This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/3f1d56-8006-497d-af7c-b27c846e0dc5/1/Gafy3MKxqfV8HbAJ5gjaSpT8ZXg.mft File: Gafy3MKxqfV8HbAJ5gjaSpT8ZXg.mft (raw, json) Hash identifier: tFvegX3/KBtWr63C6UpVCFozc7bmlrCQALgKQ5z0lQY= Subject key identifier: 80:52:35:9F:9A:07:EB:70:BA:35:CD:E4:CE:C4:F5:0B:9D:EE:6F:84 Authority key identifier: 19:A7:F2:DC:C2:B1:A9:F5:7C:1D:B0:09:E6:08:DA:4A:94:FC:65:78 Certificate issuer: /CN=19a7f2dcc2b1a9f57c1db009e608da4a94fc6578 Certificate serial: 019B5A88DD54B098E53866084B9D8C8267D4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gafy3MKxqfV8HbAJ5gjaSpT8ZXg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/3f1d56-8006-497d-af7c-b27c846e0dc5/1/Gafy3MKxqfV8HbAJ5gjaSpT8ZXg.mft Manifest number: 25 Signing time: Fri 26 Dec 2025 12:01:17 +0000 Manifest this update: Fri 26 Dec 2025 12:01:17 +0000 Manifest next update: Sat 27 Dec 2025 12:01:17 +0000 Files and hashes: 1: Gafy3MKxqfV8HbAJ5gjaSpT8ZXg.crl (hash: MlsMRrWM3/7zsLP9d0i8WPAnkcMhK7DRxPQkuBMJmNI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/3f1d56-8006-497d-af7c-b27c846e0dc5/1/Gafy3MKxqfV8HbAJ5gjaSpT8ZXg.crl rsync://rpki.ripe.net/repository/DEFAULT/90/3f1d56-8006-497d-af7c-b27c846e0dc5/1/Gafy3MKxqfV8HbAJ5gjaSpT8ZXg.mft rsync://rpki.ripe.net/repository/DEFAULT/Gafy3MKxqfV8HbAJ5gjaSpT8ZXg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:88:dd:54:b0:98:e5:38:66:08:4b:9d:8c:82:67:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=19a7f2dcc2b1a9f57c1db009e608da4a94fc6578 Validity Not Before: Dec 26 12:01:17 2025 GMT Not After : Dec 27 12:01:17 2025 GMT Subject: CN=8052359f9a07eb70ba35cde4cec4f50b9dee6f84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:83:be:a6:61:70:4b:a9:1b:1a:f8:64:06:77: f4:1f:c7:14:20:38:f9:a4:62:78:5f:f2:52:1e:d3: d4:be:4e:db:40:ae:b4:e5:70:25:ce:74:e4:29:6d: 32:dd:5a:17:42:19:34:cb:e6:77:ca:c4:58:f3:98: e2:fb:0b:29:c7:cc:ef:26:c5:37:7f:c2:d8:3e:b7: 16:e7:73:0b:06:18:73:41:38:71:9a:27:a2:b2:c2: ad:07:b4:a5:66:13:bb:75:28:be:54:db:ab:bc:db: 5d:d5:63:0c:52:e0:ea:01:fa:b6:46:b2:e5:79:c5: 18:30:69:3d:31:3b:7e:94:ba:e0:e1:b2:46:3f:6f: e3:e4:51:d0:26:cf:17:d8:39:13:cb:74:ae:8a:a3: ff:f0:cf:b0:68:bb:8a:4d:c8:79:95:28:00:31:ef: bc:19:b6:8e:28:68:49:86:92:9c:23:13:ec:93:0f: e8:fc:8a:ac:c6:d2:bb:31:d9:91:1a:f4:39:28:0f: 63:f9:b3:fd:7b:d1:8c:6d:82:38:fc:30:19:84:74: be:44:88:f4:ba:57:75:38:6a:05:0e:d6:ad:2d:9a: 91:74:c8:a4:5e:98:08:76:ed:83:18:1a:b9:a7:a1: 09:cd:88:59:ef:48:d9:79:c5:e3:33:ea:f7:32:a7: 2b:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:52:35:9F:9A:07:EB:70:BA:35:CD:E4:CE:C4:F5:0B:9D:EE:6F:84 X509v3 Authority Key Identifier: keyid:19:A7:F2:DC:C2:B1:A9:F5:7C:1D:B0:09:E6:08:DA:4A:94:FC:65:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gafy3MKxqfV8HbAJ5gjaSpT8ZXg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/3f1d56-8006-497d-af7c-b27c846e0dc5/1/Gafy3MKxqfV8HbAJ5gjaSpT8ZXg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/3f1d56-8006-497d-af7c-b27c846e0dc5/1/Gafy3MKxqfV8HbAJ5gjaSpT8ZXg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 42:99:8a:d1:ab:8e:c8:f7:49:27:77:82:91:4e:26:69:ed:78: d6:dd:4e:df:b4:d6:4a:97:25:08:5a:6c:ab:6f:06:8d:f8:b9: 27:b1:e9:86:22:77:d7:0e:6e:89:02:7f:43:ad:f8:1c:35:f9: db:6c:f4:04:4e:e0:9b:1d:30:7c:b8:0b:e6:b2:67:76:4b:7e: f6:80:f4:3e:0d:ff:b0:0a:4e:d6:58:fd:52:16:24:e6:14:a8: 12:18:12:81:9f:2c:d9:13:75:20:ba:f6:2e:cb:5b:ec:92:20: 4e:b3:0c:89:c6:3f:f2:48:fb:c6:dc:e9:f7:cd:06:a5:d7:b8: a8:4e:a2:9a:75:b5:ff:f5:ae:ef:c5:63:17:ce:6e:9c:42:2e: 6e:09:18:54:d8:df:53:f1:b5:12:2e:bc:01:cc:e6:0b:b8:64: d9:53:9f:71:e6:ed:43:74:be:67:82:e3:e0:48:3d:88:dd:95: f2:d0:75:fa:dd:8f:1c:ed:c1:7e:51:12:b0:6b:a2:3c:03:fd: d6:21:46:fb:3a:3f:fe:da:17:3f:bc:0d:b8:cc:0c:58:d1:8a: db:32:1e:4c:40:c9:20:29:21:14:a1:2f:8e:23:15:03:a9:35: 8d:74:22:76:91:59:cf:0a:f6:76:34:1b:bc:7e:bc:f7:8a:29: f0:72:2b:63 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaiN1UsJjlOGYIS52MgmfUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE5YTdmMmRjYzJiMWE5ZjU3YzFkYjAwOWU2MDhkYTRhOTRm YzY1NzgwHhcNMjUxMjI2MTIwMTE3WhcNMjUxMjI3MTIwMTE3WjAzMTEwLwYDVQQD Eyg4MDUyMzU5ZjlhMDdlYjcwYmEzNWNkZTRjZWM0ZjUwYjlkZWU2Zjg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroO+pmFwS6kbGvhkBnf0H8cUIDj5 pGJ4X/JSHtPUvk7bQK605XAlznTkKW0y3VoXQhk0y+Z3ysRY85ji+wspx8zvJsU3 f8LYPrcW53MLBhhzQThxmieissKtB7SlZhO7dSi+VNurvNtd1WMMUuDqAfq2RrLl ecUYMGk9MTt+lLrg4bJGP2/j5FHQJs8X2DkTy3SuiqP/8M+waLuKTch5lSgAMe+8 GbaOKGhJhpKcIxPskw/o/IqsxtK7MdmRGvQ5KA9j+bP9e9GMbYI4/DAZhHS+RIj0 uld1OGoFDtatLZqRdMikXpgIdu2DGBq5p6EJzYhZ70jZecXjM+r3MqcrJQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIBSNZ+aB+twujXN5M7E9Qud7m+EMB8GA1UdIwQY MBaAFBmn8tzCsan1fB2wCeYI2kqU/GV4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR2FmeTNNS3hxZlY4SGJBSjVnamFTcFQ4WlhnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8zZjFkNTYtODAwNi00OTdkLWFmN2Mt YjI3Yzg0NmUwZGM1LzEvR2FmeTNNS3hxZlY4SGJBSjVnamFTcFQ4WlhnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC8zZjFkNTYtODAwNi00OTdkLWFmN2MtYjI3Yzg0NmUwZGM1 LzEvR2FmeTNNS3hxZlY4SGJBSjVnamFTcFQ4WlhnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQpmK0auO yPdJJ3eCkU4mae141t1O37TWSpclCFpsq28Gjfi5J7HphiJ31w5uiQJ/Q634HDX5 22z0BE7gmx0wfLgL5rJndkt+9oD0Pg3/sApO1lj9UhYk5hSoEhgSgZ8s2RN1ILr2 Lstb7JIgTrMMicY/8kj7xtzp980Gpde4qE6imnW1//Wu78VjF85unEIubgkYVNjf U/G1Ei68AczmC7hk2VOfcebtQ3S+Z4Lj4Eg9iN2V8tB1+t2PHO3BflESsGuiPAP9 1iFG+zo//toXP7wNuMwMWNGK2zIeTEDJICkhFKEvjiMVA6k1jXQidpFZzwr2djQb vH6894op8HIrYw== -----END CERTIFICATE-----Generated at Fri Dec 26 15:43:15 2025 by rpki-client