This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft File: gXNntPK_jrMfbhYk7Vbtq6nwITs.mft (raw, json) Hash identifier: 4r/k/RBvX5cbYK7LuC/s2udvzDpllMqENsmAcSOirvg= Subject key identifier: BB:D3:9E:24:A1:A1:45:CE:31:AC:B8:79:29:DF:82:79:92:93:0E:4A Authority key identifier: 81:73:67:B4:F2:BF:8E:B3:1F:6E:16:24:ED:56:ED:AB:A9:F0:21:3B Certificate issuer: /CN=817367b4f2bf8eb31f6e1624ed56edaba9f0213b Certificate serial: 019AF3893A087856DBE6FE90614859F2AE51 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft Manifest number: 0E7D Signing time: Sat 06 Dec 2025 12:00:48 +0000 Manifest this update: Sat 06 Dec 2025 12:00:48 +0000 Manifest next update: Sun 07 Dec 2025 12:00:48 +0000 Files and hashes: 1: gXNntPK_jrMfbhYk7Vbtq6nwITs.crl (hash: KtL7Gn0vSFFeOLTfn74qULuHunY9Z+cWXDYeCETKEt4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:3a:08:78:56:db:e6:fe:90:61:48:59:f2:ae:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=817367b4f2bf8eb31f6e1624ed56edaba9f0213b Validity Not Before: Dec 6 12:00:48 2025 GMT Not After : Dec 7 12:00:48 2025 GMT Subject: CN=bbd39e24a1a145ce31acb87929df827992930e4a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:e8:18:38:e7:52:b6:42:ca:86:f1:5c:b0:f3: b0:0e:0a:9c:77:a1:06:b3:e0:f2:6e:30:53:6f:9b: 7d:90:0f:06:bf:02:9b:91:70:f3:42:69:c4:78:08: 90:bb:99:7e:1d:52:eb:14:af:d6:63:e3:64:6a:f2: 6a:0e:61:a9:65:98:5f:a5:7c:2d:cc:e7:20:38:a3: ea:f5:0a:77:18:90:a1:c2:01:fc:60:06:01:d6:4a: 31:90:a4:60:3a:d8:96:8f:54:7e:73:a4:bd:3c:8c: 0d:06:b4:70:fb:0f:53:57:bb:40:89:1a:c1:ab:66: 15:d6:7f:3d:1e:a8:19:91:56:39:0d:8f:7a:a4:f2: 91:7f:82:ee:60:7e:b0:1d:23:b7:e0:85:c3:ff:17: 15:ef:5c:26:66:a6:a8:65:ff:0a:21:ac:07:d5:f4: 3a:71:f3:66:48:08:b9:b8:83:11:80:93:de:c9:55: 70:5e:ff:ee:eb:6f:96:0e:84:42:ff:50:00:8a:05: f9:5e:09:92:3e:13:09:cb:73:0f:a1:ef:60:0d:1c: c8:1b:17:26:85:79:10:18:cf:80:96:d8:ae:00:53: 4a:36:f3:5c:33:67:58:6a:04:25:85:b8:7b:93:6b: d0:2b:64:50:ea:9c:32:15:6c:f6:3b:33:31:10:1c: 5b:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:D3:9E:24:A1:A1:45:CE:31:AC:B8:79:29:DF:82:79:92:93:0E:4A X509v3 Authority Key Identifier: keyid:81:73:67:B4:F2:BF:8E:B3:1F:6E:16:24:ED:56:ED:AB:A9:F0:21:3B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gXNntPK_jrMfbhYk7Vbtq6nwITs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9575d0-9c7c-4571-863a-555130a57041/1/gXNntPK_jrMfbhYk7Vbtq6nwITs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4f:7f:cb:04:d0:1d:3e:3f:1f:54:8f:94:e2:59:3c:1a:49:8e: e1:dd:68:14:0a:d2:1f:44:8c:b6:fa:68:b6:03:b1:a7:d2:58: 04:f1:70:f3:87:73:7c:db:b9:5b:38:a7:17:6d:ae:29:fb:ef: 1e:4b:d1:8a:92:68:4f:06:14:96:b3:c8:6e:8c:90:e6:87:f9: 93:5a:95:59:e5:d6:16:ed:d0:33:63:de:cb:30:09:82:6e:16: dd:90:d3:50:46:71:13:20:6a:45:90:b8:52:1a:9f:48:bf:94: a7:8c:4d:c4:4f:39:f4:94:c3:b8:9d:05:77:d8:a1:fe:f0:e8: 1b:da:08:21:0d:9f:80:98:42:af:96:ca:51:22:10:0f:5d:5a: 19:d2:cf:3e:46:83:43:7a:01:e6:5f:38:cb:6c:e3:fd:ef:74: 1c:b1:13:ab:6e:5b:3e:e5:25:2d:2a:fb:d8:c0:e4:da:46:7a: 74:47:99:94:97:df:11:f9:77:77:0b:3d:99:12:8a:82:8e:a1: c1:97:7f:0b:7f:28:7b:82:ac:fe:70:b2:8a:cf:d6:08:fb:d9: a8:6d:a2:6f:92:b9:8e:bc:9b:3c:ed:8d:5d:63:8b:d7:87:43: 10:d8:4c:e9:32:3d:ce:d2:54:10:72:3a:b1:66:de:19:c8:ec: a3:97:27:98 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrziToIeFbb5v6QYUhZ8q5RMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgxNzM2N2I0ZjJiZjhlYjMxZjZlMTYyNGVkNTZlZGFiYTlm MDIxM2IwHhcNMjUxMjA2MTIwMDQ4WhcNMjUxMjA3MTIwMDQ4WjAzMTEwLwYDVQQD EyhiYmQzOWUyNGExYTE0NWNlMzFhY2I4NzkyOWRmODI3OTkyOTMwZTRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+gYOOdStkLKhvFcsPOwDgqcd6EG s+DybjBTb5t9kA8GvwKbkXDzQmnEeAiQu5l+HVLrFK/WY+NkavJqDmGpZZhfpXwt zOcgOKPq9Qp3GJChwgH8YAYB1koxkKRgOtiWj1R+c6S9PIwNBrRw+w9TV7tAiRrB q2YV1n89HqgZkVY5DY96pPKRf4LuYH6wHSO34IXD/xcV71wmZqaoZf8KIawH1fQ6 cfNmSAi5uIMRgJPeyVVwXv/u62+WDoRC/1AAigX5XgmSPhMJy3MPoe9gDRzIGxcm hXkQGM+AltiuAFNKNvNcM2dYagQlhbh7k2vQK2RQ6pwyFWz2OzMxEBxbDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLvTniShoUXOMay4eSnfgnmSkw5KMB8GA1UdIwQY MBaAFIFzZ7Tyv46zH24WJO1W7aup8CE7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy85NTc1ZDAtOWM3Yy00NTcxLTg2M2Et NTU1MTMwYTU3MDQxLzEvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy85NTc1ZDAtOWM3Yy00NTcxLTg2M2EtNTU1MTMwYTU3MDQx LzEvZ1hObnRQS19qck1mYmhZazdWYnRxNm53SVRzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT3/LBNAd Pj8fVI+U4lk8GkmO4d1oFArSH0SMtvpotgOxp9JYBPFw84dzfNu5WzinF22uKfvv HkvRipJoTwYUlrPIboyQ5of5k1qVWeXWFu3QM2PeyzAJgm4W3ZDTUEZxEyBqRZC4 UhqfSL+Up4xNxE859JTDuJ0Fd9ih/vDoG9oIIQ2fgJhCr5bKUSIQD11aGdLPPkaD Q3oB5l84y2zj/e90HLETq25bPuUlLSr72MDk2kZ6dEeZlJffEfl3dws9mRKKgo6h wZd/C38oe4Ks/nCyis/WCPvZqG2ib5K5jrybPO2NXWOL14dDENhM6TI9ztJUEHI6 sWbeGcjso5cnmA== -----END CERTIFICATE-----Generated at Sat Dec 6 15:58:52 2025 by rpki-client