This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/559200-c501-4ac0-a5f5-e5a35a847273/1/rENzvP5MWzcCARWd-W2xNzaYur0.mft File: rENzvP5MWzcCARWd-W2xNzaYur0.mft (raw, json) Hash identifier: gyklXHWvNLJZRQ6uobV25irJEXcdRVlstqsb4KknFBA= Subject key identifier: AD:FD:7B:EC:D0:3B:66:B4:A8:F5:D1:6D:A4:2E:DB:8C:C1:8A:88:5A Authority key identifier: AC:43:73:BC:FE:4C:5B:37:02:01:15:9D:F9:6D:B1:37:36:98:BA:BD Certificate issuer: /CN=ac4373bcfe4c5b370201159df96db1373698babd Certificate serial: 019B59AC9928781DAF88FBEF1B49524C508A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rENzvP5MWzcCARWd-W2xNzaYur0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/559200-c501-4ac0-a5f5-e5a35a847273/1/rENzvP5MWzcCARWd-W2xNzaYur0.mft Manifest number: C0 Signing time: Fri 26 Dec 2025 08:00:42 +0000 Manifest this update: Fri 26 Dec 2025 08:00:42 +0000 Manifest next update: Sat 27 Dec 2025 08:00:42 +0000 Files and hashes: 1: rENzvP5MWzcCARWd-W2xNzaYur0.crl (hash: d1oWlf/HzadIKypWPMzId2noQQC0lUa+3fxLE9g37Hc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/559200-c501-4ac0-a5f5-e5a35a847273/1/rENzvP5MWzcCARWd-W2xNzaYur0.crl rsync://rpki.ripe.net/repository/DEFAULT/64/559200-c501-4ac0-a5f5-e5a35a847273/1/rENzvP5MWzcCARWd-W2xNzaYur0.mft rsync://rpki.ripe.net/repository/DEFAULT/rENzvP5MWzcCARWd-W2xNzaYur0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:ac:99:28:78:1d:af:88:fb:ef:1b:49:52:4c:50:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ac4373bcfe4c5b370201159df96db1373698babd Validity Not Before: Dec 26 08:00:42 2025 GMT Not After : Dec 27 08:00:42 2025 GMT Subject: CN=adfd7becd03b66b4a8f5d16da42edb8cc18a885a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:d3:02:72:73:bc:3a:4c:3e:8e:0a:ef:45:06: e9:de:7c:10:07:31:40:04:5c:ff:f1:ee:d5:6a:b8: 45:7c:11:bc:0e:81:ef:69:1a:98:83:f5:a1:36:9d: 2f:96:c8:9b:b4:dd:c1:d0:f2:56:95:7b:82:21:f9: a6:cc:52:d3:f9:50:17:f8:c4:4e:6c:25:3d:81:ea: 49:be:65:be:c6:cb:91:a4:a1:f0:11:ab:12:05:5d: 94:70:cd:2b:a5:9d:36:83:d2:64:67:cd:86:ac:eb: 06:24:6a:bf:12:5d:ae:90:33:c3:16:22:49:69:5d: 23:dd:20:5b:44:ce:78:1f:d9:c3:ac:7b:33:4c:4f: 30:53:be:32:a4:68:93:af:58:e1:4d:d7:ee:1e:c6: f3:f8:7e:95:02:30:6c:b1:32:52:4c:07:35:2b:08: d8:c1:08:77:26:89:dd:b4:b4:f7:98:04:6e:68:fd: 82:15:a1:c2:b2:b5:30:71:a4:b1:39:de:d5:e4:23: a1:75:5f:3d:1c:88:ef:46:2c:67:76:c3:24:a7:a8: 69:64:d4:4b:da:92:bd:e3:3c:eb:3e:79:1f:03:c2: 61:85:6f:e5:3d:24:35:b7:8c:04:03:b9:d4:93:52: 1f:4c:41:9d:f8:ae:ed:e5:fd:5c:99:3d:75:58:05: 67:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:FD:7B:EC:D0:3B:66:B4:A8:F5:D1:6D:A4:2E:DB:8C:C1:8A:88:5A X509v3 Authority Key Identifier: keyid:AC:43:73:BC:FE:4C:5B:37:02:01:15:9D:F9:6D:B1:37:36:98:BA:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rENzvP5MWzcCARWd-W2xNzaYur0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/559200-c501-4ac0-a5f5-e5a35a847273/1/rENzvP5MWzcCARWd-W2xNzaYur0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/559200-c501-4ac0-a5f5-e5a35a847273/1/rENzvP5MWzcCARWd-W2xNzaYur0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 28:83:44:a6:0f:fb:00:89:81:7a:6b:a3:73:0e:a2:05:fe:b0: 67:85:98:55:a5:8e:7c:36:f0:b7:ee:28:c0:cd:09:a2:a0:62: 78:73:0f:98:58:3b:70:36:02:3d:7b:3b:d3:c4:38:b8:ff:63: b5:85:72:61:e3:16:70:5c:ee:15:31:3c:68:a8:26:bf:b6:a7: ed:b4:a2:3e:49:e3:ec:7d:96:dc:8b:b8:d9:0d:41:cc:c7:54: ce:27:5b:db:fe:52:ed:5c:88:04:bd:a9:c5:ba:6f:cc:e6:4f: 35:a7:61:41:8f:91:d2:b7:61:7d:fd:01:00:cc:66:7e:50:2e: 4a:b9:27:8c:80:f6:9f:bd:42:9f:6c:e7:87:8e:2a:0c:14:dc: 8c:09:e5:09:cd:8a:c1:22:ec:1b:00:bd:25:56:9f:7d:b8:19: e0:ad:b7:18:be:6d:11:25:b5:01:3f:78:a8:15:ec:15:0f:fc: 08:5a:4d:73:69:6e:71:d2:bc:e6:8e:7a:8a:65:d5:ce:ab:60: a9:8f:cf:97:21:fd:42:e2:37:56:37:69:c7:fc:4a:43:43:51: 95:48:1c:37:2e:ea:94:ab:42:57:30:d1:6f:b1:86:8d:fe:5a: 55:27:7b:4b:87:ee:d5:bd:90:8d:3b:f7:9d:8d:1a:e9:e2:45: 35:ba:89:12 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZrJkoeB2viPvvG0lSTFCKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFjNDM3M2JjZmU0YzViMzcwMjAxMTU5ZGY5NmRiMTM3MzY5 OGJhYmQwHhcNMjUxMjI2MDgwMDQyWhcNMjUxMjI3MDgwMDQyWjAzMTEwLwYDVQQD EyhhZGZkN2JlY2QwM2I2NmI0YThmNWQxNmRhNDJlZGI4Y2MxOGE4ODVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNMCcnO8Okw+jgrvRQbp3nwQBzFA BFz/8e7VarhFfBG8DoHvaRqYg/WhNp0vlsibtN3B0PJWlXuCIfmmzFLT+VAX+MRO bCU9gepJvmW+xsuRpKHwEasSBV2UcM0rpZ02g9JkZ82GrOsGJGq/El2ukDPDFiJJ aV0j3SBbRM54H9nDrHszTE8wU74ypGiTr1jhTdfuHsbz+H6VAjBssTJSTAc1KwjY wQh3JondtLT3mARuaP2CFaHCsrUwcaSxOd7V5COhdV89HIjvRixndsMkp6hpZNRL 2pK94zzrPnkfA8JhhW/lPSQ1t4wEA7nUk1IfTEGd+K7t5f1cmT11WAVnpwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK39e+zQO2a0qPXRbaQu24zBiohaMB8GA1UdIwQY MBaAFKxDc7z+TFs3AgEVnfltsTc2mLq9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvckVOenZQNU1XemNDQVJXZC1XMnhOemFZdXIwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81NTkyMDAtYzUwMS00YWMwLWE1ZjUt ZTVhMzVhODQ3MjczLzEvckVOenZQNU1XemNDQVJXZC1XMnhOemFZdXIwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC81NTkyMDAtYzUwMS00YWMwLWE1ZjUtZTVhMzVhODQ3Mjcz LzEvckVOenZQNU1XemNDQVJXZC1XMnhOemFZdXIwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKINEpg/7 AImBemujcw6iBf6wZ4WYVaWOfDbwt+4owM0JoqBieHMPmFg7cDYCPXs708Q4uP9j tYVyYeMWcFzuFTE8aKgmv7an7bSiPknj7H2W3Iu42Q1BzMdUzidb2/5S7VyIBL2p xbpvzOZPNadhQY+R0rdhff0BAMxmflAuSrknjID2n71Cn2znh44qDBTcjAnlCc2K wSLsGwC9JVaffbgZ4K23GL5tESW1AT94qBXsFQ/8CFpNc2lucdK85o56imXVzqtg qY/PlyH9QuI3Vjdpx/xKQ0NRlUgcNy7qlKtCVzDRb7GGjf5aVSd7S4fu1b2QjTv3 nY0a6eJFNbqJEg== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:02 2025 by rpki-client