This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/bf580b-e912-4c1d-9e50-57b91e815330/1/GdlgBYpVOz9d-f5ychkDfEirUOE.mft File: GdlgBYpVOz9d-f5ychkDfEirUOE.mft (raw, json) Hash identifier: MNRx7NQ64wgwVbO9qSO8uIzmGNDt6IpceI6YDQ+yd7E= Subject key identifier: 9A:0D:34:89:11:E5:E6:B3:42:B9:82:D2:09:90:74:51:30:7B:E2:64 Authority key identifier: 19:D9:60:05:8A:55:3B:3F:5D:F9:FE:72:72:19:03:7C:48:AB:50:E1 Certificate issuer: /CN=19d960058a553b3f5df9fe727219037c48ab50e1 Certificate serial: 019B416D41963C85E5724838A6FED18F037B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GdlgBYpVOz9d-f5ychkDfEirUOE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/bf580b-e912-4c1d-9e50-57b91e815330/1/GdlgBYpVOz9d-f5ychkDfEirUOE.mft Manifest number: 0E5B Signing time: Sun 21 Dec 2025 15:00:37 +0000 Manifest this update: Sun 21 Dec 2025 15:00:37 +0000 Manifest next update: Mon 22 Dec 2025 15:00:37 +0000 Files and hashes: 1: GdlgBYpVOz9d-f5ychkDfEirUOE.crl (hash: ZZYPL/DXtWPNqh7gHRLTFxyNXBu30HxjRGeSZ6r37r4=) 2: X3uPBxzPVXv3n_QN1aGdKbmuIRY.roa (hash: hUPc8yRkBzbeF7M/RRJW79E+lPzVmxoaNEB54waojEo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/bf580b-e912-4c1d-9e50-57b91e815330/1/GdlgBYpVOz9d-f5ychkDfEirUOE.crl rsync://rpki.ripe.net/repository/DEFAULT/87/bf580b-e912-4c1d-9e50-57b91e815330/1/GdlgBYpVOz9d-f5ychkDfEirUOE.mft rsync://rpki.ripe.net/repository/DEFAULT/GdlgBYpVOz9d-f5ychkDfEirUOE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:6d:41:96:3c:85:e5:72:48:38:a6:fe:d1:8f:03:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=19d960058a553b3f5df9fe727219037c48ab50e1 Validity Not Before: Dec 21 15:00:37 2025 GMT Not After : Dec 22 15:00:37 2025 GMT Subject: CN=9a0d348911e5e6b342b982d209907451307be264 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:7a:3a:06:6f:09:fe:3e:7f:4b:02:a9:f9:12: cc:50:60:3b:ec:56:9d:73:14:b2:14:c0:fb:a9:6b: cd:06:da:89:13:5f:6f:e9:dd:ac:6c:91:89:40:22: 04:a6:04:08:bf:da:e9:c9:3a:ae:af:0d:3e:a8:77: 37:6e:ce:28:ec:2d:35:66:64:20:ea:a2:6d:fd:34: e0:ac:fe:68:8f:d4:3e:b4:89:1b:af:ed:78:a1:75: e7:dc:ab:5e:82:39:a2:f1:7d:bb:f3:6b:26:15:4c: 59:59:1d:3e:13:af:e9:58:1c:c5:14:3d:f1:1f:41: 93:d7:e9:46:8e:6a:53:3b:17:64:a1:98:42:de:98: 82:93:14:0b:75:40:de:c1:bb:5d:e8:1a:d7:74:84: ce:69:70:ad:54:9d:b3:dc:40:60:24:9c:2d:45:e2: 38:05:d8:dc:22:d2:57:7e:3b:e5:1f:ea:3d:42:30: 81:62:3a:3d:ff:17:12:1e:ce:55:a0:9a:ab:7b:45: d0:65:04:d5:3b:82:80:57:a8:58:cc:61:1c:53:0d: eb:ae:3e:a8:83:8f:d6:dd:3f:07:63:ab:4c:eb:ed: 9c:da:0a:23:b8:7a:42:ab:35:c5:c6:70:25:16:3d: b6:ea:8c:eb:d5:58:c9:8f:e5:e1:9b:dd:fc:ae:6a: 72:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:0D:34:89:11:E5:E6:B3:42:B9:82:D2:09:90:74:51:30:7B:E2:64 X509v3 Authority Key Identifier: keyid:19:D9:60:05:8A:55:3B:3F:5D:F9:FE:72:72:19:03:7C:48:AB:50:E1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GdlgBYpVOz9d-f5ychkDfEirUOE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/bf580b-e912-4c1d-9e50-57b91e815330/1/GdlgBYpVOz9d-f5ychkDfEirUOE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/bf580b-e912-4c1d-9e50-57b91e815330/1/GdlgBYpVOz9d-f5ychkDfEirUOE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9c:61:a6:5f:8a:fe:e0:76:a3:77:c6:a0:cf:37:34:8b:32:ae: 06:3b:23:6b:ac:6b:5f:76:fb:4d:74:89:46:53:6f:cc:b1:3d: 3b:15:21:65:9e:00:1e:09:d4:88:de:90:a9:29:b7:c1:0c:04: dc:8e:59:36:42:af:4f:44:5b:cc:78:f7:db:22:bb:d0:22:74: 85:ed:57:1d:f1:cd:0b:7d:1d:b3:61:7d:37:06:db:45:dc:c4: 2a:ee:49:21:25:c0:e2:0a:99:5f:93:56:82:a3:7b:4b:02:3a: 62:b4:c7:d0:60:8f:88:23:20:0a:48:57:d4:e5:b1:70:8e:68: c1:4d:53:c6:1b:06:0d:03:a5:71:71:ea:e9:ca:03:f2:ac:bf: b8:08:c4:57:11:90:11:bf:ae:f9:cf:63:8a:69:71:d1:e5:55: 72:6b:4e:84:23:3d:27:25:70:4c:d5:c0:24:2b:83:7c:ae:69: b9:2f:a0:76:6c:f9:3c:41:a7:d3:64:b8:0f:9c:8e:70:f8:a5: 14:61:40:8e:76:82:dc:93:7b:c9:25:2e:39:94:97:1d:10:56: 8c:48:66:b2:fc:c2:62:5e:ff:dd:d5:80:3e:ed:2c:0f:b1:de: 51:ef:61:5f:81:59:17:90:c9:34:20:ba:61:b8:0a:50:cd:35: fd:5a:40:6b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtBbUGWPIXlckg4pv7RjwN7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE5ZDk2MDA1OGE1NTNiM2Y1ZGY5ZmU3MjcyMTkwMzdjNDhh YjUwZTEwHhcNMjUxMjIxMTUwMDM3WhcNMjUxMjIyMTUwMDM3WjAzMTEwLwYDVQQD Eyg5YTBkMzQ4OTExZTVlNmIzNDJiOTgyZDIwOTkwNzQ1MTMwN2JlMjY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Xo6Bm8J/j5/SwKp+RLMUGA77Fad cxSyFMD7qWvNBtqJE19v6d2sbJGJQCIEpgQIv9rpyTqurw0+qHc3bs4o7C01ZmQg 6qJt/TTgrP5oj9Q+tIkbr+14oXXn3Ktegjmi8X2782smFUxZWR0+E6/pWBzFFD3x H0GT1+lGjmpTOxdkoZhC3piCkxQLdUDewbtd6BrXdITOaXCtVJ2z3EBgJJwtReI4 BdjcItJXfjvlH+o9QjCBYjo9/xcSHs5VoJqre0XQZQTVO4KAV6hYzGEcUw3rrj6o g4/W3T8HY6tM6+2c2gojuHpCqzXFxnAlFj226ozr1VjJj+Xhm938rmpygQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJoNNIkR5eazQrmC0gmQdFEwe+JkMB8GA1UdIwQY MBaAFBnZYAWKVTs/Xfn+cnIZA3xIq1DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR2RsZ0JZcFZPejlkLWY1eWNoa0RmRWlyVU9FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9iZjU4MGItZTkxMi00YzFkLTllNTAt NTdiOTFlODE1MzMwLzEvR2RsZ0JZcFZPejlkLWY1eWNoa0RmRWlyVU9FLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny9iZjU4MGItZTkxMi00YzFkLTllNTAtNTdiOTFlODE1MzMw LzEvR2RsZ0JZcFZPejlkLWY1eWNoa0RmRWlyVU9FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnGGmX4r+ 4Hajd8agzzc0izKuBjsja6xrX3b7TXSJRlNvzLE9OxUhZZ4AHgnUiN6QqSm3wQwE 3I5ZNkKvT0RbzHj32yK70CJ0he1XHfHNC30ds2F9NwbbRdzEKu5JISXA4gqZX5NW gqN7SwI6YrTH0GCPiCMgCkhX1OWxcI5owU1TxhsGDQOlcXHq6coD8qy/uAjEVxGQ Eb+u+c9jimlx0eVVcmtOhCM9JyVwTNXAJCuDfK5puS+gdmz5PEGn02S4D5yOcPil FGFAjnaC3JN7ySUuOZSXHRBWjEhmsvzCYl7/3dWAPu0sD7HeUe9hX4FZF5DJNCC6 YbgKUM01/VpAaw== -----END CERTIFICATE-----Generated at Sun Dec 21 19:29:14 2025 by rpki-client