This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.mft File: _x2DMuEYqaIYfqtYhCedZYDxGfc.mft (raw, json) Hash identifier: ImTCPkoRYsV28SRsfoqYqP7LieMQxTOO3mMGYSCD0Ys= Subject key identifier: 73:C4:CA:22:79:BE:D4:9E:57:0D:CF:61:33:DE:97:2A:B7:D6:A5:00 Authority key identifier: FF:1D:83:32:E1:18:A9:A2:18:7E:AB:58:84:27:9D:65:80:F1:19:F7 Certificate issuer: /CN=ff1d8332e118a9a2187eab5884279d6580f119f7 Certificate serial: 019B356933E05A7B5F433056B188698E358D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_x2DMuEYqaIYfqtYhCedZYDxGfc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.mft Manifest number: 05DE Signing time: Fri 19 Dec 2025 07:00:45 +0000 Manifest this update: Fri 19 Dec 2025 07:00:45 +0000 Manifest next update: Sat 20 Dec 2025 07:00:45 +0000 Files and hashes: 1: _x2DMuEYqaIYfqtYhCedZYDxGfc.crl (hash: TIkJJZE7+vR/MXHmzSFL5nUAhevGFJfGBfWkGaxWslM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.mft rsync://rpki.ripe.net/repository/DEFAULT/_x2DMuEYqaIYfqtYhCedZYDxGfc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:69:33:e0:5a:7b:5f:43:30:56:b1:88:69:8e:35:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ff1d8332e118a9a2187eab5884279d6580f119f7 Validity Not Before: Dec 19 07:00:45 2025 GMT Not After : Dec 20 07:00:45 2025 GMT Subject: CN=73c4ca2279bed49e570dcf6133de972ab7d6a500 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:1d:7c:08:02:9d:52:12:5e:d6:b5:55:8b:19: 79:9d:b6:7a:b6:6f:7b:04:ff:27:e2:d0:2c:ef:35: 6a:52:eb:e6:2c:23:ee:72:86:d3:4b:8f:71:25:3a: 90:50:ca:d3:2c:4a:f0:7e:32:a0:3c:c9:c0:52:25: 06:85:65:10:5b:3b:b5:54:4e:3d:c6:76:de:c7:db: 1e:48:4a:78:1f:00:84:2f:02:2c:8f:01:92:a1:5a: b3:19:fe:b2:31:f9:45:28:da:0f:82:a1:51:10:93: 9d:34:83:2c:bf:76:16:ea:6c:e4:71:81:47:e5:14: 92:cc:0b:8f:d9:54:c9:d2:13:f0:06:1b:cd:60:c0: 4f:55:13:a7:f0:f3:4b:9b:d0:8e:4c:70:1e:73:48: 78:fb:a7:18:8a:5f:e2:ba:eb:f9:35:24:54:1f:a3: ad:02:9f:32:d9:33:81:39:e2:b2:b8:2e:1b:fd:ac: 70:91:b7:c6:c9:1d:4d:3a:a2:66:9d:43:47:6e:8c: 35:09:69:43:1a:59:d4:0f:fe:66:86:dd:4f:ee:4f: 4b:19:8d:f8:32:1e:77:89:9c:27:d6:8f:87:99:31: 1b:68:26:5e:c5:c0:ee:41:b4:95:32:7a:1d:0a:44: b8:b7:d2:f8:3e:6a:1e:0c:18:31:31:bb:37:4f:76: 7c:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:C4:CA:22:79:BE:D4:9E:57:0D:CF:61:33:DE:97:2A:B7:D6:A5:00 X509v3 Authority Key Identifier: keyid:FF:1D:83:32:E1:18:A9:A2:18:7E:AB:58:84:27:9D:65:80:F1:19:F7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_x2DMuEYqaIYfqtYhCedZYDxGfc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9b:4d:06:47:57:93:16:bd:7b:ea:c8:4f:f8:66:a5:aa:5c:0b: 80:34:5e:7c:2d:ae:40:a1:8c:0f:21:64:a4:6c:29:2c:d1:ca: f6:40:e5:ed:ec:6f:3b:2c:16:32:db:64:cf:dd:a1:8a:e8:38: 49:92:f1:9d:48:9f:b0:8b:f5:80:0b:a2:91:07:a1:d1:70:84: 99:07:ed:ad:a6:16:b4:eb:18:28:8a:f6:c5:90:03:08:78:e0: 82:46:6b:f1:da:05:fd:e6:4e:60:a4:cd:f2:1e:93:fc:6c:2f: 00:41:de:cc:2e:b8:ff:02:24:25:f8:cc:1e:bc:ed:76:52:42: d1:14:6a:48:89:59:92:21:f5:39:e1:76:3b:f4:24:e3:6d:a3: ea:f1:05:80:16:93:0d:96:10:86:32:85:84:7c:73:32:d0:22: 51:0a:7c:fe:c8:6d:65:92:13:5e:09:1b:99:66:4d:e2:c2:89: a1:56:58:27:cb:d3:2f:ba:40:15:7a:88:53:7d:4b:62:c1:4d: 4d:ce:da:c3:c1:1d:b2:50:fd:e6:02:4f:98:d1:80:f4:e3:83: 95:59:77:b7:e8:70:af:7b:94:15:24:5c:e6:74:f0:7a:24:06: 05:3e:be:24:9c:9d:5d:14:b0:b2:12:a9:8d:13:23:e0:5d:6a: 15:4d:38:b3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs1aTPgWntfQzBWsYhpjjWNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmMWQ4MzMyZTExOGE5YTIxODdlYWI1ODg0Mjc5ZDY1ODBm MTE5ZjcwHhcNMjUxMjE5MDcwMDQ1WhcNMjUxMjIwMDcwMDQ1WjAzMTEwLwYDVQQD Eyg3M2M0Y2EyMjc5YmVkNDllNTcwZGNmNjEzM2RlOTcyYWI3ZDZhNTAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsx18CAKdUhJe1rVVixl5nbZ6tm97 BP8n4tAs7zVqUuvmLCPucobTS49xJTqQUMrTLErwfjKgPMnAUiUGhWUQWzu1VE49 xnbex9seSEp4HwCELwIsjwGSoVqzGf6yMflFKNoPgqFREJOdNIMsv3YW6mzkcYFH 5RSSzAuP2VTJ0hPwBhvNYMBPVROn8PNLm9COTHAec0h4+6cYil/iuuv5NSRUH6Ot Ap8y2TOBOeKyuC4b/axwkbfGyR1NOqJmnUNHbow1CWlDGlnUD/5mht1P7k9LGY34 Mh53iZwn1o+HmTEbaCZexcDuQbSVMnodCkS4t9L4PmoeDBgxMbs3T3Z8UQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHPEyiJ5vtSeVw3PYTPelyq31qUAMB8GA1UdIwQY MBaAFP8dgzLhGKmiGH6rWIQnnWWA8Rn3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX3gyRE11RVlxYUlZZnF0WWhDZWRaWUR4R2ZjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hYWM2YmUtMTg1NS00ODRiLTgwMjUt ZGVhMzBlY2I3MzZkLzEvX3gyRE11RVlxYUlZZnF0WWhDZWRaWUR4R2ZjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC9hYWM2YmUtMTg1NS00ODRiLTgwMjUtZGVhMzBlY2I3MzZk LzEvX3gyRE11RVlxYUlZZnF0WWhDZWRaWUR4R2ZjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm00GR1eT Fr176shP+GalqlwLgDRefC2uQKGMDyFkpGwpLNHK9kDl7exvOywWMttkz92hiug4 SZLxnUifsIv1gAuikQeh0XCEmQftraYWtOsYKIr2xZADCHjggkZr8doF/eZOYKTN 8h6T/GwvAEHezC64/wIkJfjMHrztdlJC0RRqSIlZkiH1OeF2O/Qk422j6vEFgBaT DZYQhjKFhHxzMtAiUQp8/shtZZITXgkbmWZN4sKJoVZYJ8vTL7pAFXqIU31LYsFN Tc7aw8EdslD95gJPmNGA9OODlVl3t+hwr3uUFSRc5nTweiQGBT6+JJydXRSwshKp jRMj4F1qFU04sw== -----END CERTIFICATE-----Generated at Fri Dec 19 09:15:44 2025 by rpki-client