This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/100c81-56f5-4db6-a66a-b1043b635a1e/1/1GL5scD2-pylMXZOJtOu0hG_7YE.mft File: 1GL5scD2-pylMXZOJtOu0hG_7YE.mft (raw, json) Hash identifier: z6c1dpnUP7KaW+ErxhOet1TXW9g7xnyC3EGTTEU5nbw= Subject key identifier: B9:EB:BC:B3:1A:7D:90:3E:D8:98:A1:0B:96:D8:55:F1:01:B0:F5:9A Authority key identifier: D4:62:F9:B1:C0:F6:FA:9C:A5:31:76:4E:26:D3:AE:D2:11:BF:ED:81 Certificate issuer: /CN=d462f9b1c0f6fa9ca531764e26d3aed211bfed81 Certificate serial: 019B5A888BEEEB8EF69D131AC0872A78B8D8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1GL5scD2-pylMXZOJtOu0hG_7YE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/100c81-56f5-4db6-a66a-b1043b635a1e/1/1GL5scD2-pylMXZOJtOu0hG_7YE.mft Manifest number: 0DB6 Signing time: Fri 26 Dec 2025 12:00:56 +0000 Manifest this update: Fri 26 Dec 2025 12:00:56 +0000 Manifest next update: Sat 27 Dec 2025 12:00:56 +0000 Files and hashes: 1: 1GL5scD2-pylMXZOJtOu0hG_7YE.crl (hash: Ub3ydLcGUxrH46QhB+TI+iET24T8yxiO/uji4vDn+es=) 2: CzS60ntrl-ifakYiPMHnNys_2hg.roa (hash: gJEVLSYuR5fsAEatKrGL8Os1DpygWBOtVxsvnHWW9x0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/100c81-56f5-4db6-a66a-b1043b635a1e/1/1GL5scD2-pylMXZOJtOu0hG_7YE.crl rsync://rpki.ripe.net/repository/DEFAULT/bb/100c81-56f5-4db6-a66a-b1043b635a1e/1/1GL5scD2-pylMXZOJtOu0hG_7YE.mft rsync://rpki.ripe.net/repository/DEFAULT/1GL5scD2-pylMXZOJtOu0hG_7YE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:88:8b:ee:eb:8e:f6:9d:13:1a:c0:87:2a:78:b8:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d462f9b1c0f6fa9ca531764e26d3aed211bfed81 Validity Not Before: Dec 26 12:00:56 2025 GMT Not After : Dec 27 12:00:56 2025 GMT Subject: CN=b9ebbcb31a7d903ed898a10b96d855f101b0f59a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:43:96:af:51:92:30:5a:36:7e:a0:8e:db:a0: 90:b4:75:7d:2a:37:64:9f:a0:21:0b:08:e6:09:96: 40:c7:aa:5e:6c:89:d7:a6:4f:bc:f1:49:b5:7b:4a: 9b:35:59:b2:21:8b:f7:fe:0e:8e:80:d8:fa:4d:69: 53:4b:90:fc:f5:e6:bb:cb:f6:e4:2d:3c:e9:a8:89: ba:bb:c5:99:53:d0:11:ef:00:fa:b6:f8:be:5b:2e: 86:06:95:d0:3a:8f:1b:66:6b:41:76:f6:d5:dd:2c: a1:9e:89:42:75:88:64:8b:17:68:81:c6:bc:9a:c8: b9:63:1c:a3:7c:ea:ee:e5:8b:2a:a6:8a:e7:dc:48: c2:3e:48:03:cb:7e:16:81:34:f9:59:89:9a:14:7a: 01:68:79:81:19:29:ee:43:7f:a7:2a:f4:c2:e8:13: fb:49:6c:e8:df:41:ea:82:b4:d2:90:c4:2e:fa:18: 52:0b:e0:22:f4:48:a6:ba:56:07:f4:c8:0d:fa:0a: 14:3b:51:3a:59:10:1d:4f:68:0f:2f:8f:d8:b8:51: ba:43:f0:27:21:f9:f2:62:93:b5:58:37:e6:7e:a2: 39:2e:3a:c2:00:08:84:42:c1:d8:fc:8c:a8:a8:7c: 20:07:ee:d1:78:1f:ae:c2:0e:cd:8c:6c:06:0c:6a: 05:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:EB:BC:B3:1A:7D:90:3E:D8:98:A1:0B:96:D8:55:F1:01:B0:F5:9A X509v3 Authority Key Identifier: keyid:D4:62:F9:B1:C0:F6:FA:9C:A5:31:76:4E:26:D3:AE:D2:11:BF:ED:81 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1GL5scD2-pylMXZOJtOu0hG_7YE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/100c81-56f5-4db6-a66a-b1043b635a1e/1/1GL5scD2-pylMXZOJtOu0hG_7YE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/100c81-56f5-4db6-a66a-b1043b635a1e/1/1GL5scD2-pylMXZOJtOu0hG_7YE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 89:14:cf:14:8a:35:5d:05:cd:af:ad:5c:16:06:f3:be:fb:46: f8:d5:2d:c8:9a:b8:50:6b:50:0c:c2:fd:ba:db:b5:3a:ab:00: cb:c0:d5:b9:b9:2a:90:a8:16:34:49:d6:8e:94:ea:24:bf:94: bb:76:63:a7:ef:a3:ba:ff:62:ee:e3:1b:84:15:2b:9f:71:32: 3a:f7:78:50:da:65:ed:d5:7e:0d:38:e6:11:e1:f7:1c:33:dd: c9:0d:90:b5:89:bd:38:90:52:bf:9b:30:44:6a:ed:78:a0:4a: cf:cf:ec:b2:6f:2f:94:19:2a:bc:df:8a:00:41:7b:87:1c:36: 47:4e:2d:95:99:42:93:50:8e:f7:1e:bf:0f:8c:ec:94:b6:52: 97:4e:7a:58:96:86:1b:c7:53:83:b8:37:9e:56:66:39:43:28: 74:5e:bc:63:3f:90:d0:a4:6b:a0:32:a3:76:f5:a9:6d:0f:59: 4b:53:76:94:c1:5c:4d:19:26:c0:5b:3a:48:b3:69:e6:52:55: d0:e9:cf:70:b2:8b:46:6b:49:68:cb:c5:9c:9d:b9:44:e9:a7: 4d:5f:b0:fd:83:ed:26:19:e3:86:06:d8:c1:cb:51:80:8b:a2: ae:b9:5e:c4:8f:6e:de:48:a0:6c:84:65:64:4c:d0:93:e4:db: 9c:42:c3:bb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaiIvu6472nRMawIcqeLjYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0NjJmOWIxYzBmNmZhOWNhNTMxNzY0ZTI2ZDNhZWQyMTFi ZmVkODEwHhcNMjUxMjI2MTIwMDU2WhcNMjUxMjI3MTIwMDU2WjAzMTEwLwYDVQQD EyhiOWViYmNiMzFhN2Q5MDNlZDg5OGExMGI5NmQ4NTVmMTAxYjBmNTlhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4EOWr1GSMFo2fqCO26CQtHV9Kjdk n6AhCwjmCZZAx6pebInXpk+88Um1e0qbNVmyIYv3/g6OgNj6TWlTS5D89ea7y/bk LTzpqIm6u8WZU9AR7wD6tvi+Wy6GBpXQOo8bZmtBdvbV3SyhnolCdYhkixdogca8 msi5YxyjfOru5Ysqporn3EjCPkgDy34WgTT5WYmaFHoBaHmBGSnuQ3+nKvTC6BP7 SWzo30HqgrTSkMQu+hhSC+Ai9EimulYH9MgN+goUO1E6WRAdT2gPL4/YuFG6Q/An IfnyYpO1WDfmfqI5LjrCAAiEQsHY/IyoqHwgB+7ReB+uwg7NjGwGDGoF9wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLnrvLMafZA+2JihC5bYVfEBsPWaMB8GA1UdIwQY MBaAFNRi+bHA9vqcpTF2TibTrtIRv+2BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUdMNXNjRDItcHlsTVhaT0p0T3UwaEdfN1lFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8xMDBjODEtNTZmNS00ZGI2LWE2NmEt YjEwNDNiNjM1YTFlLzEvMUdMNXNjRDItcHlsTVhaT0p0T3UwaEdfN1lFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYi8xMDBjODEtNTZmNS00ZGI2LWE2NmEtYjEwNDNiNjM1YTFl LzEvMUdMNXNjRDItcHlsTVhaT0p0T3UwaEdfN1lFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiRTPFIo1 XQXNr61cFgbzvvtG+NUtyJq4UGtQDML9utu1OqsAy8DVubkqkKgWNEnWjpTqJL+U u3Zjp++juv9i7uMbhBUrn3EyOvd4UNpl7dV+DTjmEeH3HDPdyQ2QtYm9OJBSv5sw RGrteKBKz8/ssm8vlBkqvN+KAEF7hxw2R04tlZlCk1CO9x6/D4zslLZSl056WJaG G8dTg7g3nlZmOUModF68Yz+Q0KRroDKjdvWpbQ9ZS1N2lMFcTRkmwFs6SLNp5lJV 0OnPcLKLRmtJaMvFnJ25ROmnTV+w/YPtJhnjhgbYwctRgIuirrlexI9u3kigbIRl ZEzQk+TbnELDuw== -----END CERTIFICATE-----Generated at Fri Dec 26 16:03:37 2025 by rpki-client