This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.mft File: GhgxUqZBpAN71soKarQcukbaV9s.mft (raw, json) Hash identifier: 5ziQQZ1srcWqqdXBbp2bMV98G2eKsxg5X5cdWjB8r8g= Subject key identifier: D4:BB:83:6D:32:4D:8D:72:1D:97:B5:6A:7F:11:1A:0B:B0:5A:11:9A Authority key identifier: 1A:18:31:52:A6:41:A4:03:7B:D6:CA:0A:6A:B4:1C:BA:46:DA:57:DB Certificate issuer: /CN=1a183152a641a4037bd6ca0a6ab41cba46da57db Certificate serial: 019B32D6A4ED892BF5DB48A6F14F058F488B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GhgxUqZBpAN71soKarQcukbaV9s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.mft Manifest number: 10A5 Signing time: Thu 18 Dec 2025 19:01:26 +0000 Manifest this update: Thu 18 Dec 2025 19:01:26 +0000 Manifest next update: Fri 19 Dec 2025 19:01:26 +0000 Files and hashes: 1: GhgxUqZBpAN71soKarQcukbaV9s.crl (hash: 78FjkYuk/oPKpnwSGBP9iIW6xVR1VgL4DbfektxwTQw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.crl rsync://rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.mft rsync://rpki.ripe.net/repository/DEFAULT/GhgxUqZBpAN71soKarQcukbaV9s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 19:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d6:a4:ed:89:2b:f5:db:48:a6:f1:4f:05:8f:48:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1a183152a641a4037bd6ca0a6ab41cba46da57db Validity Not Before: Dec 18 19:01:26 2025 GMT Not After : Dec 19 19:01:26 2025 GMT Subject: CN=d4bb836d324d8d721d97b56a7f111a0bb05a119a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:21:3b:9c:f9:37:6c:02:08:ff:28:64:97:8d: 8c:73:2b:e5:e6:20:62:0d:a3:1c:ca:89:75:f2:c3: 8c:5c:5c:5e:f0:1d:03:38:28:dc:ed:62:e1:30:d7: 12:98:6d:ac:51:62:a3:4b:8a:3f:a0:b6:84:d7:e7: 15:5b:08:2a:25:b1:66:e8:29:20:2e:6e:50:7e:20: 78:9e:db:9a:3d:ab:37:7d:04:c4:db:62:d8:4d:17: be:65:b8:e5:9f:07:5e:7d:31:8b:0c:b9:9c:d8:1c: bf:cf:27:a8:67:7f:ad:c0:c0:13:74:b3:ad:d0:04: 0b:6d:1f:87:43:2e:bc:2c:76:b2:c3:73:3d:e0:91: c9:84:ee:a4:f3:e2:85:75:d6:23:bf:a0:4b:49:d7: 21:0a:be:df:53:38:81:e9:de:1e:5c:19:da:b7:d9: 67:eb:a0:fe:12:22:25:cd:ea:92:e0:16:12:70:e8: ec:a1:ff:b7:a7:03:57:9e:2e:e8:39:1b:b0:f8:e9: d9:83:36:f7:bd:fe:d2:69:c0:6c:c2:6f:9e:4c:6f: e5:68:67:59:49:ab:98:7e:ee:57:de:1e:1c:25:7c: 42:f8:45:28:ac:fa:e9:1c:9a:72:75:5a:e8:6a:6b: be:d2:33:48:d3:96:c3:a1:5b:34:5c:5a:55:42:bf: e7:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:BB:83:6D:32:4D:8D:72:1D:97:B5:6A:7F:11:1A:0B:B0:5A:11:9A X509v3 Authority Key Identifier: keyid:1A:18:31:52:A6:41:A4:03:7B:D6:CA:0A:6A:B4:1C:BA:46:DA:57:DB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GhgxUqZBpAN71soKarQcukbaV9s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/83/c3e03d-a4db-4050-906c-56294c708faf/1/GhgxUqZBpAN71soKarQcukbaV9s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 21:88:fc:cc:3e:28:dc:91:46:00:d5:eb:53:8b:68:d9:38:00: c1:7f:12:04:52:bc:1d:1d:b4:31:f3:0e:d0:92:cc:f1:8b:ac: 15:fe:b2:ba:82:75:1a:d9:82:eb:fa:bc:fc:81:0d:07:d0:62: f7:2b:52:f3:dc:7a:7c:be:ad:21:56:dd:2a:21:22:51:7c:7d: 6a:0c:f7:d4:18:3f:c8:d6:b3:fe:97:35:31:8e:d4:fc:af:40: d4:98:bd:d7:12:53:47:12:47:9a:83:24:fe:00:80:71:87:06: 37:2e:ca:fc:dc:22:d2:57:55:3f:5f:f6:ee:f6:6c:d6:94:f1: ea:9e:69:9e:ad:a0:45:df:14:33:15:8f:9f:0c:ff:b8:07:67: 74:7e:c1:0f:2f:b7:37:d4:4f:46:f1:20:c9:8b:03:53:c0:05: 0c:56:ab:11:b9:ed:9e:e6:57:00:ea:2a:66:83:d3:78:47:ab: 58:e9:5b:2c:26:36:07:af:ce:4c:74:43:11:b2:af:52:9d:a3: bf:68:bd:24:fe:56:03:ba:4f:a0:c8:96:cf:04:ff:f2:c5:41: e7:28:62:6e:c7:c9:08:1c:39:62:b2:0e:45:f0:d8:ea:de:86: 3a:10:9d:51:22:23:f5:86:10:8d:1b:84:05:61:b1:11:b5:35: 90:75:70:ae -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy1qTtiSv120im8U8Fj0iLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFhMTgzMTUyYTY0MWE0MDM3YmQ2Y2EwYTZhYjQxY2JhNDZk YTU3ZGIwHhcNMjUxMjE4MTkwMTI2WhcNMjUxMjE5MTkwMTI2WjAzMTEwLwYDVQQD EyhkNGJiODM2ZDMyNGQ4ZDcyMWQ5N2I1NmE3ZjExMWEwYmIwNWExMTlhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCE7nPk3bAII/yhkl42Mcyvl5iBi DaMcyol18sOMXFxe8B0DOCjc7WLhMNcSmG2sUWKjS4o/oLaE1+cVWwgqJbFm6Ckg Lm5QfiB4ntuaPas3fQTE22LYTRe+ZbjlnwdefTGLDLmc2By/zyeoZ3+twMATdLOt 0AQLbR+HQy68LHayw3M94JHJhO6k8+KFddYjv6BLSdchCr7fUziB6d4eXBnat9ln 66D+EiIlzeqS4BYScOjsof+3pwNXni7oORuw+OnZgzb3vf7SacBswm+eTG/laGdZ SauYfu5X3h4cJXxC+EUorPrpHJpydVroamu+0jNI05bDoVs0XFpVQr/n/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNS7g20yTY1yHZe1an8RGguwWhGaMB8GA1UdIwQY MBaAFBoYMVKmQaQDe9bKCmq0HLpG2lfbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR2hneFVxWkJwQU43MXNvS2FyUWN1a2JhVjlzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9jM2UwM2QtYTRkYi00MDUwLTkwNmMt NTYyOTRjNzA4ZmFmLzEvR2hneFVxWkJwQU43MXNvS2FyUWN1a2JhVjlzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84My9jM2UwM2QtYTRkYi00MDUwLTkwNmMtNTYyOTRjNzA4ZmFm LzEvR2hneFVxWkJwQU43MXNvS2FyUWN1a2JhVjlzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIYj8zD4o 3JFGANXrU4to2TgAwX8SBFK8HR20MfMO0JLM8YusFf6yuoJ1GtmC6/q8/IENB9Bi 9ytS89x6fL6tIVbdKiEiUXx9agz31Bg/yNaz/pc1MY7U/K9A1Ji91xJTRxJHmoMk /gCAcYcGNy7K/Nwi0ldVP1/27vZs1pTx6p5pnq2gRd8UMxWPnwz/uAdndH7BDy+3 N9RPRvEgyYsDU8AFDFarEbntnuZXAOoqZoPTeEerWOlbLCY2B6/OTHRDEbKvUp2j v2i9JP5WA7pPoMiWzwT/8sVB5yhibsfJCBw5YrIORfDY6t6GOhCdUSIj9YYQjRuE BWGxEbU1kHVwrg== -----END CERTIFICATE-----Generated at Fri Dec 19 01:21:44 2025 by rpki-client