This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft File: ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft (raw, json) Hash identifier: sBQlHCfEO5ui42EJrx2MmEEhNlpggZJo3LeZwjfJn5U= Subject key identifier: E4:10:F6:94:1B:1D:E4:7A:E2:4F:30:BA:C3:A7:E8:B8:D0:AB:22:ED Authority key identifier: 72:20:2E:64:5F:72:CD:70:AA:81:43:B7:3B:CC:0D:DD:93:BF:E9:1A Certificate issuer: /CN=72202e645f72cd70aa8143b73bcc0ddd93bfe91a Certificate serial: 019B34C470229E16406A5119A53ABC628BB5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft Manifest number: 04D3 Signing time: Fri 19 Dec 2025 04:00:47 +0000 Manifest this update: Fri 19 Dec 2025 04:00:47 +0000 Manifest next update: Sat 20 Dec 2025 04:00:47 +0000 Files and hashes: 1: ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.crl (hash: i9utSQpGJiuC0a4oYITaX35iliR7UAgMwBKfkmq8JsQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.crl rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft rsync://rpki.ripe.net/repository/DEFAULT/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 04:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c4:70:22:9e:16:40:6a:51:19:a5:3a:bc:62:8b:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=72202e645f72cd70aa8143b73bcc0ddd93bfe91a Validity Not Before: Dec 19 04:00:47 2025 GMT Not After : Dec 20 04:00:47 2025 GMT Subject: CN=e410f6941b1de47ae24f30bac3a7e8b8d0ab22ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:ac:21:f6:6d:92:c7:06:0f:f3:5c:f6:2d:eb: c0:fa:19:0f:50:eb:0e:8c:7e:27:37:eb:86:ad:6e: 0c:19:b6:d0:f5:f5:94:62:dd:13:97:bb:fc:1c:57: 51:52:d4:cf:db:06:f9:02:0c:a0:c6:ee:0f:26:ad: 2f:a3:b9:ba:b1:73:69:f4:ab:89:b5:e5:05:27:6d: 8a:18:d1:f3:48:9e:4c:09:61:5e:e2:6b:a8:20:eb: e0:d2:cd:4a:45:19:e3:3c:ac:7e:8a:7b:3d:ec:d7: 07:dd:6d:e9:12:ff:66:de:c7:a7:df:13:c0:6f:93: 60:dc:8f:5e:6c:2c:1c:5a:f5:64:4f:db:70:37:95: 5c:5d:25:ed:3b:94:65:03:3b:8d:2e:86:8f:07:2a: c9:9f:38:e6:5b:e4:1f:a0:27:0d:1c:99:85:64:de: bb:88:03:58:53:4e:e4:55:40:15:29:94:bf:90:e7: 0a:48:e4:59:5b:36:f7:55:06:8b:8c:81:ad:e7:f9: 4a:25:ab:08:50:6b:2e:e0:f8:d2:4b:6d:30:8f:61: 05:bf:34:54:1d:e4:a6:66:4b:34:1d:5f:4a:f7:d4: 63:81:e8:e3:e7:48:97:b0:f2:7d:9b:c6:c1:8b:5e: 85:8d:f2:4e:37:a5:b9:db:f8:fd:16:d6:b9:16:b8: 84:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:10:F6:94:1B:1D:E4:7A:E2:4F:30:BA:C3:A7:E8:B8:D0:AB:22:ED X509v3 Authority Key Identifier: keyid:72:20:2E:64:5F:72:CD:70:AA:81:43:B7:3B:CC:0D:DD:93:BF:E9:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:90:ba:36:a5:06:40:e3:b9:70:a0:05:34:8e:1a:f7:a3:20: a7:72:33:ca:15:3b:64:f0:6f:59:b8:be:37:20:f8:f7:52:e5: ec:32:b9:89:14:0c:8f:32:04:09:65:d1:0f:46:22:a9:43:69: 6d:d7:f8:6f:9c:36:64:9d:c4:fd:fb:15:3b:8c:5d:d6:27:60: 7a:79:b2:65:57:a2:9f:f5:0f:f7:9e:94:d5:f7:5e:6e:89:c2: 23:39:69:1d:1c:7c:d7:a0:64:79:33:95:54:e8:8c:af:2f:ac: 3a:ba:3f:6a:d3:df:77:e2:2b:76:23:72:9f:5a:29:18:b2:d7: 45:05:73:90:ee:f6:a9:97:3b:9b:53:4f:fc:ef:37:74:77:68: ff:d3:f9:ee:ee:ec:53:e6:31:69:b7:32:4f:4d:ef:0c:1d:58: 15:77:dd:56:1d:14:00:75:ce:f5:83:82:89:64:af:e7:29:01: 77:6c:d4:4d:c4:82:c7:9f:85:e9:0a:88:ee:b8:2d:3a:82:dc: db:95:23:de:cc:1a:9b:98:1e:23:76:90:22:26:92:1b:c1:3b: ba:d2:2d:26:2e:38:97:cb:cd:88:ee:ce:66:ec:72:89:5b:ce: 54:13:cc:35:87:dc:fd:d9:fc:fe:b8:57:4d:93:fc:08:8b:77: ca:2c:c8:62 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xHAinhZAalEZpTq8You1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyMjAyZTY0NWY3MmNkNzBhYTgxNDNiNzNiY2MwZGRkOTNi ZmU5MWEwHhcNMjUxMjE5MDQwMDQ3WhcNMjUxMjIwMDQwMDQ3WjAzMTEwLwYDVQQD EyhlNDEwZjY5NDFiMWRlNDdhZTI0ZjMwYmFjM2E3ZThiOGQwYWIyMmVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKwh9m2SxwYP81z2LevA+hkPUOsO jH4nN+uGrW4MGbbQ9fWUYt0Tl7v8HFdRUtTP2wb5Agygxu4PJq0vo7m6sXNp9KuJ teUFJ22KGNHzSJ5MCWFe4muoIOvg0s1KRRnjPKx+ins97NcH3W3pEv9m3sen3xPA b5Ng3I9ebCwcWvVkT9twN5VcXSXtO5RlAzuNLoaPByrJnzjmW+QfoCcNHJmFZN67 iANYU07kVUAVKZS/kOcKSORZWzb3VQaLjIGt5/lKJasIUGsu4PjSS20wj2EFvzRU HeSmZks0HV9K99Rjgejj50iXsPJ9m8bBi16FjfJON6W52/j9Fta5FriEoQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOQQ9pQbHeR64k8wusOn6LjQqyLtMB8GA1UdIwQY MBaAFHIgLmRfcs1wqoFDtzvMDd2Tv+kaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY2lBdVpGOXl6WENxZ1VPM084d04zWk9fNlJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lZTExMjctZjk5Yy00YWVhLWIyZmEt NDBjYzE2ZjJhZmE0LzEvY2lBdVpGOXl6WENxZ1VPM084d04zWk9fNlJvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZC9lZTExMjctZjk5Yy00YWVhLWIyZmEtNDBjYzE2ZjJhZmE0 LzEvY2lBdVpGOXl6WENxZ1VPM084d04zWk9fNlJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO5C6NqUG QOO5cKAFNI4a96Mgp3IzyhU7ZPBvWbi+NyD491Ll7DK5iRQMjzIECWXRD0YiqUNp bdf4b5w2ZJ3E/fsVO4xd1idgenmyZVein/UP956U1fdebonCIzlpHRx816BkeTOV VOiMry+sOro/atPfd+IrdiNyn1opGLLXRQVzkO72qZc7m1NP/O83dHdo/9P57u7s U+YxabcyT03vDB1YFXfdVh0UAHXO9YOCiWSv5ykBd2zUTcSCx5+F6QqI7rgtOoLc 25Uj3swam5geI3aQIiaSG8E7utItJi44l8vNiO7OZuxyiVvOVBPMNYfc/dn8/rhX TZP8CIt3yizIYg== -----END CERTIFICATE-----Generated at Fri Dec 19 10:37:13 2025 by rpki-client