This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft File: Gvq72Ih6kieJRewu74JDoSlq33g.mft (raw, json) Hash identifier: lvFaC9hWrbmmME46ZoXgZsqvKAqkbGZVSBtmdUf4YRE= Subject key identifier: 8B:37:1F:0D:D1:C3:FB:59:E4:5A:2C:01:57:DF:6D:DE:7E:07:DA:C4 Authority key identifier: 1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78 Certificate issuer: /CN=1afabbd8887a92278945ec2eef8243a1296adf78 Certificate serial: 019AFCC51EDEF4EE6AE2670E61A41D697488 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft Manifest number: 1764 Signing time: Mon 08 Dec 2025 07:02:48 +0000 Manifest this update: Mon 08 Dec 2025 07:02:48 +0000 Manifest next update: Tue 09 Dec 2025 07:02:48 +0000 Files and hashes: 1: Gvq72Ih6kieJRewu74JDoSlq33g.crl (hash: jbm0ZqJFyDONxZHL7Ybs5gGL8VYeJQh8c3N397vqOVk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 09 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:fc:c5:1e:de:f4:ee:6a:e2:67:0e:61:a4:1d:69:74:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1afabbd8887a92278945ec2eef8243a1296adf78 Validity Not Before: Dec 8 07:02:48 2025 GMT Not After : Dec 9 07:02:48 2025 GMT Subject: CN=8b371f0dd1c3fb59e45a2c0157df6dde7e07dac4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:68:df:71:b6:c1:29:ff:94:61:ef:85:c1:9e: 04:c0:c1:cd:13:4e:99:af:2c:6b:97:b6:be:f4:2f: 53:56:27:a4:6e:7f:aa:ce:56:f1:27:7a:5c:3f:69: e0:50:08:71:5f:1d:7e:15:32:e6:f9:49:21:ce:26: 0f:48:da:75:4d:bd:44:e8:07:82:3d:9c:3f:51:36: b5:2b:74:3f:61:86:fc:7e:c6:40:f8:ba:29:72:6b: 74:7b:db:2c:c1:5a:d5:e0:75:53:4e:dc:16:da:19: dc:77:67:3b:08:cf:3d:4a:73:8d:5c:55:df:21:56: c6:48:48:f6:e8:19:76:6c:4d:bb:35:1c:48:19:9a: 2c:30:ff:a2:3d:96:cf:87:f9:ee:07:b0:83:99:58: b9:e3:24:a8:1b:00:57:05:6c:f3:6b:00:b1:60:35: 0f:6a:8c:d1:c2:8a:fb:38:f0:22:b9:da:5f:d8:1e: 7e:39:b4:60:fd:35:53:f2:e0:00:7c:db:8c:78:fc: bc:7a:f1:8b:5c:b8:5c:e3:80:29:c4:62:f1:8a:ae: 10:a6:17:8c:a7:e7:14:59:a2:04:37:31:57:ca:81: 50:19:08:38:3d:af:05:eb:9e:5f:68:c7:64:77:e5: 06:5d:39:27:c2:6a:09:48:5a:13:a4:81:67:b3:8b: a7:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:37:1F:0D:D1:C3:FB:59:E4:5A:2C:01:57:DF:6D:DE:7E:07:DA:C4 X509v3 Authority Key Identifier: keyid:1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 30:98:2b:ce:10:92:56:75:1e:71:5e:8e:7f:c8:47:db:19:34: 9d:1c:0c:f0:80:4c:2d:10:cd:8c:72:0f:d3:06:87:3f:b1:e4: f5:2e:a3:6d:f5:48:6b:83:56:73:ed:05:de:30:05:d3:55:fa: e8:9f:75:cd:c6:7f:1a:60:96:70:2c:b2:dc:46:b4:32:89:dd: bf:6b:f4:71:74:75:f0:17:d4:78:95:fc:b7:05:f5:42:49:b7: c1:e8:24:f1:af:06:40:0f:05:22:6e:45:89:5b:88:46:02:07: 7b:5b:ae:51:be:71:a5:f5:1a:ea:0e:9f:48:75:2e:5e:b4:d8: 5c:16:c9:90:bc:73:20:63:ee:97:b7:b1:f4:ff:4b:9c:54:42: a6:e8:e3:b0:d2:83:dc:ee:7d:5d:12:dc:26:2c:af:ca:1a:ed: 86:79:83:1c:e3:f1:f9:50:37:94:5d:5b:2c:17:cc:87:21:a8: 34:b0:a8:bc:0f:b6:9e:91:be:ea:0c:40:55:d7:f8:fc:d2:88: e2:69:b6:65:19:e1:ca:6c:16:4a:94:d6:1b:e8:e6:e9:36:5a: 43:34:6f:a5:d5:2c:26:96:a6:29:2f:16:ca:31:1b:59:7e:db: ef:d3:2d:41:f2:3c:25:f2:f4:12:a4:fe:2b:4e:62:e3:da:d8: 90:0a:d4:53 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr8xR7e9O5q4mcOYaQdaXSIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFhZmFiYmQ4ODg3YTkyMjc4OTQ1ZWMyZWVmODI0M2ExMjk2 YWRmNzgwHhcNMjUxMjA4MDcwMjQ4WhcNMjUxMjA5MDcwMjQ4WjAzMTEwLwYDVQQD Eyg4YjM3MWYwZGQxYzNmYjU5ZTQ1YTJjMDE1N2RmNmRkZTdlMDdkYWM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmjfcbbBKf+UYe+FwZ4EwMHNE06Z ryxrl7a+9C9TViekbn+qzlbxJ3pcP2ngUAhxXx1+FTLm+UkhziYPSNp1Tb1E6AeC PZw/UTa1K3Q/YYb8fsZA+Lopcmt0e9sswVrV4HVTTtwW2hncd2c7CM89SnONXFXf IVbGSEj26Bl2bE27NRxIGZosMP+iPZbPh/nuB7CDmVi54ySoGwBXBWzzawCxYDUP aozRwor7OPAiudpf2B5+ObRg/TVT8uAAfNuMePy8evGLXLhc44ApxGLxiq4QpheM p+cUWaIENzFXyoFQGQg4Pa8F655faMdkd+UGXTknwmoJSFoTpIFns4unQwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIs3Hw3Rw/tZ5FosAVffbd5+B9rEMB8GA1UdIwQY MBaAFBr6u9iIepIniUXsLu+CQ6Epat94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUt NTE2MDY1YjZjZmE1LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUtNTE2MDY1YjZjZmE1 LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMJgrzhCS VnUecV6Of8hH2xk0nRwM8IBMLRDNjHIP0waHP7Hk9S6jbfVIa4NWc+0F3jAF01X6 6J91zcZ/GmCWcCyy3Ea0Mondv2v0cXR18BfUeJX8twX1Qkm3wegk8a8GQA8FIm5F iVuIRgIHe1uuUb5xpfUa6g6fSHUuXrTYXBbJkLxzIGPul7ex9P9LnFRCpujjsNKD 3O59XRLcJiyvyhrthnmDHOPx+VA3lF1bLBfMhyGoNLCovA+2npG+6gxAVdf4/NKI 4mm2ZRnhymwWSpTWG+jm6TZaQzRvpdUsJpamKS8WyjEbWX7b79MtQfI8JfL0EqT+ K05i49rYkArUUw== -----END CERTIFICATE-----Generated at Mon Dec 8 09:10:57 2025 by rpki-client