This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d23344-b281-42d2-bc33-ecbf7f17f604/1/xBHDOVke38lmej55EY3SPEAr6H8.mft File: xBHDOVke38lmej55EY3SPEAr6H8.mft (raw, json) Hash identifier: n/ahks5g6rcP9xw8PgTt2d3JnAiUYqcvdWGJ0+vBRn8= Subject key identifier: DB:73:88:90:FB:C1:BC:0E:52:31:99:56:4D:FE:94:AA:98:3D:05:DE Authority key identifier: C4:11:C3:39:59:1E:DF:C9:66:7A:3E:79:11:8D:D2:3C:40:2B:E8:7F Certificate issuer: /CN=c411c339591edfc9667a3e79118dd23c402be87f Certificate serial: 019B35696BEA4AEE636568F320B75C8CCDF0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBHDOVke38lmej55EY3SPEAr6H8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/d23344-b281-42d2-bc33-ecbf7f17f604/1/xBHDOVke38lmej55EY3SPEAr6H8.mft Manifest number: 077E Signing time: Fri 19 Dec 2025 07:00:59 +0000 Manifest this update: Fri 19 Dec 2025 07:00:59 +0000 Manifest next update: Sat 20 Dec 2025 07:00:59 +0000 Files and hashes: 1: xBHDOVke38lmej55EY3SPEAr6H8.crl (hash: Q3VsW3fPc6YMmBqI3eKvnAwUhp5DDwfznGa+RP/YNnU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/d23344-b281-42d2-bc33-ecbf7f17f604/1/xBHDOVke38lmej55EY3SPEAr6H8.crl rsync://rpki.ripe.net/repository/DEFAULT/17/d23344-b281-42d2-bc33-ecbf7f17f604/1/xBHDOVke38lmej55EY3SPEAr6H8.mft rsync://rpki.ripe.net/repository/DEFAULT/xBHDOVke38lmej55EY3SPEAr6H8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:69:6b:ea:4a:ee:63:65:68:f3:20:b7:5c:8c:cd:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c411c339591edfc9667a3e79118dd23c402be87f Validity Not Before: Dec 19 07:00:59 2025 GMT Not After : Dec 20 07:00:59 2025 GMT Subject: CN=db738890fbc1bc0e523199564dfe94aa983d05de Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:6d:bd:78:bc:cc:54:cc:ee:c9:94:08:62:8b: bd:21:a3:84:b2:e0:ab:f4:41:79:d4:a5:1f:82:b1: 8c:39:ef:cb:f3:1b:bf:6b:2e:35:0f:07:fc:aa:dd: 0c:95:1f:00:5a:62:71:c5:91:f9:cc:7d:b6:1a:a6: ef:7d:b8:f2:ab:3f:de:08:a0:bd:63:fb:fa:87:08: 87:c5:8a:28:ae:aa:b1:51:a3:bb:57:73:a6:a9:7a: 8f:b5:84:f9:5c:88:fc:ad:40:88:db:2b:7d:55:c5: 38:a1:6e:a6:d4:67:6a:db:35:76:dd:70:a8:fb:3d: da:01:9d:a1:da:c0:91:f7:e1:0a:3d:0f:50:60:29: 90:ab:5a:77:b9:e8:ba:03:5a:a6:9a:55:67:d3:6d: bf:3c:31:4d:03:0a:b9:44:f3:4f:2d:a0:50:6c:a4: 3e:69:d1:2d:b1:78:33:fa:8b:e3:91:f2:ee:2e:cc: cf:39:1d:11:30:92:67:85:42:bf:43:88:2a:93:44: 84:c4:d3:1f:bb:89:23:5e:94:23:c6:42:ff:22:8f: 18:36:c9:a5:8b:32:a0:6f:8e:9f:d7:82:ba:95:e7: d0:46:9d:83:f6:63:ee:19:fa:f5:91:b8:f1:10:a4: bf:a5:8b:e5:bc:61:f6:1d:1d:5d:9c:29:97:23:c8: 78:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:73:88:90:FB:C1:BC:0E:52:31:99:56:4D:FE:94:AA:98:3D:05:DE X509v3 Authority Key Identifier: keyid:C4:11:C3:39:59:1E:DF:C9:66:7A:3E:79:11:8D:D2:3C:40:2B:E8:7F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBHDOVke38lmej55EY3SPEAr6H8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d23344-b281-42d2-bc33-ecbf7f17f604/1/xBHDOVke38lmej55EY3SPEAr6H8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d23344-b281-42d2-bc33-ecbf7f17f604/1/xBHDOVke38lmej55EY3SPEAr6H8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1b:53:68:5f:80:7d:f2:16:80:dc:10:46:7b:5e:61:d2:72:a5: 18:f0:6f:24:b8:5b:e5:20:38:9f:1e:00:8b:1d:a1:18:e5:08: 7c:26:0d:23:59:01:b6:27:7d:d0:54:a3:0b:17:85:a0:ad:76: f9:15:36:ee:57:42:8c:86:1e:80:21:67:64:31:6d:3c:b0:cc: 7e:ff:8c:ff:55:bf:88:3e:1f:44:43:55:a3:c5:f4:09:5f:8f: cb:87:e5:ec:7f:f9:95:fe:8b:fb:61:a6:39:23:29:61:16:5c: d6:d6:bc:47:a2:e2:3c:9e:67:1f:8a:24:42:7c:9b:ea:0d:30: 18:cd:cf:81:4f:2f:ae:73:ab:7d:f7:d8:fe:b7:9a:13:3c:ed: b1:08:4d:a8:39:ee:df:4c:c5:7b:8d:9c:a9:dc:b0:f3:59:e6: 40:ac:e4:ae:2f:be:ab:d3:50:e2:40:de:2c:8a:9b:73:d6:c4: 7b:ff:cd:e8:fe:75:b7:0c:f7:61:ce:65:c1:e7:68:04:fe:88: 2f:2e:49:5e:36:21:44:73:9d:b4:4a:63:57:3b:78:cd:9a:c3: 3b:87:64:83:30:42:ab:68:b3:6e:63:c7:08:2c:36:06:e1:69: 88:86:28:4c:49:6c:b4:0f:12:88:75:59:1f:21:a5:d7:59:c2: 8a:e7:85:29 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs1aWvqSu5jZWjzILdcjM3wMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0MTFjMzM5NTkxZWRmYzk2NjdhM2U3OTExOGRkMjNjNDAy YmU4N2YwHhcNMjUxMjE5MDcwMDU5WhcNMjUxMjIwMDcwMDU5WjAzMTEwLwYDVQQD EyhkYjczODg5MGZiYzFiYzBlNTIzMTk5NTY0ZGZlOTRhYTk4M2QwNWRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsW29eLzMVMzuyZQIYou9IaOEsuCr 9EF51KUfgrGMOe/L8xu/ay41Dwf8qt0MlR8AWmJxxZH5zH22Gqbvfbjyqz/eCKC9 Y/v6hwiHxYoorqqxUaO7V3OmqXqPtYT5XIj8rUCI2yt9VcU4oW6m1Gdq2zV23XCo +z3aAZ2h2sCR9+EKPQ9QYCmQq1p3uei6A1qmmlVn022/PDFNAwq5RPNPLaBQbKQ+ adEtsXgz+ovjkfLuLszPOR0RMJJnhUK/Q4gqk0SExNMfu4kjXpQjxkL/Io8YNsml izKgb46f14K6lefQRp2D9mPuGfr1kbjxEKS/pYvlvGH2HR1dnCmXI8h4nQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNtziJD7wbwOUjGZVk3+lKqYPQXeMB8GA1UdIwQY MBaAFMQRwzlZHt/JZno+eRGN0jxAK+h/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveEJIRE9Wa2UzOGxtZWo1NUVZM1NQRUFyNkg4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMjMzNDQtYjI4MS00MmQyLWJjMzMt ZWNiZjdmMTdmNjA0LzEveEJIRE9Wa2UzOGxtZWo1NUVZM1NQRUFyNkg4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy9kMjMzNDQtYjI4MS00MmQyLWJjMzMtZWNiZjdmMTdmNjA0 LzEveEJIRE9Wa2UzOGxtZWo1NUVZM1NQRUFyNkg4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG1NoX4B9 8haA3BBGe15h0nKlGPBvJLhb5SA4nx4Aix2hGOUIfCYNI1kBtid90FSjCxeFoK12 +RU27ldCjIYegCFnZDFtPLDMfv+M/1W/iD4fRENVo8X0CV+Py4fl7H/5lf6L+2Gm OSMpYRZc1ta8R6LiPJ5nH4okQnyb6g0wGM3PgU8vrnOrfffY/reaEzztsQhNqDnu 30zFe42cqdyw81nmQKzkri++q9NQ4kDeLIqbc9bEe//N6P51twz3Yc5lwedoBP6I Ly5JXjYhRHOdtEpjVzt4zZrDO4dkgzBCq2izbmPHCCw2BuFpiIYoTElstA8SiHVZ HyGl11nCiueFKQ== -----END CERTIFICATE-----Generated at Fri Dec 19 13:11:48 2025 by rpki-client