This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/1DsiEwqpp3NCVHaewTv-Fx-h4os.mft File: 1DsiEwqpp3NCVHaewTv-Fx-h4os.mft (raw, json) Hash identifier: H1pdmGrnpcEMs+X2rUpobVcujENUshbq8JksasY8OFM= Subject key identifier: B8:FC:80:CB:AB:BB:E0:24:F1:80:31:D0:05:8E:91:43:73:4F:EA:27 Authority key identifier: D4:3B:22:13:0A:A9:A7:73:42:54:76:9E:C1:3B:FE:17:1F:A1:E2:8B Certificate issuer: /CN=d43b22130aa9a7734254769ec13bfe171fa1e28b Certificate serial: 019B5A513625570353969526F3756566E244 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DsiEwqpp3NCVHaewTv-Fx-h4os.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/1DsiEwqpp3NCVHaewTv-Fx-h4os.mft Manifest number: 0CA1 Signing time: Fri 26 Dec 2025 11:00:30 +0000 Manifest this update: Fri 26 Dec 2025 11:00:30 +0000 Manifest next update: Sat 27 Dec 2025 11:00:30 +0000 Files and hashes: 1: 1DsiEwqpp3NCVHaewTv-Fx-h4os.crl (hash: runlnM+CBIajLRMlZvfJrx/KBoYoGHXmet6EN21xd7o=) 2: wEdGwXpwYmsgP9g00gzYyHwBX_w.roa (hash: xXn4YaJmCyamPKNCyA6d81IZAPpAi8iJdAjjF+NkEPs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/1DsiEwqpp3NCVHaewTv-Fx-h4os.crl rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/1DsiEwqpp3NCVHaewTv-Fx-h4os.mft rsync://rpki.ripe.net/repository/DEFAULT/1DsiEwqpp3NCVHaewTv-Fx-h4os.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:36:25:57:03:53:96:95:26:f3:75:65:66:e2:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d43b22130aa9a7734254769ec13bfe171fa1e28b Validity Not Before: Dec 26 11:00:30 2025 GMT Not After : Dec 27 11:00:30 2025 GMT Subject: CN=b8fc80cbabbbe024f18031d0058e9143734fea27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:98:c1:9d:61:08:72:95:12:0b:b0:a0:a2:e7: dd:21:ee:fb:ce:d5:ff:cb:0d:ca:03:97:97:ec:bf: c2:b9:a7:80:3e:02:46:69:08:28:9f:f1:d0:32:9b: 62:ff:ca:8b:c0:68:6a:49:23:e6:d8:f3:00:89:52: ff:38:a3:7c:36:74:c3:68:b0:9a:7d:99:40:56:fd: b3:2b:13:8b:58:45:b8:30:75:29:8a:8c:51:8f:7b: 3d:23:85:39:f6:3e:5f:b1:bc:9f:b3:c4:d9:bf:32: 7c:3f:5c:d6:3f:12:8e:16:9b:b3:1d:89:25:e3:9b: 73:aa:4e:19:69:86:48:b2:b6:10:7f:90:61:3b:c4: 27:0e:06:33:cf:01:2c:81:bb:c3:81:ea:0f:ec:46: df:de:ed:c2:63:7d:5f:4b:91:de:dc:22:05:6b:66: cf:a7:d7:28:7a:ea:6c:11:cf:c0:24:ba:36:92:ec: 32:c5:89:48:99:20:e4:38:bd:49:41:5d:27:70:4e: e7:21:62:0e:8e:27:87:de:24:11:16:22:23:72:5b: 83:ea:03:d8:61:0a:b5:e3:52:98:50:f1:ed:4f:da: 83:0c:26:f0:77:99:f8:27:4a:e9:20:96:69:cc:83: b0:4f:b6:b2:2a:8a:80:db:81:d4:bd:54:b7:a0:ae: f2:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:FC:80:CB:AB:BB:E0:24:F1:80:31:D0:05:8E:91:43:73:4F:EA:27 X509v3 Authority Key Identifier: keyid:D4:3B:22:13:0A:A9:A7:73:42:54:76:9E:C1:3B:FE:17:1F:A1:E2:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DsiEwqpp3NCVHaewTv-Fx-h4os.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/1DsiEwqpp3NCVHaewTv-Fx-h4os.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/1DsiEwqpp3NCVHaewTv-Fx-h4os.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:f9:97:11:a2:21:76:d8:69:83:4d:f7:fe:0b:f6:02:d9:8e: b4:ba:fe:ee:ec:d2:e1:5a:e4:78:98:dd:0a:24:71:4f:ea:85: 78:65:50:28:be:9f:81:22:8a:53:7c:22:a5:57:90:39:96:6f: bc:e9:8c:b9:fd:7a:8f:3b:a5:e2:4a:c8:cf:c6:fc:53:08:f0: 8c:d1:8a:fe:75:34:82:ff:ad:3b:25:69:63:21:e2:5b:a3:7a: bb:86:c8:8d:0b:94:35:93:b7:23:57:75:8b:31:29:88:02:c0: 95:50:86:05:d3:b6:13:05:2b:9d:b8:26:a1:73:94:50:76:c5: cc:d5:27:9d:5f:1e:90:82:6d:b2:af:e0:64:a6:e6:66:f1:9d: 9d:c0:5f:97:52:fc:74:b8:39:32:0a:9a:ed:4d:5f:39:1a:fe: 40:9e:68:81:88:29:92:07:48:b3:fb:26:63:5f:3f:bc:e2:5c: 9e:16:55:10:ec:d9:b6:bd:78:87:c1:d7:93:c5:7d:80:e4:ad: 09:3f:7c:45:f4:6f:42:99:63:20:3d:5f:21:55:07:c8:bc:29: c9:5a:2e:93:81:df:fb:6a:c6:dd:60:87:ec:10:66:15:b2:99: c7:e2:76:1f:34:b9:40:5e:fd:37:dd:0a:da:28:26:a5:9d:72: d8:21:dc:dc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUTYlVwNTlpUm83VlZuJEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0M2IyMjEzMGFhOWE3NzM0MjU0NzY5ZWMxM2JmZTE3MWZh MWUyOGIwHhcNMjUxMjI2MTEwMDMwWhcNMjUxMjI3MTEwMDMwWjAzMTEwLwYDVQQD EyhiOGZjODBjYmFiYmJlMDI0ZjE4MDMxZDAwNThlOTE0MzczNGZlYTI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJjBnWEIcpUSC7CgoufdIe77ztX/ yw3KA5eX7L/CuaeAPgJGaQgon/HQMpti/8qLwGhqSSPm2PMAiVL/OKN8NnTDaLCa fZlAVv2zKxOLWEW4MHUpioxRj3s9I4U59j5fsbyfs8TZvzJ8P1zWPxKOFpuzHYkl 45tzqk4ZaYZIsrYQf5BhO8QnDgYzzwEsgbvDgeoP7Ebf3u3CY31fS5He3CIFa2bP p9coeupsEc/AJLo2kuwyxYlImSDkOL1JQV0ncE7nIWIOjieH3iQRFiIjcluD6gPY YQq141KYUPHtT9qDDCbwd5n4J0rpIJZpzIOwT7ayKoqA24HUvVS3oK7yrwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLj8gMuru+Ak8YAx0AWOkUNzT+onMB8GA1UdIwQY MBaAFNQ7IhMKqadzQlR2nsE7/hcfoeKLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMURzaUV3cXBwM05DVkhhZXdUdi1GeC1oNG9zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wODA1NjktM2JiNS00NmRlLTgyYmEt YTYzMGMyZWEyM2Y5LzEvMURzaUV3cXBwM05DVkhhZXdUdi1GeC1oNG9zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy8wODA1NjktM2JiNS00NmRlLTgyYmEtYTYzMGMyZWEyM2Y5 LzEvMURzaUV3cXBwM05DVkhhZXdUdi1GeC1oNG9zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR/mXEaIh dthpg033/gv2AtmOtLr+7uzS4VrkeJjdCiRxT+qFeGVQKL6fgSKKU3wipVeQOZZv vOmMuf16jzul4krIz8b8UwjwjNGK/nU0gv+tOyVpYyHiW6N6u4bIjQuUNZO3I1d1 izEpiALAlVCGBdO2EwUrnbgmoXOUUHbFzNUnnV8ekIJtsq/gZKbmZvGdncBfl1L8 dLg5Mgqa7U1fORr+QJ5ogYgpkgdIs/smY18/vOJcnhZVEOzZtr14h8HXk8V9gOSt CT98RfRvQpljID1fIVUHyLwpyVouk4Hf+2rG3WCH7BBmFbKZx+J2HzS5QF79N90K 2igmpZ1y2CHc3A== -----END CERTIFICATE-----Generated at Fri Dec 26 15:46:20 2025 by rpki-client