This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/86b54c-b980-4817-8df6-dce7781a2c5c/1/Gwm9TWooxfH75oPPKs1ei_K65MQ.mft File: Gwm9TWooxfH75oPPKs1ei_K65MQ.mft (raw, json) Hash identifier: W9fLXnFDV6pHv2xu31i8pv8vV8gBy3PasjGz2J7lngg= Subject key identifier: 41:02:34:79:93:80:5F:A6:BB:5E:65:88:AA:A8:83:1D:F3:E7:39:D1 Authority key identifier: 1B:09:BD:4D:6A:28:C5:F1:FB:E6:83:CF:2A:CD:5E:8B:F2:BA:E4:C4 Certificate issuer: /CN=1b09bd4d6a28c5f1fbe683cf2acd5e8bf2bae4c4 Certificate serial: 019AF12E52D48C9A932CD6001447DB530373 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gwm9TWooxfH75oPPKs1ei_K65MQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/86b54c-b980-4817-8df6-dce7781a2c5c/1/Gwm9TWooxfH75oPPKs1ei_K65MQ.mft Manifest number: 052A Signing time: Sat 06 Dec 2025 01:02:16 +0000 Manifest this update: Sat 06 Dec 2025 01:02:16 +0000 Manifest next update: Sun 07 Dec 2025 01:02:16 +0000 Files and hashes: 1: Gwm9TWooxfH75oPPKs1ei_K65MQ.crl (hash: QYQ+WByuqR2hFwe7mq9JzsEpfjOD+4hAVuPMXGewslc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/86b54c-b980-4817-8df6-dce7781a2c5c/1/Gwm9TWooxfH75oPPKs1ei_K65MQ.crl rsync://rpki.ripe.net/repository/DEFAULT/9a/86b54c-b980-4817-8df6-dce7781a2c5c/1/Gwm9TWooxfH75oPPKs1ei_K65MQ.mft rsync://rpki.ripe.net/repository/DEFAULT/Gwm9TWooxfH75oPPKs1ei_K65MQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:52:d4:8c:9a:93:2c:d6:00:14:47:db:53:03:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1b09bd4d6a28c5f1fbe683cf2acd5e8bf2bae4c4 Validity Not Before: Dec 6 01:02:16 2025 GMT Not After : Dec 7 01:02:16 2025 GMT Subject: CN=4102347993805fa6bb5e6588aaa8831df3e739d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:ed:bb:f8:5a:a0:80:3b:23:cf:d9:cc:2a:47: 1b:90:37:0d:44:1b:0a:6d:44:73:90:9e:57:f6:37: 0a:8e:f4:02:ef:e1:57:dd:7c:e5:1b:d1:0a:36:f9: e4:ca:2b:a6:29:75:74:95:85:03:13:08:c0:15:5a: a5:c1:43:34:fb:21:6f:80:24:0e:9f:02:fe:7c:fb: ca:fb:fb:3e:29:f2:69:44:bf:d9:3d:0d:97:7f:7b: 26:89:21:a0:5f:49:d6:52:b7:74:54:cc:15:e3:f0: e4:74:1c:59:b5:d5:ed:0a:f3:5e:0c:3e:b3:5f:6f: e1:9e:3a:6f:1f:fd:47:16:b5:e4:bb:da:8c:70:1f: 9f:59:f1:6e:74:75:a7:10:59:c7:1a:f2:45:bf:96: 43:67:3d:80:28:8b:33:d3:fc:da:83:c4:be:8d:42: c8:35:e6:f5:47:8c:29:32:cd:8c:d6:53:8a:2a:29: 85:bc:3a:69:7c:ef:86:23:3a:e6:44:39:f8:62:1a: ae:29:1c:07:de:b6:1c:ae:1d:9c:d7:df:66:35:af: 74:7c:c0:2e:a8:d4:cc:16:df:58:d8:a3:4b:e4:8e: a9:cb:44:7b:62:32:4e:45:ad:87:9f:16:bf:b2:a7: 83:b5:d6:91:bb:2a:9e:c3:75:9b:90:e1:b1:5f:17: 8a:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:02:34:79:93:80:5F:A6:BB:5E:65:88:AA:A8:83:1D:F3:E7:39:D1 X509v3 Authority Key Identifier: keyid:1B:09:BD:4D:6A:28:C5:F1:FB:E6:83:CF:2A:CD:5E:8B:F2:BA:E4:C4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gwm9TWooxfH75oPPKs1ei_K65MQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/86b54c-b980-4817-8df6-dce7781a2c5c/1/Gwm9TWooxfH75oPPKs1ei_K65MQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/86b54c-b980-4817-8df6-dce7781a2c5c/1/Gwm9TWooxfH75oPPKs1ei_K65MQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1b:ea:1a:e0:54:2d:d5:72:44:4b:ed:93:3f:e0:66:dd:ba:b7: cf:a5:07:b6:5a:2f:4c:e9:97:90:31:53:cb:cd:9c:f2:13:a1: 9d:fa:22:53:0c:fd:a6:6a:9f:22:2a:0b:e3:73:5f:3c:75:20: 6d:fa:03:7e:5a:27:fc:cd:57:b2:5b:1b:c1:04:ed:30:5e:c7: 90:8d:54:b5:92:a6:83:6e:0d:ed:37:3c:10:0d:ca:c8:64:3d: 7d:f6:23:67:8d:15:d1:69:ed:0f:43:ab:7f:11:60:04:22:41: 7a:e0:23:25:56:e4:2b:b7:07:09:7d:4e:3c:44:3f:0a:2e:ec: be:87:4a:5b:18:c6:eb:52:1d:48:5b:c6:32:89:f2:60:28:11: 91:a9:2e:06:e2:21:b1:3a:d1:cb:5a:39:6f:9c:87:41:5f:de: af:67:51:42:4d:ac:bc:6a:28:a6:e4:f5:16:69:8a:5d:d0:ee: 07:bb:5c:be:7f:7a:b7:02:00:06:51:60:d7:e3:9f:36:da:0b: 28:e6:c9:e1:47:d1:05:57:f9:dd:2d:44:43:fe:c2:7f:94:46: ac:8d:0f:e6:69:f8:0f:bc:19:96:0c:36:ce:2c:65:65:6f:6c: dd:a1:c7:4d:f6:53:86:be:59:7c:83:d1:51:aa:56:88:c6:77: 41:d0:79:55 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLlLUjJqTLNYAFEfbUwNzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiMDliZDRkNmEyOGM1ZjFmYmU2ODNjZjJhY2Q1ZThiZjJi YWU0YzQwHhcNMjUxMjA2MDEwMjE2WhcNMjUxMjA3MDEwMjE2WjAzMTEwLwYDVQQD Eyg0MTAyMzQ3OTkzODA1ZmE2YmI1ZTY1ODhhYWE4ODMxZGYzZTczOWQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAne27+FqggDsjz9nMKkcbkDcNRBsK bURzkJ5X9jcKjvQC7+FX3XzlG9EKNvnkyiumKXV0lYUDEwjAFVqlwUM0+yFvgCQO nwL+fPvK+/s+KfJpRL/ZPQ2Xf3smiSGgX0nWUrd0VMwV4/DkdBxZtdXtCvNeDD6z X2/hnjpvH/1HFrXku9qMcB+fWfFudHWnEFnHGvJFv5ZDZz2AKIsz0/zag8S+jULI Neb1R4wpMs2M1lOKKimFvDppfO+GIzrmRDn4YhquKRwH3rYcrh2c199mNa90fMAu qNTMFt9Y2KNL5I6py0R7YjJORa2Hnxa/sqeDtdaRuyqew3WbkOGxXxeKyQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEECNHmTgF+mu15liKqogx3z5znRMB8GA1UdIwQY MBaAFBsJvU1qKMXx++aDzyrNXovyuuTEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR3dtOVRXb294Zkg3NW9QUEtzMWVpX0s2NU1RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS84NmI1NGMtYjk4MC00ODE3LThkZjYt ZGNlNzc4MWEyYzVjLzEvR3dtOVRXb294Zkg3NW9QUEtzMWVpX0s2NU1RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85YS84NmI1NGMtYjk4MC00ODE3LThkZjYtZGNlNzc4MWEyYzVj LzEvR3dtOVRXb294Zkg3NW9QUEtzMWVpX0s2NU1RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG+oa4FQt 1XJES+2TP+Bm3bq3z6UHtlovTOmXkDFTy82c8hOhnfoiUwz9pmqfIioL43NfPHUg bfoDflon/M1XslsbwQTtMF7HkI1UtZKmg24N7Tc8EA3KyGQ9ffYjZ40V0WntD0Or fxFgBCJBeuAjJVbkK7cHCX1OPEQ/Ci7svodKWxjG61IdSFvGMonyYCgRkakuBuIh sTrRy1o5b5yHQV/er2dRQk2svGoopuT1FmmKXdDuB7tcvn96twIABlFg1+OfNtoL KObJ4UfRBVf53S1EQ/7Cf5RGrI0P5mn4D7wZlgw2zixlZW9s3aHHTfZThr5ZfIPR UapWiMZ3QdB5VQ== -----END CERTIFICATE-----Generated at Sat Dec 6 07:10:32 2025 by rpki-client