This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/f76e8c-82b3-47d4-b4b6-021c9eec0077/1/1bFX6mgu908PHvZ_oekWDRfNLpM.mft File: 1bFX6mgu908PHvZ_oekWDRfNLpM.mft (raw, json) Hash identifier: 0valzj5p9rUodup6aGZ72zXtcaw94j8WjzUBph/rDzQ= Subject key identifier: D3:0D:B9:4D:1F:21:FD:BE:A5:59:8D:E8:5A:85:21:8B:1A:E8:46:F8 Authority key identifier: D5:B1:57:EA:68:2E:F7:4F:0F:1E:F6:7F:A1:E9:16:0D:17:CD:2E:93 Certificate issuer: /CN=d5b157ea682ef74f0f1ef67fa1e9160d17cd2e93 Certificate serial: 019B19BAE30D36B0D3434600C2DFD2B389B7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1bFX6mgu908PHvZ_oekWDRfNLpM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/f76e8c-82b3-47d4-b4b6-021c9eec0077/1/1bFX6mgu908PHvZ_oekWDRfNLpM.mft Manifest number: 1778 Signing time: Sat 13 Dec 2025 22:00:36 +0000 Manifest this update: Sat 13 Dec 2025 22:00:36 +0000 Manifest next update: Sun 14 Dec 2025 22:00:36 +0000 Files and hashes: 1: 1bFX6mgu908PHvZ_oekWDRfNLpM.crl (hash: iqsWoOcopz38hZ8r50TBfLmQdmSUIYE5Bo2ulDC5tFw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/f76e8c-82b3-47d4-b4b6-021c9eec0077/1/1bFX6mgu908PHvZ_oekWDRfNLpM.crl rsync://rpki.ripe.net/repository/DEFAULT/ae/f76e8c-82b3-47d4-b4b6-021c9eec0077/1/1bFX6mgu908PHvZ_oekWDRfNLpM.mft rsync://rpki.ripe.net/repository/DEFAULT/1bFX6mgu908PHvZ_oekWDRfNLpM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 22:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:19:ba:e3:0d:36:b0:d3:43:46:00:c2:df:d2:b3:89:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d5b157ea682ef74f0f1ef67fa1e9160d17cd2e93 Validity Not Before: Dec 13 22:00:36 2025 GMT Not After : Dec 14 22:00:36 2025 GMT Subject: CN=d30db94d1f21fdbea5598de85a85218b1ae846f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:25:86:70:5f:43:94:2b:47:43:1b:2d:37:46: 25:56:c7:a8:7d:db:a0:a1:d7:4c:3b:45:72:89:0b: f3:36:8c:16:37:62:76:0f:70:21:25:b4:58:91:dc: bd:b3:ff:ec:41:f8:82:17:39:46:ca:1b:c9:34:71: 1f:5a:20:21:c3:eb:c7:d3:24:93:79:b2:58:32:b2: 50:3f:50:bb:5c:b2:96:5c:ed:36:ef:79:68:85:ec: 02:c7:e3:7c:8a:86:c7:88:ef:bd:70:83:fd:c9:51: d2:40:7b:64:0b:f3:90:46:fe:66:53:74:cf:02:c0: 74:3d:6c:fd:df:5a:57:b8:ea:43:ce:bf:c9:29:e6: 11:f1:9e:7e:1e:53:85:4c:d3:58:2f:23:81:93:44: 9f:85:1f:7e:c9:a4:60:4c:fd:bb:ce:a8:f6:06:1f: 9a:57:dd:53:f6:7d:5d:09:46:46:ec:00:be:73:6c: 71:60:68:c3:25:79:8d:57:d0:3f:ab:70:81:f2:5f: d2:fe:09:e9:00:6b:f5:88:1c:80:f2:23:a3:fd:71: 68:fc:28:e6:cc:a1:fa:c2:3d:0a:8a:d9:38:26:17: e1:65:e4:02:f5:47:15:9b:16:1a:98:db:b6:70:2b: b4:55:78:88:c3:bc:75:7c:42:8a:fc:e6:40:79:ae: 94:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:0D:B9:4D:1F:21:FD:BE:A5:59:8D:E8:5A:85:21:8B:1A:E8:46:F8 X509v3 Authority Key Identifier: keyid:D5:B1:57:EA:68:2E:F7:4F:0F:1E:F6:7F:A1:E9:16:0D:17:CD:2E:93 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1bFX6mgu908PHvZ_oekWDRfNLpM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f76e8c-82b3-47d4-b4b6-021c9eec0077/1/1bFX6mgu908PHvZ_oekWDRfNLpM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f76e8c-82b3-47d4-b4b6-021c9eec0077/1/1bFX6mgu908PHvZ_oekWDRfNLpM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 49:f8:08:3f:4a:72:9d:ef:fa:13:31:23:21:b9:00:61:e6:30: 19:3a:3f:29:92:8c:35:02:6d:04:77:4a:ba:d7:2b:a4:68:18: 91:2b:1f:60:f8:d4:a7:ed:10:b6:fc:05:75:f4:b9:a7:46:ad: 6e:b6:d0:cc:04:84:cb:3c:b1:db:e5:0e:6e:65:1d:ee:e5:b6: b7:f9:b9:19:cc:5d:5a:23:9e:0a:e4:36:1d:50:11:fe:3a:c4: 37:3a:2e:18:1b:54:65:91:66:dd:28:43:96:7f:e7:73:6b:34: dc:80:0b:29:f3:ea:4b:9b:3c:f3:de:36:43:07:82:61:81:66: 7e:44:15:28:49:27:f3:e9:a3:89:dd:15:ce:4a:fe:5b:10:57: fa:49:e7:87:4a:7d:e2:b5:70:b8:f9:23:3a:84:a6:00:da:19: 94:36:1e:0c:48:4f:46:66:1c:95:35:b5:8e:ce:f7:ed:0e:7e: 3f:3f:e6:95:15:24:a9:da:8c:13:a4:8d:c1:c3:9a:80:6f:df: a0:71:f5:d3:a0:c9:8c:b4:fa:be:fe:a7:c3:3b:4c:22:ed:2b: 25:63:20:0a:db:c0:4c:0f:26:95:d7:c9:f0:45:69:ca:c8:2c: c7:9f:a1:81:9c:2b:8d:dd:fb:9c:fb:b4:f7:b0:32:84:62:7c: d0:51:0a:19 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsZuuMNNrDTQ0YAwt/Ss4m3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ1YjE1N2VhNjgyZWY3NGYwZjFlZjY3ZmExZTkxNjBkMTdj ZDJlOTMwHhcNMjUxMjEzMjIwMDM2WhcNMjUxMjE0MjIwMDM2WjAzMTEwLwYDVQQD EyhkMzBkYjk0ZDFmMjFmZGJlYTU1OThkZTg1YTg1MjE4YjFhZTg0NmY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCWGcF9DlCtHQxstN0YlVseofdug oddMO0VyiQvzNowWN2J2D3AhJbRYkdy9s//sQfiCFzlGyhvJNHEfWiAhw+vH0yST ebJYMrJQP1C7XLKWXO0273lohewCx+N8iobHiO+9cIP9yVHSQHtkC/OQRv5mU3TP AsB0PWz931pXuOpDzr/JKeYR8Z5+HlOFTNNYLyOBk0SfhR9+yaRgTP27zqj2Bh+a V91T9n1dCUZG7AC+c2xxYGjDJXmNV9A/q3CB8l/S/gnpAGv1iByA8iOj/XFo/Cjm zKH6wj0Kitk4JhfhZeQC9UcVmxYamNu2cCu0VXiIw7x1fEKK/OZAea6UKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNMNuU0fIf2+pVmN6FqFIYsa6Eb4MB8GA1UdIwQY MBaAFNWxV+poLvdPDx72f6HpFg0XzS6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMWJGWDZtZ3U5MDhQSHZaX29la1dEUmZOTHBNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mNzZlOGMtODJiMy00N2Q0LWI0YjYt MDIxYzllZWMwMDc3LzEvMWJGWDZtZ3U5MDhQSHZaX29la1dEUmZOTHBNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZS9mNzZlOGMtODJiMy00N2Q0LWI0YjYtMDIxYzllZWMwMDc3 LzEvMWJGWDZtZ3U5MDhQSHZaX29la1dEUmZOTHBNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASfgIP0py ne/6EzEjIbkAYeYwGTo/KZKMNQJtBHdKutcrpGgYkSsfYPjUp+0QtvwFdfS5p0at brbQzASEyzyx2+UObmUd7uW2t/m5GcxdWiOeCuQ2HVAR/jrENzouGBtUZZFm3ShD ln/nc2s03IALKfPqS5s88942QweCYYFmfkQVKEkn8+mjid0Vzkr+WxBX+knnh0p9 4rVwuPkjOoSmANoZlDYeDEhPRmYclTW1js737Q5+Pz/mlRUkqdqME6SNwcOagG/f oHH106DJjLT6vv6nwztMIu0rJWMgCtvATA8mldfJ8EVpysgsx5+hgZwrjd37nPu0 97AyhGJ80FEKGQ== -----END CERTIFICATE-----Generated at Sun Dec 14 07:49:33 2025 by rpki-client