This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.mft File: rS2L1OZ06M7VoJfUPepxhETnivU.mft (raw, json) Hash identifier: Hji/uPbaV9G1yjXbIgbyMZukNp7hmfLscqT7tXuiNoA= Subject key identifier: E1:67:D3:27:71:9B:7B:15:63:41:17:55:02:87:4C:FF:7D:95:25:72 Authority key identifier: AD:2D:8B:D4:E6:74:E8:CE:D5:A0:97:D4:3D:EA:71:84:44:E7:8A:F5 Certificate issuer: /CN=ad2d8bd4e674e8ced5a097d43dea718444e78af5 Certificate serial: 019B0F6E83930348AA80CE1D48C844D13A41 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rS2L1OZ06M7VoJfUPepxhETnivU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.mft Manifest number: 1441 Signing time: Thu 11 Dec 2025 22:00:59 +0000 Manifest this update: Thu 11 Dec 2025 22:00:59 +0000 Manifest next update: Fri 12 Dec 2025 22:00:59 +0000 Files and hashes: 1: rS2L1OZ06M7VoJfUPepxhETnivU.crl (hash: rWB8pke9Wvdz6W80k7+sPa3oMVwqLghT563g9tS3PQ8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.crl rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.mft rsync://rpki.ripe.net/repository/DEFAULT/rS2L1OZ06M7VoJfUPepxhETnivU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 19:27:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0f:6e:83:93:03:48:aa:80:ce:1d:48:c8:44:d1:3a:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ad2d8bd4e674e8ced5a097d43dea718444e78af5 Validity Not Before: Dec 11 22:00:59 2025 GMT Not After : Dec 12 22:00:59 2025 GMT Subject: CN=e167d327719b7b156341175502874cff7d952572 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:f5:40:66:b9:6c:f6:e1:dd:d9:cd:f0:25:f9: 99:8a:c8:9e:13:c8:dc:c1:18:0a:dc:12:ed:3b:dd: 18:99:49:cb:42:3a:5b:08:d3:9e:ce:96:62:07:83: 42:a7:73:01:f6:ff:bf:0b:80:bb:59:af:80:86:de: 9f:4e:1d:f4:62:ec:15:27:af:6b:75:49:fd:95:43: 55:20:25:5b:c4:a3:c6:ef:85:17:c1:fa:09:d5:1c: dd:5f:da:e1:2e:15:c7:1e:74:f8:e0:f0:65:8d:21: 4a:30:47:77:aa:4b:0a:5c:44:95:d9:38:91:85:22: 82:48:80:a8:25:d7:bd:08:c6:a8:ec:35:b8:ef:d8: 51:d2:3d:9b:be:19:8b:eb:63:4a:5c:13:7d:e4:04: c6:8b:54:25:65:af:e0:4c:3d:ae:50:b8:1a:e3:e9: 6a:af:4c:d5:c3:4f:f0:df:bf:64:a7:b1:b1:cf:e7: 5c:e7:b0:17:7e:25:3f:0d:27:e1:cf:04:59:17:07: 1b:7d:0f:a6:5a:af:c8:3f:86:bf:32:56:91:72:4f: b6:8c:26:f0:dc:c5:ac:d8:b3:29:95:d5:e3:26:9a: 29:22:f3:27:85:45:5d:99:be:ca:14:ef:c8:57:74: ac:dc:3e:81:b4:0d:e6:c3:08:94:80:2b:2f:0f:ee: bd:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:67:D3:27:71:9B:7B:15:63:41:17:55:02:87:4C:FF:7D:95:25:72 X509v3 Authority Key Identifier: keyid:AD:2D:8B:D4:E6:74:E8:CE:D5:A0:97:D4:3D:EA:71:84:44:E7:8A:F5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rS2L1OZ06M7VoJfUPepxhETnivU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9a:9c:80:6c:f2:01:bd:77:c9:77:a3:46:7d:24:b8:cb:eb:a1: 97:dd:68:a7:20:00:04:16:47:b4:31:21:a6:c7:8c:b7:41:0b: ee:f8:ef:a4:5c:98:0f:e4:8e:46:19:fa:b0:e3:af:c5:4c:3b: d7:e2:ed:74:68:16:18:df:b8:55:3b:f4:29:fc:9c:c7:34:39: a1:6c:b0:46:a6:bb:0f:a5:82:90:3b:9c:1e:26:aa:56:c4:dc: 11:70:28:32:c4:15:d0:24:c4:84:bf:ef:17:e9:a5:ac:3d:e0: 4a:a2:df:48:a6:c1:7e:3d:46:8c:03:22:c1:62:05:43:ae:63: 9f:eb:7f:a5:62:6f:0f:59:cb:1c:f1:5b:5b:22:6e:4a:ba:a0: 91:5d:65:69:33:86:4c:06:6a:35:8b:57:d5:82:ae:85:43:1a: 24:5c:c5:2e:c2:d7:30:b7:8f:1c:6e:68:d0:53:01:98:7b:79: af:6a:32:60:70:29:ae:50:9a:32:62:d9:e4:36:55:be:55:db: 8c:12:3e:7d:91:a4:1e:a9:2e:ca:6c:20:de:c3:66:51:3b:b1: eb:8b:ee:ff:4c:b7:a2:97:42:49:b1:5a:66:04:f2:eb:1c:78: 60:ba:e7:6f:d1:ff:81:17:60:01:c4:7d:7d:62:e0:33:47:f2: d8:ae:dd:c8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsPboOTA0iqgM4dSMhE0TpBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFkMmQ4YmQ0ZTY3NGU4Y2VkNWEwOTdkNDNkZWE3MTg0NDRl NzhhZjUwHhcNMjUxMjExMjIwMDU5WhcNMjUxMjEyMjIwMDU5WjAzMTEwLwYDVQQD EyhlMTY3ZDMyNzcxOWI3YjE1NjM0MTE3NTUwMjg3NGNmZjdkOTUyNTcyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPVAZrls9uHd2c3wJfmZisieE8jc wRgK3BLtO90YmUnLQjpbCNOezpZiB4NCp3MB9v+/C4C7Wa+Aht6fTh30YuwVJ69r dUn9lUNVICVbxKPG74UXwfoJ1RzdX9rhLhXHHnT44PBljSFKMEd3qksKXESV2TiR hSKCSICoJde9CMao7DW479hR0j2bvhmL62NKXBN95ATGi1QlZa/gTD2uULga4+lq r0zVw0/w379kp7Gxz+dc57AXfiU/DSfhzwRZFwcbfQ+mWq/IP4a/MlaRck+2jCbw 3MWs2LMpldXjJpopIvMnhUVdmb7KFO/IV3Ss3D6BtA3mwwiUgCsvD+69OQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOFn0ydxm3sVY0EXVQKHTP99lSVyMB8GA1UdIwQY MBaAFK0ti9TmdOjO1aCX1D3qcYRE54r1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvclMyTDFPWjA2TTdWb0pmVVBlcHhoRVRuaXZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8wODNmMjMtMjZlYy00MDMxLTg1M2Mt ODJmMTUxYjY2NGM1LzEvclMyTDFPWjA2TTdWb0pmVVBlcHhoRVRuaXZVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Yy8wODNmMjMtMjZlYy00MDMxLTg1M2MtODJmMTUxYjY2NGM1 LzEvclMyTDFPWjA2TTdWb0pmVVBlcHhoRVRuaXZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmpyAbPIB vXfJd6NGfSS4y+uhl91opyAABBZHtDEhpseMt0EL7vjvpFyYD+SORhn6sOOvxUw7 1+LtdGgWGN+4VTv0KfycxzQ5oWywRqa7D6WCkDucHiaqVsTcEXAoMsQV0CTEhL/v F+mlrD3gSqLfSKbBfj1GjAMiwWIFQ65jn+t/pWJvD1nLHPFbWyJuSrqgkV1laTOG TAZqNYtX1YKuhUMaJFzFLsLXMLePHG5o0FMBmHt5r2oyYHAprlCaMmLZ5DZVvlXb jBI+fZGkHqkuymwg3sNmUTux64vu/0y3opdCSbFaZgTy6xx4YLrnb9H/gRdgAcR9 fWLgM0fy2K7dyA== -----END CERTIFICATE-----Generated at Fri Dec 12 03:21:12 2025 by rpki-client