This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft File: gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft (raw, json) Hash identifier: CWazVfl4UHMfSIouKAw9gw2UdlfooBABMg1LqwtQpIQ= Subject key identifier: FC:1D:D7:03:E3:AE:48:46:64:0C:9B:65:26:0C:53:86:CA:FA:60:5A Authority key identifier: 80:A9:21:40:84:33:B6:6E:A5:0A:40:00:AA:CE:10:D2:AD:D0:6A:85 Certificate issuer: /CN=80a921408433b66ea50a4000aace10d2add06a85 Certificate serial: 019AF578478E3308EBA85AB22C67B17AB452 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gKkhQIQztm6lCkAAqs4Q0q3QaoU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft Manifest number: 05BB Signing time: Sat 06 Dec 2025 21:01:31 +0000 Manifest this update: Sat 06 Dec 2025 21:01:31 +0000 Manifest next update: Sun 07 Dec 2025 21:01:31 +0000 Files and hashes: 1: gKkhQIQztm6lCkAAqs4Q0q3QaoU.crl (hash: FfeZbDmRNbYl01U9Ln1nfcDbcqXVnCuqpn+srvgu6ps=) 2: knOts_9A8gA0IVqYk7a99kaTuRI.roa (hash: kCE50cAQS4imaI4wXAlSfVZnkYJchZQUkd+tGc4tAWc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.crl rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft rsync://rpki.ripe.net/repository/DEFAULT/gKkhQIQztm6lCkAAqs4Q0q3QaoU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:01:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:78:47:8e:33:08:eb:a8:5a:b2:2c:67:b1:7a:b4:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=80a921408433b66ea50a4000aace10d2add06a85 Validity Not Before: Dec 6 21:01:31 2025 GMT Not After : Dec 7 21:01:31 2025 GMT Subject: CN=fc1dd703e3ae4846640c9b65260c5386cafa605a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:7e:07:e0:cb:67:42:32:cf:d4:54:e6:0f:01: d7:16:a1:6b:08:3c:e9:66:89:ba:25:7c:16:83:5e: 33:0c:de:86:39:e0:b6:1a:e2:15:33:26:55:98:b0: c8:99:bc:e1:95:ad:8b:77:47:04:b5:c3:bd:66:8d: df:67:d8:e8:1d:d8:94:21:58:28:d2:0a:9b:03:db: 2f:60:1e:6d:43:92:ad:23:2b:a7:97:2c:e5:bb:a8: ea:3c:68:c9:ec:70:51:15:06:bd:8a:69:15:37:24: b0:cb:99:41:f4:2e:48:65:9b:a5:e5:ac:e3:bf:96: fb:93:4a:96:52:f1:22:68:8f:a7:4a:7e:76:d2:be: 4b:3b:a9:8e:aa:03:a3:9f:29:0f:83:60:45:3d:55: 72:df:83:89:df:4c:cd:b2:97:cd:1f:b7:c9:24:f2: 4f:38:19:d5:e0:97:d1:e8:86:8c:55:f9:12:3a:60: 1c:7c:1f:ac:7d:d8:49:4c:c3:3a:94:7b:6f:20:6e: df:8e:33:e0:73:97:8e:9c:14:87:44:69:2c:64:3c: 67:bf:3c:94:6c:3e:65:63:d8:16:bc:87:9e:e1:14: 44:ed:41:33:b2:3f:d2:a2:f9:92:58:d6:da:ab:8f: d8:cf:c1:14:79:f0:c5:90:5f:b7:7e:a0:42:0a:50: 32:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:1D:D7:03:E3:AE:48:46:64:0C:9B:65:26:0C:53:86:CA:FA:60:5A X509v3 Authority Key Identifier: keyid:80:A9:21:40:84:33:B6:6E:A5:0A:40:00:AA:CE:10:D2:AD:D0:6A:85 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gKkhQIQztm6lCkAAqs4Q0q3QaoU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d809b1-faf7-40c2-94ba-f1815a41a033/1/gKkhQIQztm6lCkAAqs4Q0q3QaoU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 35:b9:f7:f6:94:56:e5:05:5d:c3:f8:c6:bd:c0:f1:11:e4:25: 78:73:9e:18:95:be:63:a2:fe:d3:ec:78:c0:56:1e:f1:94:25: 8b:47:50:9c:c4:6c:9f:eb:61:04:ea:7a:f8:a0:de:be:9c:75: e5:8d:41:30:61:35:d4:f7:3b:6e:92:21:19:0f:d4:2a:fe:1f: 3e:41:9f:2f:80:15:e2:ff:c2:3c:52:b5:41:18:5d:2e:62:d9: f3:d4:7c:0c:50:a6:8d:c5:50:5f:66:4f:72:c3:68:83:c8:8f: fb:51:08:9c:0e:f8:a2:9f:5f:b3:79:e0:34:73:90:c2:2c:14: 0d:0f:c3:f2:b2:69:f2:27:29:62:be:2d:46:ab:25:f7:43:1c: 89:24:a8:c9:db:ee:e6:2d:26:ef:41:5e:3e:e8:3e:d3:36:51: 44:06:0b:03:e9:74:71:23:c2:1f:5a:91:1e:2c:a8:d9:01:31: f6:21:be:bd:51:eb:f7:ec:88:6c:99:7d:87:3e:ca:6e:90:91: c2:4d:77:95:17:a6:48:32:2a:2a:03:85:3a:63:48:70:fa:db: 2b:ca:af:b8:dc:f3:8e:92:db:ac:7d:d8:95:11:48:d1:e1:72: c4:d9:2b:2d:be:35:1a:12:b1:2c:33:d3:b9:b1:99:7c:84:d3: 7c:f7:78:33 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1eEeOMwjrqFqyLGexerRSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgwYTkyMTQwODQzM2I2NmVhNTBhNDAwMGFhY2UxMGQyYWRk MDZhODUwHhcNMjUxMjA2MjEwMTMxWhcNMjUxMjA3MjEwMTMxWjAzMTEwLwYDVQQD EyhmYzFkZDcwM2UzYWU0ODQ2NjQwYzliNjUyNjBjNTM4NmNhZmE2MDVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA134H4MtnQjLP1FTmDwHXFqFrCDzp Zom6JXwWg14zDN6GOeC2GuIVMyZVmLDImbzhla2Ld0cEtcO9Zo3fZ9joHdiUIVgo 0gqbA9svYB5tQ5KtIyunlyzlu6jqPGjJ7HBRFQa9imkVNySwy5lB9C5IZZul5azj v5b7k0qWUvEiaI+nSn520r5LO6mOqgOjnykPg2BFPVVy34OJ30zNspfNH7fJJPJP OBnV4JfR6IaMVfkSOmAcfB+sfdhJTMM6lHtvIG7fjjPgc5eOnBSHRGksZDxnvzyU bD5lY9gWvIee4RRE7UEzsj/SovmSWNbaq4/Yz8EUefDFkF+3fqBCClAyhwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPwd1wPjrkhGZAybZSYMU4bK+mBaMB8GA1UdIwQY MBaAFICpIUCEM7ZupQpAAKrOENKt0GqFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ0traFFJUXp0bTZsQ2tBQXFzNFEwcTNRYW9VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kODA5YjEtZmFmNy00MGMyLTk0YmEt ZjE4MTVhNDFhMDMzLzEvZ0traFFJUXp0bTZsQ2tBQXFzNFEwcTNRYW9VLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMS9kODA5YjEtZmFmNy00MGMyLTk0YmEtZjE4MTVhNDFhMDMz LzEvZ0traFFJUXp0bTZsQ2tBQXFzNFEwcTNRYW9VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANbn39pRW 5QVdw/jGvcDxEeQleHOeGJW+Y6L+0+x4wFYe8ZQli0dQnMRsn+thBOp6+KDevpx1 5Y1BMGE11Pc7bpIhGQ/UKv4fPkGfL4AV4v/CPFK1QRhdLmLZ89R8DFCmjcVQX2ZP csNog8iP+1EInA74op9fs3ngNHOQwiwUDQ/D8rJp8icpYr4tRqsl90MciSSoydvu 5i0m70FePug+0zZRRAYLA+l0cSPCH1qRHiyo2QEx9iG+vVHr9+yIbJl9hz7KbpCR wk13lRemSDIqKgOFOmNIcPrbK8qvuNzzjpLbrH3YlRFI0eFyxNkrLb41GhKxLDPT ubGZfITTfPd4Mw== -----END CERTIFICATE-----Generated at Sun Dec 7 00:50:43 2025 by rpki-client