This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.mft File: g-3hynyzX11h-NWctQNumT6kO3A.mft (raw, json) Hash identifier: kAbAX7drVoLLI4HyjVpbSZ/Vcztn/cKpwjGHS8R40ek= Subject key identifier: 23:10:1A:6B:1A:42:2A:83:D7:1F:3E:BC:0E:2F:43:19:C9:3F:8C:6B Authority key identifier: 83:ED:E1:CA:7C:B3:5F:5D:61:F8:D5:9C:B5:03:6E:99:3E:A4:3B:70 Certificate issuer: /CN=83ede1ca7cb35f5d61f8d59cb5036e993ea43b70 Certificate serial: 019AF509D729C47B97B84DF0C76D9EE39339 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g-3hynyzX11h-NWctQNumT6kO3A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.mft Manifest number: 0F8A Signing time: Sat 06 Dec 2025 19:00:54 +0000 Manifest this update: Sat 06 Dec 2025 19:00:54 +0000 Manifest next update: Sun 07 Dec 2025 19:00:54 +0000 Files and hashes: 1: g-3hynyzX11h-NWctQNumT6kO3A.crl (hash: qGOCuuHWQt0uxtLadepi82vHyLKParOBC/Xyr96ooSA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.mft rsync://rpki.ripe.net/repository/DEFAULT/g-3hynyzX11h-NWctQNumT6kO3A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:09:d7:29:c4:7b:97:b8:4d:f0:c7:6d:9e:e3:93:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=83ede1ca7cb35f5d61f8d59cb5036e993ea43b70 Validity Not Before: Dec 6 19:00:54 2025 GMT Not After : Dec 7 19:00:54 2025 GMT Subject: CN=23101a6b1a422a83d71f3ebc0e2f4319c93f8c6b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:d8:15:50:01:7b:7e:36:f7:4e:63:49:df:f9: 33:1a:7c:0d:47:e0:5e:58:75:dc:ec:24:76:c5:0e: ce:50:af:12:ab:28:0a:ee:1a:89:e4:a7:22:60:8f: d8:07:d1:bd:f4:1f:01:34:62:d5:27:6d:2e:bd:82: 83:6f:7c:d0:a5:dc:5b:f5:66:e6:82:25:2e:6f:29: 4a:ea:43:ac:d1:73:43:44:1d:cb:e9:42:7b:5a:8f: d7:6f:50:d6:9f:d6:c4:1a:7a:5e:10:6a:d2:97:b3: 7d:53:be:de:d7:fb:e3:e2:84:41:49:86:24:c8:a1: 98:8c:15:7e:4f:84:a8:c8:42:51:a4:e5:01:e2:58: bb:4c:82:0f:fe:4b:c0:6e:34:6b:f5:a0:7e:ba:eb: 03:bd:2e:ed:43:d5:af:bc:29:ee:88:43:61:78:b6: 21:6a:1c:76:57:3d:a8:ac:72:c7:56:e0:4b:1c:58: 50:4d:9c:b8:20:e3:2d:87:15:0c:05:e7:cb:d5:1a: 07:cf:11:98:58:aa:d9:d0:cd:f8:4a:6c:eb:53:19: 67:81:b1:3e:78:c7:ee:a5:9f:c4:9c:f8:76:f4:09: 1f:df:83:94:c4:f5:c2:1c:d4:54:75:4c:fe:c3:09: 7e:bc:17:b3:e0:35:ef:3b:d4:23:cb:f5:fd:39:f4: 19:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:10:1A:6B:1A:42:2A:83:D7:1F:3E:BC:0E:2F:43:19:C9:3F:8C:6B X509v3 Authority Key Identifier: keyid:83:ED:E1:CA:7C:B3:5F:5D:61:F8:D5:9C:B5:03:6E:99:3E:A4:3B:70 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g-3hynyzX11h-NWctQNumT6kO3A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/f3eb19-85ee-487f-ad12-8b3660ed5ed0/1/g-3hynyzX11h-NWctQNumT6kO3A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 26:e9:b4:e7:11:83:25:f4:32:8b:ab:13:a5:8a:d8:bf:74:2d: 1d:28:06:95:11:06:84:cb:93:6e:a4:f4:8f:d6:15:85:06:44: e1:a2:ad:e1:4e:e9:e9:11:51:da:24:67:88:e8:ca:5b:c4:1d: 48:26:26:29:4c:86:d9:f2:c8:9e:b3:e0:bb:18:cd:26:3d:86: 29:d0:25:80:08:b5:56:2a:53:03:47:4f:37:fc:0a:6d:ee:28: 4e:e8:90:d8:b9:10:0a:89:74:8d:47:b7:cd:9c:2e:35:1b:9d: 48:82:93:0b:7a:7e:dc:da:17:cc:07:51:0f:0b:48:2d:ab:ca: 5d:fe:b5:be:b9:ac:d8:a8:75:de:ef:81:65:e3:51:2f:69:2f: f9:71:ec:97:ea:7e:78:cd:83:67:b5:bd:67:dc:b9:ea:33:4c: 29:24:dd:08:7e:94:1a:42:6a:fe:62:8a:55:6a:f0:54:a8:e4: c0:6b:ba:27:b6:55:9f:04:19:78:75:eb:32:36:62:e5:b8:0f: c7:51:14:77:f9:da:af:ad:88:a3:67:f1:27:08:4e:ec:7d:67: bf:a0:f2:44:9b:d3:8d:cf:23:41:c6:6b:19:19:61:3d:4a:4e: b9:91:01:3f:3b:73:08:78:b5:b9:95:8a:05:31:f8:a6:0f:ac: 6b:0e:23:55 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1CdcpxHuXuE3wx22e45M5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgzZWRlMWNhN2NiMzVmNWQ2MWY4ZDU5Y2I1MDM2ZTk5M2Vh NDNiNzAwHhcNMjUxMjA2MTkwMDU0WhcNMjUxMjA3MTkwMDU0WjAzMTEwLwYDVQQD EygyMzEwMWE2YjFhNDIyYTgzZDcxZjNlYmMwZTJmNDMxOWM5M2Y4YzZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9gVUAF7fjb3TmNJ3/kzGnwNR+Be WHXc7CR2xQ7OUK8SqygK7hqJ5KciYI/YB9G99B8BNGLVJ20uvYKDb3zQpdxb9Wbm giUubylK6kOs0XNDRB3L6UJ7Wo/Xb1DWn9bEGnpeEGrSl7N9U77e1/vj4oRBSYYk yKGYjBV+T4SoyEJRpOUB4li7TIIP/kvAbjRr9aB+uusDvS7tQ9WvvCnuiENheLYh ahx2Vz2orHLHVuBLHFhQTZy4IOMthxUMBefL1RoHzxGYWKrZ0M34SmzrUxlngbE+ eMfupZ/EnPh29Akf34OUxPXCHNRUdUz+wwl+vBez4DXvO9Qjy/X9OfQZQwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCMQGmsaQiqD1x8+vA4vQxnJP4xrMB8GA1UdIwQY MBaAFIPt4cp8s19dYfjVnLUDbpk+pDtwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZy0zaHlueXpYMTFoLU5XY3RRTnVtVDZrTzNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9mM2ViMTktODVlZS00ODdmLWFkMTIt OGIzNjYwZWQ1ZWQwLzEvZy0zaHlueXpYMTFoLU5XY3RRTnVtVDZrTzNBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi9mM2ViMTktODVlZS00ODdmLWFkMTItOGIzNjYwZWQ1ZWQw LzEvZy0zaHlueXpYMTFoLU5XY3RRTnVtVDZrTzNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJum05xGD JfQyi6sTpYrYv3QtHSgGlREGhMuTbqT0j9YVhQZE4aKt4U7p6RFR2iRniOjKW8Qd SCYmKUyG2fLInrPguxjNJj2GKdAlgAi1VipTA0dPN/wKbe4oTuiQ2LkQCol0jUe3 zZwuNRudSIKTC3p+3NoXzAdRDwtILavKXf61vrms2Kh13u+BZeNRL2kv+XHsl+p+ eM2DZ7W9Z9y56jNMKSTdCH6UGkJq/mKKVWrwVKjkwGu6J7ZVnwQZeHXrMjZi5bgP x1EUd/nar62Io2fxJwhO7H1nv6DyRJvTjc8jQcZrGRlhPUpOuZEBPztzCHi1uZWK BTH4pg+saw4jVQ== -----END CERTIFICATE-----Generated at Sun Dec 7 00:33:04 2025 by rpki-client