This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft File: goIekswnAHYZMDmOI4DCOqR1XxY.mft (raw, json) Hash identifier: wbZ76QHd/Jd6icMVtppfIMF/v7pCfQp3vrkJAIolE6o= Subject key identifier: 76:5E:03:B5:DF:CD:DE:DA:DE:B7:95:21:5A:8B:5C:B8:FB:10:C9:B5 Authority key identifier: 82:82:1E:92:CC:27:00:76:19:30:39:8E:23:80:C2:3A:A4:75:5F:16 Certificate issuer: /CN=82821e92cc2700761930398e2380c23aa4755f16 Certificate serial: 019B2D0B72F46970D439774C0036F6E871BF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft Manifest number: 0835 Signing time: Wed 17 Dec 2025 16:01:23 +0000 Manifest this update: Wed 17 Dec 2025 16:01:23 +0000 Manifest next update: Thu 18 Dec 2025 16:01:23 +0000 Files and hashes: 1: goIekswnAHYZMDmOI4DCOqR1XxY.crl (hash: wEi8/gh08qNu8oFeeEkR0xwRnV8flI6Onl5L8UKGzgw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2d:0b:72:f4:69:70:d4:39:77:4c:00:36:f6:e8:71:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=82821e92cc2700761930398e2380c23aa4755f16 Validity Not Before: Dec 17 16:01:23 2025 GMT Not After : Dec 18 16:01:23 2025 GMT Subject: CN=765e03b5dfcddedadeb795215a8b5cb8fb10c9b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:61:d1:b0:42:9a:06:57:04:92:0d:4d:a5:ac: 8c:48:89:06:b3:7a:66:5b:e8:70:9b:bc:8a:e9:4a: b4:92:6f:e6:f5:ff:5d:9e:35:49:1d:81:82:e3:48: ce:0f:12:1e:66:52:a1:84:40:08:e2:0e:43:34:8f: 32:8c:5b:c0:66:ba:a3:33:65:10:3d:d0:2b:5e:bb: 78:f3:19:11:16:5b:75:89:12:4c:5b:ce:5a:58:9c: ee:f3:fa:1a:f0:43:f9:07:fb:4a:24:89:1a:8c:28: 7c:74:91:f7:95:0b:d5:2d:cd:7a:73:96:ff:1c:a8: 61:23:90:83:6d:cc:bf:f7:04:a4:a2:0c:58:2b:54: e6:46:68:4f:19:6b:3f:80:0e:56:3a:84:1e:0a:5b: 0c:8b:24:30:a6:b7:09:ea:f9:ac:3f:93:e3:d7:dc: fc:80:68:5a:0d:ac:4c:b3:f9:13:67:57:60:61:db: d5:22:b5:09:f6:12:02:d9:3d:8a:91:44:17:a0:f7: a1:c0:95:d9:8d:9b:38:fd:80:c3:c7:e2:a2:d5:c8: a8:f1:f7:af:ef:dc:58:ed:59:aa:77:ef:1d:a6:31: d8:b3:f3:df:bc:66:6b:d5:4d:7d:f7:ec:0f:9a:e4: 08:1e:bd:63:bc:06:c6:dc:72:81:28:49:b9:c6:fe: 9d:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:5E:03:B5:DF:CD:DE:DA:DE:B7:95:21:5A:8B:5C:B8:FB:10:C9:B5 X509v3 Authority Key Identifier: keyid:82:82:1E:92:CC:27:00:76:19:30:39:8E:23:80:C2:3A:A4:75:5F:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:e5:4f:eb:43:48:5f:7f:78:a1:35:b1:62:30:b0:09:98:eb: 4d:61:e9:6e:03:f8:b0:57:ce:05:4c:a4:f5:19:d4:e4:15:66: aa:d8:ac:c5:7c:9b:78:a9:ac:2a:98:06:74:9c:9d:34:6b:de: 4e:02:87:ba:a6:d5:24:dc:8a:39:70:31:0e:be:4f:6d:e7:6a: 6b:0e:ed:47:b5:1d:93:46:05:89:30:72:43:9d:3d:f8:78:88: 00:bb:d9:b2:2b:68:91:9b:53:08:99:e1:8a:f9:64:42:e1:7c: 75:42:9d:df:17:66:93:1e:23:7b:f5:c1:b6:8e:e3:50:61:f4: 14:6f:b8:45:5c:8e:72:d0:0d:48:b0:60:46:96:a6:6a:22:23: 3f:54:ac:20:fe:02:55:ca:eb:c5:57:0a:cc:d3:30:ec:d7:b1: df:e0:01:32:7e:6e:e3:22:64:a8:89:fe:c9:e8:1f:de:fe:a6: 95:ba:18:25:27:a2:73:f9:c8:e6:8f:dd:e3:6d:0a:c3:1d:25: 82:a5:e8:0c:ff:37:fb:0f:f3:8f:28:5c:f4:bb:64:31:4c:1a: a1:75:1b:d0:92:fa:ef:39:b5:0f:12:4a:17:6c:7c:40:15:ef: a6:16:9f:8d:9e:99:60:14:24:43:b9:5f:20:f2:80:b1:58:2d: 00:e3:98:ac -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZstC3L0aXDUOXdMADb26HG/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgyODIxZTkyY2MyNzAwNzYxOTMwMzk4ZTIzODBjMjNhYTQ3 NTVmMTYwHhcNMjUxMjE3MTYwMTIzWhcNMjUxMjE4MTYwMTIzWjAzMTEwLwYDVQQD Eyg3NjVlMDNiNWRmY2RkZWRhZGViNzk1MjE1YThiNWNiOGZiMTBjOWI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2WHRsEKaBlcEkg1NpayMSIkGs3pm W+hwm7yK6Uq0km/m9f9dnjVJHYGC40jODxIeZlKhhEAI4g5DNI8yjFvAZrqjM2UQ PdArXrt48xkRFlt1iRJMW85aWJzu8/oa8EP5B/tKJIkajCh8dJH3lQvVLc16c5b/ HKhhI5CDbcy/9wSkogxYK1TmRmhPGWs/gA5WOoQeClsMiyQwprcJ6vmsP5Pj19z8 gGhaDaxMs/kTZ1dgYdvVIrUJ9hIC2T2KkUQXoPehwJXZjZs4/YDDx+Ki1cio8fev 79xY7Vmqd+8dpjHYs/PfvGZr1U199+wPmuQIHr1jvAbG3HKBKEm5xv6dFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHZeA7Xfzd7a3reVIVqLXLj7EMm1MB8GA1UdIwQY MBaAFIKCHpLMJwB2GTA5jiOAwjqkdV8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8xYjNiYzAtZmFlZC00OGZiLWIzZjAt MDhiNjJiOGVmZTcxLzEvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi8xYjNiYzAtZmFlZC00OGZiLWIzZjAtMDhiNjJiOGVmZTcx LzEvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATOVP60NI X394oTWxYjCwCZjrTWHpbgP4sFfOBUyk9RnU5BVmqtisxXybeKmsKpgGdJydNGve TgKHuqbVJNyKOXAxDr5Pbedqaw7tR7Udk0YFiTByQ509+HiIALvZsitokZtTCJnh ivlkQuF8dUKd3xdmkx4je/XBto7jUGH0FG+4RVyOctANSLBgRpamaiIjP1SsIP4C VcrrxVcKzNMw7Nex3+ABMn5u4yJkqIn+yegf3v6mlboYJSeic/nI5o/d420Kwx0l gqXoDP83+w/zjyhc9LtkMUwaoXUb0JL67zm1DxJKF2x8QBXvphafjZ6ZYBQkQ7lf IPKAsVgtAOOYrA== -----END CERTIFICATE-----Generated at Wed Dec 17 18:36:54 2025 by rpki-client