This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft File: G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft (raw, json) Hash identifier: 3SL9O9FW/3TvYpMoyK6BIKbtT9N5FmHgVj9qBdaLfqA= Subject key identifier: 67:69:56:51:C1:E5:82:82:AA:89:70:5A:0B:98:90:7F:14:05:12:E8 Authority key identifier: 1B:F9:2C:29:94:FF:B5:35:7F:8D:C4:62:79:BD:D9:9B:E3:A5:6C:BD Certificate issuer: /CN=1bf92c2994ffb5357f8dc46279bdd99be3a56cbd Certificate serial: 019AF31B499572F8BB3DB8F1149B92D5D723 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft Manifest number: 0EFA Signing time: Sat 06 Dec 2025 10:00:43 +0000 Manifest this update: Sat 06 Dec 2025 10:00:43 +0000 Manifest next update: Sun 07 Dec 2025 10:00:43 +0000 Files and hashes: 1: G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl (hash: gO8IkkRFn/t+BxM6qoUuBkoyVWhJqvWGJaFQ+NE0m4w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:49:95:72:f8:bb:3d:b8:f1:14:9b:92:d5:d7:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1bf92c2994ffb5357f8dc46279bdd99be3a56cbd Validity Not Before: Dec 6 10:00:43 2025 GMT Not After : Dec 7 10:00:43 2025 GMT Subject: CN=67695651c1e58282aa89705a0b98907f140512e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:cb:2b:ba:88:df:cf:1b:36:04:f4:0f:4d:82: e0:48:78:46:52:2b:e8:b1:fb:21:cb:5f:76:07:06: 52:a7:60:0f:30:5b:22:3d:6b:61:5c:55:7c:87:45: 81:ee:ad:32:a1:7d:14:5d:75:85:3e:08:24:01:e4: 8b:47:90:ec:32:3a:fd:0e:2e:cc:87:cd:da:1b:f4: d0:9f:ae:11:5a:53:1e:07:6a:38:84:e1:49:63:e2: c8:f6:f8:cf:f9:5d:b3:e2:b0:f2:2e:bf:3c:56:f6: 04:4e:bb:52:51:0c:59:3a:68:49:95:f6:cc:6a:6d: dd:ae:cf:0e:76:e1:52:b2:7f:d6:2b:39:b7:6c:50: 5f:32:23:97:0a:9d:66:96:a3:b6:3c:be:a3:24:d1: 16:4d:fb:15:67:e1:99:3e:b7:0f:b3:36:a6:ba:18: 45:df:c3:9e:c3:3f:e1:46:78:21:b7:c0:b6:36:9c: 90:8b:52:d7:46:a3:4d:11:33:bd:da:c5:af:02:d4: 70:34:72:c6:9b:db:90:45:5f:ee:9e:45:a8:94:86: 2e:d1:81:72:2b:d4:57:15:dd:b4:62:09:70:4f:54: 07:70:58:ef:60:27:e8:d3:34:03:4e:f2:d0:60:52: 11:8f:7f:16:17:48:61:be:9f:28:32:01:46:a6:45: 98:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:69:56:51:C1:E5:82:82:AA:89:70:5A:0B:98:90:7F:14:05:12:E8 X509v3 Authority Key Identifier: keyid:1B:F9:2C:29:94:FF:B5:35:7F:8D:C4:62:79:BD:D9:9B:E3:A5:6C:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_ksKZT_tTV_jcRieb3Zm-OlbL0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/7f7361-b1e6-4019-ad63-2005994df471/1/G_ksKZT_tTV_jcRieb3Zm-OlbL0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c8:94:d0:fb:68:11:37:e9:93:f2:bb:af:ad:e8:6c:41:37:3e: ce:67:94:f7:84:a5:50:89:e1:6f:49:1d:db:7c:b4:ff:49:c1: 08:eb:72:6c:f4:ac:62:db:0d:92:b2:b9:52:80:d4:50:01:e8: 4d:59:34:70:22:e9:33:47:d6:e3:61:74:a9:dc:cc:e8:8b:c9: fa:75:93:ea:86:31:fe:6d:e8:c6:39:7b:ac:df:53:f7:5f:3f: 41:fb:1b:2b:a7:90:5d:5c:f2:94:60:86:7f:19:8d:72:65:75: ee:68:bd:c7:97:07:ab:4e:f6:09:cb:43:ae:eb:57:f9:38:0d: 24:b6:9d:95:fb:26:3b:84:b9:ec:ca:6b:3e:ba:86:a2:e4:58: 32:b9:de:a3:5e:9e:b4:d2:70:e9:b0:7e:55:da:9a:e3:a2:f8: 48:e2:a6:33:1e:fe:23:f1:2d:94:00:97:6d:5b:e0:19:ba:2d: cc:9e:5b:70:80:f7:40:48:12:ee:cd:49:1b:cb:0f:44:92:ba: 73:69:a8:c2:c3:49:24:c7:dc:23:f5:e5:c9:42:17:86:0c:40: eb:d7:44:3a:6d:ba:57:bb:7b:7b:fa:99:d8:1d:02:74:90:ef: db:ac:87:a3:25:05:18:92:29:b7:22:5a:78:9b:55:50:37:01: c4:a5:c2:68 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG0mVcvi7PbjxFJuS1dcjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiZjkyYzI5OTRmZmI1MzU3ZjhkYzQ2Mjc5YmRkOTliZTNh NTZjYmQwHhcNMjUxMjA2MTAwMDQzWhcNMjUxMjA3MTAwMDQzWjAzMTEwLwYDVQQD Eyg2NzY5NTY1MWMxZTU4MjgyYWE4OTcwNWEwYjk4OTA3ZjE0MDUxMmU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMsruojfzxs2BPQPTYLgSHhGUivo sfshy192BwZSp2APMFsiPWthXFV8h0WB7q0yoX0UXXWFPggkAeSLR5DsMjr9Di7M h83aG/TQn64RWlMeB2o4hOFJY+LI9vjP+V2z4rDyLr88VvYETrtSUQxZOmhJlfbM am3drs8OduFSsn/WKzm3bFBfMiOXCp1mlqO2PL6jJNEWTfsVZ+GZPrcPszamuhhF 38Oewz/hRnght8C2NpyQi1LXRqNNETO92sWvAtRwNHLGm9uQRV/unkWolIYu0YFy K9RXFd20YglwT1QHcFjvYCfo0zQDTvLQYFIRj38WF0hhvp8oMgFGpkWY+wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGdpVlHB5YKCqolwWguYkH8UBRLoMB8GA1UdIwQY MBaAFBv5LCmU/7U1f43EYnm92ZvjpWy9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ZjczNjEtYjFlNi00MDE5LWFkNjMt MjAwNTk5NGRmNDcxLzEvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMS83ZjczNjEtYjFlNi00MDE5LWFkNjMtMjAwNTk5NGRmNDcx LzEvR19rc0taVF90VFZfamNSaWViM1ptLU9sYkwwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyJTQ+2gR N+mT8ruvrehsQTc+zmeU94SlUInhb0kd23y0/0nBCOtybPSsYtsNkrK5UoDUUAHo TVk0cCLpM0fW42F0qdzM6IvJ+nWT6oYx/m3oxjl7rN9T918/QfsbK6eQXVzylGCG fxmNcmV17mi9x5cHq072CctDrutX+TgNJLadlfsmO4S57MprPrqGouRYMrneo16e tNJw6bB+Vdqa46L4SOKmMx7+I/EtlACXbVvgGbotzJ5bcID3QEgS7s1JG8sPRJK6 c2mowsNJJMfcI/XlyUIXhgxA69dEOm26V7t7e/qZ2B0CdJDv26yHoyUFGJIptyJa eJtVUDcBxKXCaA== -----END CERTIFICATE-----Generated at Sat Dec 6 16:44:11 2025 by rpki-client