This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.mft File: Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.mft (raw, json) Hash identifier: ezwMMPJBADPk2/JGIGGAK/0vxqnXfuO0fUHIJGaxu+g= Subject key identifier: 44:68:61:CA:8F:6E:70:F5:10:75:32:33:4D:93:9B:74:F7:61:42:43 Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf Certificate serial: 019ACDFC43D0478FC2B07AFFBC5F91D07286 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.mft Manifest number: 0F9A Signing time: Sat 29 Nov 2025 05:00:52 +0000 Manifest this update: Sat 29 Nov 2025 05:00:52 +0000 Manifest next update: Sun 30 Nov 2025 05:00:52 +0000 Files and hashes: 1: 6Yaz7qIk9ypgtGOB0Q9-XcSOAZE.roa (hash: qU0XOf7YigdPVnIfF1J7JtsuRC2jMiFg1/aun3pCmRQ=) 2: 72ompPbzpmnzneIjTtp_bgxv8to.roa (hash: aazsmeYdXGvcDu68YTmlm+z5hJVBvjGJrpJeAcUoELg=) 3: CwLyd1hvwwCpFrY0FJN9R0kCAHM.roa (hash: +InSu+wwGa8+l0ZRRpkm67RN4rfJwmt9k3CDaWDpGUM=) 4: EoqOLJZzdQ3i-M95BH6ZqX7Pq-o.roa (hash: a3yd5mlm4a54YbLPpH0dQXH+MNyJ+T7A5cQjTmvitXU=) 5: Gl-ggUsVmmpqDcNPHMzYBGmrMA8.roa (hash: xk0/xdnScysXdBoKt0IBKKmaEmn7cglicebHN1EZ2bo=) 6: Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl (hash: MTXpy1VEC9s7L9a/LXk/j+lyVy7nijyyGNFLa0rQjGA=) 7: J8otkOOOFhMQcKskyfSet45vpaA.roa (hash: OKOZ6+uREzTIvRtmYWOfCPq5FGMam+EbPwErDVD6eGc=) 8: dPBOUNuMluSVUVsbkWd3r_lebgU.roa (hash: pOELbtPhwT+Xz573ShVJg/36cMfG9CcY6YmD29hT1jk=) 9: h4WPx1Sgez5mjA1QOYWXTeKaf6I.roa (hash: j0LdK7x2Tf65HMuHIG0cj+mnli0iJ+gVK8H+vxjuT5g=) 10: jFuP-GeZY6Z37SVSGqClEWTPyy4.roa (hash: 65ZwPuCoL1Qqn8JPgxAd7UOuJekWTxCoLNYfjh3KVJo=) 11: m6IyPWEEbbAvvvSNw5JH6euTQ7A.roa (hash: 06SutFrXFPpCbXeexyGeEPlk43CPE0aY99qdVjAphr0=) 12: vmyAzNx7YC2gCU3FErnhSsG464E.roa (hash: b2H/65WWZwau4OQRXdpkdBOUisTMki5wQZ0WO+I8q90=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.mft rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 30 Nov 2025 05:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:cd:fc:43:d0:47:8f:c2:b0:7a:ff:bc:5f:91:d0:72:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf Validity Not Before: Nov 29 05:00:52 2025 GMT Not After : Nov 30 05:00:52 2025 GMT Subject: CN=446861ca8f6e70f5107532334d939b74f7614243 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:65:7a:51:43:d2:74:22:c2:e9:23:67:65:52: 89:c9:61:e5:4a:2e:2d:ee:7a:95:c2:46:c1:02:af: 7a:4c:e0:06:b9:a7:49:55:b1:8d:62:c0:87:15:53: bc:68:69:71:26:f6:dc:2d:2a:5b:d1:2d:15:1d:b4: bd:a0:68:3e:12:75:e3:53:3e:2e:bb:b0:db:77:a6: 28:d3:22:ef:38:92:6e:f8:e4:a0:27:74:a6:c4:77: b9:a2:0e:6b:07:c3:1a:c8:55:32:c8:9e:45:0f:e2: a1:5c:4d:48:4a:7f:60:72:92:90:4c:08:f2:c4:dd: 53:b3:90:d7:de:39:77:ff:14:51:74:15:26:3c:f9: db:0f:e1:49:58:0f:38:e7:de:2f:3b:e7:4d:cd:60: 38:2b:3d:ea:e7:66:cc:21:ef:c6:f2:9c:a6:76:96: 84:e1:c8:e3:39:93:6b:e8:fa:65:69:f8:6a:24:00: 51:58:59:e2:f6:9d:45:69:0e:aa:3b:6c:c4:f3:1b: 43:9e:4f:b7:f1:9a:fb:62:89:47:eb:bc:f9:33:a9: 48:02:01:89:a1:85:3e:8f:7a:bb:bb:b7:b6:c1:dd: a4:5d:23:7f:69:f0:5a:f9:c3:d7:00:3a:90:af:35: 40:2d:94:22:68:3f:de:cb:26:25:87:17:ae:75:dc: f5:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:68:61:CA:8F:6E:70:F5:10:75:32:33:4D:93:9B:74:F7:61:42:43 X509v3 Authority Key Identifier: keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 54:64:2f:67:54:61:5c:45:b1:6d:a7:7e:be:63:ba:f9:c0:84: a4:d2:14:94:be:38:7b:e6:f9:ca:00:dd:d8:bc:77:88:26:b1: 9b:58:bb:5d:71:e3:ed:8a:0e:ce:7a:aa:cc:af:97:9e:d4:2e: 11:d4:a1:8a:a4:0e:28:70:1b:64:cf:8b:5d:91:1b:ae:1e:26: db:87:f5:06:6a:ed:ba:01:1e:3e:1b:25:4b:f3:f7:d4:06:40: 99:2d:b8:00:14:da:8d:c5:9a:ee:e0:d2:89:f6:0d:36:61:c3: 8b:3e:66:72:1d:49:82:93:45:66:41:c3:bb:94:71:61:79:be: 94:da:af:0d:fa:59:95:ae:d5:4e:2b:fa:aa:ee:5f:41:86:54: 4c:a3:b5:96:8c:06:79:5f:ae:0d:75:2c:57:b6:d7:93:24:7f: 24:3b:d9:fa:c5:b7:d4:ed:ca:4c:c5:38:02:e1:e5:fd:d5:cc: b6:e6:0d:d5:65:19:70:00:19:29:ea:ae:13:15:74:27:24:14: 56:a9:6d:4f:16:06:12:ec:a7:c8:89:c0:bd:a4:e6:ab:10:ac: 3b:06:1d:7d:21:09:47:18:b7:05:31:53:e0:75:98:9f:98:b4: 07:90:92:62:ec:1f:22:68:4b:49:77:75:3a:36:2f:8a:be:d4: 49:09:0f:0c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrN/EPQR4/CsHr/vF+R0HKGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2 OTczY2YwHhcNMjUxMTI5MDUwMDUyWhcNMjUxMTMwMDUwMDUyWjAzMTEwLwYDVQQD Eyg0NDY4NjFjYThmNmU3MGY1MTA3NTMyMzM0ZDkzOWI3NGY3NjE0MjQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2V6UUPSdCLC6SNnZVKJyWHlSi4t 7nqVwkbBAq96TOAGuadJVbGNYsCHFVO8aGlxJvbcLSpb0S0VHbS9oGg+EnXjUz4u u7Dbd6Yo0yLvOJJu+OSgJ3SmxHe5og5rB8MayFUyyJ5FD+KhXE1ISn9gcpKQTAjy xN1Ts5DX3jl3/xRRdBUmPPnbD+FJWA84594vO+dNzWA4Kz3q52bMIe/G8pymdpaE 4cjjOZNr6PplafhqJABRWFni9p1FaQ6qO2zE8xtDnk+38Zr7YolH67z5M6lIAgGJ oYU+j3q7u7e2wd2kXSN/afBa+cPXADqQrzVALZQiaD/eyyYlhxeuddz1zwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFERoYcqPbnD1EHUyM02Tm3T3YUJDMB8GA1UdIwQY MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It MzQwZDYyNWM2ZGJhLzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVGQvZ1Rh XEWxbad+vmO6+cCEpNIUlL44e+b5ygDd2Lx3iCaxm1i7XXHj7YoOznqqzK+XntQu EdShiqQOKHAbZM+LXZEbrh4m24f1BmrtugEePhslS/P31AZAmS24ABTajcWa7uDS ifYNNmHDiz5mch1JgpNFZkHDu5RxYXm+lNqvDfpZla7VTiv6qu5fQYZUTKO1lowG eV+uDXUsV7bXkyR/JDvZ+sW31O3KTMU4AuHl/dXMtuYN1WUZcAAZKequExV0JyQU VqltTxYGEuynyInAvaTmqxCsOwYdfSEJRxi3BTFT4HWYn5i0B5CSYuwfImhLSXd1 OjYvir7USQkPDA== -----END CERTIFICATE-----Generated at Sat Nov 29 11:50:30 2025 by rpki-client