This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft File: ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft (raw, json) Hash identifier: f26eWi30CbXIhABvOETxdDOPxUx0+cY7SMC2MoL3MAM= Subject key identifier: 0F:EE:55:18:AE:31:5D:16:D0:8C:0A:BF:6F:4D:51:E9:CC:09:0E:B6 Authority key identifier: 82:14:DC:48:B3:E9:19:E5:5C:E8:18:4D:3A:96:90:D1:49:25:BC:BD Certificate issuer: /CN=8214dc48b3e919e55ce8184d3a9690d14925bcbd Certificate serial: 019AF12EA11A90CE64919B85D7FFD258744C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ghTcSLPpGeVc6BhNOpaQ0UklvL0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft Manifest number: 0947 Signing time: Sat 06 Dec 2025 01:02:36 +0000 Manifest this update: Sat 06 Dec 2025 01:02:36 +0000 Manifest next update: Sun 07 Dec 2025 01:02:36 +0000 Files and hashes: 1: ghTcSLPpGeVc6BhNOpaQ0UklvL0.crl (hash: CmreXqS5OoR/FDkN1gEGMXTyeW5Q/NlqQQaGoYAQvAM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft rsync://rpki.ripe.net/repository/DEFAULT/ghTcSLPpGeVc6BhNOpaQ0UklvL0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:a1:1a:90:ce:64:91:9b:85:d7:ff:d2:58:74:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8214dc48b3e919e55ce8184d3a9690d14925bcbd Validity Not Before: Dec 6 01:02:36 2025 GMT Not After : Dec 7 01:02:36 2025 GMT Subject: CN=0fee5518ae315d16d08c0abf6f4d51e9cc090eb6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:00:dd:f8:e5:3d:18:52:40:28:f5:c4:85:dc: 1d:e5:b0:0e:53:16:61:07:19:08:6f:04:f4:d9:e8: dc:a7:79:22:71:57:e8:1f:69:c9:97:d5:61:92:e8: 04:a0:ec:ab:9b:06:eb:0f:17:b4:e7:fd:76:f8:ce: 7b:54:db:5a:23:ad:5c:b7:6c:14:6a:e0:3f:7d:bc: 67:cd:fd:a7:df:23:38:b8:d2:76:94:49:95:1b:1b: f2:ec:6e:f6:6c:b9:71:ab:f6:38:4e:77:cb:c2:ee: dd:8b:e4:d6:c6:63:5e:dc:13:d2:4d:a1:fe:2c:16: ea:a2:1f:c9:da:00:9e:eb:39:12:31:f8:74:1f:82: 2a:46:09:4a:98:b7:f4:f1:83:78:95:9a:bb:ff:2f: 12:9a:03:95:5e:6c:10:23:0d:f7:81:33:8b:1a:ed: 48:c2:ad:81:ce:3d:24:39:16:9a:4f:61:3c:4a:03: 26:8d:1a:4f:fc:2f:9f:c8:b2:33:9c:26:16:c0:25: 74:48:84:c1:df:a8:5e:35:42:62:7c:9b:4f:d0:6f: 48:0d:a7:3b:03:36:c8:61:cf:7b:85:30:cc:be:89: 2f:eb:72:ec:45:69:db:6a:1c:20:1c:85:1e:ed:15: cc:2d:e7:11:23:b9:05:b8:b1:8f:e8:20:ee:ab:a6: 86:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:EE:55:18:AE:31:5D:16:D0:8C:0A:BF:6F:4D:51:E9:CC:09:0E:B6 X509v3 Authority Key Identifier: keyid:82:14:DC:48:B3:E9:19:E5:5C:E8:18:4D:3A:96:90:D1:49:25:BC:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ghTcSLPpGeVc6BhNOpaQ0UklvL0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/2a7a18-8d4a-4e81-90a0-fbc026917f62/1/ghTcSLPpGeVc6BhNOpaQ0UklvL0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:ea:73:70:94:fd:af:25:8c:4b:c0:e4:be:5a:62:e9:4d:8a: a3:86:40:d8:82:a2:53:0b:0a:33:46:0e:f0:9f:03:5a:14:67: ca:08:1c:bf:78:c0:c7:02:cb:63:f7:22:c6:ef:0e:31:e2:74: 02:cd:14:73:97:a5:04:04:8e:d9:d5:72:a8:a3:10:f3:06:95: c5:0f:d3:07:5b:7b:8c:1c:71:a1:0e:3b:38:c2:6f:ca:d2:7a: 1e:c2:fe:d1:f9:21:51:fe:15:ec:1f:38:b6:62:75:90:ad:d6: 3b:b6:24:0b:d5:fb:ac:b2:68:49:49:15:a9:cd:f8:be:dd:17: bf:87:64:20:42:75:e4:24:80:92:a9:94:07:8e:d8:2a:b0:25: 77:0c:66:81:18:ea:5a:16:3a:cd:51:ad:3b:68:14:68:2a:2a: a5:f4:c9:dd:dc:45:79:b0:68:71:28:6c:05:35:aa:b9:d5:26: 86:2b:51:c2:c4:f8:1b:f5:5f:62:7e:d5:13:d8:dd:a8:07:db: 5c:a8:78:bb:63:59:97:f4:b0:3c:84:c5:33:2b:fa:0b:b1:d6: c6:17:61:1f:13:c8:b1:18:80:4c:97:61:ef:f3:76:46:4b:68: c0:5a:2c:f2:c9:9e:77:14:d0:80:10:33:a6:ee:23:51:c0:fa: 5e:e2:70:ab -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLqEakM5kkZuF1//SWHRMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgyMTRkYzQ4YjNlOTE5ZTU1Y2U4MTg0ZDNhOTY5MGQxNDky NWJjYmQwHhcNMjUxMjA2MDEwMjM2WhcNMjUxMjA3MDEwMjM2WjAzMTEwLwYDVQQD EygwZmVlNTUxOGFlMzE1ZDE2ZDA4YzBhYmY2ZjRkNTFlOWNjMDkwZWI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgDd+OU9GFJAKPXEhdwd5bAOUxZh BxkIbwT02ejcp3kicVfoH2nJl9VhkugEoOyrmwbrDxe05/12+M57VNtaI61ct2wU auA/fbxnzf2n3yM4uNJ2lEmVGxvy7G72bLlxq/Y4TnfLwu7di+TWxmNe3BPSTaH+ LBbqoh/J2gCe6zkSMfh0H4IqRglKmLf08YN4lZq7/y8SmgOVXmwQIw33gTOLGu1I wq2Bzj0kORaaT2E8SgMmjRpP/C+fyLIznCYWwCV0SITB36heNUJifJtP0G9IDac7 AzbIYc97hTDMvokv63LsRWnbahwgHIUe7RXMLecRI7kFuLGP6CDuq6aGxwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA/uVRiuMV0W0IwKv29NUenMCQ62MB8GA1UdIwQY MBaAFIIU3Eiz6RnlXOgYTTqWkNFJJby9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ2hUY1NMUHBHZVZjNkJoTk9wYVEwVWtsdkwwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yYTdhMTgtOGQ0YS00ZTgxLTkwYTAt ZmJjMDI2OTE3ZjYyLzEvZ2hUY1NMUHBHZVZjNkJoTk9wYVEwVWtsdkwwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC8yYTdhMTgtOGQ0YS00ZTgxLTkwYTAtZmJjMDI2OTE3ZjYy LzEvZ2hUY1NMUHBHZVZjNkJoTk9wYVEwVWtsdkwwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc+pzcJT9 ryWMS8Dkvlpi6U2Ko4ZA2IKiUwsKM0YO8J8DWhRnyggcv3jAxwLLY/cixu8OMeJ0 As0Uc5elBASO2dVyqKMQ8waVxQ/TB1t7jBxxoQ47OMJvytJ6HsL+0fkhUf4V7B84 tmJ1kK3WO7YkC9X7rLJoSUkVqc34vt0Xv4dkIEJ15CSAkqmUB47YKrAldwxmgRjq WhY6zVGtO2gUaCoqpfTJ3dxFebBocShsBTWqudUmhitRwsT4G/VfYn7VE9jdqAfb XKh4u2NZl/SwPITFMyv6C7HWxhdhHxPIsRiATJdh7/N2RktowFos8smedxTQgBAz pu4jUcD6XuJwqw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:04:28 2025 by rpki-client