This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/86d1aa-6475-4013-86ea-38c756aa4b50/1/81ROkj2IO6zkqj9-9wByr-NRHyg.mft File: 81ROkj2IO6zkqj9-9wByr-NRHyg.mft (raw, json) Hash identifier: 1Di2jXkFYL6jb2BNQt9DARcvPzOw0ETbWUDk6JP+odA= Subject key identifier: 0F:65:37:43:74:1F:A6:46:F3:0C:14:58:0E:BA:CE:D9:2E:DA:D1:F3 Authority key identifier: F3:54:4E:92:3D:88:3B:AC:E4:AA:3F:7E:F7:00:72:AF:E3:51:1F:28 Certificate issuer: /CN=f3544e923d883bace4aa3f7ef70072afe3511f28 Certificate serial: 019B48B94287929F8EA559CE332A65682CE0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/81ROkj2IO6zkqj9-9wByr-NRHyg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/86d1aa-6475-4013-86ea-38c756aa4b50/1/81ROkj2IO6zkqj9-9wByr-NRHyg.mft Manifest number: 04CD Signing time: Tue 23 Dec 2025 01:00:59 +0000 Manifest this update: Tue 23 Dec 2025 01:00:59 +0000 Manifest next update: Wed 24 Dec 2025 01:00:59 +0000 Files and hashes: 1: 81ROkj2IO6zkqj9-9wByr-NRHyg.crl (hash: xQu/ZO9R0S1j9hdX77F/JGe7SixYKE5I7gz6Bwrzudk=) 2: Gv4EnRb88MY5aVLEY17_OZ0Wl08.roa (hash: WkS34pHH/XzAUtEopuzXUXT2LtpQyPdLz2PYfITDjLQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/86d1aa-6475-4013-86ea-38c756aa4b50/1/81ROkj2IO6zkqj9-9wByr-NRHyg.crl rsync://rpki.ripe.net/repository/DEFAULT/54/86d1aa-6475-4013-86ea-38c756aa4b50/1/81ROkj2IO6zkqj9-9wByr-NRHyg.mft rsync://rpki.ripe.net/repository/DEFAULT/81ROkj2IO6zkqj9-9wByr-NRHyg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 01:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:b9:42:87:92:9f:8e:a5:59:ce:33:2a:65:68:2c:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f3544e923d883bace4aa3f7ef70072afe3511f28 Validity Not Before: Dec 23 01:00:59 2025 GMT Not After : Dec 24 01:00:59 2025 GMT Subject: CN=0f653743741fa646f30c14580ebaced92edad1f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:14:80:4b:17:18:a1:eb:90:42:ae:df:db:4e: 5f:f6:b1:af:08:48:cf:98:65:cc:89:1e:f1:c4:7e: 23:19:d9:c3:62:a8:c0:cf:fb:6d:76:82:5c:60:84: ca:cc:f9:3c:3d:e2:a1:1d:19:fd:27:66:86:25:3d: f8:6c:2b:3c:fd:1f:1e:f4:88:b7:f1:dd:75:72:1d: 9e:26:93:24:29:29:b6:63:cd:5d:62:c8:8c:0d:88: 4b:b9:be:99:2b:3b:43:8b:e4:d1:d6:30:cd:6d:32: 93:7a:a6:93:62:a6:1a:0b:53:80:16:82:a3:25:5c: 15:12:8d:b3:a0:60:57:e5:38:61:3e:8c:d9:56:74: b8:44:ca:21:10:a7:0a:1e:c6:99:e2:1f:d4:f6:d1: 56:43:3b:99:c1:bc:24:20:b2:c6:12:fb:89:a2:8f: 74:be:8b:42:d4:94:49:80:69:bc:d7:50:ce:31:8c: 8e:9a:9f:7b:c9:3d:cf:f9:e0:b6:db:90:21:26:a1: 68:bc:ab:48:cb:14:b8:7f:6f:4d:ea:a8:34:68:11: 6e:3e:12:46:8c:17:44:64:8e:56:d7:a6:32:b9:44: 4d:cd:e6:88:c1:2a:80:38:ce:d6:0e:ca:bf:9f:96: cf:75:ad:ee:64:11:a4:52:3a:6c:f5:fa:50:16:97: 1d:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:65:37:43:74:1F:A6:46:F3:0C:14:58:0E:BA:CE:D9:2E:DA:D1:F3 X509v3 Authority Key Identifier: keyid:F3:54:4E:92:3D:88:3B:AC:E4:AA:3F:7E:F7:00:72:AF:E3:51:1F:28 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/81ROkj2IO6zkqj9-9wByr-NRHyg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/86d1aa-6475-4013-86ea-38c756aa4b50/1/81ROkj2IO6zkqj9-9wByr-NRHyg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/54/86d1aa-6475-4013-86ea-38c756aa4b50/1/81ROkj2IO6zkqj9-9wByr-NRHyg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 30:2e:25:d7:90:5d:15:91:e4:86:a7:18:e7:b6:dc:b0:7f:8c: 9a:49:70:c0:6b:5f:5b:f7:3c:56:cd:57:bf:c5:2b:6b:8c:c1: 94:55:e7:f2:d8:97:3c:0e:8a:eb:94:57:ae:51:03:31:dd:a9: b5:0f:74:97:c9:8d:33:a2:ee:65:c0:09:25:e9:a8:2e:c9:82: fd:4b:e1:08:cd:8e:a8:88:17:fe:b1:b8:a9:2f:20:86:9d:03: e3:2f:d8:a5:9c:a5:d7:69:17:42:5a:f1:e8:c3:e7:71:03:19: 10:b0:ac:6c:a4:4e:10:9c:e5:a0:f4:a8:72:13:4b:d3:7b:c5: 5c:89:8e:70:51:a4:3a:f3:01:72:42:27:84:45:35:46:89:08: 3a:87:29:03:4b:28:9c:98:99:b2:80:bb:4e:6b:e8:5a:46:9d: 80:13:11:6c:5c:01:c2:a4:51:c1:60:7a:e4:5e:9d:5b:d7:cd: 8f:4c:5d:0b:9e:15:1e:75:0d:b5:68:9b:65:23:5c:da:5d:15: d2:02:e7:4d:f3:4b:1d:77:8a:52:fa:56:4b:d2:ff:26:55:e5: f9:b6:63:f0:22:1a:33:4a:f1:90:48:86:05:ff:bd:d7:69:e5: 25:4a:11:85:f6:05:6d:db:9a:cb:fa:22:23:b7:8e:96:29:e5: 72:38:4c:a7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIuUKHkp+OpVnOMyplaCzgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYzNTQ0ZTkyM2Q4ODNiYWNlNGFhM2Y3ZWY3MDA3MmFmZTM1 MTFmMjgwHhcNMjUxMjIzMDEwMDU5WhcNMjUxMjI0MDEwMDU5WjAzMTEwLwYDVQQD EygwZjY1Mzc0Mzc0MWZhNjQ2ZjMwYzE0NTgwZWJhY2VkOTJlZGFkMWYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBSASxcYoeuQQq7f205f9rGvCEjP mGXMiR7xxH4jGdnDYqjAz/ttdoJcYITKzPk8PeKhHRn9J2aGJT34bCs8/R8e9Ii3 8d11ch2eJpMkKSm2Y81dYsiMDYhLub6ZKztDi+TR1jDNbTKTeqaTYqYaC1OAFoKj JVwVEo2zoGBX5ThhPozZVnS4RMohEKcKHsaZ4h/U9tFWQzuZwbwkILLGEvuJoo90 votC1JRJgGm811DOMYyOmp97yT3P+eC225AhJqFovKtIyxS4f29N6qg0aBFuPhJG jBdEZI5W16YyuURNzeaIwSqAOM7WDsq/n5bPda3uZBGkUjps9fpQFpcdXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA9lN0N0H6ZG8wwUWA66ztku2tHzMB8GA1UdIwQY MBaAFPNUTpI9iDus5Ko/fvcAcq/jUR8oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvODFST2tqMklPNnprcWo5LTl3QnlyLU5SSHlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC84NmQxYWEtNjQ3NS00MDEzLTg2ZWEt MzhjNzU2YWE0YjUwLzEvODFST2tqMklPNnprcWo5LTl3QnlyLU5SSHlnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NC84NmQxYWEtNjQ3NS00MDEzLTg2ZWEtMzhjNzU2YWE0YjUw LzEvODFST2tqMklPNnprcWo5LTl3QnlyLU5SSHlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMC4l15Bd FZHkhqcY57bcsH+MmklwwGtfW/c8Vs1Xv8Ura4zBlFXn8tiXPA6K65RXrlEDMd2p tQ90l8mNM6LuZcAJJemoLsmC/UvhCM2OqIgX/rG4qS8ghp0D4y/YpZyl12kXQlrx 6MPncQMZELCsbKROEJzloPSochNL03vFXImOcFGkOvMBckInhEU1RokIOocpA0so nJiZsoC7TmvoWkadgBMRbFwBwqRRwWB65F6dW9fNj0xdC54VHnUNtWibZSNc2l0V 0gLnTfNLHXeKUvpWS9L/JlXl+bZj8CIaM0rxkEiGBf+912nlJUoRhfYFbduay/oi I7eOlinlcjhMpw== -----END CERTIFICATE-----Generated at Tue Dec 23 10:54:23 2025 by rpki-client