This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft File: Th1cISsoF0fIw-xuhm4Vs5TFu98.mft (raw, json) Hash identifier: HllHmhREhvQB0bIln1MlnsnY8GGCiXKorD0bLRgMQdc= Subject key identifier: 6B:8C:DE:C8:69:EB:64:77:2C:EF:92:14:C3:DB:01:B6:67:03:82:7B Authority key identifier: 4E:1D:5C:21:2B:28:17:47:C8:C3:EC:6E:86:6E:15:B3:94:C5:BB:DF Certificate issuer: /CN=4e1d5c212b281747c8c3ec6e866e15b394c5bbdf Certificate serial: 019B202B488191DFDD1DFBB046AA4D92C963 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft Manifest number: 0EB1 Signing time: Mon 15 Dec 2025 04:01:05 +0000 Manifest this update: Mon 15 Dec 2025 04:01:05 +0000 Manifest next update: Tue 16 Dec 2025 04:01:05 +0000 Files and hashes: 1: Th1cISsoF0fIw-xuhm4Vs5TFu98.crl (hash: HMtd7exIR7005jCwtalcdEXkOxrJWgiZm7z1QKDQN28=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.crl rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 04:01:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:20:2b:48:81:91:df:dd:1d:fb:b0:46:aa:4d:92:c9:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4e1d5c212b281747c8c3ec6e866e15b394c5bbdf Validity Not Before: Dec 15 04:01:05 2025 GMT Not After : Dec 16 04:01:05 2025 GMT Subject: CN=6b8cdec869eb64772cef9214c3db01b66703827b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:f6:eb:f8:d1:b2:7c:dd:b5:bf:c8:e3:12:dd: 2b:84:6d:84:4e:8b:65:d8:99:1c:bd:e8:85:16:2d: ad:f9:3b:ca:be:e6:1f:bc:85:5d:32:df:5a:1d:89: aa:d7:d0:a2:39:53:d4:e5:4f:3e:9e:bb:6f:62:1d: f2:a6:cd:21:55:f3:fe:32:fd:39:55:63:10:0e:ad: 8b:5d:e8:4a:80:fd:9d:d6:45:fc:67:09:0f:88:92: 26:0d:2a:a2:95:b3:4a:3b:7b:bb:81:10:42:80:2e: 0e:23:11:49:20:a4:b9:81:83:d2:0f:35:c0:f5:d2: 46:d8:84:31:78:33:dc:8e:7c:bb:1d:a7:11:25:16: b4:b8:58:e6:55:c1:0e:e8:15:e6:40:4e:ed:3d:d2: 3a:2d:72:f2:14:92:03:4f:2f:6e:29:55:d5:98:7a: 49:59:5d:3a:d9:52:47:f4:4a:c1:13:40:f7:68:7a: 41:94:3a:30:cc:b3:e8:7f:16:5a:24:9f:61:61:a1: a1:23:cf:6c:bd:81:4e:96:8b:7c:88:e4:01:a0:10: 4d:7c:6a:08:27:f7:dc:59:3d:42:7e:70:a3:72:04: ce:5f:c4:57:e4:7b:86:a5:05:dc:a8:f6:98:20:c1: 82:ce:fc:39:11:46:a9:bb:5d:3f:19:29:fb:49:c2: 53:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:8C:DE:C8:69:EB:64:77:2C:EF:92:14:C3:DB:01:B6:67:03:82:7B X509v3 Authority Key Identifier: keyid:4E:1D:5C:21:2B:28:17:47:C8:C3:EC:6E:86:6E:15:B3:94:C5:BB:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3d:df:04:8f:ca:b1:d2:21:fd:fc:53:a5:17:95:13:c9:58:6c: fa:d1:19:ab:05:f0:f6:45:a0:a4:a1:1c:6a:34:34:e3:cf:7b: 67:aa:e7:15:7a:19:bd:be:de:3c:14:1b:9a:07:09:9b:9b:81: bd:3b:9b:ad:26:02:07:fa:97:2f:0c:66:38:27:81:e1:e2:f6: c2:ba:23:08:32:f8:c5:43:64:7a:ed:53:37:a6:f7:65:72:d0: 0e:bc:b3:53:d6:8d:8b:5e:54:73:06:a6:c9:7e:5d:33:43:7a: e9:96:ae:77:66:b2:38:e9:a1:47:18:bb:26:88:48:d7:4d:00: e6:ce:9a:4d:af:ae:d6:93:e1:24:d6:e1:41:01:ec:12:d2:39: 90:b3:9f:0f:d4:bb:bf:12:96:32:0e:69:d5:f2:6a:69:e1:98: a0:51:4d:87:d2:07:1f:81:9b:6b:df:92:86:e7:c2:84:2b:06: c3:69:9b:1c:52:23:b0:c1:ee:af:95:ff:90:8c:22:2c:94:f0: 16:01:96:56:98:0e:22:e2:e1:a0:36:2d:18:6a:d8:86:1f:cc: bf:eb:8c:7d:57:a0:ed:9f:1a:10:6d:b3:bb:76:e3:e4:e3:48: e5:52:a5:5d:8f:b4:49:3c:20:f5:31:ad:85:8c:b5:ca:c5:24: b8:f1:1b:42 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsgK0iBkd/dHfuwRqpNksljMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRlMWQ1YzIxMmIyODE3NDdjOGMzZWM2ZTg2NmUxNWIzOTRj NWJiZGYwHhcNMjUxMjE1MDQwMTA1WhcNMjUxMjE2MDQwMTA1WjAzMTEwLwYDVQQD Eyg2YjhjZGVjODY5ZWI2NDc3MmNlZjkyMTRjM2RiMDFiNjY3MDM4MjdiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4fbr+NGyfN21v8jjEt0rhG2ETotl 2JkcveiFFi2t+TvKvuYfvIVdMt9aHYmq19CiOVPU5U8+nrtvYh3yps0hVfP+Mv05 VWMQDq2LXehKgP2d1kX8ZwkPiJImDSqilbNKO3u7gRBCgC4OIxFJIKS5gYPSDzXA 9dJG2IQxeDPcjny7HacRJRa0uFjmVcEO6BXmQE7tPdI6LXLyFJIDTy9uKVXVmHpJ WV062VJH9ErBE0D3aHpBlDowzLPofxZaJJ9hYaGhI89svYFOlot8iOQBoBBNfGoI J/fcWT1CfnCjcgTOX8RX5HuGpQXcqPaYIMGCzvw5EUapu10/GSn7ScJTvQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGuM3shp62R3LO+SFMPbAbZnA4J7MB8GA1UdIwQY MBaAFE4dXCErKBdHyMPsboZuFbOUxbvfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8yNzc1MDMtODJlMy00YzE3LTk2OTkt NzEyZTI3NjFkYWY1LzEvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNi8yNzc1MDMtODJlMy00YzE3LTk2OTktNzEyZTI3NjFkYWY1 LzEvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPd8Ej8qx 0iH9/FOlF5UTyVhs+tEZqwXw9kWgpKEcajQ04897Z6rnFXoZvb7ePBQbmgcJm5uB vTubrSYCB/qXLwxmOCeB4eL2wrojCDL4xUNkeu1TN6b3ZXLQDryzU9aNi15Ucwam yX5dM0N66Zaud2ayOOmhRxi7JohI100A5s6aTa+u1pPhJNbhQQHsEtI5kLOfD9S7 vxKWMg5p1fJqaeGYoFFNh9IHH4Gba9+ShufChCsGw2mbHFIjsMHur5X/kIwiLJTw FgGWVpgOIuLhoDYtGGrYhh/Mv+uMfVeg7Z8aEG2zu3bj5ONI5VKlXY+0STwg9TGt hYy1ysUkuPEbQg== -----END CERTIFICATE-----Generated at Mon Dec 15 13:22:16 2025 by rpki-client