This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft File: 861SH4OIdIPIybDG895f1e1Whck.mft (raw, json) Hash identifier: 59nz11WyxIoTCgn/0BqTs/UkQQ5a+dcdGdVXgHkgLdc= Subject key identifier: F0:8B:56:B0:6B:21:2C:C5:C6:49:ED:1B:70:75:14:CD:F3:16:5B:FC Authority key identifier: F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9 Certificate issuer: /CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9 Certificate serial: 019B5975E1747250D51ED7CF371DE43C3D6A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft Manifest number: 0D21 Signing time: Fri 26 Dec 2025 07:00:56 +0000 Manifest this update: Fri 26 Dec 2025 07:00:56 +0000 Manifest next update: Sat 27 Dec 2025 07:00:56 +0000 Files and hashes: 1: 861SH4OIdIPIybDG895f1e1Whck.crl (hash: WbXRGrkWVFAOUttHwmjTwvuvTrUWkmkvtsAzLCNzfd0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:75:e1:74:72:50:d5:1e:d7:cf:37:1d:e4:3c:3d:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9 Validity Not Before: Dec 26 07:00:56 2025 GMT Not After : Dec 27 07:00:56 2025 GMT Subject: CN=f08b56b06b212cc5c649ed1b707514cdf3165bfc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:e8:f6:93:c2:8e:3b:bd:30:72:3f:77:64:39: 65:29:0d:7a:a2:94:32:14:da:22:02:7b:f5:e7:41: 96:67:38:74:6a:5a:04:74:58:2a:39:1c:4e:00:8f: 29:85:41:ce:e0:0c:59:d8:d7:ed:e0:a7:40:39:70: d1:f4:e1:2e:7f:10:a2:df:91:85:89:fb:f6:a4:49: bb:7e:ce:8d:63:e0:46:f9:26:06:27:50:c9:3b:18: 96:8a:4e:3f:74:91:07:d0:25:c6:a1:0f:87:5f:81: e4:90:00:f8:1d:89:54:bd:8b:b2:7a:1a:cd:73:63: 45:53:75:b9:51:70:e4:63:73:4e:b2:59:18:7d:c2: c5:9a:6a:39:4d:7e:d8:ba:7d:1e:e4:17:3c:3b:95: cd:51:79:76:59:97:29:74:46:a8:a9:ed:a8:bc:37: 46:b2:2b:cc:86:9b:21:ce:b4:b3:84:b4:5f:e9:38: 25:8c:0a:b4:6c:81:aa:63:f6:cc:20:5f:93:a8:94: 76:6b:86:c0:08:c1:d5:da:11:9d:94:4e:0a:5f:af: 17:04:f5:f9:ac:40:ac:21:e1:92:2d:5f:f6:ef:49: 72:31:d3:a9:78:8c:4c:d3:2b:7c:32:ea:47:64:8b: d9:38:cd:64:03:d0:97:0d:13:f9:96:93:64:2d:aa: b3:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:8B:56:B0:6B:21:2C:C5:C6:49:ED:1B:70:75:14:CD:F3:16:5B:FC X509v3 Authority Key Identifier: keyid:F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1c:68:02:cc:b5:c5:83:80:2e:c3:73:a5:da:a2:49:1e:12:eb: dc:1a:00:40:15:5f:30:76:e1:c9:da:e4:20:7c:f0:74:32:11: 0f:a1:53:fb:88:81:d1:d4:fa:2a:55:4d:40:c9:f5:52:38:4c: e8:bc:43:04:dd:f9:6f:0c:9b:22:43:9e:f7:b4:2f:45:7a:50: 98:2a:ca:64:89:73:3c:52:29:22:b4:bd:18:43:54:3b:4b:34: 87:7b:be:1c:24:23:41:31:25:fa:12:5f:be:b3:26:5e:73:ac: 5d:9c:05:c8:3b:d6:bb:0a:33:83:19:28:ce:47:ca:0b:3c:88: 69:7f:27:ee:92:14:0e:4f:f0:51:8d:b2:9f:95:ae:54:49:6e: 1d:c1:19:74:e9:80:0f:e7:e3:0a:4b:dd:4f:f9:9c:44:a1:92: 4a:ee:5f:f1:7e:71:34:08:a0:67:e7:39:9a:b4:9e:75:e1:2b: 3f:eb:86:07:f0:8b:e0:44:6d:14:1e:b1:a7:38:27:24:af:13: 05:19:57:d5:a3:10:90:7c:1f:a0:2b:b4:25:a0:f8:4a:1f:ba: 4b:2c:ae:7a:f1:c7:cc:e6:22:3d:9e:f1:49:03:ae:b0:49:67: 12:76:08:3f:d2:7d:44:40:a9:d6:c8:39:4f:92:6b:61:b8:cd: 40:71:9b:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdeF0clDVHtfPNx3kPD1qMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYzYWQ1MjFmODM4ODc0ODNjOGM5YjBjNmYzZGU1ZmQ1ZWQ1 Njg1YzkwHhcNMjUxMjI2MDcwMDU2WhcNMjUxMjI3MDcwMDU2WjAzMTEwLwYDVQQD EyhmMDhiNTZiMDZiMjEyY2M1YzY0OWVkMWI3MDc1MTRjZGYzMTY1YmZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+j2k8KOO70wcj93ZDllKQ16opQy FNoiAnv150GWZzh0aloEdFgqORxOAI8phUHO4AxZ2Nft4KdAOXDR9OEufxCi35GF ifv2pEm7fs6NY+BG+SYGJ1DJOxiWik4/dJEH0CXGoQ+HX4HkkAD4HYlUvYuyehrN c2NFU3W5UXDkY3NOslkYfcLFmmo5TX7Yun0e5Bc8O5XNUXl2WZcpdEaoqe2ovDdG sivMhpshzrSzhLRf6TgljAq0bIGqY/bMIF+TqJR2a4bACMHV2hGdlE4KX68XBPX5 rECsIeGSLV/270lyMdOpeIxM0yt8MupHZIvZOM1kA9CXDRP5lpNkLaqzRwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPCLVrBrISzFxkntG3B1FM3zFlv8MB8GA1UdIwQY MBaAFPOtUh+DiHSDyMmwxvPeX9XtVoXJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgt NzVjMGNjZWRmOTc2LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgtNzVjMGNjZWRmOTc2 LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHGgCzLXF g4Auw3Ol2qJJHhLr3BoAQBVfMHbhydrkIHzwdDIRD6FT+4iB0dT6KlVNQMn1UjhM 6LxDBN35bwybIkOe97QvRXpQmCrKZIlzPFIpIrS9GENUO0s0h3u+HCQjQTEl+hJf vrMmXnOsXZwFyDvWuwozgxkozkfKCzyIaX8n7pIUDk/wUY2yn5WuVEluHcEZdOmA D+fjCkvdT/mcRKGSSu5f8X5xNAigZ+c5mrSedeErP+uGB/CL4ERtFB6xpzgnJK8T BRlX1aMQkHwfoCu0JaD4Sh+6SyyuevHHzOYiPZ7xSQOusElnEnYIP9J9RECp1sg5 T5JrYbjNQHGbiQ== -----END CERTIFICATE-----Generated at Fri Dec 26 14:05:52 2025 by rpki-client