This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/9a5af2-5daf-400b-b91a-5c00cbe76f34/1/GHrmJafreY8V_B5hw-E3AaNW_hY.mft File: GHrmJafreY8V_B5hw-E3AaNW_hY.mft (raw, json) Hash identifier: s6a750m0S+Ne6KqzTSzhnrhrDOb4ut6Dg6D5SN8UE04= Subject key identifier: D7:5D:82:0F:D8:0B:78:34:23:CC:15:43:32:69:07:1A:DA:41:55:84 Authority key identifier: 18:7A:E6:25:A7:EB:79:8F:15:FC:1E:61:C3:E1:37:01:A3:56:FE:16 Certificate issuer: /CN=187ae625a7eb798f15fc1e61c3e13701a356fe16 Certificate serial: 019AF31B90330BABEF0327420096B01A5E16 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GHrmJafreY8V_B5hw-E3AaNW_hY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/9a5af2-5daf-400b-b91a-5c00cbe76f34/1/GHrmJafreY8V_B5hw-E3AaNW_hY.mft Manifest number: 0181 Signing time: Sat 06 Dec 2025 10:01:01 +0000 Manifest this update: Sat 06 Dec 2025 10:01:01 +0000 Manifest next update: Sun 07 Dec 2025 10:01:01 +0000 Files and hashes: 1: GHrmJafreY8V_B5hw-E3AaNW_hY.crl (hash: y+DefUTHhBnEQBtFQNnByRa9J9S1IMdr9T9DpS1/hhM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/9a5af2-5daf-400b-b91a-5c00cbe76f34/1/GHrmJafreY8V_B5hw-E3AaNW_hY.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/9a5af2-5daf-400b-b91a-5c00cbe76f34/1/GHrmJafreY8V_B5hw-E3AaNW_hY.mft rsync://rpki.ripe.net/repository/DEFAULT/GHrmJafreY8V_B5hw-E3AaNW_hY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:90:33:0b:ab:ef:03:27:42:00:96:b0:1a:5e:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=187ae625a7eb798f15fc1e61c3e13701a356fe16 Validity Not Before: Dec 6 10:01:01 2025 GMT Not After : Dec 7 10:01:01 2025 GMT Subject: CN=d75d820fd80b783423cc15433269071ada415584 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:aa:0e:5b:9f:ee:cb:da:92:d9:80:13:42:55: 0c:fb:9c:ce:eb:c2:ce:e3:51:ef:37:04:f5:0b:08: 45:9e:17:ff:71:f2:72:02:e4:1e:a4:a1:ef:a4:71: d4:7c:0e:b5:2b:e7:58:bc:47:1d:9b:f8:dc:30:ef: 4e:85:cc:ee:62:60:cf:03:17:13:42:f5:f8:a9:1e: 0c:1f:4c:89:66:0a:c3:d1:0f:ab:f7:e0:4a:a6:93: 04:35:d9:68:7f:0d:ac:7e:25:f4:ed:a5:da:6e:82: c6:c9:a7:bd:f6:b3:71:41:52:9e:66:e7:1b:01:c4: 1a:7f:b7:cc:3a:85:c7:ac:f2:7d:e7:4e:24:9a:02: 3d:2d:63:f3:0d:bf:b1:5e:6d:e4:f6:a5:39:84:54: 78:c0:71:fc:e8:ee:98:fb:3f:3d:38:e2:65:e1:3a: ea:45:f5:5c:b0:ab:a8:de:51:b3:31:aa:de:88:94: 91:53:27:c7:71:11:a2:68:ea:e0:be:2f:58:71:3e: d6:30:dc:5b:26:a1:38:22:54:d7:64:4a:f0:3a:79: 14:be:a6:64:31:fa:fe:b3:51:99:ce:e3:68:6c:f1: c6:1e:24:b7:2a:d4:78:cf:41:a9:fb:91:59:ea:dd: ba:8a:43:31:f5:71:9b:f4:6f:b7:0e:29:b6:60:3b: 6a:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:5D:82:0F:D8:0B:78:34:23:CC:15:43:32:69:07:1A:DA:41:55:84 X509v3 Authority Key Identifier: keyid:18:7A:E6:25:A7:EB:79:8F:15:FC:1E:61:C3:E1:37:01:A3:56:FE:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GHrmJafreY8V_B5hw-E3AaNW_hY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9a5af2-5daf-400b-b91a-5c00cbe76f34/1/GHrmJafreY8V_B5hw-E3AaNW_hY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/9a5af2-5daf-400b-b91a-5c00cbe76f34/1/GHrmJafreY8V_B5hw-E3AaNW_hY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 06:42:43:8c:b4:42:0a:25:1a:c6:32:ee:af:ca:10:3b:51:f2: 81:08:e7:77:ec:dc:02:21:ac:5b:25:70:d1:8a:e9:8a:5a:b7: da:3b:69:65:72:2d:93:bc:97:35:d1:76:44:62:16:a7:6a:8b: 65:54:cf:0b:00:c2:82:8a:a3:5a:2a:61:66:c5:6c:1e:d5:3c: 6a:fd:54:03:98:78:8b:5b:a9:bb:65:73:3c:57:23:af:b5:96: b1:3f:8c:9a:1f:83:ef:65:40:34:b8:05:70:02:fa:ef:69:9c: 3a:20:47:58:a4:c8:5b:6c:34:c9:c0:c1:3b:07:c7:30:c3:23: d8:e3:46:fb:08:25:7c:91:c2:04:80:97:55:7f:96:a2:fe:51: 56:f2:ec:b7:09:83:0e:82:33:ea:9d:f0:d5:bc:95:fd:5c:66: 46:64:05:ed:e6:43:cc:34:04:cc:c6:42:9b:33:81:2c:fa:d4: cf:27:65:23:33:0a:45:a1:ac:36:9f:25:e5:ab:6b:d1:fa:c6: 70:c1:d2:31:24:d4:e4:c6:c0:7f:5c:c5:ef:ef:1f:12:d7:98: 4a:12:86:0b:60:d9:11:d6:b0:e0:82:a1:84:f7:e7:2c:62:ac: e6:a0:17:bf:c7:12:52:07:dd:d8:7e:32:52:bc:b8:95:34:94: 36:ef:7d:98 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG5AzC6vvAydCAJawGl4WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE4N2FlNjI1YTdlYjc5OGYxNWZjMWU2MWMzZTEzNzAxYTM1 NmZlMTYwHhcNMjUxMjA2MTAwMTAxWhcNMjUxMjA3MTAwMTAxWjAzMTEwLwYDVQQD EyhkNzVkODIwZmQ4MGI3ODM0MjNjYzE1NDMzMjY5MDcxYWRhNDE1NTg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqoOW5/uy9qS2YATQlUM+5zO68LO 41HvNwT1CwhFnhf/cfJyAuQepKHvpHHUfA61K+dYvEcdm/jcMO9OhczuYmDPAxcT QvX4qR4MH0yJZgrD0Q+r9+BKppMENdlofw2sfiX07aXaboLGyae99rNxQVKeZucb AcQaf7fMOoXHrPJ9504kmgI9LWPzDb+xXm3k9qU5hFR4wHH86O6Y+z89OOJl4Trq RfVcsKuo3lGzMareiJSRUyfHcRGiaOrgvi9YcT7WMNxbJqE4IlTXZErwOnkUvqZk Mfr+s1GZzuNobPHGHiS3KtR4z0Gp+5FZ6t26ikMx9XGb9G+3Dim2YDtqUQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNddgg/YC3g0I8wVQzJpBxraQVWEMB8GA1UdIwQY MBaAFBh65iWn63mPFfweYcPhNwGjVv4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR0hybUphZnJlWThWX0I1aHctRTNBYU5XX2hZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy85YTVhZjItNWRhZi00MDBiLWI5MWEt NWMwMGNiZTc2ZjM0LzEvR0hybUphZnJlWThWX0I1aHctRTNBYU5XX2hZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy85YTVhZjItNWRhZi00MDBiLWI5MWEtNWMwMGNiZTc2ZjM0 LzEvR0hybUphZnJlWThWX0I1aHctRTNBYU5XX2hZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABkJDjLRC CiUaxjLur8oQO1HygQjnd+zcAiGsWyVw0Yrpilq32jtpZXItk7yXNdF2RGIWp2qL ZVTPCwDCgoqjWiphZsVsHtU8av1UA5h4i1upu2VzPFcjr7WWsT+Mmh+D72VANLgF cAL672mcOiBHWKTIW2w0ycDBOwfHMMMj2ONG+wglfJHCBICXVX+Wov5RVvLstwmD DoIz6p3w1byV/VxmRmQF7eZDzDQEzMZCmzOBLPrUzydlIzMKRaGsNp8l5atr0frG cMHSMSTU5MbAf1zF7+8fEteYShKGC2DZEdaw4IKhhPfnLGKs5qAXv8cSUgfd2H4y Ury4lTSUNu99mA== -----END CERTIFICATE-----Generated at Sat Dec 6 14:57:59 2025 by rpki-client