This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.mft File: _1VJGZMcZ70mUPxODHPC-z4ijZU.mft (raw, json) Hash identifier: UgaTxtyscHjdOwONAZgqsJX0T+FdhyucjoMGkjBVc8M= Subject key identifier: DE:B7:C8:F6:DA:5E:97:1A:C3:E6:53:9C:71:07:9D:7F:79:33:7E:0C Authority key identifier: FF:55:49:19:93:1C:67:BD:26:50:FC:4E:0C:73:C2:FB:3E:22:8D:95 Certificate issuer: /CN=ff554919931c67bd2650fc4e0c73c2fb3e228d95 Certificate serial: 019B3757DA4DD3A66B252E904EC4DBC28ABE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_1VJGZMcZ70mUPxODHPC-z4ijZU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.mft Manifest number: 1780 Signing time: Fri 19 Dec 2025 16:01:02 +0000 Manifest this update: Fri 19 Dec 2025 16:01:02 +0000 Manifest next update: Sat 20 Dec 2025 16:01:02 +0000 Files and hashes: 1: _1VJGZMcZ70mUPxODHPC-z4ijZU.crl (hash: jaQ9mpQtS/Xi8B9aRMy91P8FeP+HG2pnB0f5SvUEzJo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.crl rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.mft rsync://rpki.ripe.net/repository/DEFAULT/_1VJGZMcZ70mUPxODHPC-z4ijZU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:37:57:da:4d:d3:a6:6b:25:2e:90:4e:c4:db:c2:8a:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ff554919931c67bd2650fc4e0c73c2fb3e228d95 Validity Not Before: Dec 19 16:01:02 2025 GMT Not After : Dec 20 16:01:02 2025 GMT Subject: CN=deb7c8f6da5e971ac3e6539c71079d7f79337e0c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:c4:2b:24:60:6f:ff:c2:f0:75:72:99:bc:73: 36:aa:70:85:31:13:b0:8c:37:4e:05:4e:68:85:0e: bb:25:45:6e:7c:ab:b9:00:a0:d8:84:32:3b:35:32: d5:68:bb:13:6c:85:bd:2f:0a:49:c3:ad:48:d2:1c: 32:77:f5:00:52:3c:3d:41:06:f5:89:d9:a2:dd:ff: d3:93:14:7b:bd:48:38:20:3f:ff:38:1b:ef:21:c3: ad:ff:81:b4:59:a4:45:14:46:93:06:2c:51:03:39: 99:2f:f7:3d:7f:93:6a:84:91:45:87:90:41:82:8a: cb:99:19:f2:ea:98:50:97:9b:33:9e:17:23:a0:7b: 56:31:2a:07:ff:14:69:e5:30:e0:28:b8:dc:e7:14: ec:52:4e:54:e5:27:38:a2:e4:c7:80:5e:5b:35:98: 5a:20:70:e7:6e:b5:3f:03:be:64:dc:99:17:fd:db: c4:32:3a:01:7f:0b:2c:c4:a8:fc:d1:7a:89:13:44: 92:0f:d6:ca:47:35:65:56:41:89:fa:c3:42:04:2c: 98:6e:97:3e:1c:d5:4b:4b:ff:85:52:77:36:a3:f2: 4b:db:08:67:d5:b0:7b:0a:04:60:13:01:37:ec:f8: da:34:a4:89:1e:a1:55:00:ab:72:6b:cc:a8:54:0a: 68:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:B7:C8:F6:DA:5E:97:1A:C3:E6:53:9C:71:07:9D:7F:79:33:7E:0C X509v3 Authority Key Identifier: keyid:FF:55:49:19:93:1C:67:BD:26:50:FC:4E:0C:73:C2:FB:3E:22:8D:95 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_1VJGZMcZ70mUPxODHPC-z4ijZU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 94:66:e2:13:e7:c4:c0:70:a4:e4:34:8e:df:f2:d8:eb:2f:8e: f3:d5:be:9b:43:6f:ab:11:b6:ca:bc:f1:33:ab:de:27:d9:11: 42:66:06:10:cf:51:b0:2e:c6:6a:db:1a:85:ea:9d:79:3a:fd: 19:0a:9e:e7:77:e5:09:82:22:b1:39:88:d3:72:2e:d0:1b:4f: fa:ac:64:b5:a9:ec:32:ae:fb:db:b3:b2:d7:93:9c:53:1e:2d: 88:68:a2:0d:30:a9:26:e7:af:cb:c4:88:23:08:97:6b:07:50: 2b:a7:9b:ce:55:0c:bc:63:44:dc:8e:53:33:92:33:da:f4:3f: c6:ed:9c:84:cd:3a:bf:81:bf:b5:a4:94:28:e8:dd:be:b1:f3: 36:a3:cf:91:b8:2c:24:b1:ee:0d:34:13:7c:fd:b1:af:76:1f: f3:b4:ee:8e:90:22:f6:98:63:68:cb:d1:e8:57:65:db:3f:51: c0:2f:8f:17:4c:03:df:72:8f:7f:9e:7a:ee:36:e4:c5:47:78: 9c:03:4b:49:6f:3c:73:7a:f0:c7:01:10:bd:e0:d8:9b:ce:9f: d1:dd:91:f5:41:12:1c:52:1f:75:99:90:0b:34:6d:cc:da:19: 15:dc:66:40:14:41:6b:9c:e9:25:3d:f7:8d:31:d5:e6:d6:1a: ef:e4:5e:ff -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs3V9pN06ZrJS6QTsTbwoq+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmNTU0OTE5OTMxYzY3YmQyNjUwZmM0ZTBjNzNjMmZiM2Uy MjhkOTUwHhcNMjUxMjE5MTYwMTAyWhcNMjUxMjIwMTYwMTAyWjAzMTEwLwYDVQQD EyhkZWI3YzhmNmRhNWU5NzFhYzNlNjUzOWM3MTA3OWQ3Zjc5MzM3ZTBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksQrJGBv/8LwdXKZvHM2qnCFMROw jDdOBU5ohQ67JUVufKu5AKDYhDI7NTLVaLsTbIW9LwpJw61I0hwyd/UAUjw9QQb1 idmi3f/TkxR7vUg4ID//OBvvIcOt/4G0WaRFFEaTBixRAzmZL/c9f5NqhJFFh5BB gorLmRny6phQl5sznhcjoHtWMSoH/xRp5TDgKLjc5xTsUk5U5Sc4ouTHgF5bNZha IHDnbrU/A75k3JkX/dvEMjoBfwssxKj80XqJE0SSD9bKRzVlVkGJ+sNCBCyYbpc+ HNVLS/+FUnc2o/JL2whn1bB7CgRgEwE37PjaNKSJHqFVAKtya8yoVApoZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN63yPbaXpcaw+ZTnHEHnX95M34MMB8GA1UdIwQY MBaAFP9VSRmTHGe9JlD8Tgxzwvs+Io2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvXzFWSkdaTWNaNzBtVVB4T0RIUEMtejRpalpVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8yMzI0NGQtNDg4Ni00NzBiLWIxZmMt MjkwYWE0MzE4Y2FhLzEvXzFWSkdaTWNaNzBtVVB4T0RIUEMtejRpalpVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS8yMzI0NGQtNDg4Ni00NzBiLWIxZmMtMjkwYWE0MzE4Y2Fh LzEvXzFWSkdaTWNaNzBtVVB4T0RIUEMtejRpalpVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlGbiE+fE wHCk5DSO3/LY6y+O89W+m0NvqxG2yrzxM6veJ9kRQmYGEM9RsC7GatsaheqdeTr9 GQqe53flCYIisTmI03Iu0BtP+qxktansMq7727Oy15OcUx4tiGiiDTCpJuevy8SI IwiXawdQK6ebzlUMvGNE3I5TM5Iz2vQ/xu2chM06v4G/taSUKOjdvrHzNqPPkbgs JLHuDTQTfP2xr3Yf87TujpAi9phjaMvR6Fdl2z9RwC+PF0wD33KPf5567jbkxUd4 nANLSW88c3rwxwEQveDYm86f0d2R9UESHFIfdZmQCzRtzNoZFdxmQBRBa5zpJT33 jTHV5tYa7+Re/w== -----END CERTIFICATE-----Generated at Fri Dec 19 20:28:19 2025 by rpki-client