This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft File: 1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft (raw, json) Hash identifier: aY90DPkhZ4bNfPPneyGzSZp1oug6DM1BFL1r9VQXHXs= Subject key identifier: 92:15:32:39:1B:A6:85:4F:20:C0:A3:68:08:97:36:5A:1F:FB:AE:8F Authority key identifier: D6:0C:E3:44:38:60:A7:F7:0D:43:35:07:76:90:9A:48:10:A4:86:21 Certificate issuer: /CN=d60ce3443860a7f70d43350776909a4810a48621 Certificate serial: 019B21749BEEC9888D0AF272D976820A8896 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft Manifest number: 0CBF Signing time: Mon 15 Dec 2025 10:00:48 +0000 Manifest this update: Mon 15 Dec 2025 10:00:48 +0000 Manifest next update: Tue 16 Dec 2025 10:00:48 +0000 Files and hashes: 1: 1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl (hash: Djvr+HX453r/PhQoAXKEoj26wdAKemAamr+wEgHZ6Wc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 10:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:74:9b:ee:c9:88:8d:0a:f2:72:d9:76:82:0a:88:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d60ce3443860a7f70d43350776909a4810a48621 Validity Not Before: Dec 15 10:00:48 2025 GMT Not After : Dec 16 10:00:48 2025 GMT Subject: CN=921532391ba6854f20c0a3680897365a1ffbae8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:1a:d1:9b:6d:49:9a:97:36:49:45:ec:69:0e: cd:47:33:ce:f0:ee:55:00:34:7c:76:a1:a8:88:34: 5b:fe:04:7d:22:38:76:98:7b:f2:79:5c:33:39:6c: 3d:c9:1e:f0:f0:bb:cc:5b:20:91:b7:da:18:47:04: bc:bd:93:58:28:7f:e7:0c:7f:d4:5b:b9:c2:c3:e0: 19:77:cc:cd:da:7e:85:ec:62:b4:4b:87:44:ed:17: 78:0d:68:11:36:38:8a:0d:10:66:46:ff:ba:3d:b3: e0:c1:44:25:d1:a2:74:82:fc:32:bb:5a:26:9a:3c: 92:02:63:7c:61:0c:58:c1:ad:ed:a3:38:40:14:65: 07:86:b9:1b:86:62:1c:90:f8:84:79:a6:29:2a:5d: 27:94:34:0e:0b:ed:c9:a8:ae:ee:90:01:06:56:40: 68:21:80:4e:2e:24:10:ba:da:6b:18:07:21:65:8b: 38:f4:d7:3d:e5:8a:66:0d:b8:22:26:f5:80:53:57: ff:86:95:a2:b2:f4:a6:9d:e4:30:42:c3:17:54:d2: 09:c7:cd:e7:2b:c8:fa:b4:9b:6b:44:d3:64:e9:1d: fc:60:53:35:49:7d:c0:9a:4f:71:f5:c5:fb:8a:34: 5c:ff:64:10:f9:1a:84:5d:f2:ba:57:47:05:87:79: 1a:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:15:32:39:1B:A6:85:4F:20:C0:A3:68:08:97:36:5A:1F:FB:AE:8F X509v3 Authority Key Identifier: keyid:D6:0C:E3:44:38:60:A7:F7:0D:43:35:07:76:90:9A:48:10:A4:86:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:99:2c:05:8d:4d:8e:1f:50:01:1d:f3:0c:da:df:07:7c:55: 85:de:85:fa:05:93:47:ad:61:08:6c:9a:7b:8a:7e:03:36:66: ae:a7:da:16:77:92:9f:8c:bc:69:be:66:a4:e2:15:82:a9:5d: 65:fa:36:5a:0c:06:29:12:0c:be:d2:3b:26:9f:2b:5d:7f:d4: 14:bb:23:44:58:81:ea:b3:32:56:63:3f:b4:5f:c2:00:6a:07: 26:72:0c:1f:46:0f:0f:80:40:43:24:b3:60:4a:b5:ea:6d:40: b4:c9:7f:39:c8:c7:3e:33:cd:40:76:c4:31:5b:50:3f:2e:3d: 25:d4:39:b7:4b:d7:43:b0:4f:f6:83:e8:aa:b1:8c:b9:11:a5: 1c:bd:b3:f1:ce:19:69:59:a7:ee:90:8e:d9:2b:10:6c:bf:dc: 0f:51:54:e0:a4:48:67:ba:a2:3d:44:e7:01:89:e9:87:4a:08: 7d:34:10:93:2e:2d:74:bb:9a:90:ec:9a:68:fe:57:31:bd:db: 93:2f:fc:ed:ba:c4:d5:45:2e:4d:b1:be:30:08:63:94:eb:df: 31:94:94:f0:09:28:49:b3:53:56:8e:64:a8:2c:75:c9:24:d8: 40:31:55:a1:fb:98:13:4d:52:76:14:3b:60:73:8d:59:cd:90: c8:00:74:3c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZshdJvuyYiNCvJy2XaCCoiWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ2MGNlMzQ0Mzg2MGE3ZjcwZDQzMzUwNzc2OTA5YTQ4MTBh NDg2MjEwHhcNMjUxMjE1MTAwMDQ4WhcNMjUxMjE2MTAwMDQ4WjAzMTEwLwYDVQQD Eyg5MjE1MzIzOTFiYTY4NTRmMjBjMGEzNjgwODk3MzY1YTFmZmJhZThmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BrRm21Jmpc2SUXsaQ7NRzPO8O5V ADR8dqGoiDRb/gR9Ijh2mHvyeVwzOWw9yR7w8LvMWyCRt9oYRwS8vZNYKH/nDH/U W7nCw+AZd8zN2n6F7GK0S4dE7Rd4DWgRNjiKDRBmRv+6PbPgwUQl0aJ0gvwyu1om mjySAmN8YQxYwa3tozhAFGUHhrkbhmIckPiEeaYpKl0nlDQOC+3JqK7ukAEGVkBo IYBOLiQQutprGAchZYs49Nc95YpmDbgiJvWAU1f/hpWisvSmneQwQsMXVNIJx83n K8j6tJtrRNNk6R38YFM1SX3Amk9x9cX7ijRc/2QQ+RqEXfK6V0cFh3kaOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJIVMjkbpoVPIMCjaAiXNlof+66PMB8GA1UdIwQY MBaAFNYM40Q4YKf3DUM1B3aQmkgQpIYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wODY0YzMtODYwYi00MWMwLTk0MTct ZGFmZmU1MmI5ZjBkLzEvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNy8wODY0YzMtODYwYi00MWMwLTk0MTctZGFmZmU1MmI5ZjBk LzEvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV5ksBY1N jh9QAR3zDNrfB3xVhd6F+gWTR61hCGyae4p+AzZmrqfaFneSn4y8ab5mpOIVgqld Zfo2WgwGKRIMvtI7Jp8rXX/UFLsjRFiB6rMyVmM/tF/CAGoHJnIMH0YPD4BAQySz YEq16m1AtMl/OcjHPjPNQHbEMVtQPy49JdQ5t0vXQ7BP9oPoqrGMuRGlHL2z8c4Z aVmn7pCO2SsQbL/cD1FU4KRIZ7qiPUTnAYnph0oIfTQQky4tdLuakOyaaP5XMb3b ky/87brE1UUuTbG+MAhjlOvfMZSU8AkoSbNTVo5kqCx1ySTYQDFVofuYE01SdhQ7 YHONWc2QyAB0PA== -----END CERTIFICATE-----Generated at Mon Dec 15 16:56:09 2025 by rpki-client