This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft File: 2Gcf4VfnflYoTFTVLi3w1_4609k.mft (raw, json) Hash identifier: KwAYcP+kjiX+Iz9BCcmO7SmE0G3Ff3d8af36gqHHXk0= Subject key identifier: EA:87:05:58:BC:0E:29:08:CE:35:51:3F:08:8E:25:27:34:20:88:85 Authority key identifier: D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9 Certificate issuer: /CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9 Certificate serial: 019B58D15849DC35741F6C350C01EF4A8536 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft Manifest number: 1428 Signing time: Fri 26 Dec 2025 04:01:13 +0000 Manifest this update: Fri 26 Dec 2025 04:01:13 +0000 Manifest next update: Sat 27 Dec 2025 04:01:13 +0000 Files and hashes: 1: 2Gcf4VfnflYoTFTVLi3w1_4609k.crl (hash: 1z+XkVOgcnSLjU8edHZfLVSzlIRrh5Scgi7Uq8OEeQo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 04:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:58:d1:58:49:dc:35:74:1f:6c:35:0c:01:ef:4a:85:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9 Validity Not Before: Dec 26 04:01:13 2025 GMT Not After : Dec 27 04:01:13 2025 GMT Subject: CN=ea870558bc0e2908ce35513f088e252734208885 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:2b:a6:34:99:10:da:e7:1a:9c:81:91:52:e2: 4c:c7:38:3d:4b:e6:47:25:f3:41:6b:3c:df:ff:c4: ca:f0:d4:4c:7f:5c:33:30:ea:b5:ef:b0:b0:a2:72: 38:b8:8d:b0:13:53:5b:46:5d:62:b7:b4:16:af:6e: c5:07:da:fa:6f:87:b6:51:dc:94:ef:2b:a5:81:7c: 05:45:20:ae:bd:b9:ea:d7:fd:08:c4:e5:c4:97:cd: 13:4c:46:20:bf:b3:2a:49:cc:58:40:f6:ee:e9:74: c5:25:65:4f:db:0a:e4:79:57:58:94:14:e1:2d:dc: 8d:1a:b2:47:a0:ff:ad:c0:6e:df:34:dd:88:f8:a4: 16:58:47:a0:ad:79:dd:d8:aa:42:1c:4f:44:65:68: 2d:e9:4d:7c:8d:1c:56:27:64:03:0d:71:30:04:78: 6a:1e:cf:71:fc:c7:32:6c:c3:5f:b0:c2:dd:a9:02: dc:07:19:0d:e8:32:a9:64:ee:4c:69:ff:40:97:3e: fa:a5:54:a3:c4:d8:3a:0e:d8:fb:af:99:2f:b1:14: 3c:53:2e:7c:9f:99:28:99:dd:89:f6:8a:8a:86:d3: 07:6c:9d:53:10:a1:68:f9:9a:27:e3:f4:66:45:2a: 3e:99:a1:a6:f7:f4:24:86:d1:ab:20:74:8d:ec:95: 47:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:87:05:58:BC:0E:29:08:CE:35:51:3F:08:8E:25:27:34:20:88:85 X509v3 Authority Key Identifier: keyid:D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 25:fa:70:1e:41:45:74:63:77:0c:f0:30:e7:7d:71:f6:15:39: b2:3b:04:7a:96:8e:ba:5d:37:76:a7:2c:05:5a:12:e7:da:2b: 9c:34:97:b5:d6:6a:a1:55:74:3f:2f:cf:e3:c0:92:a1:fd:52: 69:9a:ef:d6:b5:13:5c:b8:9a:55:20:35:57:c3:c8:2c:7f:03: 22:9e:c9:f4:69:bc:b4:fc:16:a9:26:ba:f0:ec:05:9d:6d:ee: 20:07:4a:d1:58:10:10:c3:0a:31:1b:52:3a:cd:12:55:9b:96: 37:6f:8d:7f:a7:82:f8:10:4d:ae:b8:93:92:03:55:45:86:5f: 97:37:70:19:6a:2c:b5:f1:99:53:cc:0d:29:b5:cf:f0:7d:33: a3:3e:5b:a0:37:8d:f4:05:0e:2f:dc:8a:9d:97:e6:47:4e:19: c5:42:ea:07:1d:73:08:7a:bd:59:10:74:e2:fb:b2:fe:54:19: d9:a0:41:55:aa:6e:7c:84:5e:0f:60:eb:f8:7e:7a:da:db:26: 26:df:4a:3a:c9:56:53:07:90:d0:38:b9:ad:09:bc:92:4f:c8: ee:78:dd:3c:3d:97:da:88:49:15:d5:98:fa:39:1b:43:00:23: 9b:6f:d4:f4:d6:76:b2:ff:c0:d0:84:77:79:76:35:7d:88:02: ce:a3:94:54 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtY0VhJ3DV0H2w1DAHvSoU2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4NjcxZmUxNTdlNzdlNTYyODRjNTRkNTJlMmRmMGQ3ZmUz YWQzZDkwHhcNMjUxMjI2MDQwMTEzWhcNMjUxMjI3MDQwMTEzWjAzMTEwLwYDVQQD EyhlYTg3MDU1OGJjMGUyOTA4Y2UzNTUxM2YwODhlMjUyNzM0MjA4ODg1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyumNJkQ2ucanIGRUuJMxzg9S+ZH JfNBazzf/8TK8NRMf1wzMOq177CwonI4uI2wE1NbRl1it7QWr27FB9r6b4e2UdyU 7yulgXwFRSCuvbnq1/0IxOXEl80TTEYgv7MqScxYQPbu6XTFJWVP2wrkeVdYlBTh LdyNGrJHoP+twG7fNN2I+KQWWEegrXnd2KpCHE9EZWgt6U18jRxWJ2QDDXEwBHhq Hs9x/McybMNfsMLdqQLcBxkN6DKpZO5Maf9Alz76pVSjxNg6Dtj7r5kvsRQ8Uy58 n5komd2J9oqKhtMHbJ1TEKFo+Zon4/RmRSo+maGm9/QkhtGrIHSN7JVHnwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOqHBVi8DikIzjVRPwiOJSc0IIiFMB8GA1UdIwQY MBaAFNhnH+FX535WKExU1S4t8Nf+OtPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMt MWVhYmZmYWFmZjE5LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMtMWVhYmZmYWFmZjE5 LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJfpwHkFF dGN3DPAw531x9hU5sjsEepaOul03dqcsBVoS59ornDSXtdZqoVV0Py/P48CSof1S aZrv1rUTXLiaVSA1V8PILH8DIp7J9Gm8tPwWqSa68OwFnW3uIAdK0VgQEMMKMRtS Os0SVZuWN2+Nf6eC+BBNrriTkgNVRYZflzdwGWostfGZU8wNKbXP8H0zoz5boDeN 9AUOL9yKnZfmR04ZxULqBx1zCHq9WRB04vuy/lQZ2aBBVapufIReD2Dr+H562tsm Jt9KOslWUweQ0Di5rQm8kk/I7njdPD2X2ohJFdWY+jkbQwAjm2/U9NZ2sv/A0IR3 eXY1fYgCzqOUVA== -----END CERTIFICATE-----Generated at Fri Dec 26 14:16:56 2025 by rpki-client