6vXeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0Njk4NjdkMWQ2OTNlNzlhNmE1ZWU5MDE0ZTQxM2YwMzll YjUwZDgwHhcNMjUxMjE4MTYwMTA4WhcNMjUxMjE5MTYwMTA4WjAzMTEwLwYDVQQD EygyOGFjMWI0ZTgzZDYwN2I4M2FlMjdjY2U0MWFmYzBhNDk1YjM3NzMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6bb9FyefhIdvv/wHd9IUk9Y7AQTF nd+1aCFrjG/IZUhsaMtrffuTtNbjOZgBFm55FYqxTF7rYHbX3x1/DfVmaWSr0hUn ZrgEN55pHGTeOADgtnTfahKnSgmZHnBaS7HX9GKh57yKhzXZnBLbNOy/ynnLMpo1 VoyjuIgnlGNc2WAKOoy7a7gqFamqcdawITdUm6d6u/inRKoSMxVgySmuue6HAGvL s7yjFk2IRcro3XBkiqv3IU2/ftx19GtIWgJ4kh4/fDrVQS0pUILm4J/aXp2mTPvb 0th3R1uinlsngrypewPCjT0MAdss06Y9uOit1R/wRxPEL0qTOUpboHYs3wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCisG06D1ge4OuJ8zkGvwKSVs3cwMB8GA1UdIwQY MBaAFNRphn0daT55pqXukBTkE/A561DYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUdtR2ZSMXBQbm1tcGU2UUZPUVQ4RG5yVU5nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9iNDg1ZDktZWVkYy00NzA2LWE5ZTYt NDFkZTk3ZGM5YjZjLzEvMUdtR2ZSMXBQbm1tcGU2UUZPUVQ4RG5yVU5nLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yy9iNDg1ZDktZWVkYy00NzA2LWE5ZTYtNDFkZTk3ZGM5YjZj LzEvMUdtR2ZSMXBQbm1tcGU2UUZPUVQ4RG5yVU5nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMtSc5HoJ BnVHFk8hM2VpOl6m7DZ2+aM0eRXcrM5r+IdX6KuP7an+ry/s5xH9VJDkivIuAZ70 bj+Ln51syZYmYA9PrJPyBdrps1+Lb8ETH/tsFiLAyICAtUrLCDOIRJuYYgaxnLXY tre3S595gfxB/DFC0qYosq75fZCMOrMwUHtR/7+6UndIUuYAYhbJxGdVNw7KUDgo T3nhAijsDY9BoYVWYhKP/HMevFmdVF+ppz4DrNFkFRmVIBOupRQbMHHbwj2gap4x zC0AxHPVMvrIzWg4KpnOLaR8Q5I0UxQz02TWeXewlQm2h2Us8yetHES4k224CzKF +YQmz6FrVI7B5w== -----END CERTIFICATE-----Generated at Thu Dec 18 23:30:54 2025 by rpki-client