This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.mft File: pL9-XCjULmcUGeYsMmBJ5cedSOA.mft (raw, json) Hash identifier: A38/lLYKw7sGMxPwwFfZKJzussP6EnglLuZ+Ep5bdDw= Subject key identifier: AC:7C:08:01:96:41:80:B0:B9:CD:33:A7:00:1D:4D:F4:5E:79:23:0D Authority key identifier: A4:BF:7E:5C:28:D4:2E:67:14:19:E6:2C:32:60:49:E5:C7:9D:48:E0 Certificate issuer: /CN=a4bf7e5c28d42e671419e62c326049e5c79d48e0 Certificate serial: 019B5908145C598099E385062A5DB5DA594E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pL9-XCjULmcUGeYsMmBJ5cedSOA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.mft Manifest number: 019F Signing time: Fri 26 Dec 2025 05:01:00 +0000 Manifest this update: Fri 26 Dec 2025 05:01:00 +0000 Manifest next update: Sat 27 Dec 2025 05:01:00 +0000 Files and hashes: 1: pL9-XCjULmcUGeYsMmBJ5cedSOA.crl (hash: 2AvN+UmwRO7GvFqrKHdiFgAyPKAhxoeMGTorKgzqAkc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.crl rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.mft rsync://rpki.ripe.net/repository/DEFAULT/pL9-XCjULmcUGeYsMmBJ5cedSOA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 05:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:08:14:5c:59:80:99:e3:85:06:2a:5d:b5:da:59:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a4bf7e5c28d42e671419e62c326049e5c79d48e0 Validity Not Before: Dec 26 05:01:00 2025 GMT Not After : Dec 27 05:01:00 2025 GMT Subject: CN=ac7c0801964180b0b9cd33a7001d4df45e79230d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:af:e1:52:ad:66:ef:0c:26:5c:9f:5a:88:9b: 72:1b:8a:68:29:9c:2d:7c:81:fb:cf:20:b3:8b:f5: e8:cb:de:43:14:a4:db:8f:e1:75:b9:bc:59:e1:3f: c9:95:9a:69:b8:e8:4a:f8:8e:96:76:1d:e4:96:89: 78:18:83:76:09:01:21:32:9d:e2:51:b0:e8:9c:cf: 46:a9:0a:98:c5:f4:c0:10:f6:95:53:fc:56:68:17: 0d:26:fa:bb:f3:9f:79:54:05:1a:75:d7:37:1c:f1: c9:35:f5:5b:c2:40:ea:b8:9c:b1:a0:90:fa:79:d2: 01:d4:fb:3b:5c:1a:4a:64:75:2b:99:a8:14:67:1c: c8:26:46:9c:43:12:18:ea:bc:81:a7:c3:5a:06:16: 09:00:0e:57:5f:7e:65:66:1c:70:3a:84:3c:4e:28: bb:f6:cd:99:88:e7:eb:6d:f6:07:05:de:a8:cd:82: 7a:dd:a8:78:7f:f6:41:d9:ef:73:53:31:be:b5:7d: 04:e1:28:9b:35:0e:40:f4:ed:18:12:ca:49:4d:8f: 37:1c:28:a7:20:3e:d3:32:92:8d:b9:c0:02:75:fd: d2:4e:44:34:94:02:4c:89:a9:8c:79:a1:b0:68:69: ed:4b:96:48:5b:c9:5a:43:30:d7:ab:d0:2f:58:c0: 42:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:7C:08:01:96:41:80:B0:B9:CD:33:A7:00:1D:4D:F4:5E:79:23:0D X509v3 Authority Key Identifier: keyid:A4:BF:7E:5C:28:D4:2E:67:14:19:E6:2C:32:60:49:E5:C7:9D:48:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pL9-XCjULmcUGeYsMmBJ5cedSOA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/4ef8b4-7e06-4768-b47a-970fb0e44c47/1/pL9-XCjULmcUGeYsMmBJ5cedSOA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:3c:25:dd:5a:ab:cb:67:e7:57:bf:95:7a:d4:74:5a:cf:b6: 76:76:68:b3:8e:8a:1b:29:90:4b:0e:d1:ca:39:f7:f0:c4:99: ea:e6:49:d8:b3:3d:d5:8f:e2:0e:93:12:9b:fb:e3:2f:29:d3: 1b:1d:37:d2:44:a2:a0:bb:98:8e:20:7c:a1:f0:0c:9e:dd:73: 16:33:77:10:45:ec:f7:f2:f9:32:4a:a7:e2:3a:36:e4:86:9f: 94:22:c3:c8:f5:96:5d:4b:f9:23:10:e6:5a:59:a4:09:6f:ee: b8:29:c9:76:9f:71:4c:b4:d7:81:d3:62:c2:37:2d:ef:38:c6: 14:bf:be:53:db:22:aa:4d:8c:8c:b9:7b:27:87:40:8a:07:e3: 31:dd:6a:65:ce:ae:5d:23:9f:f4:59:64:d7:c1:55:4d:05:42: 99:b2:26:c3:b2:81:73:21:66:03:94:56:e6:ed:8e:c1:62:d2: 14:83:d6:2e:0c:9e:26:6f:5a:45:d9:fe:00:6d:74:df:92:b8: 2a:74:54:ee:0b:8c:1c:3d:2b:b2:3f:42:cd:1b:42:ef:07:4e: 5a:a6:6c:48:8a:fa:23:12:cc:5c:59:7b:ac:66:5c:3e:b9:c7: 88:fc:bc:a8:a8:e5:76:f8:f6:b5:43:c9:56:43:c0:56:07:e7: 5a:ca:ee:af -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZCBRcWYCZ44UGKl212llOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE0YmY3ZTVjMjhkNDJlNjcxNDE5ZTYyYzMyNjA0OWU1Yzc5 ZDQ4ZTAwHhcNMjUxMjI2MDUwMTAwWhcNMjUxMjI3MDUwMTAwWjAzMTEwLwYDVQQD EyhhYzdjMDgwMTk2NDE4MGIwYjljZDMzYTcwMDFkNGRmNDVlNzkyMzBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxK/hUq1m7wwmXJ9aiJtyG4poKZwt fIH7zyCzi/Xoy95DFKTbj+F1ubxZ4T/JlZppuOhK+I6Wdh3klol4GIN2CQEhMp3i UbDonM9GqQqYxfTAEPaVU/xWaBcNJvq78595VAUaddc3HPHJNfVbwkDquJyxoJD6 edIB1Ps7XBpKZHUrmagUZxzIJkacQxIY6ryBp8NaBhYJAA5XX35lZhxwOoQ8Tii7 9s2ZiOfrbfYHBd6ozYJ63ah4f/ZB2e9zUzG+tX0E4SibNQ5A9O0YEspJTY83HCin ID7TMpKNucACdf3STkQ0lAJMiamMeaGwaGntS5ZIW8laQzDXq9AvWMBCQQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKx8CAGWQYCwuc0zpwAdTfReeSMNMB8GA1UdIwQY MBaAFKS/flwo1C5nFBnmLDJgSeXHnUjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcEw5LVhDalVMbWNVR2VZc01tQko1Y2VkU09BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS80ZWY4YjQtN2UwNi00NzY4LWI0N2Et OTcwZmIwZTQ0YzQ3LzEvcEw5LVhDalVMbWNVR2VZc01tQko1Y2VkU09BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYS80ZWY4YjQtN2UwNi00NzY4LWI0N2EtOTcwZmIwZTQ0YzQ3 LzEvcEw5LVhDalVMbWNVR2VZc01tQko1Y2VkU09BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQzwl3Vqr y2fnV7+VetR0Ws+2dnZos46KGymQSw7Ryjn38MSZ6uZJ2LM91Y/iDpMSm/vjLynT Gx030kSioLuYjiB8ofAMnt1zFjN3EEXs9/L5Mkqn4jo25IaflCLDyPWWXUv5IxDm WlmkCW/uuCnJdp9xTLTXgdNiwjct7zjGFL++U9siqk2MjLl7J4dAigfjMd1qZc6u XSOf9Flk18FVTQVCmbImw7KBcyFmA5RW5u2OwWLSFIPWLgyeJm9aRdn+AG1035K4 KnRU7guMHD0rsj9CzRtC7wdOWqZsSIr6IxLMXFl7rGZcPrnHiPy8qKjldvj2tUPJ VkPAVgfnWsrurw== -----END CERTIFICATE-----Generated at Fri Dec 26 14:06:12 2025 by rpki-client