This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft File: goIekswnAHYZMDmOI4DCOqR1XxY.mft (raw, json) Hash identifier: Ae2IsQMgaAZ6njxNKrfxQ/H0bD3ug/NnEDz3MBph/+8= Subject key identifier: D1:91:36:A1:D3:44:D7:E6:B5:D4:0E:B3:10:F1:A6:ED:C1:AA:E4:94 Authority key identifier: 82:82:1E:92:CC:27:00:76:19:30:39:8E:23:80:C2:3A:A4:75:5F:16 Certificate issuer: /CN=82821e92cc2700761930398e2380c23aa4755f16 Certificate serial: 019AF12D3F697631DEED9E7415ACA462DC60 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft Manifest number: 0816 Signing time: Sat 06 Dec 2025 01:01:05 +0000 Manifest this update: Sat 06 Dec 2025 01:01:05 +0000 Manifest next update: Sun 07 Dec 2025 01:01:05 +0000 Files and hashes: 1: goIekswnAHYZMDmOI4DCOqR1XxY.crl (hash: n2QS1TeAMqYZOnXCZoKCtcYeJQbscnBcKaKnmS3Ag0k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:3f:69:76:31:de:ed:9e:74:15:ac:a4:62:dc:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=82821e92cc2700761930398e2380c23aa4755f16 Validity Not Before: Dec 6 01:01:05 2025 GMT Not After : Dec 7 01:01:05 2025 GMT Subject: CN=d19136a1d344d7e6b5d40eb310f1a6edc1aae494 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:87:08:13:aa:97:90:a9:b2:1f:10:9e:5e:19: eb:3c:7d:39:09:46:9a:6f:80:f0:62:fe:b7:d7:8f: e8:58:72:28:99:b7:4b:21:bf:4e:ac:7c:42:90:b0: e2:8d:6e:64:96:94:39:2a:21:74:f0:34:fa:a7:1e: dc:4d:24:a3:ac:33:76:83:60:da:f2:88:c0:50:8b: 9a:13:48:12:99:db:3d:cd:11:bb:99:9a:fa:1d:99: af:21:99:2f:cf:36:c9:6f:f9:67:3c:3e:81:12:8a: 06:ff:2d:00:f6:fd:18:ab:b0:07:46:a4:e0:18:6e: 9d:bc:b2:ef:cc:ff:ac:3f:1b:92:f9:06:5d:9c:1b: 9d:23:26:7b:db:d2:ed:79:80:16:b3:aa:48:4b:89: f5:f2:05:64:5e:e7:93:49:4d:b6:e3:f3:e0:73:24: 25:80:75:5f:ad:a0:6e:fa:e6:fa:87:d0:80:cf:22: 48:b1:9c:f8:fa:b0:a9:43:fe:c5:0f:ae:ed:d7:ea: 8e:b0:9b:e9:bd:ef:3c:35:4c:81:5a:2f:4c:80:7b: 0a:6b:34:9f:54:1b:cf:4c:26:b2:ca:eb:05:2e:8d: 28:c4:ef:52:b6:92:f7:7d:62:f5:cc:2b:d6:cd:c0: 4c:3c:3f:0d:fb:53:0f:48:bf:be:74:54:6d:1b:45: 66:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:91:36:A1:D3:44:D7:E6:B5:D4:0E:B3:10:F1:A6:ED:C1:AA:E4:94 X509v3 Authority Key Identifier: keyid:82:82:1E:92:CC:27:00:76:19:30:39:8E:23:80:C2:3A:A4:75:5F:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 68:69:e5:b7:4d:9f:68:4c:5e:1c:64:66:9c:25:80:ea:bd:5e: 63:b2:e7:3c:99:44:60:c8:05:7e:a1:0a:9b:5c:2c:0f:dc:cc: 9f:ae:65:1a:df:74:fa:c1:61:16:08:dd:7b:97:03:d5:1b:9f: 14:22:a8:af:87:70:1f:2b:10:77:3b:f5:49:fa:61:cc:f6:af: be:81:0c:2a:24:9d:d2:a2:c3:22:cf:ad:f8:8c:01:3a:42:61: 90:8b:b1:e3:9b:01:ab:27:dd:22:52:f7:f3:7f:e5:16:62:22: 6f:a9:3e:3d:92:cd:5f:94:c7:e0:04:7a:3e:ca:ce:13:fa:66: 3f:98:b8:83:aa:ed:22:f7:d0:67:60:85:1c:03:2b:60:5b:d0: 33:8c:03:e6:45:71:f8:88:63:62:a2:85:11:64:b8:c9:5c:b3: c9:e1:c9:98:1d:98:73:93:3d:4d:8e:78:3a:9e:e2:77:79:fb: 31:b8:fb:b7:f9:5c:cf:b6:55:b6:57:de:fa:50:45:55:ed:06: a3:48:ea:d3:8b:b0:23:ec:b0:88:58:70:9b:4e:89:c3:62:45: 77:35:d6:eb:ea:df:4e:bf:79:1c:3e:a3:3e:08:7f:0e:81:c0: 58:cb:b4:81:6c:d7:a2:bd:e0:ef:5f:c1:68:d1:be:a2:ce:c2: 3b:41:d4:4b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLT9pdjHe7Z50FaykYtxgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgyODIxZTkyY2MyNzAwNzYxOTMwMzk4ZTIzODBjMjNhYTQ3 NTVmMTYwHhcNMjUxMjA2MDEwMTA1WhcNMjUxMjA3MDEwMTA1WjAzMTEwLwYDVQQD EyhkMTkxMzZhMWQzNDRkN2U2YjVkNDBlYjMxMGYxYTZlZGMxYWFlNDk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4cIE6qXkKmyHxCeXhnrPH05CUaa b4DwYv6314/oWHIombdLIb9OrHxCkLDijW5klpQ5KiF08DT6px7cTSSjrDN2g2Da 8ojAUIuaE0gSmds9zRG7mZr6HZmvIZkvzzbJb/lnPD6BEooG/y0A9v0Yq7AHRqTg GG6dvLLvzP+sPxuS+QZdnBudIyZ729LteYAWs6pIS4n18gVkXueTSU224/PgcyQl gHVfraBu+ub6h9CAzyJIsZz4+rCpQ/7FD67t1+qOsJvpve88NUyBWi9MgHsKazSf VBvPTCayyusFLo0oxO9StpL3fWL1zCvWzcBMPD8N+1MPSL++dFRtG0VmDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNGRNqHTRNfmtdQOsxDxpu3BquSUMB8GA1UdIwQY MBaAFIKCHpLMJwB2GTA5jiOAwjqkdV8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8xYjNiYzAtZmFlZC00OGZiLWIzZjAt MDhiNjJiOGVmZTcxLzEvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi8xYjNiYzAtZmFlZC00OGZiLWIzZjAtMDhiNjJiOGVmZTcx LzEvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaGnlt02f aExeHGRmnCWA6r1eY7LnPJlEYMgFfqEKm1wsD9zMn65lGt90+sFhFgjde5cD1Ruf FCKor4dwHysQdzv1SfphzPavvoEMKiSd0qLDIs+t+IwBOkJhkIux45sBqyfdIlL3 83/lFmIib6k+PZLNX5TH4AR6PsrOE/pmP5i4g6rtIvfQZ2CFHAMrYFvQM4wD5kVx +IhjYqKFEWS4yVyzyeHJmB2Yc5M9TY54Op7id3n7Mbj7t/lcz7ZVtlfe+lBFVe0G o0jq04uwI+ywiFhwm06Jw2JFdzXW6+rfTr95HD6jPgh/DoHAWMu0gWzXor3g71/B aNG+os7CO0HUSw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:20:13 2025 by rpki-client