This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft File: f35evW-kacXjcL_BBsTUqtHh25Q.mft (raw, json) Hash identifier: Lbv7jvz2ip9AenQdlnLby+vuv52ggRW5KqjKzjJCBWs= Subject key identifier: AC:17:8F:55:F3:88:F1:8B:F4:C2:29:C9:B6:FB:ED:2A:42:8C:3A:B5 Authority key identifier: 7F:7E:5E:BD:6F:A4:69:C5:E3:70:BF:C1:06:C4:D4:AA:D1:E1:DB:94 Certificate issuer: /CN=7f7e5ebd6fa469c5e370bfc106c4d4aad1e1db94 Certificate serial: 019B3AFD7DE2F1BB4557FDD6AE48A785E7EF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f35evW-kacXjcL_BBsTUqtHh25Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft Manifest number: 0FEF Signing time: Sat 20 Dec 2025 09:00:49 +0000 Manifest this update: Sat 20 Dec 2025 09:00:49 +0000 Manifest next update: Sun 21 Dec 2025 09:00:49 +0000 Files and hashes: 1: f35evW-kacXjcL_BBsTUqtHh25Q.crl (hash: J/d3JP6aEXdATbX8jbBA1q1fT/emEDxqUE2AnpI5tGU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.crl rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft rsync://rpki.ripe.net/repository/DEFAULT/f35evW-kacXjcL_BBsTUqtHh25Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 09:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:fd:7d:e2:f1:bb:45:57:fd:d6:ae:48:a7:85:e7:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7f7e5ebd6fa469c5e370bfc106c4d4aad1e1db94 Validity Not Before: Dec 20 09:00:49 2025 GMT Not After : Dec 21 09:00:49 2025 GMT Subject: CN=ac178f55f388f18bf4c229c9b6fbed2a428c3ab5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:07:e1:06:ce:90:c6:13:4d:0a:18:a1:94:90: a7:e7:d4:6e:58:17:d3:f5:61:87:66:10:64:1b:57: da:7d:db:fa:fc:6a:a6:e3:89:99:21:5a:09:47:28: 0b:8a:30:7e:43:df:d3:f0:f7:3e:b1:67:7f:d1:df: bb:bf:03:1b:ae:8e:ab:03:b0:3b:de:6d:84:51:8d: c6:23:25:ca:71:d0:d2:e7:65:54:28:23:ca:72:48: 6d:65:86:39:3d:56:e7:e6:8c:db:4f:49:a7:05:12: af:82:d8:bd:d1:2e:a8:6f:ed:e1:ee:af:6a:e5:28: fd:46:39:7f:01:93:7d:61:24:c8:46:f7:2a:5c:bd: 41:76:ba:db:e8:19:01:aa:5a:7e:4b:12:d9:b4:59: 54:32:3f:72:ba:ac:e5:80:0d:ee:e5:eb:92:7c:12: 9e:45:2d:71:05:fb:f0:1c:1a:83:fa:57:74:7b:92: a7:0f:98:cf:18:f8:b6:55:f9:48:9a:3e:c1:18:cb: f3:cf:a6:c0:de:cc:2c:52:da:f5:a3:fb:a3:e0:ed: 68:87:a2:2c:bd:fb:ab:22:34:45:d6:65:fb:c8:3c: d3:4d:bb:30:dd:fe:36:95:e6:12:89:cd:21:e6:1a: 8f:f5:d7:2d:75:d1:2a:f5:08:39:a1:85:43:b1:33: ae:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:17:8F:55:F3:88:F1:8B:F4:C2:29:C9:B6:FB:ED:2A:42:8C:3A:B5 X509v3 Authority Key Identifier: keyid:7F:7E:5E:BD:6F:A4:69:C5:E3:70:BF:C1:06:C4:D4:AA:D1:E1:DB:94 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f35evW-kacXjcL_BBsTUqtHh25Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c3e8ed-597a-485a-94a3-982cfb359aee/1/f35evW-kacXjcL_BBsTUqtHh25Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:ae:1a:74:19:c4:6e:ff:b7:9e:cb:90:5e:d5:83:03:3d:33: 37:5e:62:a8:93:ab:41:ae:5b:c0:a4:7f:53:c6:d9:77:26:a0: 81:ca:68:bf:59:89:23:f9:48:04:ef:5c:87:1c:7e:4a:90:35: e6:ad:39:b7:37:5b:83:32:84:0e:e8:b2:a9:79:e2:e7:35:6e: 04:61:ce:59:a9:49:7e:f7:a7:45:84:7f:c0:5b:1f:3f:d0:85: 66:7a:0f:7e:a4:4c:d0:6d:86:78:03:70:87:da:22:b4:78:2e: 5e:b1:e0:a2:95:9b:d2:24:3d:1e:5b:7c:de:49:5d:1a:f0:56: 89:dc:5f:4a:6a:b1:29:25:a6:c9:b6:0a:49:0d:64:ba:4d:e1: b2:6a:30:79:7e:e4:e9:56:bb:85:d3:b9:16:6a:4f:81:45:cd: a1:fc:f0:73:0a:c4:07:f0:5a:83:f3:cc:28:99:94:eb:7d:f4: ef:7e:6f:7e:18:c3:cf:03:1c:89:da:61:4f:fb:e3:5e:48:48: 42:74:93:16:f2:c2:e5:68:a6:73:9e:73:ed:5f:b6:29:0e:e3: 52:46:82:5d:bd:e0:b0:18:e4:b9:38:13:e1:69:6e:ba:66:0d: 1f:01:49:dd:78:40:88:e1:36:54:bd:7e:cd:e2:11:6a:93:dc: 3f:67:0d:3a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6/X3i8btFV/3WrkinhefvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdmN2U1ZWJkNmZhNDY5YzVlMzcwYmZjMTA2YzRkNGFhZDFl MWRiOTQwHhcNMjUxMjIwMDkwMDQ5WhcNMjUxMjIxMDkwMDQ5WjAzMTEwLwYDVQQD EyhhYzE3OGY1NWYzODhmMThiZjRjMjI5YzliNmZiZWQyYTQyOGMzYWI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAfhBs6QxhNNChihlJCn59RuWBfT 9WGHZhBkG1fafdv6/Gqm44mZIVoJRygLijB+Q9/T8Pc+sWd/0d+7vwMbro6rA7A7 3m2EUY3GIyXKcdDS52VUKCPKckhtZYY5PVbn5ozbT0mnBRKvgti90S6ob+3h7q9q 5Sj9Rjl/AZN9YSTIRvcqXL1Bdrrb6BkBqlp+SxLZtFlUMj9yuqzlgA3u5euSfBKe RS1xBfvwHBqD+ld0e5KnD5jPGPi2VflImj7BGMvzz6bA3swsUtr1o/uj4O1oh6Is vfurIjRF1mX7yDzTTbsw3f42leYSic0h5hqP9dctddEq9Qg5oYVDsTOuNwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKwXj1XziPGL9MIpybb77SpCjDq1MB8GA1UdIwQY MBaAFH9+Xr1vpGnF43C/wQbE1KrR4duUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZjM1ZXZXLWthY1hqY0xfQkJzVFVxdEhoMjVRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9jM2U4ZWQtNTk3YS00ODVhLTk0YTMt OTgyY2ZiMzU5YWVlLzEvZjM1ZXZXLWthY1hqY0xfQkJzVFVxdEhoMjVRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy9jM2U4ZWQtNTk3YS00ODVhLTk0YTMtOTgyY2ZiMzU5YWVl LzEvZjM1ZXZXLWthY1hqY0xfQkJzVFVxdEhoMjVRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVq4adBnE bv+3nsuQXtWDAz0zN15iqJOrQa5bwKR/U8bZdyaggcpov1mJI/lIBO9chxx+SpA1 5q05tzdbgzKEDuiyqXni5zVuBGHOWalJfvenRYR/wFsfP9CFZnoPfqRM0G2GeANw h9oitHguXrHgopWb0iQ9Hlt83kldGvBWidxfSmqxKSWmybYKSQ1kuk3hsmoweX7k 6Va7hdO5FmpPgUXNofzwcwrEB/Bag/PMKJmU6330735vfhjDzwMcidphT/vjXkhI QnSTFvLC5Wimc55z7V+2KQ7jUkaCXb3gsBjkuTgT4WluumYNHwFJ3XhAiOE2VL1+ zeIRapPcP2cNOg== -----END CERTIFICATE-----Generated at Sat Dec 20 18:12:31 2025 by rpki-client