This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.mft File: G2kwH6jXiOAvfrL6iAIQkHQgbP4.mft (raw, json) Hash identifier: i6l6S8gFEMcSX+7ypcUuqzuaCLfofq/NScwi0cPsl5A= Subject key identifier: 70:57:1B:44:07:16:6D:BF:B6:B3:9C:78:34:E4:69:BD:C8:A4:80:A7 Authority key identifier: 1B:69:30:1F:A8:D7:88:E0:2F:7E:B2:FA:88:02:10:90:74:20:6C:FE Certificate issuer: /CN=1b69301fa8d788e02f7eb2fa8802109074206cfe Certificate serial: 019AF31BC42F9079ED4BADCE923C2861FCAB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G2kwH6jXiOAvfrL6iAIQkHQgbP4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.mft Manifest number: 0308 Signing time: Sat 06 Dec 2025 10:01:14 +0000 Manifest this update: Sat 06 Dec 2025 10:01:14 +0000 Manifest next update: Sun 07 Dec 2025 10:01:14 +0000 Files and hashes: 1: G2kwH6jXiOAvfrL6iAIQkHQgbP4.crl (hash: I7dkIPbZUy7FAUVujnKqopM8tA3OnnBlPRFYRllbkLI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.crl rsync://rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.mft rsync://rpki.ripe.net/repository/DEFAULT/G2kwH6jXiOAvfrL6iAIQkHQgbP4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:c4:2f:90:79:ed:4b:ad:ce:92:3c:28:61:fc:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1b69301fa8d788e02f7eb2fa8802109074206cfe Validity Not Before: Dec 6 10:01:14 2025 GMT Not After : Dec 7 10:01:14 2025 GMT Subject: CN=70571b4407166dbfb6b39c7834e469bdc8a480a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:33:96:03:23:94:af:c8:b1:b4:c7:77:b4:70: 97:e4:97:72:d6:9b:0c:3c:c1:bf:fe:cd:8e:b7:2d: 73:7e:b4:2a:06:d1:fe:8b:a3:f7:54:e9:fd:a0:17: 3b:9e:a7:fc:57:6b:da:f9:ad:20:66:e9:da:dc:f1: 78:e7:15:41:6a:62:7c:c0:54:f3:7f:e3:8b:d6:f3: 8e:e6:19:bd:66:51:06:cc:c3:a7:b6:e1:89:67:8c: c9:ed:c5:f9:b5:bd:14:ed:c8:51:c7:00:10:1e:f5: c2:8b:08:78:25:34:de:02:23:ae:b2:f5:d3:da:5b: e2:09:06:a8:7f:ce:b6:c7:3c:a2:3d:a6:7c:63:1a: a8:b8:99:1b:61:ff:5e:e4:be:b1:37:32:b8:8c:71: 30:f1:49:79:cd:50:76:61:31:f8:b9:16:a7:f9:b4: ce:20:b9:7b:1d:4e:dd:f5:4a:25:e5:3b:b7:ca:45: fc:14:cc:7b:52:5f:49:35:47:a0:d4:fe:63:d5:e0: ed:96:b3:c1:97:90:97:e4:d0:01:f3:66:9a:de:c9: 98:81:06:02:42:0d:72:86:c4:b8:06:0c:fb:8c:2c: 50:df:a8:57:d9:5d:a8:71:ff:b9:5f:ae:58:62:d2: e5:2c:7e:8b:c1:2a:36:c4:fa:97:ff:df:11:c1:a1: 69:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:57:1B:44:07:16:6D:BF:B6:B3:9C:78:34:E4:69:BD:C8:A4:80:A7 X509v3 Authority Key Identifier: keyid:1B:69:30:1F:A8:D7:88:E0:2F:7E:B2:FA:88:02:10:90:74:20:6C:FE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G2kwH6jXiOAvfrL6iAIQkHQgbP4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d5:06:e4:fb:7a:5e:6e:76:93:9f:ba:f6:c7:c1:a0:08:b1:32: 63:77:63:9f:8e:98:4f:b2:e0:71:2f:ec:66:0c:f1:ce:56:df: 63:eb:fc:ab:72:e4:d0:44:f0:42:ce:7d:26:9f:d5:dd:29:f7: a4:f4:7d:d0:7d:3e:4b:d9:8d:ae:a8:3e:b7:c6:74:73:21:0a: 27:a1:a2:c9:bb:92:d8:aa:ec:03:5a:2a:8b:5c:a9:1e:4e:df: 89:ed:c2:c8:b3:77:5c:51:6f:00:92:7f:d3:15:91:bf:97:c2: 40:5a:af:1d:57:61:8f:73:c9:ec:76:d6:44:e2:6f:3d:d0:fc: a7:b9:60:21:4f:28:77:89:6b:38:70:43:95:57:49:5e:4a:11: 9b:83:bb:ed:bf:53:26:b3:e2:e1:69:6d:38:44:85:8b:2f:c3: a5:9f:26:e0:5c:89:db:ae:e6:a1:c5:d5:8f:5a:80:91:7f:0b: 01:7d:19:62:48:cf:7a:e3:c4:22:6e:b4:04:cf:db:cb:00:c7: 04:ce:50:18:4e:c4:51:32:3e:b2:b7:22:b4:8a:77:13:ec:ac: 56:e9:4d:59:2d:97:cf:0f:6a:a4:57:e8:21:5e:37:68:8b:45: 64:2c:c9:8c:ec:02:5e:6b:49:41:af:df:e5:5d:40:5f:cb:6d: ff:53:d3:47 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG8QvkHntS63OkjwoYfyrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiNjkzMDFmYThkNzg4ZTAyZjdlYjJmYTg4MDIxMDkwNzQy MDZjZmUwHhcNMjUxMjA2MTAwMTE0WhcNMjUxMjA3MTAwMTE0WjAzMTEwLwYDVQQD Eyg3MDU3MWI0NDA3MTY2ZGJmYjZiMzljNzgzNGU0NjliZGM4YTQ4MGE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5jOWAyOUr8ixtMd3tHCX5Jdy1psM PMG//s2Oty1zfrQqBtH+i6P3VOn9oBc7nqf8V2va+a0gZuna3PF45xVBamJ8wFTz f+OL1vOO5hm9ZlEGzMOntuGJZ4zJ7cX5tb0U7chRxwAQHvXCiwh4JTTeAiOusvXT 2lviCQaof862xzyiPaZ8YxqouJkbYf9e5L6xNzK4jHEw8Ul5zVB2YTH4uRan+bTO ILl7HU7d9Uol5Tu3ykX8FMx7Ul9JNUeg1P5j1eDtlrPBl5CX5NAB82aa3smYgQYC Qg1yhsS4Bgz7jCxQ36hX2V2ocf+5X65YYtLlLH6LwSo2xPqX/98RwaFplQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHBXG0QHFm2/trOceDTkab3IpICnMB8GA1UdIwQY MBaAFBtpMB+o14jgL36y+ogCEJB0IGz+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRzJrd0g2alhpT0F2ZnJMNmlBSVFrSFFnYlA0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS81ZDcyOGEtOTNkYS00ODBiLWE3MzUt NDE2YzI4Nzk4ZmUyLzEvRzJrd0g2alhpT0F2ZnJMNmlBSVFrSFFnYlA0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS81ZDcyOGEtOTNkYS00ODBiLWE3MzUtNDE2YzI4Nzk4ZmUy LzEvRzJrd0g2alhpT0F2ZnJMNmlBSVFrSFFnYlA0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1Qbk+3pe bnaTn7r2x8GgCLEyY3djn46YT7LgcS/sZgzxzlbfY+v8q3Lk0ETwQs59Jp/V3Sn3 pPR90H0+S9mNrqg+t8Z0cyEKJ6GiybuS2KrsA1oqi1ypHk7fie3CyLN3XFFvAJJ/ 0xWRv5fCQFqvHVdhj3PJ7HbWROJvPdD8p7lgIU8od4lrOHBDlVdJXkoRm4O77b9T JrPi4WltOESFiy/DpZ8m4FyJ267mocXVj1qAkX8LAX0ZYkjPeuPEIm60BM/bywDH BM5QGE7EUTI+srcitIp3E+ysVulNWS2Xzw9qpFfoIV43aItFZCzJjOwCXmtJQa/f 5V1AX8tt/1PTRw== -----END CERTIFICATE-----Generated at Sat Dec 6 12:24:04 2025 by rpki-client