This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft File: gErnaxl1-0qMurIgcYnu0gIy_18.mft (raw, json) Hash identifier: c2f7wI+TDnmAhJmGVqbU6QXsx4p15J3P0yymY8mq0qk= Subject key identifier: 8A:DB:74:05:10:74:6B:68:D4:A4:EC:6B:A9:ED:D6:BB:58:84:E2:C4 Authority key identifier: 80:4A:E7:6B:19:75:FB:4A:8C:BA:B2:20:71:89:EE:D2:02:32:FF:5F Certificate issuer: /CN=804ae76b1975fb4a8cbab2207189eed20232ff5f Certificate serial: 019AF577ED7690A7F6573C68FBD0919E6A9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft Manifest number: 05A4 Signing time: Sat 06 Dec 2025 21:01:08 +0000 Manifest this update: Sat 06 Dec 2025 21:01:08 +0000 Manifest next update: Sun 07 Dec 2025 21:01:08 +0000 Files and hashes: 1: gErnaxl1-0qMurIgcYnu0gIy_18.crl (hash: zdYmQ5TDNNLht6woIZo7k7z2VPFjcAtW2HiTyFJQSrk=) 2: v3oDa-WSUoJp1kuV1a6fLuRGHQ0.roa (hash: Y4h5O4hQh1m1aEWNf7XMnqa6q5Txb+8pJ/1S7VkKt/4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:77:ed:76:90:a7:f6:57:3c:68:fb:d0:91:9e:6a:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=804ae76b1975fb4a8cbab2207189eed20232ff5f Validity Not Before: Dec 6 21:01:08 2025 GMT Not After : Dec 7 21:01:08 2025 GMT Subject: CN=8adb740510746b68d4a4ec6ba9edd6bb5884e2c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:40:73:77:9a:23:bc:5e:cc:da:95:26:95:8b: 2a:f3:d9:38:da:f7:b4:d4:fe:91:3a:27:6b:07:cf: 88:9d:f1:f0:6b:ac:15:1a:54:7c:7d:3e:64:a4:ac: d8:01:cc:d7:2c:bb:2a:ff:31:9c:1f:47:89:9a:6f: 3d:23:3f:3d:ef:98:40:02:b8:84:61:d4:b4:d3:6b: b3:7b:59:cc:94:0f:29:8b:70:45:f1:fb:49:f2:2d: fa:9c:d2:ea:91:c5:6d:3d:63:c2:cf:a4:64:09:e4: dc:7c:5b:91:71:84:b3:10:9d:f5:4a:42:e4:86:1d: db:e5:60:50:59:b8:9c:a9:ff:73:1b:0a:42:cf:32: 89:9a:bf:97:bd:ec:83:ca:88:5e:2b:96:c3:c9:81: 1b:63:ef:a8:1d:c4:a4:ba:8b:5b:9d:e4:57:6a:bf: ff:71:bd:00:e4:b5:ff:fb:86:1d:bd:81:c1:cb:fe: 46:39:74:1f:0f:b7:16:a8:44:6c:d0:d2:3f:9c:a8: 5c:1a:1b:78:24:a8:4a:5a:d4:62:f5:0f:0d:97:8d: 6f:99:b8:b9:a9:bb:9e:01:29:88:69:c8:bc:59:8d: f0:0b:db:f6:c7:da:4e:73:16:ff:c1:af:76:08:17: 36:7e:f3:d8:32:24:71:be:3e:bc:fd:60:91:59:34: 54:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:DB:74:05:10:74:6B:68:D4:A4:EC:6B:A9:ED:D6:BB:58:84:E2:C4 X509v3 Authority Key Identifier: keyid:80:4A:E7:6B:19:75:FB:4A:8C:BA:B2:20:71:89:EE:D2:02:32:FF:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:3e:91:28:33:a2:b8:97:ac:e9:30:82:1a:78:bd:5d:d6:76: 3c:09:09:b9:24:d3:e9:58:51:79:39:58:e6:90:5d:81:77:26: 9e:05:27:32:d6:ce:56:0b:bb:e2:b9:2b:13:11:59:eb:88:cb: 59:fd:3a:fd:16:e3:73:e2:13:cc:06:6d:d0:13:7d:d9:8b:11: 3c:41:48:d5:48:5b:57:17:13:41:36:20:ca:2a:06:84:7b:28: 24:d6:35:98:59:f6:04:d8:53:23:46:fe:34:c6:0b:73:87:27: 5e:3d:e9:dc:2e:72:f9:74:20:94:1b:24:9a:d6:ed:04:dd:f8: 32:df:dd:95:3e:38:64:63:e5:82:c2:f2:9c:6d:2f:d2:d7:38: 17:a3:13:aa:69:0a:8b:70:2a:9e:db:75:09:a6:bb:c1:45:4f: b0:03:3c:f2:3f:b6:20:c1:a0:f6:51:a4:61:df:3d:c6:e2:85: 52:55:72:48:c6:02:e7:67:e6:d0:53:01:ff:a2:ee:57:e0:9b: 8b:64:77:fb:19:da:b9:e2:7a:12:f0:d5:0c:88:79:17:c5:df: f1:7b:a7:01:03:d3:44:60:9a:30:01:51:97:98:67:6f:b3:e2: ab:80:70:92:0d:51:de:db:c8:e8:b9:e7:4a:db:4f:b3:9d:77: 64:f8:f5:1a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1d+12kKf2Vzxo+9CRnmqdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgwNGFlNzZiMTk3NWZiNGE4Y2JhYjIyMDcxODllZWQyMDIz MmZmNWYwHhcNMjUxMjA2MjEwMTA4WhcNMjUxMjA3MjEwMTA4WjAzMTEwLwYDVQQD Eyg4YWRiNzQwNTEwNzQ2YjY4ZDRhNGVjNmJhOWVkZDZiYjU4ODRlMmM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkBzd5ojvF7M2pUmlYsq89k42ve0 1P6ROidrB8+InfHwa6wVGlR8fT5kpKzYAczXLLsq/zGcH0eJmm89Iz8975hAAriE YdS002uze1nMlA8pi3BF8ftJ8i36nNLqkcVtPWPCz6RkCeTcfFuRcYSzEJ31SkLk hh3b5WBQWbicqf9zGwpCzzKJmr+XveyDyoheK5bDyYEbY++oHcSkuotbneRXar// cb0A5LX/+4YdvYHBy/5GOXQfD7cWqERs0NI/nKhcGht4JKhKWtRi9Q8Nl41vmbi5 qbueASmIaci8WY3wC9v2x9pOcxb/wa92CBc2fvPYMiRxvj68/WCRWTRUMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIrbdAUQdGto1KTsa6nt1rtYhOLEMB8GA1UdIwQY MBaAFIBK52sZdftKjLqyIHGJ7tICMv9fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82ODA5OTItMzhkYS00OThmLWEzNDkt OTQyMjcyOTNjODhlLzEvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC82ODA5OTItMzhkYS00OThmLWEzNDktOTQyMjcyOTNjODhl LzEvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfD6RKDOi uJes6TCCGni9XdZ2PAkJuSTT6VhReTlY5pBdgXcmngUnMtbOVgu74rkrExFZ64jL Wf06/Rbjc+ITzAZt0BN92YsRPEFI1UhbVxcTQTYgyioGhHsoJNY1mFn2BNhTI0b+ NMYLc4cnXj3p3C5y+XQglBskmtbtBN34Mt/dlT44ZGPlgsLynG0v0tc4F6MTqmkK i3Aqntt1Caa7wUVPsAM88j+2IMGg9lGkYd89xuKFUlVySMYC52fm0FMB/6LuV+Cb i2R3+xnaueJ6EvDVDIh5F8Xf8XunAQPTRGCaMAFRl5hnb7Piq4Bwkg1R3tvI6Lnn SttPs513ZPj1Gg== -----END CERTIFICATE-----Generated at Sun Dec 7 05:19:59 2025 by rpki-client