This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft File: G7Qd9-pn1O3-D60S99XOzYPhjZo.mft (raw, json) Hash identifier: kbbj60SKHdqhpB5h62Hiyvh89mu5zMUNRbkz1ofNyH0= Subject key identifier: E2:3F:A3:20:7E:FA:9C:E8:5E:67:3E:09:6E:ED:3E:09:DD:EF:E7:E4 Authority key identifier: 1B:B4:1D:F7:EA:67:D4:ED:FE:0F:AD:12:F7:D5:CE:CD:83:E1:8D:9A Certificate issuer: /CN=1bb41df7ea67d4edfe0fad12f7d5cecd83e18d9a Certificate serial: 019B34FB7D445EDF6FBB85061E0AAF77D4DE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft Manifest number: 0561 Signing time: Fri 19 Dec 2025 05:00:55 +0000 Manifest this update: Fri 19 Dec 2025 05:00:55 +0000 Manifest next update: Sat 20 Dec 2025 05:00:55 +0000 Files and hashes: 1: G7Qd9-pn1O3-D60S99XOzYPhjZo.crl (hash: m3w2DXMjkpjSxahXbUeZebSi2bdKfdP9mqiyb1oUtQ8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.crl rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 05:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:fb:7d:44:5e:df:6f:bb:85:06:1e:0a:af:77:d4:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1bb41df7ea67d4edfe0fad12f7d5cecd83e18d9a Validity Not Before: Dec 19 05:00:55 2025 GMT Not After : Dec 20 05:00:55 2025 GMT Subject: CN=e23fa3207efa9ce85e673e096eed3e09ddefe7e4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:b4:6f:0f:ea:9a:3d:be:c0:aa:42:22:bc:80: 0f:6c:54:fc:be:58:0b:f7:f0:d0:4b:36:47:70:53: b0:f5:1f:54:5e:dc:75:42:57:16:b0:47:b9:88:6b: bb:e1:ba:38:02:eb:9b:07:36:1f:54:4a:52:43:67: de:ea:83:2b:70:a3:3e:0c:21:be:93:8e:53:40:c3: a0:41:16:ed:cb:2b:e1:ff:eb:3c:8b:b9:eb:28:6c: 12:bc:ea:66:05:17:38:0d:a5:3f:d1:c9:57:41:91: dc:27:b5:1e:83:da:dd:17:40:13:4f:e4:b3:e0:07: 8f:ef:b8:5e:7a:1f:a8:e3:66:7b:7b:e0:7f:5e:3b: e6:1d:dd:b4:30:a5:42:b8:8f:d5:03:ad:26:9c:48: c3:67:f6:a3:14:de:fc:60:22:17:c1:29:ae:a5:de: a2:2a:b5:d5:3e:69:53:d6:28:02:23:ac:d4:14:af: 06:99:03:a7:2a:68:58:d2:f0:b4:a2:0b:0b:bf:26: 81:21:e6:b9:94:f7:46:ef:dc:da:2a:b2:10:24:c8: db:1c:93:ac:64:5f:97:86:3a:ea:23:39:65:19:f1: f9:2b:fb:0d:b6:f9:db:50:72:6d:5b:f8:67:5b:db: fa:bf:1b:56:02:a3:11:bf:58:c5:24:e7:c9:5c:25: 04:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:3F:A3:20:7E:FA:9C:E8:5E:67:3E:09:6E:ED:3E:09:DD:EF:E7:E4 X509v3 Authority Key Identifier: keyid:1B:B4:1D:F7:EA:67:D4:ED:FE:0F:AD:12:F7:D5:CE:CD:83:E1:8D:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:09:6a:bb:1e:47:b7:a7:ee:eb:00:67:48:0d:3d:bd:8e:89: a4:3a:ed:0b:cb:d5:6f:28:dc:e1:95:ac:f7:26:e1:d2:45:b7: 4a:66:ab:09:3d:bc:df:4c:8b:87:23:8f:ce:19:67:4f:4c:db: 38:d1:9a:ba:5a:74:49:4c:df:e0:91:bc:82:78:80:74:af:d0: c7:e7:6e:42:93:50:35:60:4b:27:a3:21:86:b8:af:ba:b6:49: 06:05:02:66:ec:24:e8:33:6b:38:f9:74:be:3b:75:a8:21:33: 30:8a:29:d0:d2:74:5e:fa:24:b7:dc:ef:fa:b5:c2:53:a7:32: 5c:d5:41:33:65:de:78:50:2a:6c:48:1a:9a:31:85:b3:31:63: 7b:b3:13:99:59:a9:78:07:f8:95:61:d3:e2:7c:48:ad:98:a2: c4:03:2d:1a:c6:86:d9:c7:7e:cd:f7:e6:0c:45:b4:7f:e1:49: b4:71:36:4a:4e:6f:9e:9f:b9:0d:69:9d:8f:40:da:8c:50:81: 09:d4:69:19:6e:94:2c:7c:de:9c:4c:ce:b5:d2:1f:8d:3f:e4: 9e:c1:fc:cb:5f:61:f2:18:5b:a6:ff:22:7f:3d:9a:ed:ae:d9: 75:e0:4f:cb:a7:db:ce:b2:45:be:af:50:99:78:27:85:04:40: 34:51:0e:87 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0+31EXt9vu4UGHgqvd9TeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiYjQxZGY3ZWE2N2Q0ZWRmZTBmYWQxMmY3ZDVjZWNkODNl MThkOWEwHhcNMjUxMjE5MDUwMDU1WhcNMjUxMjIwMDUwMDU1WjAzMTEwLwYDVQQD EyhlMjNmYTMyMDdlZmE5Y2U4NWU2NzNlMDk2ZWVkM2UwOWRkZWZlN2U0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbRvD+qaPb7AqkIivIAPbFT8vlgL 9/DQSzZHcFOw9R9UXtx1QlcWsEe5iGu74bo4AuubBzYfVEpSQ2fe6oMrcKM+DCG+ k45TQMOgQRbtyyvh/+s8i7nrKGwSvOpmBRc4DaU/0clXQZHcJ7Ueg9rdF0ATT+Sz 4AeP77heeh+o42Z7e+B/XjvmHd20MKVCuI/VA60mnEjDZ/ajFN78YCIXwSmupd6i KrXVPmlT1igCI6zUFK8GmQOnKmhY0vC0ogsLvyaBIea5lPdG79zaKrIQJMjbHJOs ZF+XhjrqIzllGfH5K/sNtvnbUHJtW/hnW9v6vxtWAqMRv1jFJOfJXCUENwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOI/oyB++pzoXmc+CW7tPgnd7+fkMB8GA1UdIwQY MBaAFBu0HffqZ9Tt/g+tEvfVzs2D4Y2aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80NTkzOTYtZGU5MC00Y2M4LWE1NDIt M2U2ZTdjZGVmNzNlLzEvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYy80NTkzOTYtZGU5MC00Y2M4LWE1NDItM2U2ZTdjZGVmNzNl LzEvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVwlqux5H t6fu6wBnSA09vY6JpDrtC8vVbyjc4ZWs9ybh0kW3SmarCT2830yLhyOPzhlnT0zb ONGaulp0SUzf4JG8gniAdK/Qx+duQpNQNWBLJ6MhhrivurZJBgUCZuwk6DNrOPl0 vjt1qCEzMIop0NJ0Xvokt9zv+rXCU6cyXNVBM2XeeFAqbEgamjGFszFje7MTmVmp eAf4lWHT4nxIrZiixAMtGsaG2cd+zffmDEW0f+FJtHE2Sk5vnp+5DWmdj0DajFCB CdRpGW6ULHzenEzOtdIfjT/knsH8y19h8hhbpv8ifz2a7a7ZdeBPy6fbzrJFvq9Q mXgnhQRANFEOhw== -----END CERTIFICATE-----Generated at Fri Dec 19 12:56:08 2025 by rpki-client