This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/7aedad-b4cf-469c-aebf-cae6a709d14a/1/GOk3wQPbBG8iVT75lDj6KVkkDaU.mft File: GOk3wQPbBG8iVT75lDj6KVkkDaU.mft (raw, json) Hash identifier: fxE5RYjUghf9L8hF962nXt8Fp6laJTjt4lw9b0OlhCE= Subject key identifier: 45:B7:DF:07:F0:EA:8D:EB:30:18:53:8A:2C:E8:E3:19:CD:9C:6E:57 Authority key identifier: 18:E9:37:C1:03:DB:04:6F:22:55:3E:F9:94:38:FA:29:59:24:0D:A5 Certificate issuer: /CN=18e937c103db046f22553ef99438fa2959240da5 Certificate serial: 019B7ECB9E60B1CAFDAECDDC4AF9AEC990C1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GOk3wQPbBG8iVT75lDj6KVkkDaU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/7aedad-b4cf-469c-aebf-cae6a709d14a/1/GOk3wQPbBG8iVT75lDj6KVkkDaU.mft Manifest number: 17AC Signing time: Fri 02 Jan 2026 13:00:31 +0000 Manifest this update: Fri 02 Jan 2026 13:00:31 +0000 Manifest next update: Sat 03 Jan 2026 13:00:31 +0000 Files and hashes: 1: FO1lQiG9ScdzQtlxdlw1FlKQ-I0.roa (hash: PRoV3H39Cr/JXk4LsEV4xIWemZ70bZuFShd6vkqQqrE=) 2: GOk3wQPbBG8iVT75lDj6KVkkDaU.crl (hash: TnsesVkAYgPsE7LNf2QhkAf3FGBfmCiDDC+qHA1bilY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/7aedad-b4cf-469c-aebf-cae6a709d14a/1/GOk3wQPbBG8iVT75lDj6KVkkDaU.crl rsync://rpki.ripe.net/repository/DEFAULT/62/7aedad-b4cf-469c-aebf-cae6a709d14a/1/GOk3wQPbBG8iVT75lDj6KVkkDaU.mft rsync://rpki.ripe.net/repository/DEFAULT/GOk3wQPbBG8iVT75lDj6KVkkDaU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 12:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:cb:9e:60:b1:ca:fd:ae:cd:dc:4a:f9:ae:c9:90:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=18e937c103db046f22553ef99438fa2959240da5 Validity Not Before: Jan 2 13:00:31 2026 GMT Not After : Jan 3 13:00:31 2026 GMT Subject: CN=45b7df07f0ea8deb3018538a2ce8e319cd9c6e57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:f7:1b:23:7a:7b:d3:55:46:85:e5:84:62:31: b6:73:ba:5f:29:d4:6e:2a:57:58:e5:6e:3b:61:e1: 22:97:16:6b:88:5c:6a:37:e6:ef:97:78:35:03:9e: f4:80:e5:ac:15:dd:d2:74:ae:80:b8:a0:04:fa:ff: 5b:c8:65:6b:3c:26:ee:c8:9c:42:92:77:4b:a7:a1: de:a0:75:25:57:e5:c1:a4:ec:fb:3d:8b:51:aa:c0: a5:03:61:22:83:a3:5e:75:44:ee:9e:5c:6c:f3:ff: e6:24:86:de:58:36:50:71:61:51:2f:a2:5d:a8:39: f5:1e:3f:7a:2a:34:09:de:1d:42:57:b4:ce:2f:1f: 72:d4:d6:3e:43:e8:5f:94:04:b3:fd:49:15:15:e6: 41:5e:17:76:b4:a3:37:aa:aa:21:00:86:bb:b3:d8: 8f:be:9e:07:a9:b5:76:df:be:91:fa:69:78:6f:aa: 3e:44:04:3a:6a:2e:c3:94:85:67:fd:4e:9f:70:89: a1:dd:2f:34:cc:4f:be:2d:ef:b9:34:06:0f:a0:b2: 6a:ac:dc:01:0b:1c:f3:a1:b2:af:0b:94:2e:ee:0d: c8:10:7b:13:cd:59:8b:44:af:ae:70:ac:58:ea:4f: 75:b8:74:3c:f0:b8:62:fb:b7:1c:f2:9f:da:e5:26: a4:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:B7:DF:07:F0:EA:8D:EB:30:18:53:8A:2C:E8:E3:19:CD:9C:6E:57 X509v3 Authority Key Identifier: keyid:18:E9:37:C1:03:DB:04:6F:22:55:3E:F9:94:38:FA:29:59:24:0D:A5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GOk3wQPbBG8iVT75lDj6KVkkDaU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/7aedad-b4cf-469c-aebf-cae6a709d14a/1/GOk3wQPbBG8iVT75lDj6KVkkDaU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/62/7aedad-b4cf-469c-aebf-cae6a709d14a/1/GOk3wQPbBG8iVT75lDj6KVkkDaU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5d:f9:4a:e5:a5:9e:38:d8:52:bc:8e:2e:76:77:47:8c:7e:8e: d1:d8:4b:0e:66:8f:45:e8:2c:00:37:56:d1:a6:6c:2f:0a:92: 40:a9:57:a2:0b:aa:b8:e9:4a:40:88:a3:71:75:b3:75:1b:78: e3:85:63:99:cc:29:42:c3:16:6c:67:c6:20:63:ca:c0:78:6a: b6:3e:ed:bf:3d:e2:97:b1:2d:60:b4:e9:20:3b:2f:8a:c5:cf: c9:4c:f4:39:ea:f2:8c:e2:5e:06:20:82:11:d1:cb:b5:b1:ef: 45:f8:bf:26:38:d7:bc:98:a7:7e:9a:c9:13:1b:ca:ee:55:4d: b0:3f:57:60:f3:fc:fe:83:3b:ee:0d:0f:7b:c6:12:de:d6:ca: 4a:bd:93:1e:4e:aa:8b:16:80:dd:f6:ec:85:f4:52:f2:b9:e9: 2f:8d:ed:f3:03:a1:24:bd:82:03:ca:57:99:c0:a1:5b:50:50: 17:8c:dc:b3:1e:c8:80:03:bc:a7:e5:71:08:03:7e:d0:fa:c3: 10:f4:ae:cf:fe:73:80:ba:f1:4d:76:11:87:ee:38:c0:7f:08: 58:9e:e8:7c:4d:5a:35:83:9a:ac:44:77:b1:31:bf:48:ed:aa: 2e:ee:29:0f:8b:b5:e2:a9:5f:16:18:02:f4:97:84:61:fb:ee: 49:6e:28:6f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt+y55gscr9rs3cSvmuyZDBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE4ZTkzN2MxMDNkYjA0NmYyMjU1M2VmOTk0MzhmYTI5NTky NDBkYTUwHhcNMjYwMTAyMTMwMDMxWhcNMjYwMTAzMTMwMDMxWjAzMTEwLwYDVQQD Eyg0NWI3ZGYwN2YwZWE4ZGViMzAxODUzOGEyY2U4ZTMxOWNkOWM2ZTU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/cbI3p701VGheWEYjG2c7pfKdRu KldY5W47YeEilxZriFxqN+bvl3g1A570gOWsFd3SdK6AuKAE+v9byGVrPCbuyJxC kndLp6HeoHUlV+XBpOz7PYtRqsClA2Eig6NedUTunlxs8//mJIbeWDZQcWFRL6Jd qDn1Hj96KjQJ3h1CV7TOLx9y1NY+Q+hflASz/UkVFeZBXhd2tKM3qqohAIa7s9iP vp4HqbV2376R+ml4b6o+RAQ6ai7DlIVn/U6fcImh3S80zE++Le+5NAYPoLJqrNwB CxzzobKvC5Qu7g3IEHsTzVmLRK+ucKxY6k91uHQ88Lhi+7cc8p/a5Sak8wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEW33wfw6o3rMBhTiizo4xnNnG5XMB8GA1UdIwQY MBaAFBjpN8ED2wRvIlU++ZQ4+ilZJA2lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR09rM3dRUGJCRzhpVlQ3NWxEajZLVmtrRGFVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83YWVkYWQtYjRjZi00NjljLWFlYmYt Y2FlNmE3MDlkMTRhLzEvR09rM3dRUGJCRzhpVlQ3NWxEajZLVmtrRGFVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Mi83YWVkYWQtYjRjZi00NjljLWFlYmYtY2FlNmE3MDlkMTRh LzEvR09rM3dRUGJCRzhpVlQ3NWxEajZLVmtrRGFVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXflK5aWe ONhSvI4udndHjH6O0dhLDmaPRegsADdW0aZsLwqSQKlXoguquOlKQIijcXWzdRt4 44VjmcwpQsMWbGfGIGPKwHhqtj7tvz3il7EtYLTpIDsvisXPyUz0OeryjOJeBiCC EdHLtbHvRfi/JjjXvJinfprJExvK7lVNsD9XYPP8/oM77g0Pe8YS3tbKSr2THk6q ixaA3fbshfRS8rnpL43t8wOhJL2CA8pXmcChW1BQF4zcsx7IgAO8p+VxCAN+0PrD EPSuz/5zgLrxTXYRh+44wH8IWJ7ofE1aNYOarER3sTG/SO2qLu4pD4u14qlfFhgC 9JeEYfvuSW4obw== -----END CERTIFICATE-----Generated at Fri Jan 2 18:09:03 2026 by rpki-client