This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft File: n0XrWiiMaO1g29m4fk6CBsqckz8.mft (raw, json) Hash identifier: J5tqe+Znt8yUHBo+2Npef9pL621kbBBvwqqyqZDFprU= Subject key identifier: 4D:50:AD:61:BD:2D:38:A2:73:3A:23:49:10:08:A9:62:6D:2C:87:BA Authority key identifier: 9F:45:EB:5A:28:8C:68:ED:60:DB:D9:B8:7E:4E:82:06:CA:9C:93:3F Certificate issuer: /CN=9f45eb5a288c68ed60dbd9b87e4e8206ca9c933f Certificate serial: 019B597716B445DE7AD1D4654CCA440265EA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n0XrWiiMaO1g29m4fk6CBsqckz8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft Manifest number: 1171 Signing time: Fri 26 Dec 2025 07:02:15 +0000 Manifest this update: Fri 26 Dec 2025 07:02:15 +0000 Manifest next update: Sat 27 Dec 2025 07:02:15 +0000 Files and hashes: 1: n0XrWiiMaO1g29m4fk6CBsqckz8.crl (hash: fwbiwSvyHrFXVH+Lu6XFnFIoh3g7hKtSwTZSkl8ihPU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft rsync://rpki.ripe.net/repository/DEFAULT/n0XrWiiMaO1g29m4fk6CBsqckz8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:77:16:b4:45:de:7a:d1:d4:65:4c:ca:44:02:65:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9f45eb5a288c68ed60dbd9b87e4e8206ca9c933f Validity Not Before: Dec 26 07:02:15 2025 GMT Not After : Dec 27 07:02:15 2025 GMT Subject: CN=4d50ad61bd2d38a2733a23491008a9626d2c87ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:78:79:fd:1b:c5:a6:68:ff:63:c3:86:58:af: a9:7d:fc:e9:d1:e5:26:3e:ef:d0:5c:d5:ad:45:69: 92:d4:89:e5:32:38:39:c3:60:31:3f:42:8a:57:1f: 22:f3:b8:84:d1:61:83:65:bd:3e:78:17:d2:f2:2e: 63:34:19:a7:68:64:7e:43:44:85:9d:2c:4c:20:fb: db:25:af:b7:01:4a:3e:0c:3d:f6:7f:1c:ee:d7:d8: 8b:f6:e0:86:c0:3b:aa:98:70:0d:c7:81:81:4b:62: 82:3b:58:40:94:76:fb:a3:b5:b6:a0:14:56:f9:53: 91:fd:b5:01:f7:a8:53:0b:9d:5b:34:e0:f3:d2:11: 0d:59:f4:79:d1:24:92:68:72:07:e1:19:cd:d2:45: d9:6d:ff:a1:50:31:31:d0:25:d7:be:e0:ad:cb:b5: d1:aa:0f:3e:b6:34:31:5b:05:16:47:96:17:60:a9: 53:ff:8d:3f:33:58:63:23:50:ad:f6:cf:41:00:42: ed:73:37:24:d3:af:27:04:af:c4:f4:f2:71:8a:2b: c6:2f:78:bb:8f:4f:16:d9:66:6d:fb:a4:3d:5f:44: 21:23:80:a5:66:f1:96:a8:76:9b:f0:f1:b5:53:17: 82:f7:f1:01:c8:91:70:ec:ba:24:21:47:d4:d2:ef: ea:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:50:AD:61:BD:2D:38:A2:73:3A:23:49:10:08:A9:62:6D:2C:87:BA X509v3 Authority Key Identifier: keyid:9F:45:EB:5A:28:8C:68:ED:60:DB:D9:B8:7E:4E:82:06:CA:9C:93:3F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n0XrWiiMaO1g29m4fk6CBsqckz8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/e42336-eb77-4540-be41-55fd6dc1a1d8/1/n0XrWiiMaO1g29m4fk6CBsqckz8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 80:d5:62:5f:69:11:3d:74:b6:2c:72:8c:b3:83:47:78:c8:05: 7d:f3:e5:cf:1f:6f:84:4e:84:36:b8:6f:ea:8f:be:a1:1c:65: e5:60:52:21:77:83:a3:82:9b:94:e4:96:4e:33:97:12:bb:40: e1:3a:bb:57:61:96:0e:e2:86:c7:e9:51:0b:35:b0:5c:55:b7: a3:5d:55:bc:ff:02:70:a1:82:75:98:74:7f:1b:a6:c3:10:70: 4f:de:e3:64:c1:3a:5e:c9:cd:6e:1c:5c:b4:ef:82:c4:e8:9d: a5:77:18:1f:a7:a4:07:81:1f:08:70:31:0a:de:45:87:d5:50: 26:a8:91:42:ee:9e:6a:2e:5e:94:7d:4b:86:79:85:5c:ed:25: 7c:d9:06:88:47:e5:bc:f0:33:84:06:c1:9e:29:7e:8e:57:e9: 52:4c:ed:0f:27:c9:98:52:ca:d7:ca:f3:c8:d7:b4:9d:b6:b2: e0:41:91:0e:ee:aa:8b:2d:38:a3:4d:72:87:f0:2a:47:21:96: c7:f7:e9:6c:f9:4f:45:83:57:ec:b9:d0:0e:e0:0d:ff:20:68: ec:24:63:d1:70:98:c2:6c:3f:29:11:35:ab:8a:e5:14:09:af: f2:0a:10:68:0b:69:d3:fa:c4:ec:13:53:c0:63:79:73:0b:b2: 47:21:08:d0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdxa0Rd560dRlTMpEAmXqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlmNDVlYjVhMjg4YzY4ZWQ2MGRiZDliODdlNGU4MjA2Y2E5 YzkzM2YwHhcNMjUxMjI2MDcwMjE1WhcNMjUxMjI3MDcwMjE1WjAzMTEwLwYDVQQD Eyg0ZDUwYWQ2MWJkMmQzOGEyNzMzYTIzNDkxMDA4YTk2MjZkMmM4N2JhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHh5/RvFpmj/Y8OGWK+pffzp0eUm Pu/QXNWtRWmS1InlMjg5w2AxP0KKVx8i87iE0WGDZb0+eBfS8i5jNBmnaGR+Q0SF nSxMIPvbJa+3AUo+DD32fxzu19iL9uCGwDuqmHANx4GBS2KCO1hAlHb7o7W2oBRW +VOR/bUB96hTC51bNODz0hENWfR50SSSaHIH4RnN0kXZbf+hUDEx0CXXvuCty7XR qg8+tjQxWwUWR5YXYKlT/40/M1hjI1Ct9s9BAELtczck068nBK/E9PJxiivGL3i7 j08W2WZt+6Q9X0QhI4ClZvGWqHab8PG1UxeC9/EByJFw7LokIUfU0u/qnQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE1QrWG9LTiiczojSRAIqWJtLIe6MB8GA1UdIwQY MBaAFJ9F61oojGjtYNvZuH5OggbKnJM/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbjBYcldpaU1hTzFnMjltNGZrNkNCc3Fja3o4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lNDIzMzYtZWI3Ny00NTQwLWJlNDEt NTVmZDZkYzFhMWQ4LzEvbjBYcldpaU1hTzFnMjltNGZrNkNCc3Fja3o4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi9lNDIzMzYtZWI3Ny00NTQwLWJlNDEtNTVmZDZkYzFhMWQ4 LzEvbjBYcldpaU1hTzFnMjltNGZrNkNCc3Fja3o4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgNViX2kR PXS2LHKMs4NHeMgFffPlzx9vhE6ENrhv6o++oRxl5WBSIXeDo4KblOSWTjOXErtA 4Tq7V2GWDuKGx+lRCzWwXFW3o11VvP8CcKGCdZh0fxumwxBwT97jZME6XsnNbhxc tO+CxOidpXcYH6ekB4EfCHAxCt5Fh9VQJqiRQu6eai5elH1LhnmFXO0lfNkGiEfl vPAzhAbBnil+jlfpUkztDyfJmFLK18rzyNe0nbay4EGRDu6qiy04o01yh/AqRyGW x/fpbPlPRYNX7LnQDuAN/yBo7CRj0XCYwmw/KRE1q4rlFAmv8goQaAtp0/rE7BNT wGN5cwuyRyEI0A== -----END CERTIFICATE-----Generated at Fri Dec 26 14:18:16 2025 by rpki-client