This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft File: G7Qd9-pn1O3-D60S99XOzYPhjZo.mft (raw, json) Hash identifier: mDfho3gFFAHiMnIXq0j6C/xfaPzzJtMzQC8poS3QuuM= Subject key identifier: DE:AF:14:15:8F:3B:85:CA:3A:79:AD:90:90:0E:BA:D0:73:6E:4D:E9 Authority key identifier: 1B:B4:1D:F7:EA:67:D4:ED:FE:0F:AD:12:F7:D5:CE:CD:83:E1:8D:9A Certificate issuer: /CN=1bb41df7ea67d4edfe0fad12f7d5cecd83e18d9a Certificate serial: 019AF352125C75369696B0356E4D7F938237 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft Manifest number: 053F Signing time: Sat 06 Dec 2025 11:00:33 +0000 Manifest this update: Sat 06 Dec 2025 11:00:33 +0000 Manifest next update: Sun 07 Dec 2025 11:00:33 +0000 Files and hashes: 1: G7Qd9-pn1O3-D60S99XOzYPhjZo.crl (hash: n4m9vcWrqjKwfoLkcYf+VWqPhSw6aN8hfuHztn3JON8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.crl rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 11:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:12:5c:75:36:96:96:b0:35:6e:4d:7f:93:82:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1bb41df7ea67d4edfe0fad12f7d5cecd83e18d9a Validity Not Before: Dec 6 11:00:33 2025 GMT Not After : Dec 7 11:00:33 2025 GMT Subject: CN=deaf14158f3b85ca3a79ad90900ebad0736e4de9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:d5:9a:2d:82:10:e1:25:55:78:dc:43:61:03: 12:9d:f5:2e:9c:2e:58:36:85:9d:d7:98:27:4c:06: d6:88:ac:86:e4:80:22:cc:8b:b8:41:39:c7:2c:ec: e2:2b:3b:aa:3d:ad:25:04:c2:9e:7f:1c:fb:a5:1f: 01:b0:b8:e3:73:95:2b:6f:7b:52:43:c7:f3:ec:cf: 67:9c:f3:bd:81:2a:54:24:3e:4c:28:34:21:a7:95: 66:af:48:b8:2c:77:aa:ad:8b:f6:da:8b:88:17:c5: cd:89:52:bb:e3:0b:b9:c7:26:11:91:71:84:36:64: ce:f5:c2:42:74:9a:60:5b:a7:ef:2a:40:cf:c9:e5: 78:75:53:46:09:3f:c3:bb:63:98:05:15:40:6a:39: ff:52:66:09:f1:38:c0:7f:31:d4:74:15:44:6e:c4: 47:de:ed:31:9c:2e:f7:ed:5d:5c:ef:3d:04:9a:ad: 27:c9:37:d7:99:4e:78:e6:98:06:11:e0:97:c8:0c: ee:fd:3a:aa:55:09:40:30:94:e9:bb:df:13:a9:31: 19:f5:13:b6:22:0b:6c:a9:12:33:55:70:5d:f7:38: 35:6e:f7:3b:67:19:95:cc:e2:b0:09:9f:47:84:c6: 4c:0d:96:70:1e:52:91:26:5c:7d:2d:f1:d9:1b:c2: cd:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:AF:14:15:8F:3B:85:CA:3A:79:AD:90:90:0E:BA:D0:73:6E:4D:E9 X509v3 Authority Key Identifier: keyid:1B:B4:1D:F7:EA:67:D4:ED:FE:0F:AD:12:F7:D5:CE:CD:83:E1:8D:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 10:09:69:83:ce:71:4f:3e:01:24:f3:5d:89:d8:9b:7c:8c:ca: 68:bb:f2:80:f7:66:df:8a:2e:1e:b4:d2:9a:c9:86:db:7b:33: 5f:f5:d4:f5:07:40:cc:63:c7:3f:4c:64:33:78:f5:a0:ed:ca: 5d:fa:2a:2a:49:3e:62:cd:46:4a:d0:bc:ea:f7:68:83:33:1f: 5f:60:c2:a5:b2:e7:a2:fb:d5:fd:75:72:0f:17:f0:ae:21:90: be:5c:73:fc:08:22:b7:2f:6b:17:18:5e:0d:0f:d8:d5:1f:de: d5:4f:34:4e:95:e2:3c:fc:db:9d:4c:83:1c:20:7f:dd:27:59: 5c:3f:06:38:c0:f2:a3:97:c3:f5:75:f0:ef:48:74:fd:79:ca: ad:d7:3b:f3:dd:c5:37:d5:64:e1:18:a7:10:fa:36:64:5f:66: 23:c5:11:00:ac:ec:75:d1:f3:8f:86:e7:f8:07:29:3c:bc:e0: be:c4:3e:20:5b:3d:05:45:5c:3f:a4:2f:d6:82:5c:d4:b7:12: 0c:98:97:db:77:52:c2:ab:37:9f:72:3a:48:ee:15:93:a1:b1: 1b:44:95:4a:ec:ee:a1:72:a6:b2:37:7c:c5:ea:d7:86:fb:7a: 56:8f:2b:ee:58:64:0d:8b:b3:8c:0d:bb:6f:7c:7d:73:03:9e: 60:9b:ec:8d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUhJcdTaWlrA1bk1/k4I3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiYjQxZGY3ZWE2N2Q0ZWRmZTBmYWQxMmY3ZDVjZWNkODNl MThkOWEwHhcNMjUxMjA2MTEwMDMzWhcNMjUxMjA3MTEwMDMzWjAzMTEwLwYDVQQD EyhkZWFmMTQxNThmM2I4NWNhM2E3OWFkOTA5MDBlYmFkMDczNmU0ZGU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdWaLYIQ4SVVeNxDYQMSnfUunC5Y NoWd15gnTAbWiKyG5IAizIu4QTnHLOziKzuqPa0lBMKefxz7pR8BsLjjc5Urb3tS Q8fz7M9nnPO9gSpUJD5MKDQhp5Vmr0i4LHeqrYv22ouIF8XNiVK74wu5xyYRkXGE NmTO9cJCdJpgW6fvKkDPyeV4dVNGCT/Du2OYBRVAajn/UmYJ8TjAfzHUdBVEbsRH 3u0xnC737V1c7z0Emq0nyTfXmU545pgGEeCXyAzu/TqqVQlAMJTpu98TqTEZ9RO2 IgtsqRIzVXBd9zg1bvc7ZxmVzOKwCZ9HhMZMDZZwHlKRJlx9LfHZG8LNjwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN6vFBWPO4XKOnmtkJAOutBzbk3pMB8GA1UdIwQY MBaAFBu0HffqZ9Tt/g+tEvfVzs2D4Y2aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80NTkzOTYtZGU5MC00Y2M4LWE1NDIt M2U2ZTdjZGVmNzNlLzEvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYy80NTkzOTYtZGU5MC00Y2M4LWE1NDItM2U2ZTdjZGVmNzNl LzEvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEAlpg85x Tz4BJPNdidibfIzKaLvygPdm34ouHrTSmsmG23szX/XU9QdAzGPHP0xkM3j1oO3K XfoqKkk+Ys1GStC86vdogzMfX2DCpbLnovvV/XVyDxfwriGQvlxz/Agity9rFxhe DQ/Y1R/e1U80TpXiPPzbnUyDHCB/3SdZXD8GOMDyo5fD9XXw70h0/XnKrdc7893F N9Vk4RinEPo2ZF9mI8URAKzsddHzj4bn+AcpPLzgvsQ+IFs9BUVcP6Qv1oJc1LcS DJiX23dSwqs3n3I6SO4Vk6GxG0SVSuzuoXKmsjd8xerXhvt6Vo8r7lhkDYuzjA27 b3x9cwOeYJvsjQ== -----END CERTIFICATE-----Generated at Sat Dec 6 18:12:14 2025 by rpki-client