This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/dc9082-5a9f-41ee-8d44-618cd0682b10/1/gXS2uiCeYit5ihT86qlEdi-nYpo.mft File: gXS2uiCeYit5ihT86qlEdi-nYpo.mft (raw, json) Hash identifier: HqeRT/1xhv3aJ2IhzU3WxBW3XvogT7avQKH0ZEwJF4A= Subject key identifier: C0:37:9F:B4:82:19:79:C5:07:FC:42:80:8A:02:33:1D:12:EF:EE:97 Authority key identifier: 81:74:B6:BA:20:9E:62:2B:79:8A:14:FC:EA:A9:44:76:2F:A7:62:9A Certificate issuer: /CN=8174b6ba209e622b798a14fceaa944762fa7629a Certificate serial: 019AF1D1DF6D62D601D9D696E2747CF2ED1E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gXS2uiCeYit5ihT86qlEdi-nYpo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/dc9082-5a9f-41ee-8d44-618cd0682b10/1/gXS2uiCeYit5ihT86qlEdi-nYpo.mft Manifest number: 0220 Signing time: Sat 06 Dec 2025 04:00:54 +0000 Manifest this update: Sat 06 Dec 2025 04:00:54 +0000 Manifest next update: Sun 07 Dec 2025 04:00:54 +0000 Files and hashes: 1: gXS2uiCeYit5ihT86qlEdi-nYpo.crl (hash: dyYWVAHk09r7TGQZok5eJVk4f7Wuswd2/lBEKNnzCIE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/dc9082-5a9f-41ee-8d44-618cd0682b10/1/gXS2uiCeYit5ihT86qlEdi-nYpo.crl rsync://rpki.ripe.net/repository/DEFAULT/59/dc9082-5a9f-41ee-8d44-618cd0682b10/1/gXS2uiCeYit5ihT86qlEdi-nYpo.mft rsync://rpki.ripe.net/repository/DEFAULT/gXS2uiCeYit5ihT86qlEdi-nYpo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:df:6d:62:d6:01:d9:d6:96:e2:74:7c:f2:ed:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8174b6ba209e622b798a14fceaa944762fa7629a Validity Not Before: Dec 6 04:00:54 2025 GMT Not After : Dec 7 04:00:54 2025 GMT Subject: CN=c0379fb4821979c507fc42808a02331d12efee97 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:30:63:b0:58:d5:bc:2b:21:58:72:5f:29:b9: 9a:17:e3:57:78:1e:c9:4c:41:48:0e:e7:86:33:c0: 2b:df:cf:f1:ae:96:69:79:d1:2c:2d:3a:12:b7:ce: 6a:4c:89:d4:61:fd:17:8b:8f:c6:e3:9c:97:6b:b8: 76:dc:32:f1:cf:fe:c7:df:8c:e5:3d:70:df:fa:19: 98:38:d6:06:3c:11:da:e1:60:09:3e:f8:e0:71:25: f2:7e:23:d5:61:8e:54:04:bd:2a:b6:3a:0f:aa:a8: 5e:8e:e3:08:54:8f:1d:79:2b:ea:6b:84:62:35:60: a5:b6:8b:9c:29:c6:25:39:8b:05:15:f3:b1:28:be: cc:c3:9b:bd:40:c3:a9:66:a0:15:1c:53:90:90:08: ab:26:6c:b4:3d:10:9d:9f:41:ed:b3:93:a3:1a:00: 72:42:f4:22:db:12:0c:6e:ea:93:59:47:42:90:73: a5:6d:85:da:9b:00:52:bf:32:fa:33:e3:e6:fd:37: e4:90:90:e0:ec:cb:67:2b:cf:68:68:86:b5:3b:92: aa:3a:8a:f0:c1:da:4a:11:9e:82:88:7d:d7:10:78: a3:66:68:9c:d0:9d:1a:6d:dd:61:85:03:3d:04:5b: 45:aa:6a:4d:73:e2:94:e3:84:88:3c:85:8a:7e:e7: 67:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:37:9F:B4:82:19:79:C5:07:FC:42:80:8A:02:33:1D:12:EF:EE:97 X509v3 Authority Key Identifier: keyid:81:74:B6:BA:20:9E:62:2B:79:8A:14:FC:EA:A9:44:76:2F:A7:62:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gXS2uiCeYit5ihT86qlEdi-nYpo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/dc9082-5a9f-41ee-8d44-618cd0682b10/1/gXS2uiCeYit5ihT86qlEdi-nYpo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/dc9082-5a9f-41ee-8d44-618cd0682b10/1/gXS2uiCeYit5ihT86qlEdi-nYpo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 55:b5:b6:6e:49:ad:36:06:3a:85:02:81:e4:e1:fd:89:d5:de: f6:0d:99:4c:4a:d3:5c:b3:49:91:e9:92:ab:00:25:79:76:37: 67:c0:30:45:eb:c5:22:a0:eb:6e:87:6f:0d:8e:31:9e:55:07: 59:e0:31:eb:d8:b7:5f:94:8f:1c:8b:13:bd:55:e8:2c:85:7b: 2e:47:a7:cd:d5:e8:a9:d4:00:c6:40:de:90:b2:e3:04:e1:cb: 65:25:b4:23:6a:2d:b2:19:49:17:94:a5:98:39:03:09:0f:06: 83:f4:fc:fa:d9:cf:4e:87:73:12:91:d4:b1:2a:36:49:c5:0b: 65:dc:de:38:87:d6:bd:92:35:4e:49:1f:f2:4d:2c:c6:8a:bb: 57:4f:0a:af:59:17:d3:86:a4:8a:0d:df:c1:49:f4:f9:39:7d: 5d:91:b5:25:05:8d:a3:df:c3:73:19:26:46:b3:e0:ec:64:ed: 2c:38:f4:dd:64:07:73:46:50:54:dc:b7:b5:07:d0:11:b0:5d: fb:04:d8:60:94:74:0c:fa:c4:45:81:13:63:aa:1a:84:79:df: 35:c7:ef:4e:d3:19:bc:74:f5:b7:bd:41:23:b7:59:94:df:12: 52:41:96:26:ed:47:71:b0:a9:9e:75:83:15:d9:e0:d6:17:6e: ad:49:48:af -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0d9tYtYB2daW4nR88u0eMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgxNzRiNmJhMjA5ZTYyMmI3OThhMTRmY2VhYTk0NDc2MmZh NzYyOWEwHhcNMjUxMjA2MDQwMDU0WhcNMjUxMjA3MDQwMDU0WjAzMTEwLwYDVQQD EyhjMDM3OWZiNDgyMTk3OWM1MDdmYzQyODA4YTAyMzMxZDEyZWZlZTk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDBjsFjVvCshWHJfKbmaF+NXeB7J TEFIDueGM8Ar38/xrpZpedEsLToSt85qTInUYf0Xi4/G45yXa7h23DLxz/7H34zl PXDf+hmYONYGPBHa4WAJPvjgcSXyfiPVYY5UBL0qtjoPqqhejuMIVI8deSvqa4Ri NWCltoucKcYlOYsFFfOxKL7Mw5u9QMOpZqAVHFOQkAirJmy0PRCdn0Hts5OjGgBy QvQi2xIMbuqTWUdCkHOlbYXamwBSvzL6M+Pm/TfkkJDg7MtnK89oaIa1O5KqOorw wdpKEZ6CiH3XEHijZmic0J0abd1hhQM9BFtFqmpNc+KU44SIPIWKfudnNQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMA3n7SCGXnFB/xCgIoCMx0S7+6XMB8GA1UdIwQY MBaAFIF0trognmIreYoU/OqpRHYvp2KaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ1hTMnVpQ2VZaXQ1aWhUODZxbEVkaS1uWXBvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9kYzkwODItNWE5Zi00MWVlLThkNDQt NjE4Y2QwNjgyYjEwLzEvZ1hTMnVpQ2VZaXQ1aWhUODZxbEVkaS1uWXBvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OS9kYzkwODItNWE5Zi00MWVlLThkNDQtNjE4Y2QwNjgyYjEw LzEvZ1hTMnVpQ2VZaXQ1aWhUODZxbEVkaS1uWXBvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVbW2bkmt NgY6hQKB5OH9idXe9g2ZTErTXLNJkemSqwAleXY3Z8AwRevFIqDrbodvDY4xnlUH WeAx69i3X5SPHIsTvVXoLIV7LkenzdXoqdQAxkDekLLjBOHLZSW0I2otshlJF5Sl mDkDCQ8Gg/T8+tnPTodzEpHUsSo2ScULZdzeOIfWvZI1Tkkf8k0sxoq7V08Kr1kX 04akig3fwUn0+Tl9XZG1JQWNo9/DcxkmRrPg7GTtLDj03WQHc0ZQVNy3tQfQEbBd +wTYYJR0DPrERYETY6oahHnfNcfvTtMZvHT1t71BI7dZlN8SUkGWJu1HcbCpnnWD Fdng1hdurUlIrw== -----END CERTIFICATE-----Generated at Sat Dec 6 10:17:40 2025 by rpki-client