This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft File: CeVm4OteXiEQflX8lg-x7iGHRHQ.mft (raw, json) Hash identifier: mybysDDHBAYjQfhK21hkADZyZRBB7rKXrc5tkJJPIBA= Subject key identifier: 5F:A2:79:B8:78:77:68:39:F2:0F:93:03:E9:C8:89:0C:AA:F7:40:AB Authority key identifier: 09:E5:66:E0:EB:5E:5E:21:10:7E:55:FC:96:0F:B1:EE:21:87:44:74 Certificate issuer: /CN=09e566e0eb5e5e21107e55fc960fb1ee21874474 Certificate serial: 019B597620A4279F7C019D6C2709F6D28666 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft Manifest number: 15DE Signing time: Fri 26 Dec 2025 07:01:12 +0000 Manifest this update: Fri 26 Dec 2025 07:01:12 +0000 Manifest next update: Sat 27 Dec 2025 07:01:12 +0000 Files and hashes: 1: CeVm4OteXiEQflX8lg-x7iGHRHQ.crl (hash: onSxRhKhc36L+pp0wLu/DjPHOPDGB+vPUg9ihf+aNtI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.crl rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 07:01:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:76:20:a4:27:9f:7c:01:9d:6c:27:09:f6:d2:86:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=09e566e0eb5e5e21107e55fc960fb1ee21874474 Validity Not Before: Dec 26 07:01:12 2025 GMT Not After : Dec 27 07:01:12 2025 GMT Subject: CN=5fa279b878776839f20f9303e9c8890caaf740ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:e0:1e:86:68:d3:1a:2d:73:7b:58:5f:71:2c: c4:35:d1:ca:52:6f:64:6b:d0:30:25:13:9c:67:1c: 45:7c:6f:a7:c2:1b:68:24:0a:c1:ea:24:5d:14:d3: 79:b8:bc:45:9b:1a:2e:c9:d8:9a:af:72:e1:f2:f0: 8d:11:f2:38:8b:9f:b1:61:71:aa:49:5a:62:a2:6f: 49:8e:b4:df:b9:4b:df:b5:92:db:20:2a:65:47:73: 45:0d:6d:24:ee:d5:40:45:d8:5d:25:b1:80:7f:8d: 8e:d8:e1:60:dd:cb:f2:a4:b4:6b:ee:af:12:e1:e6: 15:88:7e:e0:b5:8e:94:4d:c6:18:57:33:08:51:5a: bd:14:8a:42:6e:16:d1:7c:e5:ec:6e:0c:9d:9f:c1: 6f:16:4e:30:69:c4:31:5d:76:e3:30:10:8a:64:fe: f3:5d:32:0c:4c:81:17:aa:0c:8a:87:d9:a9:09:b6: 4c:34:3e:6c:c8:3a:31:76:47:1a:15:71:65:89:f9: 13:01:c3:55:65:a9:55:e2:9d:58:ff:f5:a9:c4:92: 92:ed:c1:41:0b:90:bb:86:f2:ba:f4:ba:41:28:3e: 1c:9f:7b:9f:88:d6:e7:28:ef:d1:98:cc:96:0c:ce: 68:da:eb:ed:57:63:49:ef:95:9b:0e:c6:b6:41:d3: ec:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:A2:79:B8:78:77:68:39:F2:0F:93:03:E9:C8:89:0C:AA:F7:40:AB X509v3 Authority Key Identifier: keyid:09:E5:66:E0:EB:5E:5E:21:10:7E:55:FC:96:0F:B1:EE:21:87:44:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:cf:85:66:39:9e:2f:74:e0:ee:77:1c:6f:ec:f0:92:e4:56: b3:4a:b5:e4:49:f8:95:0c:56:7e:86:ae:71:e0:f5:e9:d5:ba: c0:2c:97:d9:64:d7:98:eb:76:e7:1e:be:8c:fc:b2:21:9b:88: de:5e:90:14:d4:76:dd:d7:af:10:41:22:ae:d8:8c:46:7c:41: 7f:c2:2e:11:bb:a0:bf:da:11:70:e9:da:c0:05:58:22:96:71: f3:33:4f:d8:d1:68:6d:e9:87:29:22:91:9e:e6:80:36:53:69: 49:29:5b:9d:7f:4c:73:4d:8f:fd:86:fc:d4:73:bc:c8:91:2f: 7e:b5:ef:9a:57:4d:be:f3:17:8b:23:ac:8e:d0:f7:f5:d5:b9: 59:7f:70:41:a2:e1:b6:3d:3d:44:af:10:c1:26:24:db:d1:9e: f1:4a:46:f9:3d:ae:f8:82:29:22:d1:59:a7:c0:57:a1:2d:85: 3c:d7:be:40:12:ce:6f:de:d8:cc:33:5b:2e:83:0f:eb:c9:9b: 0b:aa:a7:9a:18:50:8c:9f:0b:43:58:9f:c5:8b:d3:ce:e0:ae: 4b:0e:79:12:3a:18:1d:1a:63:b9:6e:46:8a:3f:02:47:a8:a9: eb:39:61:bf:12:9d:51:ad:20:e8:ba:7f:59:5a:0a:d9:fa:1c: 96:ce:d9:cb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdiCkJ598AZ1sJwn20oZmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5ZTU2NmUwZWI1ZTVlMjExMDdlNTVmYzk2MGZiMWVlMjE4 NzQ0NzQwHhcNMjUxMjI2MDcwMTEyWhcNMjUxMjI3MDcwMTEyWjAzMTEwLwYDVQQD Eyg1ZmEyNzliODc4Nzc2ODM5ZjIwZjkzMDNlOWM4ODkwY2FhZjc0MGFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7OAehmjTGi1ze1hfcSzENdHKUm9k a9AwJROcZxxFfG+nwhtoJArB6iRdFNN5uLxFmxouydiar3Lh8vCNEfI4i5+xYXGq SVpiom9JjrTfuUvftZLbICplR3NFDW0k7tVARdhdJbGAf42O2OFg3cvypLRr7q8S 4eYViH7gtY6UTcYYVzMIUVq9FIpCbhbRfOXsbgydn8FvFk4wacQxXXbjMBCKZP7z XTIMTIEXqgyKh9mpCbZMND5syDoxdkcaFXFlifkTAcNVZalV4p1Y//WpxJKS7cFB C5C7hvK69LpBKD4cn3ufiNbnKO/RmMyWDM5o2uvtV2NJ75WbDsa2QdPs5wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF+iebh4d2g58g+TA+nIiQyq90CrMB8GA1UdIwQY MBaAFAnlZuDrXl4hEH5V/JYPse4hh0R0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8wMDA4Y2QtZTEyOS00MjRjLWI1YWYt MGFmMWRlOGYxZmYxLzEvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Yi8wMDA4Y2QtZTEyOS00MjRjLWI1YWYtMGFmMWRlOGYxZmYx LzEvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiM+FZjme L3Tg7nccb+zwkuRWs0q15En4lQxWfoauceD16dW6wCyX2WTXmOt25x6+jPyyIZuI 3l6QFNR23devEEEirtiMRnxBf8IuEbugv9oRcOnawAVYIpZx8zNP2NFobemHKSKR nuaANlNpSSlbnX9Mc02P/Yb81HO8yJEvfrXvmldNvvMXiyOsjtD39dW5WX9wQaLh tj09RK8QwSYk29Ge8UpG+T2u+IIpItFZp8BXoS2FPNe+QBLOb97YzDNbLoMP68mb C6qnmhhQjJ8LQ1ifxYvTzuCuSw55EjoYHRpjuW5Gij8CR6ip6zlhvxKdUa0g6Lp/ WVoK2focls7Zyw== -----END CERTIFICATE-----Generated at Fri Dec 26 16:06:26 2025 by rpki-client