This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/d980d1-92c8-44b4-a5ab-757f99927571/1/vhhoIFs9E3NVqnHyRnKVzYcZUsg.mft File: vhhoIFs9E3NVqnHyRnKVzYcZUsg.mft (raw, json) Hash identifier: Ko2arBxoctjSKCHmfip2o71v2JvxeXvH6y/mheoxNtE= Subject key identifier: D4:BA:A6:D8:E9:FC:47:83:13:04:42:C4:4F:8E:13:F9:78:B0:26:E0 Authority key identifier: BE:18:68:20:5B:3D:13:73:55:AA:71:F2:46:72:95:CD:87:19:52:C8 Certificate issuer: /CN=be1868205b3d137355aa71f2467295cd871952c8 Certificate serial: 019B470236E8C26357FCB09E7040A9D12C57 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vhhoIFs9E3NVqnHyRnKVzYcZUsg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/d980d1-92c8-44b4-a5ab-757f99927571/1/vhhoIFs9E3NVqnHyRnKVzYcZUsg.mft Manifest number: 0D8E Signing time: Mon 22 Dec 2025 17:01:25 +0000 Manifest this update: Mon 22 Dec 2025 17:01:25 +0000 Manifest next update: Tue 23 Dec 2025 17:01:25 +0000 Files and hashes: 1: vhhoIFs9E3NVqnHyRnKVzYcZUsg.crl (hash: Xydyx2yAe++uXEel3JGHcv2Pcb0z2a5U2B9ks4f9vjM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/d980d1-92c8-44b4-a5ab-757f99927571/1/vhhoIFs9E3NVqnHyRnKVzYcZUsg.crl rsync://rpki.ripe.net/repository/DEFAULT/40/d980d1-92c8-44b4-a5ab-757f99927571/1/vhhoIFs9E3NVqnHyRnKVzYcZUsg.mft rsync://rpki.ripe.net/repository/DEFAULT/vhhoIFs9E3NVqnHyRnKVzYcZUsg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 17:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:47:02:36:e8:c2:63:57:fc:b0:9e:70:40:a9:d1:2c:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=be1868205b3d137355aa71f2467295cd871952c8 Validity Not Before: Dec 22 17:01:25 2025 GMT Not After : Dec 23 17:01:25 2025 GMT Subject: CN=d4baa6d8e9fc4783130442c44f8e13f978b026e0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:3b:89:42:93:e9:be:f0:3b:23:00:90:74:63: 0f:ba:6f:b2:ba:08:5b:d0:b2:15:13:32:95:e8:0c: 7a:56:62:6b:e1:c3:bd:b7:7d:53:20:86:b8:a1:ef: 5a:ed:ec:8b:a8:b7:b7:a3:5a:f8:8b:4d:5b:56:67: 45:26:3b:14:8b:ee:14:14:bc:87:52:76:44:0a:55: b0:da:67:50:e0:97:93:4f:0e:db:97:35:6e:2f:3f: 46:d2:a0:16:b3:a6:be:32:36:ce:3d:f9:2f:28:03: 8c:f5:fc:c1:4e:58:46:9b:f3:0d:9f:39:08:04:87: 47:c6:0b:0a:17:6c:be:e1:3b:a9:08:d8:e0:49:7b: d9:6f:53:f5:e3:44:e5:ab:11:f4:0a:46:45:8f:25: 18:19:20:d6:81:d5:bf:73:78:24:1e:86:9f:f7:48: 69:78:9f:34:db:32:68:0c:65:5e:bd:2b:63:fa:d6: 15:fc:a7:cc:b2:79:9a:42:7e:a3:55:c1:7a:8a:22: 2b:5e:f9:c3:dc:09:bb:96:cf:04:8e:9d:99:a8:68: ff:b3:28:88:5f:84:68:2a:25:28:cc:df:76:09:2c: 0c:4f:b8:40:d5:e6:fb:6f:15:87:f0:64:88:07:bf: 59:47:5d:5d:64:1e:e2:2f:4e:0c:30:ad:b6:82:0c: 33:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:BA:A6:D8:E9:FC:47:83:13:04:42:C4:4F:8E:13:F9:78:B0:26:E0 X509v3 Authority Key Identifier: keyid:BE:18:68:20:5B:3D:13:73:55:AA:71:F2:46:72:95:CD:87:19:52:C8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vhhoIFs9E3NVqnHyRnKVzYcZUsg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/d980d1-92c8-44b4-a5ab-757f99927571/1/vhhoIFs9E3NVqnHyRnKVzYcZUsg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/d980d1-92c8-44b4-a5ab-757f99927571/1/vhhoIFs9E3NVqnHyRnKVzYcZUsg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption af:b2:72:c7:75:ae:7d:84:e3:e8:cd:95:e6:cd:8f:6c:a7:98: 46:20:ca:a5:d4:8c:c0:51:07:d5:e4:8a:43:ab:cf:3c:ab:dc: f8:26:7f:9c:a3:fc:3d:b5:d2:7f:e3:96:eb:3f:7b:47:d3:97: 9a:29:43:8d:65:79:95:75:d1:57:33:1a:5a:06:fa:dd:e1:ca: 38:d4:d1:b1:13:66:10:30:e4:18:c1:75:c5:fe:ce:25:48:4a: 48:e7:7e:1c:c1:dc:bd:2f:4d:5e:bc:9b:f5:8e:0d:91:85:6f: ff:c0:b8:0c:29:97:fb:9d:cd:e4:9d:a2:90:cc:69:83:e8:f7: 61:68:aa:59:dc:b5:f9:a7:9c:dc:e1:12:bd:8c:58:0f:16:4c: e1:41:3f:c3:19:d7:70:d0:7e:48:2d:02:0e:91:f3:72:59:23: 07:ff:8f:0b:d5:9e:64:fc:7c:06:89:f5:ba:73:4a:99:c7:ce: 17:8c:04:6d:df:32:c9:f5:2c:4e:27:34:c0:d0:a6:be:89:55: 88:49:73:4d:fe:28:b7:04:3c:36:f6:05:bf:db:db:2f:0c:48: cd:12:54:87:05:6b:73:0b:ba:48:f5:14:97:cb:84:af:80:4c: 8e:3f:4f:ea:ef:26:21:c6:56:6f:a7:96:16:9d:3f:01:ac:8e: 40:9f:29:b8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtHAjbowmNX/LCecECp0SxXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJlMTg2ODIwNWIzZDEzNzM1NWFhNzFmMjQ2NzI5NWNkODcx OTUyYzgwHhcNMjUxMjIyMTcwMTI1WhcNMjUxMjIzMTcwMTI1WjAzMTEwLwYDVQQD EyhkNGJhYTZkOGU5ZmM0NzgzMTMwNDQyYzQ0ZjhlMTNmOTc4YjAyNmUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6TuJQpPpvvA7IwCQdGMPum+yughb 0LIVEzKV6Ax6VmJr4cO9t31TIIa4oe9a7eyLqLe3o1r4i01bVmdFJjsUi+4UFLyH UnZEClWw2mdQ4JeTTw7blzVuLz9G0qAWs6a+MjbOPfkvKAOM9fzBTlhGm/MNnzkI BIdHxgsKF2y+4TupCNjgSXvZb1P140TlqxH0CkZFjyUYGSDWgdW/c3gkHoaf90hp eJ802zJoDGVevStj+tYV/KfMsnmaQn6jVcF6iiIrXvnD3Am7ls8Ejp2ZqGj/syiI X4RoKiUozN92CSwMT7hA1eb7bxWH8GSIB79ZR11dZB7iL04MMK22ggwz0QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNS6ptjp/EeDEwRCxE+OE/l4sCbgMB8GA1UdIwQY MBaAFL4YaCBbPRNzVapx8kZylc2HGVLIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdmhob0lGczlFM05WcW5IeVJuS1Z6WWNaVXNnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9kOTgwZDEtOTJjOC00NGI0LWE1YWIt NzU3Zjk5OTI3NTcxLzEvdmhob0lGczlFM05WcW5IeVJuS1Z6WWNaVXNnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC9kOTgwZDEtOTJjOC00NGI0LWE1YWItNzU3Zjk5OTI3NTcx LzEvdmhob0lGczlFM05WcW5IeVJuS1Z6WWNaVXNnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr7Jyx3Wu fYTj6M2V5s2PbKeYRiDKpdSMwFEH1eSKQ6vPPKvc+CZ/nKP8PbXSf+OW6z97R9OX milDjWV5lXXRVzMaWgb63eHKONTRsRNmEDDkGMF1xf7OJUhKSOd+HMHcvS9NXryb 9Y4NkYVv/8C4DCmX+53N5J2ikMxpg+j3YWiqWdy1+aec3OESvYxYDxZM4UE/wxnX cNB+SC0CDpHzclkjB/+PC9WeZPx8Bon1unNKmcfOF4wEbd8yyfUsTic0wNCmvolV iElzTf4otwQ8NvYFv9vbLwxIzRJUhwVrcwu6SPUUl8uEr4BMjj9P6u8mIcZWb6eW Fp0/AayOQJ8puA== -----END CERTIFICATE-----Generated at Tue Dec 23 01:55:39 2025 by rpki-client