This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/717648-55c0-407a-811e-5961655c34d9/1/7N0ioeDFuwAoDxkz7uz4HNig5rI.mft File: 7N0ioeDFuwAoDxkz7uz4HNig5rI.mft (raw, json) Hash identifier: 5KECtE3Cn/6v/6sLsR+cAx+ql3cM4OlyLxl+p0ZeWRI= Subject key identifier: 82:09:EB:CF:F5:0A:B2:76:05:71:A5:6A:32:9B:77:1A:EC:FD:A4:01 Authority key identifier: EC:DD:22:A1:E0:C5:BB:00:28:0F:19:33:EE:EC:F8:1C:D8:A0:E6:B2 Certificate issuer: /CN=ecdd22a1e0c5bb00280f1933eeecf81cd8a0e6b2 Certificate serial: 019B4A038B159A6E21BDAD1C7C94FC451F99 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7N0ioeDFuwAoDxkz7uz4HNig5rI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/717648-55c0-407a-811e-5961655c34d9/1/7N0ioeDFuwAoDxkz7uz4HNig5rI.mft Manifest number: 171F Signing time: Tue 23 Dec 2025 07:01:44 +0000 Manifest this update: Tue 23 Dec 2025 07:01:44 +0000 Manifest next update: Wed 24 Dec 2025 07:01:44 +0000 Files and hashes: 1: 7N0ioeDFuwAoDxkz7uz4HNig5rI.crl (hash: 3Fg78F+rFJ2VmhYW9Ag+aD/m1CbF8+C8mlobDJ5AG8A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/717648-55c0-407a-811e-5961655c34d9/1/7N0ioeDFuwAoDxkz7uz4HNig5rI.crl rsync://rpki.ripe.net/repository/DEFAULT/26/717648-55c0-407a-811e-5961655c34d9/1/7N0ioeDFuwAoDxkz7uz4HNig5rI.mft rsync://rpki.ripe.net/repository/DEFAULT/7N0ioeDFuwAoDxkz7uz4HNig5rI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 07:01:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:03:8b:15:9a:6e:21:bd:ad:1c:7c:94:fc:45:1f:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ecdd22a1e0c5bb00280f1933eeecf81cd8a0e6b2 Validity Not Before: Dec 23 07:01:44 2025 GMT Not After : Dec 24 07:01:44 2025 GMT Subject: CN=8209ebcff50ab2760571a56a329b771aecfda401 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:50:aa:79:e0:f1:0f:4c:57:ec:04:6d:be:e2: d7:2e:20:24:43:0d:dd:e4:ae:62:71:60:19:87:d6: fe:b1:0e:c9:07:e6:58:5f:34:04:70:ff:c0:90:e5: 74:36:76:a3:f9:d6:8f:88:92:fb:68:e6:d8:2a:97: aa:e8:25:5f:3a:07:7f:48:8d:7a:3a:7e:1b:5f:cb: 91:81:d5:bf:bc:8c:3e:f6:a0:26:1a:8a:b8:11:fb: 90:86:16:37:c8:b1:94:98:8a:32:95:33:ea:94:6d: b2:f2:7b:51:dd:6e:b8:bc:94:e9:5a:f1:d6:eb:97: 35:de:a8:49:03:fa:2d:e8:7c:da:01:14:34:1f:29: 72:19:b6:39:39:19:83:29:87:bd:4f:06:b6:64:9c: fd:37:80:e0:ae:aa:4b:b2:49:12:35:e0:7b:d5:50: f0:b5:bc:fb:a3:46:d6:91:d3:42:e5:e6:9a:4a:f1: bd:39:ef:87:c2:55:9c:1f:76:41:03:f2:c7:f7:d5: ab:1f:b9:08:4e:29:f1:d5:3b:bc:8c:eb:84:ab:67: 0b:ae:75:09:74:15:81:ed:49:a2:36:4f:85:02:d2: 39:fd:e0:b8:bd:d9:07:f9:f3:11:19:97:c1:83:68: 86:d7:d0:43:da:8f:0f:ee:a1:66:3c:02:1e:a4:f4: b0:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:09:EB:CF:F5:0A:B2:76:05:71:A5:6A:32:9B:77:1A:EC:FD:A4:01 X509v3 Authority Key Identifier: keyid:EC:DD:22:A1:E0:C5:BB:00:28:0F:19:33:EE:EC:F8:1C:D8:A0:E6:B2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7N0ioeDFuwAoDxkz7uz4HNig5rI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/717648-55c0-407a-811e-5961655c34d9/1/7N0ioeDFuwAoDxkz7uz4HNig5rI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/26/717648-55c0-407a-811e-5961655c34d9/1/7N0ioeDFuwAoDxkz7uz4HNig5rI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 29:f4:75:5d:3a:ed:48:df:c6:23:0b:79:7a:64:be:7f:9a:a5: 33:77:b9:f3:3e:44:5e:ab:30:fa:70:3d:ff:2e:b1:c6:d4:50: 4f:bd:49:71:8f:3f:08:b4:92:e1:a8:50:d7:5e:52:d0:03:9e: dd:b7:01:1a:25:24:34:2c:a7:9f:ad:82:49:c8:7b:5e:69:da: cc:39:12:3b:e5:46:29:c5:f8:2b:ed:18:57:c5:c7:e3:41:01: e5:f2:62:95:ce:d8:87:1a:40:f5:08:eb:03:73:a1:26:6b:e3: a8:45:ca:39:4d:79:e6:b2:40:46:01:88:9a:9d:54:d1:45:04: 66:23:b0:dd:94:01:6e:a5:ce:c8:11:ca:48:4a:11:eb:e8:17: 11:fc:a8:1f:f5:b2:17:04:cd:55:13:b7:1f:86:4d:57:d6:6e: d1:c6:78:f3:4e:42:01:03:33:b5:9d:f3:1b:3b:2b:43:7b:5e: 2f:ac:ca:45:b3:16:1d:70:40:a7:3f:92:39:93:84:f2:f8:cb: 8e:94:5c:2d:42:70:cd:3b:54:c2:23:b8:95:8b:52:1b:9a:d9: fd:c4:aa:b9:04:7f:aa:7b:d8:c9:d6:32:3c:3e:9c:be:4e:b5: e4:a3:19:29:5f:4a:17:b4:27:ef:a1:cf:a9:82:d7:81:61:4a: dd:85:7d:64 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKA4sVmm4hva0cfJT8RR+ZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVjZGQyMmExZTBjNWJiMDAyODBmMTkzM2VlZWNmODFjZDhh MGU2YjIwHhcNMjUxMjIzMDcwMTQ0WhcNMjUxMjI0MDcwMTQ0WjAzMTEwLwYDVQQD Eyg4MjA5ZWJjZmY1MGFiMjc2MDU3MWE1NmEzMjliNzcxYWVjZmRhNDAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1CqeeDxD0xX7ARtvuLXLiAkQw3d 5K5icWAZh9b+sQ7JB+ZYXzQEcP/AkOV0Nnaj+daPiJL7aObYKpeq6CVfOgd/SI16 On4bX8uRgdW/vIw+9qAmGoq4EfuQhhY3yLGUmIoylTPqlG2y8ntR3W64vJTpWvHW 65c13qhJA/ot6HzaARQ0HylyGbY5ORmDKYe9Twa2ZJz9N4DgrqpLskkSNeB71VDw tbz7o0bWkdNC5eaaSvG9Oe+HwlWcH3ZBA/LH99WrH7kITinx1Tu8jOuEq2cLrnUJ dBWB7UmiNk+FAtI5/eC4vdkH+fMRGZfBg2iG19BD2o8P7qFmPAIepPSwjwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIIJ68/1CrJ2BXGlajKbdxrs/aQBMB8GA1UdIwQY MBaAFOzdIqHgxbsAKA8ZM+7s+BzYoOayMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvN04waW9lREZ1d0FvRHhrejd1ejRITmlnNXJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi83MTc2NDgtNTVjMC00MDdhLTgxMWUt NTk2MTY1NWMzNGQ5LzEvN04waW9lREZ1d0FvRHhrejd1ejRITmlnNXJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNi83MTc2NDgtNTVjMC00MDdhLTgxMWUtNTk2MTY1NWMzNGQ5 LzEvN04waW9lREZ1d0FvRHhrejd1ejRITmlnNXJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKfR1XTrt SN/GIwt5emS+f5qlM3e58z5EXqsw+nA9/y6xxtRQT71JcY8/CLSS4ahQ115S0AOe 3bcBGiUkNCynn62CSch7XmnazDkSO+VGKcX4K+0YV8XH40EB5fJilc7YhxpA9Qjr A3OhJmvjqEXKOU155rJARgGImp1U0UUEZiOw3ZQBbqXOyBHKSEoR6+gXEfyoH/Wy FwTNVRO3H4ZNV9Zu0cZ4805CAQMztZ3zGzsrQ3teL6zKRbMWHXBApz+SOZOE8vjL jpRcLUJwzTtUwiO4lYtSG5rZ/cSquQR/qnvYydYyPD6cvk615KMZKV9KF7Qn76HP qYLXgWFK3YV9ZA== -----END CERTIFICATE-----Generated at Tue Dec 23 13:02:18 2025 by rpki-client