This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.mft File: 1gTknpKDBavLjzLe8_78A-u83kQ.mft (raw, json) Hash identifier: L0rjWuDkqFg9DzvAb3UrykRclLd472eySer4og6h53w= Subject key identifier: C6:BA:8D:39:12:23:3E:E9:87:67:97:A0:5E:EC:5A:22:33:CC:13:52 Authority key identifier: D6:04:E4:9E:92:83:05:AB:CB:8F:32:DE:F3:FE:FC:03:EB:BC:DE:44 Certificate issuer: /CN=d604e49e928305abcb8f32def3fefc03ebbcde44 Certificate serial: 019AF12E25C8D53CF75BEEB51AB8851F66E0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gTknpKDBavLjzLe8_78A-u83kQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.mft Manifest number: 16F4 Signing time: Sat 06 Dec 2025 01:02:04 +0000 Manifest this update: Sat 06 Dec 2025 01:02:04 +0000 Manifest next update: Sun 07 Dec 2025 01:02:04 +0000 Files and hashes: 1: 1gTknpKDBavLjzLe8_78A-u83kQ.crl (hash: jsV/ooqZ+C7WL0/uOEbCu+kr7iS84SRm2e+OdS1zJzE=) 2: pucl_qoNJsFNHYReBDscEGdx2N0.roa (hash: SiJfUuqs3fjKSI6Mo6WtKDUOtA0gOnKfbqvupwDeWPw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.crl rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.mft rsync://rpki.ripe.net/repository/DEFAULT/1gTknpKDBavLjzLe8_78A-u83kQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:25:c8:d5:3c:f7:5b:ee:b5:1a:b8:85:1f:66:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d604e49e928305abcb8f32def3fefc03ebbcde44 Validity Not Before: Dec 6 01:02:04 2025 GMT Not After : Dec 7 01:02:04 2025 GMT Subject: CN=c6ba8d3912233ee9876797a05eec5a2233cc1352 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:f1:d4:55:9d:23:5a:2c:f7:35:9d:d1:55:64: ca:f5:70:54:77:c3:5f:c8:77:88:72:59:c4:25:a4: 51:c6:48:1f:5c:35:16:b0:ac:e8:60:c4:9b:fc:1d: dd:f7:04:7a:97:94:f1:aa:57:23:99:75:dc:d0:48: 35:de:a2:eb:7e:b5:2b:3f:51:7d:18:75:12:52:5d: 91:ab:c1:35:5c:d1:9c:a1:9e:80:d8:e7:de:3e:81: 3b:b2:00:14:53:80:f6:53:49:a6:1c:16:12:76:79: 2f:d8:b7:48:55:43:77:58:f1:63:ed:e5:a2:5c:7d: 1c:50:65:49:de:19:a3:06:b6:db:82:ac:30:8b:fd: 6d:f6:b8:9c:fb:81:c2:aa:8c:a3:43:94:0b:2c:0a: 61:e3:cd:93:9e:2c:99:56:24:ec:f6:66:9e:d2:f7: 08:f5:8c:f6:6e:59:fe:1c:a4:77:96:38:46:84:32: 85:a5:4f:fe:fd:7a:3e:a8:c1:77:33:d1:23:ca:a7: 1c:e5:90:ca:65:52:b1:1c:46:2e:fb:da:8e:3e:ae: aa:82:7a:d4:b3:d3:64:2d:68:dd:36:37:36:ba:eb: e5:2c:99:7d:48:e1:87:62:9a:77:19:a9:0c:4d:cb: b9:ad:72:3d:81:6e:3a:68:e9:ce:dd:3d:c3:90:3f: 29:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:BA:8D:39:12:23:3E:E9:87:67:97:A0:5E:EC:5A:22:33:CC:13:52 X509v3 Authority Key Identifier: keyid:D6:04:E4:9E:92:83:05:AB:CB:8F:32:DE:F3:FE:FC:03:EB:BC:DE:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gTknpKDBavLjzLe8_78A-u83kQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 74:ac:0b:18:64:8b:a7:bd:c1:c5:50:c9:50:55:9c:c2:71:8d: 25:05:f7:2f:3f:ba:b3:f9:9d:51:ca:b6:b5:4e:e6:81:3c:5a: fd:18:79:6e:16:2e:55:f0:34:95:00:71:db:74:d7:b3:7c:62: e4:23:b7:5e:d9:39:f3:32:eb:8b:fd:5f:38:81:39:fa:44:82: cc:83:4d:00:db:65:2b:5e:a4:0b:24:29:f4:e2:ba:8e:c5:e9: 9f:99:93:8d:53:52:34:8f:02:0b:d5:f6:22:2d:53:de:19:fd: 12:28:43:c6:2d:8e:a1:8a:63:86:c9:9e:e4:6a:54:ac:e5:1a: 1c:6d:86:3d:ce:ca:8f:87:83:10:2a:5f:56:e4:72:38:6b:40: a6:9c:14:c2:8f:e5:af:c9:17:ef:70:64:30:d8:9b:63:75:6c: a9:a8:ae:70:97:3c:b1:9b:9e:09:25:7e:be:2a:08:00:86:9a: 65:75:5b:92:f4:6f:89:1f:65:93:f4:79:ce:41:5f:7c:1a:42: 4f:e0:ca:3f:f8:7a:b9:47:2e:8f:20:5f:fc:8c:3f:b5:1e:bd: 77:e9:30:af:5c:57:a6:66:84:2e:d2:44:62:11:69:0a:a0:7e: ea:44:87:3f:d6:2b:4d:69:86:6f:16:d0:fa:35:d0:b3:fc:53: b7:be:58:9e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLiXI1Tz3W+61GriFH2bgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ2MDRlNDllOTI4MzA1YWJjYjhmMzJkZWYzZmVmYzAzZWJi Y2RlNDQwHhcNMjUxMjA2MDEwMjA0WhcNMjUxMjA3MDEwMjA0WjAzMTEwLwYDVQQD EyhjNmJhOGQzOTEyMjMzZWU5ODc2Nzk3YTA1ZWVjNWEyMjMzY2MxMzUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPHUVZ0jWiz3NZ3RVWTK9XBUd8Nf yHeIclnEJaRRxkgfXDUWsKzoYMSb/B3d9wR6l5TxqlcjmXXc0Eg13qLrfrUrP1F9 GHUSUl2Rq8E1XNGcoZ6A2OfePoE7sgAUU4D2U0mmHBYSdnkv2LdIVUN3WPFj7eWi XH0cUGVJ3hmjBrbbgqwwi/1t9ric+4HCqoyjQ5QLLAph482TniyZViTs9mae0vcI 9Yz2bln+HKR3ljhGhDKFpU/+/Xo+qMF3M9Ejyqcc5ZDKZVKxHEYu+9qOPq6qgnrU s9NkLWjdNjc2uuvlLJl9SOGHYpp3GakMTcu5rXI9gW46aOnO3T3DkD8pWwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMa6jTkSIz7ph2eXoF7sWiIzzBNSMB8GA1UdIwQY MBaAFNYE5J6SgwWry48y3vP+/APrvN5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMWdUa25wS0RCYXZManpMZThfNzhBLXU4M2tRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9hODMwYTItMDI3MS00ZGU5LWJjMzgt MDNjODIxNTc0MjFhLzEvMWdUa25wS0RCYXZManpMZThfNzhBLXU4M2tRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMC9hODMwYTItMDI3MS00ZGU5LWJjMzgtMDNjODIxNTc0MjFh LzEvMWdUa25wS0RCYXZManpMZThfNzhBLXU4M2tRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdKwLGGSL p73BxVDJUFWcwnGNJQX3Lz+6s/mdUcq2tU7mgTxa/Rh5bhYuVfA0lQBx23TXs3xi 5CO3Xtk58zLri/1fOIE5+kSCzINNANtlK16kCyQp9OK6jsXpn5mTjVNSNI8CC9X2 Ii1T3hn9EihDxi2OoYpjhsme5GpUrOUaHG2GPc7Kj4eDECpfVuRyOGtAppwUwo/l r8kX73BkMNibY3VsqaiucJc8sZueCSV+vioIAIaaZXVbkvRviR9lk/R5zkFffBpC T+DKP/h6uUcujyBf/Iw/tR69d+kwr1xXpmaELtJEYhFpCqB+6kSHP9YrTWmGbxbQ +jXQs/xTt75Yng== -----END CERTIFICATE-----Generated at Sat Dec 6 08:27:17 2025 by rpki-client