This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft File: ckWEKSHz0CDU2AReUrsQ_PV-r28.mft (raw, json) Hash identifier: 4gByPH/JfJh1BxnDlzqr09s8kpLqGWydqWVvn7c3Y60= Subject key identifier: ED:F0:32:AC:14:73:97:0A:DD:6C:ED:68:1F:3C:CE:4C:B2:E6:E0:D6 Authority key identifier: 72:45:84:29:21:F3:D0:20:D4:D8:04:5E:52:BB:10:FC:F5:7E:AF:6F Certificate issuer: /CN=7245842921f3d020d4d8045e52bb10fcf57eaf6f Certificate serial: 019B3344213033722037560EDEFA820BF0B1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft Manifest number: 10FF Signing time: Thu 18 Dec 2025 21:01:01 +0000 Manifest this update: Thu 18 Dec 2025 21:01:01 +0000 Manifest next update: Fri 19 Dec 2025 21:01:01 +0000 Files and hashes: 1: ckWEKSHz0CDU2AReUrsQ_PV-r28.crl (hash: xIzuEbb7AaDZHiB3VlvcD4PTgidTbI2Knjt10UYJ0Yc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.crl rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 21:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:44:21:30:33:72:20:37:56:0e:de:fa:82:0b:f0:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7245842921f3d020d4d8045e52bb10fcf57eaf6f Validity Not Before: Dec 18 21:01:01 2025 GMT Not After : Dec 19 21:01:01 2025 GMT Subject: CN=edf032ac1473970add6ced681f3cce4cb2e6e0d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:53:f3:ba:11:fc:62:5f:f3:e0:bc:cf:5b:31: 97:9e:7b:31:cb:6f:26:dd:90:b2:b5:fe:29:2c:9d: 42:c6:5e:0a:88:bd:c5:13:3c:dc:8d:58:a5:7c:68: 02:c6:01:b3:f1:98:5d:2d:86:39:ce:8b:4a:99:6c: f4:33:e5:13:77:75:87:31:5f:5e:01:ad:fd:f5:62: 6b:e2:8b:3c:d7:c0:19:2e:16:34:4f:a9:cb:63:a1: 4c:46:1e:1c:2e:5a:6f:d1:52:e1:e2:ca:2a:1b:18: ee:c0:28:43:bc:41:8b:3a:07:22:38:4f:f1:21:3d: e7:d5:a3:ba:60:72:c0:92:61:c7:bd:13:6d:4c:d9: 12:d0:f8:1d:94:3a:7a:f0:7b:71:78:9d:ab:d9:3a: 86:98:03:7d:4b:e9:de:e6:ec:87:76:83:5f:b7:34: 36:ab:4f:4d:49:b3:0c:c3:3e:7c:50:80:1d:4c:b4: 23:21:75:8a:da:ed:42:63:7a:66:f8:bf:c1:43:2b: b7:17:1d:cf:f1:37:c6:93:d0:7a:c8:fb:23:37:aa: fa:13:7d:34:8f:9a:3b:95:fc:c0:6c:39:67:3c:98: 90:1e:46:f2:8b:ea:cd:a4:4b:ee:68:4c:76:5c:53: ef:49:f7:32:6a:97:2d:53:e6:ca:42:08:b8:66:97: 30:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:F0:32:AC:14:73:97:0A:DD:6C:ED:68:1F:3C:CE:4C:B2:E6:E0:D6 X509v3 Authority Key Identifier: keyid:72:45:84:29:21:F3:D0:20:D4:D8:04:5E:52:BB:10:FC:F5:7E:AF:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3d:ae:df:fb:c6:eb:46:c1:9b:50:fa:21:75:41:6f:88:c2:ff: 89:d3:53:e4:87:04:01:c3:43:60:c8:8a:a6:d2:2a:51:81:81: 34:e8:dc:9b:eb:d7:c3:4c:39:56:d0:d5:f7:e9:00:5a:5a:d5: 84:7a:e1:d1:15:a3:fb:14:fe:37:47:90:5b:07:79:f5:74:5c: 6d:cf:34:56:b8:60:1c:23:a9:af:15:bb:ab:8c:52:b9:c5:ed: 1c:84:c7:14:6d:31:3b:66:62:11:68:fc:a3:4c:37:90:7f:5f: 03:10:89:93:fb:f9:4e:df:ee:bc:bd:6b:39:ff:38:1f:52:5d: 4e:51:ca:3b:2c:f0:24:4e:ac:05:bc:25:3e:bb:74:6a:6a:f6: b4:7e:cf:e9:1d:ee:6a:ef:38:19:e8:00:21:88:9e:b8:65:7d: db:80:09:bc:b2:af:e6:05:21:81:42:5f:a2:bd:af:be:57:41: 46:64:dc:26:89:4b:9d:4f:87:ec:8b:1b:c7:a0:23:47:80:39: a3:b7:94:b3:de:20:bf:ef:bb:81:51:8e:26:02:fd:ca:52:e1: 76:d6:00:49:41:bb:b8:a3:3a:aa:b9:8e:7d:17:d3:d6:d9:2f: 1c:d3:47:0a:37:0a:2c:a7:c0:7b:3e:9e:36:a9:29:59:77:56: 9a:00:71:34 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszRCEwM3IgN1YO3vqCC/CxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyNDU4NDI5MjFmM2QwMjBkNGQ4MDQ1ZTUyYmIxMGZjZjU3 ZWFmNmYwHhcNMjUxMjE4MjEwMTAxWhcNMjUxMjE5MjEwMTAxWjAzMTEwLwYDVQQD EyhlZGYwMzJhYzE0NzM5NzBhZGQ2Y2VkNjgxZjNjY2U0Y2IyZTZlMGQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlPzuhH8Yl/z4LzPWzGXnnsxy28m 3ZCytf4pLJ1Cxl4KiL3FEzzcjVilfGgCxgGz8ZhdLYY5zotKmWz0M+UTd3WHMV9e Aa399WJr4os818AZLhY0T6nLY6FMRh4cLlpv0VLh4soqGxjuwChDvEGLOgciOE/x IT3n1aO6YHLAkmHHvRNtTNkS0PgdlDp68HtxeJ2r2TqGmAN9S+ne5uyHdoNftzQ2 q09NSbMMwz58UIAdTLQjIXWK2u1CY3pm+L/BQyu3Fx3P8TfGk9B6yPsjN6r6E300 j5o7lfzAbDlnPJiQHkbyi+rNpEvuaEx2XFPvSfcyapctU+bKQgi4ZpcwqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO3wMqwUc5cK3WztaB88zkyy5uDWMB8GA1UdIwQY MBaAFHJFhCkh89Ag1NgEXlK7EPz1fq9vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS83MWY0MjItZTA5Mi00MTg5LThkM2Mt OGUyNThlZmVkZmZhLzEvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS83MWY0MjItZTA5Mi00MTg5LThkM2MtOGUyNThlZmVkZmZh LzEvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPa7f+8br RsGbUPohdUFviML/idNT5IcEAcNDYMiKptIqUYGBNOjcm+vXw0w5VtDV9+kAWlrV hHrh0RWj+xT+N0eQWwd59XRcbc80VrhgHCOprxW7q4xSucXtHITHFG0xO2ZiEWj8 o0w3kH9fAxCJk/v5Tt/uvL1rOf84H1JdTlHKOyzwJE6sBbwlPrt0amr2tH7P6R3u au84GegAIYieuGV924AJvLKv5gUhgUJfor2vvldBRmTcJolLnU+H7Isbx6AjR4A5 o7eUs94gv++7gVGOJgL9ylLhdtYASUG7uKM6qrmOfRfT1tkvHNNHCjcKLKfAez6e NqkpWXdWmgBxNA== -----END CERTIFICATE-----Generated at Fri Dec 19 03:45:55 2025 by rpki-client