This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.mft File: ESXJC-alxXrBYrVYE8_HZm7wg1o.mft (raw, json) Hash identifier: 27sDXcxPHYBEBHxuOjqWQYCLGFGlEmpIX02zCIINOwk= Subject key identifier: E2:C6:F7:F8:1D:DB:23:31:82:C6:95:CF:D8:A1:32:62:75:3D:C9:2D Authority key identifier: 11:25:C9:0B:E6:A5:C5:7A:C1:62:B5:58:13:CF:C7:66:6E:F0:83:5A Certificate issuer: /CN=1125c90be6a5c57ac162b55813cfc7666ef0835a Certificate serial: 019B3532AF0A384A6441A03035B078D2E1BB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ESXJC-alxXrBYrVYE8_HZm7wg1o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.mft Manifest number: 059C Signing time: Fri 19 Dec 2025 06:01:12 +0000 Manifest this update: Fri 19 Dec 2025 06:01:12 +0000 Manifest next update: Sat 20 Dec 2025 06:01:12 +0000 Files and hashes: 1: ESXJC-alxXrBYrVYE8_HZm7wg1o.crl (hash: cMrgHMpnwYe0FR8RbBOTe9uKjygSSEoG0AEP4fai4hs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.crl rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.mft rsync://rpki.ripe.net/repository/DEFAULT/ESXJC-alxXrBYrVYE8_HZm7wg1o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 06:01:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:32:af:0a:38:4a:64:41:a0:30:35:b0:78:d2:e1:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1125c90be6a5c57ac162b55813cfc7666ef0835a Validity Not Before: Dec 19 06:01:12 2025 GMT Not After : Dec 20 06:01:12 2025 GMT Subject: CN=e2c6f7f81ddb233182c695cfd8a13262753dc92d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:06:3a:ac:6c:e5:35:ab:97:56:07:85:ec:c2: ec:b7:35:6d:e9:ad:29:36:85:eb:51:41:c4:88:91: 24:e3:c3:61:86:01:db:2d:37:89:b3:c0:e5:2e:32: 2c:f7:e0:2c:21:96:4f:90:74:85:9b:08:6c:6d:cd: e5:08:0f:8a:5c:44:c8:c3:72:28:1b:c3:e9:8d:e4: 2b:8b:5d:aa:69:63:53:11:5e:fe:39:98:a8:b6:12: 17:58:09:7d:30:9a:09:f7:23:40:b2:48:9c:04:34: 65:0a:85:c9:e8:a8:71:41:ed:b4:34:17:f5:81:f6: 5e:0e:4a:9f:2d:b4:c1:64:35:5b:3f:5a:60:d5:39: 4e:8e:76:97:f2:bc:cd:68:95:31:07:75:38:9c:59: 5b:b3:20:f3:eb:4f:d6:50:94:13:8b:99:7f:59:0a: 4c:2b:c0:75:06:14:0d:24:65:db:82:e7:93:27:93: 74:d5:5c:37:4b:b0:7a:f6:7a:81:62:6b:0a:00:3e: 01:c5:7d:5d:08:8d:e6:cb:95:42:dc:c8:10:86:4a: 51:94:82:f9:5d:ff:42:95:5c:5d:13:26:5c:b8:f4: 13:ce:c7:ac:a7:58:2e:60:ab:85:0d:aa:d5:f0:3f: 00:13:e8:6d:39:6c:49:a1:7b:84:75:a9:de:1c:07: 9a:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:C6:F7:F8:1D:DB:23:31:82:C6:95:CF:D8:A1:32:62:75:3D:C9:2D X509v3 Authority Key Identifier: keyid:11:25:C9:0B:E6:A5:C5:7A:C1:62:B5:58:13:CF:C7:66:6E:F0:83:5A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ESXJC-alxXrBYrVYE8_HZm7wg1o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/32/527416-ee06-4890-9fe0-eceeeb97a7d1/1/ESXJC-alxXrBYrVYE8_HZm7wg1o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4b:01:13:f5:0e:49:66:bb:07:79:ff:ab:6f:e1:d9:83:bb:a6: aa:83:b2:cc:a8:9b:3d:c7:88:ec:09:c1:12:36:49:61:61:10: f7:a6:60:47:3d:ac:fb:42:30:49:e6:8b:b8:eb:32:e3:d8:20: ec:52:da:a5:56:48:b9:0d:af:17:61:b3:ed:0c:7b:72:44:b0: c7:1c:28:0c:d8:59:54:2c:97:4b:2f:a9:22:bf:43:2a:af:99: d4:64:f5:3e:78:be:3b:d6:0c:ea:d7:70:42:30:e0:64:a8:14: cf:05:5b:1b:12:4c:24:4b:79:86:a1:2a:7f:a9:5b:c5:6d:c6: a2:ca:a4:a7:52:04:3e:97:11:5e:50:ad:f4:c5:ea:ca:a3:2e: 04:e1:61:cf:b5:eb:ed:a0:84:56:1d:13:a3:f5:ad:46:62:28: 60:7d:4a:71:ee:db:4f:db:7f:42:f6:93:77:fb:24:9e:92:a2: 8c:90:b2:48:31:05:13:c4:c5:58:a3:34:2b:07:1a:37:bb:3d: 0d:d9:c3:60:a4:bc:a5:68:87:fe:7f:1c:fd:81:73:3a:62:ac: 53:79:a4:12:47:e3:5e:8a:7e:0f:68:79:fb:32:e4:19:29:f8: 63:41:7a:9b:a2:99:c2:87:8a:14:95:e4:09:49:9e:cc:2d:9a: 71:13:0c:8d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs1Mq8KOEpkQaAwNbB40uG7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDExMjVjOTBiZTZhNWM1N2FjMTYyYjU1ODEzY2ZjNzY2NmVm MDgzNWEwHhcNMjUxMjE5MDYwMTEyWhcNMjUxMjIwMDYwMTEyWjAzMTEwLwYDVQQD EyhlMmM2ZjdmODFkZGIyMzMxODJjNjk1Y2ZkOGExMzI2Mjc1M2RjOTJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgY6rGzlNauXVgeF7MLstzVt6a0p NoXrUUHEiJEk48NhhgHbLTeJs8DlLjIs9+AsIZZPkHSFmwhsbc3lCA+KXETIw3Io G8PpjeQri12qaWNTEV7+OZiothIXWAl9MJoJ9yNAskicBDRlCoXJ6KhxQe20NBf1 gfZeDkqfLbTBZDVbP1pg1TlOjnaX8rzNaJUxB3U4nFlbsyDz60/WUJQTi5l/WQpM K8B1BhQNJGXbgueTJ5N01Vw3S7B69nqBYmsKAD4BxX1dCI3my5VC3MgQhkpRlIL5 Xf9ClVxdEyZcuPQTzsesp1guYKuFDarV8D8AE+htOWxJoXuEdaneHAeamQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOLG9/gd2yMxgsaVz9ihMmJ1PcktMB8GA1UdIwQY MBaAFBElyQvmpcV6wWK1WBPPx2Zu8INaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRVNYSkMtYWx4WHJCWXJWWUU4X0habTd3ZzFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi81Mjc0MTYtZWUwNi00ODkwLTlmZTAt ZWNlZWViOTdhN2QxLzEvRVNYSkMtYWx4WHJCWXJWWUU4X0habTd3ZzFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMi81Mjc0MTYtZWUwNi00ODkwLTlmZTAtZWNlZWViOTdhN2Qx LzEvRVNYSkMtYWx4WHJCWXJWWUU4X0habTd3ZzFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASwET9Q5J ZrsHef+rb+HZg7umqoOyzKibPceI7AnBEjZJYWEQ96ZgRz2s+0IwSeaLuOsy49gg 7FLapVZIuQ2vF2Gz7Qx7ckSwxxwoDNhZVCyXSy+pIr9DKq+Z1GT1Pni+O9YM6tdw QjDgZKgUzwVbGxJMJEt5hqEqf6lbxW3Gosqkp1IEPpcRXlCt9MXqyqMuBOFhz7Xr 7aCEVh0To/WtRmIoYH1Kce7bT9t/QvaTd/sknpKijJCySDEFE8TFWKM0KwcaN7s9 DdnDYKS8pWiH/n8c/YFzOmKsU3mkEkfjXop+D2h5+zLkGSn4Y0F6m6KZwoeKFJXk CUmezC2acRMMjQ== -----END CERTIFICATE-----Generated at Fri Dec 19 12:07:16 2025 by rpki-client