This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.mft File: giKx_lqaAWNQKFrAeI08yrPrORk.mft (raw, json) Hash identifier: 6jrcXDkujC9brEl/WteClr6shk8JwOkDhIqUh9cpBNQ= Subject key identifier: 0B:12:57:1A:DB:50:34:D3:B3:B1:B5:9A:CF:16:62:23:20:9A:0C:3A Authority key identifier: 82:22:B1:FE:5A:9A:01:63:50:28:5A:C0:78:8D:3C:CA:B3:EB:39:19 Certificate issuer: /CN=8222b1fe5a9a016350285ac0788d3ccab3eb3919 Certificate serial: 019AF163FE87D04C89EED6E1306615A1F16D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/giKx_lqaAWNQKFrAeI08yrPrORk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.mft Manifest number: 08A9 Signing time: Sat 06 Dec 2025 02:00:53 +0000 Manifest this update: Sat 06 Dec 2025 02:00:53 +0000 Manifest next update: Sun 07 Dec 2025 02:00:53 +0000 Files and hashes: 1: giKx_lqaAWNQKFrAeI08yrPrORk.crl (hash: Bm32635OHHkVk1vzUxhZHvuyMXB3xGmr+wyZ/8xbbZE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.mft rsync://rpki.ripe.net/repository/DEFAULT/giKx_lqaAWNQKFrAeI08yrPrORk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:63:fe:87:d0:4c:89:ee:d6:e1:30:66:15:a1:f1:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8222b1fe5a9a016350285ac0788d3ccab3eb3919 Validity Not Before: Dec 6 02:00:53 2025 GMT Not After : Dec 7 02:00:53 2025 GMT Subject: CN=0b12571adb5034d3b3b1b59acf166223209a0c3a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:0d:12:d5:a4:e3:7e:32:80:dd:aa:12:ba:87: 47:94:ab:28:86:c4:a1:86:8c:41:13:08:a7:65:8c: 59:78:48:66:3e:89:98:9a:49:fc:8e:20:31:ab:eb: d8:8a:af:d1:61:cb:ae:4f:63:b9:18:35:7c:aa:af: b2:81:1b:40:a3:16:b4:53:c0:d0:19:61:1f:86:37: 98:20:a8:7c:c9:c3:b9:60:ef:6e:a9:11:63:e9:5d: cf:64:49:69:e7:ac:a2:ea:fc:74:1b:95:6d:b4:a1: 20:1a:a3:32:03:32:71:1e:ec:3b:d1:bd:4b:ba:d4: b1:72:14:3f:4c:56:b8:46:44:e4:91:14:aa:6f:61: 6f:9c:c8:fe:a9:ee:2f:b6:1d:ab:eb:bf:78:77:70: 7b:21:79:eb:77:77:83:25:14:f6:11:bc:99:18:9d: e5:42:68:45:4d:3e:fb:aa:1b:5f:21:db:89:49:df: 48:ae:2a:44:01:82:ee:2f:fc:50:20:ff:b1:37:0a: 4a:5f:83:46:33:36:c9:45:00:63:77:1a:38:b8:39: ef:3c:0d:79:d9:fb:f9:79:76:23:29:e5:03:4f:3e: 8c:8a:e2:53:96:ed:97:0f:47:7d:44:a4:1e:3b:19: 06:dc:dd:3a:18:ca:81:72:01:fa:d5:76:7f:c4:b2: 76:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:12:57:1A:DB:50:34:D3:B3:B1:B5:9A:CF:16:62:23:20:9A:0C:3A X509v3 Authority Key Identifier: keyid:82:22:B1:FE:5A:9A:01:63:50:28:5A:C0:78:8D:3C:CA:B3:EB:39:19 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/giKx_lqaAWNQKFrAeI08yrPrORk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption aa:d3:88:40:2a:63:8c:19:9c:39:7f:5b:eb:65:b4:6f:89:3c: 92:87:6e:b8:35:27:11:81:32:f9:b3:72:6e:80:dd:ba:f3:7a: 0e:88:78:38:57:8f:2e:75:ea:87:ca:b9:57:63:47:9c:77:fc: 07:f6:d8:23:fb:96:97:24:56:20:0f:a0:37:40:62:c7:a2:4f: 3d:5c:01:b8:8b:75:96:08:7c:5f:4a:7b:ae:23:8e:64:dd:b2: 4b:d4:c7:91:02:42:f1:c4:65:cc:1e:e6:15:53:3e:5d:1b:29: eb:f4:52:8d:ec:b0:76:b3:e1:09:76:24:15:9c:db:5f:f0:53: 3f:3a:65:d0:b4:31:83:37:39:17:3f:05:64:e0:e6:43:94:04: cc:9a:93:5d:a2:4a:b0:95:b3:07:22:60:6b:04:c7:f3:03:70: c7:7a:cd:6a:4c:dd:38:b9:51:0a:de:d9:6d:37:a7:2d:50:8c: fc:14:10:88:3f:79:1a:2b:8b:0e:2e:3d:3b:11:bc:77:41:cc: d5:17:4c:a8:17:95:1f:3c:ce:04:27:1b:89:eb:58:8d:33:60: 70:93:57:e8:53:79:f1:cd:12:b7:bd:87:e6:f3:6f:8d:90:5f: 5c:49:c1:74:91:5c:78:02:36:cb:af:51:94:e9:97:43:f3:21: 21:ea:97:f7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxY/6H0EyJ7tbhMGYVofFtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgyMjJiMWZlNWE5YTAxNjM1MDI4NWFjMDc4OGQzY2NhYjNl YjM5MTkwHhcNMjUxMjA2MDIwMDUzWhcNMjUxMjA3MDIwMDUzWjAzMTEwLwYDVQQD EygwYjEyNTcxYWRiNTAzNGQzYjNiMWI1OWFjZjE2NjIyMzIwOWEwYzNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArg0S1aTjfjKA3aoSuodHlKsohsSh hoxBEwinZYxZeEhmPomYmkn8jiAxq+vYiq/RYcuuT2O5GDV8qq+ygRtAoxa0U8DQ GWEfhjeYIKh8ycO5YO9uqRFj6V3PZElp56yi6vx0G5VttKEgGqMyAzJxHuw70b1L utSxchQ/TFa4RkTkkRSqb2FvnMj+qe4vth2r6794d3B7IXnrd3eDJRT2EbyZGJ3l QmhFTT77qhtfIduJSd9IripEAYLuL/xQIP+xNwpKX4NGMzbJRQBjdxo4uDnvPA15 2fv5eXYjKeUDTz6MiuJTlu2XD0d9RKQeOxkG3N06GMqBcgH61XZ/xLJ2kQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAsSVxrbUDTTs7G1ms8WYiMgmgw6MB8GA1UdIwQY MBaAFIIisf5amgFjUChawHiNPMqz6zkZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ2lLeF9scWFBV05RS0ZyQWVJMDh5clByT1JrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yMjBjYWUtODQ1OS00ODcwLWE2YTIt MzBhMTY0ODVmNWM0LzEvZ2lLeF9scWFBV05RS0ZyQWVJMDh5clByT1JrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS8yMjBjYWUtODQ1OS00ODcwLWE2YTItMzBhMTY0ODVmNWM0 LzEvZ2lLeF9scWFBV05RS0ZyQWVJMDh5clByT1JrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqtOIQCpj jBmcOX9b62W0b4k8koduuDUnEYEy+bNyboDduvN6Doh4OFePLnXqh8q5V2NHnHf8 B/bYI/uWlyRWIA+gN0Bix6JPPVwBuIt1lgh8X0p7riOOZN2yS9THkQJC8cRlzB7m FVM+XRsp6/RSjeywdrPhCXYkFZzbX/BTPzpl0LQxgzc5Fz8FZODmQ5QEzJqTXaJK sJWzByJgawTH8wNwx3rNakzdOLlRCt7ZbTenLVCM/BQQiD95GiuLDi49OxG8d0HM 1RdMqBeVHzzOBCcbietYjTNgcJNX6FN58c0St72H5vNvjZBfXEnBdJFceAI2y69R lOmXQ/MhIeqX9w== -----END CERTIFICATE-----Generated at Sat Dec 6 09:09:41 2025 by rpki-client