This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft File: 09XiCPMtcw1DHUpNTtgJWx59lDE.mft (raw, json) Hash identifier: wLeWhqaRUOzPFIN05h902qVyHHys324xz41MK8Ca9iE= Subject key identifier: 90:40:E8:58:64:DC:B3:A8:44:9C:FC:9D:A8:43:64:DC:8E:F7:EA:84 Authority key identifier: D3:D5:E2:08:F3:2D:73:0D:43:1D:4A:4D:4E:D8:09:5B:1E:7D:94:31 Certificate issuer: /CN=d3d5e208f32d730d431d4a4d4ed8095b1e7d9431 Certificate serial: 019B59767995D3679C48B33BC7DC417B07B9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09XiCPMtcw1DHUpNTtgJWx59lDE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft Manifest number: 02C4 Signing time: Fri 26 Dec 2025 07:01:35 +0000 Manifest this update: Fri 26 Dec 2025 07:01:35 +0000 Manifest next update: Sat 27 Dec 2025 07:01:35 +0000 Files and hashes: 1: 09XiCPMtcw1DHUpNTtgJWx59lDE.crl (hash: DGoc4kAUNHW/O0NXci4+pqTeG0jqQr4VH/fZERzSS0M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.crl rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft rsync://rpki.ripe.net/repository/DEFAULT/09XiCPMtcw1DHUpNTtgJWx59lDE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:76:79:95:d3:67:9c:48:b3:3b:c7:dc:41:7b:07:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d3d5e208f32d730d431d4a4d4ed8095b1e7d9431 Validity Not Before: Dec 26 07:01:35 2025 GMT Not After : Dec 27 07:01:35 2025 GMT Subject: CN=9040e85864dcb3a8449cfc9da84364dc8ef7ea84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:bc:10:d2:1f:e7:1e:97:94:f7:34:8b:59:5f: b0:e9:f1:7d:73:c7:d4:44:bb:47:fa:7d:90:91:82: f3:2b:9c:59:c4:08:a1:8e:5e:f4:5b:e7:c1:3f:4c: e2:1a:bf:ca:96:c4:cb:81:69:82:a3:41:46:4b:a6: 3a:41:f5:d4:fe:8a:54:8b:26:09:3c:27:73:87:b6: 22:b5:89:c5:5f:c2:82:11:5d:ab:e7:f3:da:94:fb: 03:ba:83:2b:11:09:ce:f6:0d:38:18:1d:80:29:85: 90:d9:6a:c1:75:5e:f3:e3:a3:8a:9c:0f:63:32:e0: 16:11:a9:13:ca:e4:7f:f1:e1:60:33:6f:cd:a2:60: 2d:b6:08:7a:80:f8:ea:e2:ae:71:fc:fe:23:41:45: fa:69:1b:4b:ed:4f:09:4b:4b:8d:8a:6f:49:20:10: 83:91:b1:18:16:ff:ba:f5:84:c9:a7:5a:19:75:0d: 60:7a:13:bc:bb:de:cb:ea:49:93:dc:2a:e0:fe:d4: 5e:dc:2a:8a:d9:4d:14:9d:94:6d:2b:70:bf:16:8b: 35:f4:72:c4:31:b6:95:4e:9e:b4:32:78:6e:8d:27: 97:ca:70:b9:22:83:c6:98:0b:0a:88:26:39:3b:54: b1:aa:da:1a:07:67:25:f5:31:1e:98:2d:12:45:5f: a9:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:40:E8:58:64:DC:B3:A8:44:9C:FC:9D:A8:43:64:DC:8E:F7:EA:84 X509v3 Authority Key Identifier: keyid:D3:D5:E2:08:F3:2D:73:0D:43:1D:4A:4D:4E:D8:09:5B:1E:7D:94:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09XiCPMtcw1DHUpNTtgJWx59lDE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption aa:2e:9a:11:2e:32:f0:ac:6d:4f:4e:92:5d:93:55:dd:55:92: fb:f4:db:3d:49:dd:22:3a:42:e4:05:ee:f8:50:1b:b8:cf:a6: 79:7e:81:cd:33:5b:b3:11:d9:f0:2b:f9:e1:63:9a:ee:f8:0d: 33:90:25:3c:bd:97:56:b3:40:40:4b:0e:21:9f:74:b0:68:d0: 2a:80:e9:8d:66:ee:db:51:f5:f7:37:28:08:4e:7d:7e:15:a8: 7d:de:8f:3e:c2:88:d9:23:68:e6:03:23:f2:41:db:d0:77:86: 7a:19:56:3a:83:ca:0a:a6:f6:bb:1c:d0:4d:67:8e:50:0f:4e: 58:06:80:83:6e:a4:4a:38:cb:35:1c:d1:4f:ff:92:cc:53:f2: 8e:ab:97:06:13:77:29:a1:c7:47:ec:be:76:43:95:64:cc:9d: df:f8:7b:ee:92:c5:67:1f:d0:86:ae:4f:e6:da:cd:82:e2:8f: d5:87:56:58:1f:f0:65:82:8a:83:a4:02:05:84:d6:d4:f9:91: 95:d7:ce:c6:ca:45:23:fb:81:14:8d:21:8c:50:d0:36:db:8e: b9:1d:96:5e:91:93:d7:71:00:27:6e:5e:0f:b9:79:04:ab:ab: 4a:51:e2:a1:a0:07:b8:d7:95:0c:41:93:76:2c:6d:fb:0f:4a: 16:79:63:59 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdnmV02ecSLM7x9xBewe5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzZDVlMjA4ZjMyZDczMGQ0MzFkNGE0ZDRlZDgwOTViMWU3 ZDk0MzEwHhcNMjUxMjI2MDcwMTM1WhcNMjUxMjI3MDcwMTM1WjAzMTEwLwYDVQQD Eyg5MDQwZTg1ODY0ZGNiM2E4NDQ5Y2ZjOWRhODQzNjRkYzhlZjdlYTg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLwQ0h/nHpeU9zSLWV+w6fF9c8fU RLtH+n2QkYLzK5xZxAihjl70W+fBP0ziGr/KlsTLgWmCo0FGS6Y6QfXU/opUiyYJ PCdzh7YitYnFX8KCEV2r5/PalPsDuoMrEQnO9g04GB2AKYWQ2WrBdV7z46OKnA9j MuAWEakTyuR/8eFgM2/NomAttgh6gPjq4q5x/P4jQUX6aRtL7U8JS0uNim9JIBCD kbEYFv+69YTJp1oZdQ1gehO8u97L6kmT3Crg/tRe3CqK2U0UnZRtK3C/Fos19HLE MbaVTp60MnhujSeXynC5IoPGmAsKiCY5O1SxqtoaB2cl9TEemC0SRV+p+wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJBA6Fhk3LOoRJz8nahDZNyO9+qEMB8GA1UdIwQY MBaAFNPV4gjzLXMNQx1KTU7YCVsefZQxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDlYaUNQTXRjdzFESFVwTlR0Z0pXeDU5bERFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mYTM5NmUtMGRkNC00MjI2LWFlNjEt NmU4OWE4OGRhZTkzLzEvMDlYaUNQTXRjdzFESFVwTlR0Z0pXeDU5bERFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni9mYTM5NmUtMGRkNC00MjI2LWFlNjEtNmU4OWE4OGRhZTkz LzEvMDlYaUNQTXRjdzFESFVwTlR0Z0pXeDU5bERFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqi6aES4y 8KxtT06SXZNV3VWS+/TbPUndIjpC5AXu+FAbuM+meX6BzTNbsxHZ8Cv54WOa7vgN M5AlPL2XVrNAQEsOIZ90sGjQKoDpjWbu21H19zcoCE59fhWofd6PPsKI2SNo5gMj 8kHb0HeGehlWOoPKCqb2uxzQTWeOUA9OWAaAg26kSjjLNRzRT/+SzFPyjquXBhN3 KaHHR+y+dkOVZMyd3/h77pLFZx/Qhq5P5trNguKP1YdWWB/wZYKKg6QCBYTW1PmR ldfOxspFI/uBFI0hjFDQNtuOuR2WXpGT13EAJ25eD7l5BKurSlHioaAHuNeVDEGT dixt+w9KFnljWQ== -----END CERTIFICATE-----Generated at Fri Dec 26 14:18:18 2025 by rpki-client