This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft File: 0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft (raw, json) Hash identifier: HXc1nesJtWfaobuKgbam9FBZlOnvrBPLIMcT9mGA24Y= Subject key identifier: 85:49:BB:C3:31:E7:F3:1F:61:F5:73:9A:D9:0F:BF:B4:93:28:45:CB Authority key identifier: D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95 Certificate issuer: /CN=d170d4dde23a92166a67bb13f60bc70b667d8695 Certificate serial: 019B3AFD852CBB0563A583A2B7F83987ADC9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft Manifest number: 14BE Signing time: Sat 20 Dec 2025 09:00:51 +0000 Manifest this update: Sat 20 Dec 2025 09:00:51 +0000 Manifest next update: Sun 21 Dec 2025 09:00:51 +0000 Files and hashes: 1: 0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl (hash: WsOLQ3nj+j6KctoWA9yRD5yw6ZoA3zLGffuZMF7xi04=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 09:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:fd:85:2c:bb:05:63:a5:83:a2:b7:f8:39:87:ad:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d170d4dde23a92166a67bb13f60bc70b667d8695 Validity Not Before: Dec 20 09:00:51 2025 GMT Not After : Dec 21 09:00:51 2025 GMT Subject: CN=8549bbc331e7f31f61f5739ad90fbfb4932845cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:24:d8:21:c5:27:b7:51:e2:73:b9:96:ee:45: f8:9b:1e:d1:c5:8b:d6:3f:f2:37:3b:f2:d4:fa:a4: ca:2d:ee:36:42:3f:5c:25:36:4c:5a:31:83:46:0c: 09:3a:96:7d:66:d3:0e:89:14:d5:2f:9f:8e:41:24: c1:0f:67:78:1e:c1:5d:05:95:e1:90:19:d3:2d:0c: 38:cd:4b:df:3f:65:8a:7c:ba:a9:ff:33:fc:76:7e: ce:44:09:ba:e5:a5:56:73:51:de:fe:f5:e7:af:a9: 7a:30:fe:89:4d:65:2c:14:93:9e:8d:2f:65:67:65: cd:32:7d:e7:fa:b9:8a:89:f7:4e:1e:ac:fe:3b:bd: ac:3b:39:d0:d7:41:96:f2:ee:00:e5:38:da:66:a6: 9d:cf:a8:8c:74:65:35:ae:d7:20:7b:7d:63:ff:c2: 56:24:d8:d5:fd:a9:5c:8b:cc:11:bc:cb:d3:68:4f: 79:2d:0d:8b:65:81:a5:67:bf:cc:c0:38:ef:09:c4: 27:0d:d1:5e:dc:a4:ae:cb:30:62:b6:30:87:3c:fc: 7f:00:ef:e4:0d:97:f5:2d:7a:eb:47:3c:43:5c:31: 10:91:3e:63:df:ab:fd:da:5d:53:24:28:5b:fc:3f: 37:2d:29:b7:fb:2b:dc:0f:b4:ea:4f:cc:e9:cc:01: 27:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:49:BB:C3:31:E7:F3:1F:61:F5:73:9A:D9:0F:BF:B4:93:28:45:CB X509v3 Authority Key Identifier: keyid:D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 68:e4:77:27:ae:d8:d2:73:85:f1:35:3d:99:2c:34:89:25:31: 71:88:0a:46:29:cb:7e:4d:e0:24:c3:ea:78:3a:c0:8b:54:78: d7:d3:01:62:28:5b:ff:31:65:32:75:49:6a:98:93:1b:2e:0e: 58:4b:a8:50:37:69:c2:94:82:20:65:6f:4f:ea:0c:a2:b2:1a: 0b:c4:23:58:db:4d:9f:96:f3:02:61:66:47:6e:98:14:9d:15: 71:c5:c6:c0:43:a6:63:20:bc:61:d7:19:cd:21:7a:f5:83:3e: df:f5:f0:88:47:a5:4e:9c:d2:3f:98:fb:d2:07:1d:72:7a:14: aa:ab:ce:31:f0:81:4c:b1:a7:de:45:00:40:0f:1f:e7:df:8e: 52:39:ec:dc:c2:9d:23:ad:85:80:14:a5:72:89:67:21:23:a1: a9:65:24:74:f4:ee:19:de:8c:0a:bb:6c:fd:ca:33:44:d5:e8: 33:0c:1f:27:df:e9:58:1e:d9:56:19:ff:f6:d9:13:e4:ca:5b: a6:09:33:99:ae:77:a1:63:43:6a:4e:f5:2a:37:24:8d:a2:8e: 60:0b:4e:01:76:a3:63:86:6b:65:18:42:f8:e0:98:d4:17:1e: ff:07:8d:72:16:1f:e2:9d:5f:26:c9:c6:8a:6c:71:b5:99:13: 9a:3f:6a:76 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6/YUsuwVjpYOit/g5h63JMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQxNzBkNGRkZTIzYTkyMTY2YTY3YmIxM2Y2MGJjNzBiNjY3 ZDg2OTUwHhcNMjUxMjIwMDkwMDUxWhcNMjUxMjIxMDkwMDUxWjAzMTEwLwYDVQQD Eyg4NTQ5YmJjMzMxZTdmMzFmNjFmNTczOWFkOTBmYmZiNDkzMjg0NWNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCTYIcUnt1Hic7mW7kX4mx7RxYvW P/I3O/LU+qTKLe42Qj9cJTZMWjGDRgwJOpZ9ZtMOiRTVL5+OQSTBD2d4HsFdBZXh kBnTLQw4zUvfP2WKfLqp/zP8dn7ORAm65aVWc1He/vXnr6l6MP6JTWUsFJOejS9l Z2XNMn3n+rmKifdOHqz+O72sOznQ10GW8u4A5TjaZqadz6iMdGU1rtcge31j/8JW JNjV/alci8wRvMvTaE95LQ2LZYGlZ7/MwDjvCcQnDdFe3KSuyzBitjCHPPx/AO/k DZf1LXrrRzxDXDEQkT5j36v92l1TJChb/D83LSm3+yvcD7TqT8zpzAEnCQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIVJu8Mx5/MfYfVzmtkPv7STKEXLMB8GA1UdIwQY MBaAFNFw1N3iOpIWame7E/YLxwtmfYaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQt N2E1NzE0ZjhlNmRhLzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQtN2E1NzE0ZjhlNmRh LzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaOR3J67Y 0nOF8TU9mSw0iSUxcYgKRinLfk3gJMPqeDrAi1R419MBYihb/zFlMnVJapiTGy4O WEuoUDdpwpSCIGVvT+oMorIaC8QjWNtNn5bzAmFmR26YFJ0VccXGwEOmYyC8YdcZ zSF69YM+3/XwiEelTpzSP5j70gcdcnoUqqvOMfCBTLGn3kUAQA8f59+OUjns3MKd I62FgBSlcolnISOhqWUkdPTuGd6MCrts/cozRNXoMwwfJ9/pWB7ZVhn/9tkT5Mpb pgkzma53oWNDak71KjckjaKOYAtOAXajY4ZrZRhC+OCY1Bce/weNchYf4p1fJsnG imxxtZkTmj9qdg== -----END CERTIFICATE-----Generated at Sat Dec 20 12:24:18 2025 by rpki-client