This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft File: gEFPcG9s0sh68PYGstE3a4a1-mY.mft (raw, json) Hash identifier: CUoh5kIpwW5Y0EJFzn8bxESHn1helX4s6q66WoJ3ryg= Subject key identifier: A4:83:EB:7A:81:18:1F:45:E3:22:48:15:6D:C9:A4:35:C3:00:54:15 Authority key identifier: 80:41:4F:70:6F:6C:D2:C8:7A:F0:F6:06:B2:D1:37:6B:86:B5:FA:66 Certificate issuer: /CN=80414f706f6cd2c87af0f606b2d1376b86b5fa66 Certificate serial: 019AF31C413FB207F0FA3CA9133F25DEFA77 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft Manifest number: 175F Signing time: Sat 06 Dec 2025 10:01:46 +0000 Manifest this update: Sat 06 Dec 2025 10:01:46 +0000 Manifest next update: Sun 07 Dec 2025 10:01:46 +0000 Files and hashes: 1: gEFPcG9s0sh68PYGstE3a4a1-mY.crl (hash: QPUu++HWE01qVIrUlZOogX1ijySRogHBM+3njvC5TVM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:41:3f:b2:07:f0:fa:3c:a9:13:3f:25:de:fa:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=80414f706f6cd2c87af0f606b2d1376b86b5fa66 Validity Not Before: Dec 6 10:01:46 2025 GMT Not After : Dec 7 10:01:46 2025 GMT Subject: CN=a483eb7a81181f45e32248156dc9a435c3005415 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:93:e0:24:82:9a:a9:c5:b2:85:e8:c2:f0:06: 3f:ac:ae:20:04:1c:e2:c3:57:51:2e:ca:c9:b1:88: c8:81:4f:d5:28:aa:fd:06:45:b7:fb:1b:07:1e:3b: 10:0f:b0:31:04:05:d3:9f:c9:a5:53:46:ad:f9:79: e5:4a:94:67:12:bf:58:f3:04:c6:50:3c:45:2d:85: 1c:0c:a7:17:30:29:a7:bd:c9:45:59:a9:7c:35:76: 16:de:f9:a5:3e:91:fa:3b:98:89:68:bb:2d:4f:0f: 01:a4:88:78:d9:15:b1:56:b4:54:1e:f7:16:92:d8: 30:bf:7a:13:79:a0:b0:a7:11:ab:45:8b:ea:8b:5b: bf:0e:04:5f:d7:4c:17:7d:a1:43:24:0a:9c:7c:37: 44:5a:91:e7:01:3d:56:aa:54:1e:08:f5:df:a5:fb: 10:13:7f:b2:57:c2:af:6f:4f:cf:34:dc:4b:c5:d5: e7:c8:6c:44:e5:ab:fa:79:38:b3:39:f8:9c:8c:26: 9e:96:c7:a5:db:5c:66:8d:e4:12:df:16:be:45:f7: 78:bf:2e:66:c8:02:61:23:20:7a:47:17:bc:29:3b: 2b:26:d6:aa:55:56:59:7d:34:94:18:1f:3f:59:0e: 3f:28:0c:2c:c7:a2:59:bf:b0:12:fd:63:d0:a7:ab: 9d:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:83:EB:7A:81:18:1F:45:E3:22:48:15:6D:C9:A4:35:C3:00:54:15 X509v3 Authority Key Identifier: keyid:80:41:4F:70:6F:6C:D2:C8:7A:F0:F6:06:B2:D1:37:6B:86:B5:FA:66 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gEFPcG9s0sh68PYGstE3a4a1-mY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/81e5bd-f7ab-4287-bbb5-6d856f84a813/1/gEFPcG9s0sh68PYGstE3a4a1-mY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1a:bf:1a:7a:88:37:02:a2:57:a2:80:24:15:ef:77:1e:b7:1e: 77:e7:68:96:12:6f:72:99:52:9b:9e:60:eb:5b:68:3b:88:72: 58:1b:55:58:c9:dd:d3:f7:7d:7f:2a:72:d2:11:ed:a3:e6:b4: 44:0a:0b:fb:a2:cb:d7:e6:7a:d3:55:9c:b3:f5:df:1f:0c:55: aa:10:27:97:22:38:59:ff:71:f2:d0:61:c8:cc:98:e7:08:ca: 4d:44:a1:8d:2f:fd:ac:85:f9:f2:45:d0:3d:5b:c4:bd:d8:37: 7b:63:b3:76:32:7f:f4:a2:1c:5b:e6:7a:eb:32:2c:30:b5:0d: af:6f:82:0f:16:57:e4:2a:00:01:56:b5:1e:d4:15:17:02:9f: 37:f1:98:c5:4f:2a:da:3f:b2:dd:03:98:0a:8e:48:16:1c:fc: 1f:e7:4e:88:ed:72:e9:17:88:c0:4b:29:14:a6:c8:e0:01:06: d6:36:ec:e6:2f:5b:e4:dd:2e:ca:62:c7:05:05:88:95:ab:09: 96:c0:6a:11:ca:87:fc:7e:c4:b1:32:63:9a:c9:87:25:9b:87: 0b:21:88:74:64:17:14:ac:8d:16:3a:7f:36:8a:4d:b9:89:8d: b1:55:b8:b6:37:13:c5:09:b1:ef:de:9d:24:a5:76:0d:cf:9c: c0:07:43:6a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHEE/sgfw+jypEz8l3vp3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgwNDE0ZjcwNmY2Y2QyYzg3YWYwZjYwNmIyZDEzNzZiODZi NWZhNjYwHhcNMjUxMjA2MTAwMTQ2WhcNMjUxMjA3MTAwMTQ2WjAzMTEwLwYDVQQD EyhhNDgzZWI3YTgxMTgxZjQ1ZTMyMjQ4MTU2ZGM5YTQzNWMzMDA1NDE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJPgJIKaqcWyhejC8AY/rK4gBBzi w1dRLsrJsYjIgU/VKKr9BkW3+xsHHjsQD7AxBAXTn8mlU0at+XnlSpRnEr9Y8wTG UDxFLYUcDKcXMCmnvclFWal8NXYW3vmlPpH6O5iJaLstTw8BpIh42RWxVrRUHvcW ktgwv3oTeaCwpxGrRYvqi1u/DgRf10wXfaFDJAqcfDdEWpHnAT1WqlQeCPXfpfsQ E3+yV8Kvb0/PNNxLxdXnyGxE5av6eTizOficjCaelsel21xmjeQS3xa+Rfd4vy5m yAJhIyB6Rxe8KTsrJtaqVVZZfTSUGB8/WQ4/KAwsx6JZv7AS/WPQp6udnwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKSD63qBGB9F4yJIFW3JpDXDAFQVMB8GA1UdIwQY MBaAFIBBT3BvbNLIevD2BrLRN2uGtfpmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy84MWU1YmQtZjdhYi00Mjg3LWJiYjUt NmQ4NTZmODRhODEzLzEvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy84MWU1YmQtZjdhYi00Mjg3LWJiYjUtNmQ4NTZmODRhODEz LzEvZ0VGUGNHOXMwc2g2OFBZR3N0RTNhNGExLW1ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGr8aeog3 AqJXooAkFe93Hrced+dolhJvcplSm55g61toO4hyWBtVWMnd0/d9fypy0hHto+a0 RAoL+6LL1+Z601Wcs/XfHwxVqhAnlyI4Wf9x8tBhyMyY5wjKTUShjS/9rIX58kXQ PVvEvdg3e2OzdjJ/9KIcW+Z66zIsMLUNr2+CDxZX5CoAAVa1HtQVFwKfN/GYxU8q 2j+y3QOYCo5IFhz8H+dOiO1y6ReIwEspFKbI4AEG1jbs5i9b5N0uymLHBQWIlasJ lsBqEcqH/H7EsTJjmsmHJZuHCyGIdGQXFKyNFjp/NopNuYmNsVW4tjcTxQmx796d JKV2Dc+cwAdDag== -----END CERTIFICATE-----Generated at Sat Dec 6 12:51:16 2025 by rpki-client