This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/bf580b-e912-4c1d-9e50-57b91e815330/1/GdlgBYpVOz9d-f5ychkDfEirUOE.mft File: GdlgBYpVOz9d-f5ychkDfEirUOE.mft (raw, json) Hash identifier: +PnZ1EvhihfTqEUtswI98Yf/BWZ7WCfT1BPYGnJgaHc= Subject key identifier: E4:F2:58:D3:84:2B:72:68:F4:84:15:10:9A:EB:0C:6D:E6:C9:F7:6F Authority key identifier: 19:D9:60:05:8A:55:3B:3F:5D:F9:FE:72:72:19:03:7C:48:AB:50:E1 Certificate issuer: /CN=19d960058a553b3f5df9fe727219037c48ab50e1 Certificate serial: 019B4926CF921AFAA1E00B085C9D844C6863 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GdlgBYpVOz9d-f5ychkDfEirUOE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/bf580b-e912-4c1d-9e50-57b91e815330/1/GdlgBYpVOz9d-f5ychkDfEirUOE.mft Manifest number: 0E5F Signing time: Tue 23 Dec 2025 03:00:38 +0000 Manifest this update: Tue 23 Dec 2025 03:00:38 +0000 Manifest next update: Wed 24 Dec 2025 03:00:38 +0000 Files and hashes: 1: GdlgBYpVOz9d-f5ychkDfEirUOE.crl (hash: z+mPcb7lIcCD05tgPaeyv9RjKx5cUL6duoNdiyo2dJE=) 2: X3uPBxzPVXv3n_QN1aGdKbmuIRY.roa (hash: hUPc8yRkBzbeF7M/RRJW79E+lPzVmxoaNEB54waojEo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/bf580b-e912-4c1d-9e50-57b91e815330/1/GdlgBYpVOz9d-f5ychkDfEirUOE.crl rsync://rpki.ripe.net/repository/DEFAULT/87/bf580b-e912-4c1d-9e50-57b91e815330/1/GdlgBYpVOz9d-f5ychkDfEirUOE.mft rsync://rpki.ripe.net/repository/DEFAULT/GdlgBYpVOz9d-f5ychkDfEirUOE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 03:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:49:26:cf:92:1a:fa:a1:e0:0b:08:5c:9d:84:4c:68:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=19d960058a553b3f5df9fe727219037c48ab50e1 Validity Not Before: Dec 23 03:00:38 2025 GMT Not After : Dec 24 03:00:38 2025 GMT Subject: CN=e4f258d3842b7268f48415109aeb0c6de6c9f76f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:26:9f:14:64:7f:9e:23:02:8a:34:48:d9:99: c9:db:00:d5:18:38:94:6d:2e:32:98:03:2c:76:1f: 2d:2e:8e:76:f0:58:d0:8d:d9:94:72:27:c9:21:5f: 1a:9f:a4:0f:0c:03:6f:d3:8b:0e:49:92:5c:b8:73: 11:15:ab:21:cb:33:8b:ac:18:e7:1a:e9:3e:c3:fb: 68:0f:4c:08:f2:87:f4:d6:41:cf:4f:58:5d:e9:17: 50:d2:c8:fb:00:d6:39:30:86:7f:3f:97:50:5b:0e: 21:d3:23:ca:5c:50:aa:68:c9:34:8f:34:5e:a6:00: 60:4b:c4:d1:d7:7f:be:98:40:ff:1f:ff:c6:0d:89: 8d:c2:70:7c:fb:f0:3f:40:bf:30:d2:f9:f8:57:9e: c4:1c:43:ce:ef:f2:34:08:1e:85:b9:25:d7:54:53: 5f:95:de:67:64:3e:33:ca:5e:aa:d4:fc:56:64:46: a6:fd:ec:f8:09:48:a9:d6:85:74:86:e6:e9:7f:a5: f3:00:7c:e6:91:eb:3b:20:2e:00:0c:aa:a3:25:cc: b3:fc:d4:22:07:9e:d7:d5:ce:88:7e:d3:7d:1c:cd: 33:b7:e9:8e:22:31:6e:37:bc:8c:48:be:16:53:c2: cb:93:45:85:7c:27:2e:03:54:fb:a8:2e:aa:08:a9: 59:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:F2:58:D3:84:2B:72:68:F4:84:15:10:9A:EB:0C:6D:E6:C9:F7:6F X509v3 Authority Key Identifier: keyid:19:D9:60:05:8A:55:3B:3F:5D:F9:FE:72:72:19:03:7C:48:AB:50:E1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GdlgBYpVOz9d-f5ychkDfEirUOE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/bf580b-e912-4c1d-9e50-57b91e815330/1/GdlgBYpVOz9d-f5ychkDfEirUOE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/bf580b-e912-4c1d-9e50-57b91e815330/1/GdlgBYpVOz9d-f5ychkDfEirUOE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:b4:19:ba:64:d7:4c:27:93:1d:5c:47:8e:8f:b6:20:24:45: 51:88:10:79:45:32:c3:f0:12:76:f7:7f:16:b1:3b:64:89:54: 0e:51:73:2f:d5:87:a7:91:50:72:97:84:2f:fa:a5:44:44:0e: 72:82:e8:4e:08:93:ba:0d:19:26:ff:38:3d:e7:54:2b:d5:93: cb:73:62:bd:31:b4:6e:b7:cc:62:cd:4f:08:79:df:80:0d:e0: c3:26:59:f7:62:34:8c:c1:4c:42:42:24:a7:0e:7c:b6:b1:ac: 8e:e6:a3:af:d4:ee:d9:43:18:90:33:ae:5c:f7:2b:c3:28:c2: 4f:eb:c5:0e:91:79:25:4c:a4:9e:ee:34:5f:c4:cd:71:e6:2d: 0d:bd:d0:b3:4d:06:c7:8e:18:54:7e:21:a2:59:e9:44:14:68: 8d:7b:68:a1:8d:ab:31:cd:47:4b:7d:09:31:b3:be:9f:d6:53: cc:ec:f9:b7:dd:9f:f8:2d:97:c2:6b:62:19:1d:ca:9a:9f:d2: c0:16:b4:25:59:8f:1f:fe:e6:34:10:c5:82:32:93:0d:e7:98: e5:91:f3:cd:c2:d8:11:7a:5c:ad:8c:05:72:44:94:2c:cf:2d: 10:9a:45:9c:15:d8:f3:ff:ff:8a:6e:8a:e5:bf:47:23:ef:06: 5a:ec:79:63 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtJJs+SGvqh4AsIXJ2ETGhjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE5ZDk2MDA1OGE1NTNiM2Y1ZGY5ZmU3MjcyMTkwMzdjNDhh YjUwZTEwHhcNMjUxMjIzMDMwMDM4WhcNMjUxMjI0MDMwMDM4WjAzMTEwLwYDVQQD EyhlNGYyNThkMzg0MmI3MjY4ZjQ4NDE1MTA5YWViMGM2ZGU2YzlmNzZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCafFGR/niMCijRI2ZnJ2wDVGDiU bS4ymAMsdh8tLo528FjQjdmUcifJIV8an6QPDANv04sOSZJcuHMRFashyzOLrBjn Guk+w/toD0wI8of01kHPT1hd6RdQ0sj7ANY5MIZ/P5dQWw4h0yPKXFCqaMk0jzRe pgBgS8TR13++mED/H//GDYmNwnB8+/A/QL8w0vn4V57EHEPO7/I0CB6FuSXXVFNf ld5nZD4zyl6q1PxWZEam/ez4CUip1oV0hubpf6XzAHzmkes7IC4ADKqjJcyz/NQi B57X1c6IftN9HM0zt+mOIjFuN7yMSL4WU8LLk0WFfCcuA1T7qC6qCKlZBQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOTyWNOEK3Jo9IQVEJrrDG3myfdvMB8GA1UdIwQY MBaAFBnZYAWKVTs/Xfn+cnIZA3xIq1DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR2RsZ0JZcFZPejlkLWY1eWNoa0RmRWlyVU9FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9iZjU4MGItZTkxMi00YzFkLTllNTAt NTdiOTFlODE1MzMwLzEvR2RsZ0JZcFZPejlkLWY1eWNoa0RmRWlyVU9FLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny9iZjU4MGItZTkxMi00YzFkLTllNTAtNTdiOTFlODE1MzMw LzEvR2RsZ0JZcFZPejlkLWY1eWNoa0RmRWlyVU9FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATbQZumTX TCeTHVxHjo+2ICRFUYgQeUUyw/ASdvd/FrE7ZIlUDlFzL9WHp5FQcpeEL/qlREQO coLoTgiTug0ZJv84PedUK9WTy3NivTG0brfMYs1PCHnfgA3gwyZZ92I0jMFMQkIk pw58trGsjuajr9Tu2UMYkDOuXPcrwyjCT+vFDpF5JUyknu40X8TNceYtDb3Qs00G x44YVH4holnpRBRojXtooY2rMc1HS30JMbO+n9ZTzOz5t92f+C2XwmtiGR3Kmp/S wBa0JVmPH/7mNBDFgjKTDeeY5ZHzzcLYEXpcrYwFckSULM8tEJpFnBXY8///im6K 5b9HI+8GWux5Yw== -----END CERTIFICATE-----Generated at Tue Dec 23 10:53:58 2025 by rpki-client