This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft File: 9Lf2q209ljfV1-rM4943lLnPPg8.mft (raw, json) Hash identifier: pHoyaq4vELxRcSpAMBCwhDnLQp8UFQyORAmOkkhvVrU= Subject key identifier: DE:DA:70:64:F8:D3:1E:29:4C:2D:07:95:83:2A:0C:6A:56:3A:9A:06 Authority key identifier: F4:B7:F6:AB:6D:3D:96:37:D5:D7:EA:CC:E3:DE:37:94:B9:CF:3E:0F Certificate issuer: /CN=f4b7f6ab6d3d9637d5d7eacce3de3794b9cf3e0f Certificate serial: 019B40C8DEE8E7FE1EAF06144078501FFAF6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Lf2q209ljfV1-rM4943lLnPPg8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft Manifest number: 0334 Signing time: Sun 21 Dec 2025 12:01:04 +0000 Manifest this update: Sun 21 Dec 2025 12:01:04 +0000 Manifest next update: Mon 22 Dec 2025 12:01:04 +0000 Files and hashes: 1: 9Lf2q209ljfV1-rM4943lLnPPg8.crl (hash: zYy0WkdyWIWGdpmOqQsFRD/XBbAXNbFrPzYqIZosuBc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft rsync://rpki.ripe.net/repository/DEFAULT/9Lf2q209ljfV1-rM4943lLnPPg8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 12:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:c8:de:e8:e7:fe:1e:af:06:14:40:78:50:1f:fa:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f4b7f6ab6d3d9637d5d7eacce3de3794b9cf3e0f Validity Not Before: Dec 21 12:01:04 2025 GMT Not After : Dec 22 12:01:04 2025 GMT Subject: CN=deda7064f8d31e294c2d0795832a0c6a563a9a06 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:a0:e8:4d:af:4e:07:b7:db:1a:86:ee:0e:c3: 76:08:12:2a:96:c7:cb:69:b9:33:c9:93:9f:0d:2c: 32:49:e5:e5:0d:b3:fc:98:cb:48:19:40:ab:90:7e: 33:34:15:25:e8:dd:ae:72:65:60:ef:4e:5a:ff:85: ce:04:0f:72:73:95:58:d3:72:81:07:a1:3b:77:74: af:1f:61:d9:5b:68:46:ea:d0:96:ab:9c:67:0d:0e: 24:98:f4:c4:f0:36:f7:19:e3:2d:d3:3f:81:86:a4: 88:88:4b:2f:d5:d1:15:60:1b:1b:2e:ca:ab:1f:6f: f7:9e:8d:c0:cd:2a:df:49:87:10:5f:a8:69:db:7e: 2b:b5:34:4b:be:21:7c:8d:e7:8e:0a:4c:47:a7:ef: ea:81:4c:02:f9:4e:a8:1c:ff:8b:ef:d4:c7:ac:c4: 20:fc:ca:8f:67:4c:b6:f7:eb:b2:43:5b:90:fd:df: be:c1:30:0b:91:2b:9c:cc:c5:0b:99:c0:a1:47:1a: e4:17:8c:08:6a:60:38:ea:a6:dc:b7:90:80:17:8c: de:22:29:9e:6d:2b:4b:e9:bf:0c:a5:06:3f:d7:7d: d4:a0:4a:58:ee:45:9b:66:35:71:b2:74:7d:d0:75: 71:43:1f:80:24:29:28:13:5a:8e:e4:b8:8d:7b:5e: 86:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:DA:70:64:F8:D3:1E:29:4C:2D:07:95:83:2A:0C:6A:56:3A:9A:06 X509v3 Authority Key Identifier: keyid:F4:B7:F6:AB:6D:3D:96:37:D5:D7:EA:CC:E3:DE:37:94:B9:CF:3E:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Lf2q209ljfV1-rM4943lLnPPg8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2aa9f9-bdb4-4ab9-8f9b-6b8aa0a2c960/1/9Lf2q209ljfV1-rM4943lLnPPg8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8e:93:81:84:da:09:5a:7b:cf:98:05:14:40:c3:c2:30:8e:d0: 18:c3:d1:a2:85:50:7c:4a:e4:6b:7b:92:eb:ed:fc:68:dc:97: 8a:da:d8:94:f9:cd:0d:68:f0:ed:48:a7:e8:03:93:af:87:cd: 70:1f:eb:bb:af:35:9d:d5:0a:50:6d:f6:a0:aa:e0:0a:7e:c7: bd:cd:5a:28:c2:f1:50:ba:91:2c:48:d3:d3:39:6f:12:69:5f: ff:f6:0f:52:ff:60:5e:99:fb:2d:ff:54:65:d1:f3:f9:85:89: 8e:25:09:af:d4:62:0b:f8:2b:c7:1b:36:ca:83:c4:de:3b:6e: e0:b2:92:61:78:73:0f:13:1b:ff:02:3f:5f:c0:26:4c:73:ee: 96:7c:65:54:61:25:4a:b1:1e:89:1b:1d:02:d6:12:7e:9b:1b: 6e:79:a7:3a:cc:f4:2e:eb:36:b7:c5:48:e5:22:56:58:a2:cb: 65:77:3a:08:c2:ae:aa:51:2b:4d:ed:28:7e:a8:fa:7f:5a:21: bd:ec:ae:9a:80:47:2d:ef:36:36:22:76:32:12:bd:d3:9a:fa: b9:54:20:58:3f:60:b2:c7:e6:4b:79:cf:5b:3e:d4:d9:64:5b: 55:18:76:3d:d9:e9:99:3c:9d:51:31:10:8b:65:d3:de:3d:ef: 2c:78:f5:be -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAyN7o5/4erwYUQHhQH/r2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY0YjdmNmFiNmQzZDk2MzdkNWQ3ZWFjY2UzZGUzNzk0Yjlj ZjNlMGYwHhcNMjUxMjIxMTIwMTA0WhcNMjUxMjIyMTIwMTA0WjAzMTEwLwYDVQQD EyhkZWRhNzA2NGY4ZDMxZTI5NGMyZDA3OTU4MzJhMGM2YTU2M2E5YTA2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA76DoTa9OB7fbGobuDsN2CBIqlsfL abkzyZOfDSwySeXlDbP8mMtIGUCrkH4zNBUl6N2ucmVg705a/4XOBA9yc5VY03KB B6E7d3SvH2HZW2hG6tCWq5xnDQ4kmPTE8Db3GeMt0z+BhqSIiEsv1dEVYBsbLsqr H2/3no3AzSrfSYcQX6hp234rtTRLviF8jeeOCkxHp+/qgUwC+U6oHP+L79THrMQg /MqPZ0y29+uyQ1uQ/d++wTALkSuczMULmcChRxrkF4wIamA46qbct5CAF4zeIime bStL6b8MpQY/133UoEpY7kWbZjVxsnR90HVxQx+AJCkoE1qO5LiNe16GPwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN7acGT40x4pTC0HlYMqDGpWOpoGMB8GA1UdIwQY MBaAFPS39qttPZY31dfqzOPeN5S5zz4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOUxmMnEyMDlsamZWMS1yTTQ5NDNsTG5QUGc4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8yYWE5ZjktYmRiNC00YWI5LThmOWIt NmI4YWEwYTJjOTYwLzEvOUxmMnEyMDlsamZWMS1yTTQ5NDNsTG5QUGc4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC8yYWE5ZjktYmRiNC00YWI5LThmOWItNmI4YWEwYTJjOTYw LzEvOUxmMnEyMDlsamZWMS1yTTQ5NDNsTG5QUGc4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjpOBhNoJ WnvPmAUUQMPCMI7QGMPRooVQfErka3uS6+38aNyXitrYlPnNDWjw7Uin6AOTr4fN cB/ru681ndUKUG32oKrgCn7Hvc1aKMLxULqRLEjT0zlvEmlf//YPUv9gXpn7Lf9U ZdHz+YWJjiUJr9RiC/grxxs2yoPE3jtu4LKSYXhzDxMb/wI/X8AmTHPulnxlVGEl SrEeiRsdAtYSfpsbbnmnOsz0Lus2t8VI5SJWWKLLZXc6CMKuqlErTe0ofqj6f1oh veyumoBHLe82NiJ2MhK905r6uVQgWD9gssfmS3nPWz7U2WRbVRh2PdnpmTydUTEQ i2XT3j3vLHj1vg== -----END CERTIFICATE-----Generated at Sun Dec 21 17:15:27 2025 by rpki-client