This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft File: d7AlLypnrNQplw-mSmQXd29y2NY.mft (raw, json) Hash identifier: OIe8CLuy5eDmVEBiUZEk1NVlXd8tWBeDK0HIcAlH4YM= Subject key identifier: 4E:B2:83:28:6C:24:E1:F4:44:19:88:74:88:F6:6B:0B:3A:E5:62:F2 Authority key identifier: 77:B0:25:2F:2A:67:AC:D4:29:97:0F:A6:4A:64:17:77:6F:72:D8:D6 Certificate issuer: /CN=77b0252f2a67acd429970fa64a6417776f72d8d6 Certificate serial: 019B5A1A7E37CCAE7F9695DF0CE6736B85F5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d7AlLypnrNQplw-mSmQXd29y2NY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft Manifest number: 0673 Signing time: Fri 26 Dec 2025 10:00:44 +0000 Manifest this update: Fri 26 Dec 2025 10:00:44 +0000 Manifest next update: Sat 27 Dec 2025 10:00:44 +0000 Files and hashes: 1: d7AlLypnrNQplw-mSmQXd29y2NY.crl (hash: pkrL+yzQrtelEok4Vtd5jxdGKquJHxToCnq5gjv8Ke0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.crl rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft rsync://rpki.ripe.net/repository/DEFAULT/d7AlLypnrNQplw-mSmQXd29y2NY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:1a:7e:37:cc:ae:7f:96:95:df:0c:e6:73:6b:85:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=77b0252f2a67acd429970fa64a6417776f72d8d6 Validity Not Before: Dec 26 10:00:44 2025 GMT Not After : Dec 27 10:00:44 2025 GMT Subject: CN=4eb283286c24e1f44419887488f66b0b3ae562f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:89:65:a0:f8:38:9c:64:1c:b4:d1:fa:03:33: 21:ce:bf:2a:85:2f:62:fc:09:97:41:42:ed:26:49: 63:33:ca:ad:47:f9:82:ff:03:3f:40:7d:72:d3:ca: bb:7e:6a:e8:0a:0d:89:de:76:d3:b8:3f:6a:a2:8b: ca:5e:15:ea:92:c6:fe:de:9c:ee:4b:84:70:c5:72: 51:ec:7a:04:1d:e4:35:7a:8f:ad:29:f6:04:a0:38: e1:b5:4c:c1:05:39:48:8f:48:18:4b:40:e5:89:ea: 0f:0e:1d:9f:cc:8c:13:15:5d:3c:4f:ed:73:ae:95: a5:2e:b9:67:76:a0:4f:34:f5:af:4c:38:a7:9c:e4: c0:00:b3:29:a2:ec:46:f6:50:2a:f9:7b:b0:2f:6e: d1:04:27:cd:e0:41:06:c6:a9:d4:2c:32:71:05:4c: 38:33:3e:b2:25:e5:e1:23:2d:a6:ba:0a:bc:43:f5: c8:4b:6f:83:de:06:e0:c5:6c:07:dd:79:04:f2:88: ac:1b:13:c0:44:49:d1:5f:6c:fe:cf:75:a8:11:01: 9c:5f:eb:27:bb:70:97:19:bb:0a:08:a2:82:d1:d6: d9:43:3e:ef:4f:ae:1e:be:5e:b0:a1:12:c9:f4:eb: 05:b2:12:aa:bf:04:a5:c7:8d:4d:03:34:38:af:47: d7:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:B2:83:28:6C:24:E1:F4:44:19:88:74:88:F6:6B:0B:3A:E5:62:F2 X509v3 Authority Key Identifier: keyid:77:B0:25:2F:2A:67:AC:D4:29:97:0F:A6:4A:64:17:77:6F:72:D8:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7AlLypnrNQplw-mSmQXd29y2NY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/296e94-9296-42e5-a4b4-996c529ec986/1/d7AlLypnrNQplw-mSmQXd29y2NY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 81:03:c5:d8:73:c2:a1:8e:af:29:39:b9:86:27:6a:89:bd:5d: 04:d2:a4:c6:d4:59:8d:e9:2e:01:64:67:6b:59:a6:36:d0:5e: 64:aa:c7:15:b2:76:dd:a4:28:18:a2:f9:00:4a:88:40:f3:88: 08:51:00:5b:21:c4:6c:51:f1:3c:5e:63:ce:37:da:f0:1e:a4: c6:b9:e8:6d:31:78:14:79:62:f4:2b:b6:64:77:22:19:bd:d9: 59:3f:30:d9:0e:a5:56:14:70:c3:dd:37:13:34:22:09:f8:81: 69:f0:1a:58:6f:9f:e8:7e:83:83:34:1a:ed:5e:a5:09:e5:63: 87:c4:59:16:ea:4c:29:1e:1a:a9:df:91:27:49:6f:04:91:5c: f4:c5:9f:9b:86:d2:27:a8:b9:25:e3:d7:00:d8:9a:74:fa:37: 49:6c:8c:1d:e3:47:1a:83:f9:8f:6f:64:b9:ea:a0:ad:55:2c: 93:26:c6:94:1d:88:6d:7b:5f:64:0a:21:5d:8e:41:68:9c:39: b1:c4:d4:2f:fc:55:78:0e:12:04:06:ef:2b:57:37:30:bd:74: 91:69:e2:1a:09:4c:29:4b:e6:e7:7c:dd:91:36:85:68:0c:80: 8c:b6:63:9b:57:dd:0d:48:1b:2b:6f:31:98:03:b3:59:67:12: 86:aa:3c:1d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaGn43zK5/lpXfDOZza4X1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc3YjAyNTJmMmE2N2FjZDQyOTk3MGZhNjRhNjQxNzc3NmY3 MmQ4ZDYwHhcNMjUxMjI2MTAwMDQ0WhcNMjUxMjI3MTAwMDQ0WjAzMTEwLwYDVQQD Eyg0ZWIyODMyODZjMjRlMWY0NDQxOTg4NzQ4OGY2NmIwYjNhZTU2MmYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArolloPg4nGQctNH6AzMhzr8qhS9i /AmXQULtJkljM8qtR/mC/wM/QH1y08q7fmroCg2J3nbTuD9qoovKXhXqksb+3pzu S4RwxXJR7HoEHeQ1eo+tKfYEoDjhtUzBBTlIj0gYS0DlieoPDh2fzIwTFV08T+1z rpWlLrlndqBPNPWvTDinnOTAALMpouxG9lAq+XuwL27RBCfN4EEGxqnULDJxBUw4 Mz6yJeXhIy2mugq8Q/XIS2+D3gbgxWwH3XkE8oisGxPAREnRX2z+z3WoEQGcX+sn u3CXGbsKCKKC0dbZQz7vT64evl6woRLJ9OsFshKqvwSlx41NAzQ4r0fX0QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE6ygyhsJOH0RBmIdIj2aws65WLyMB8GA1UdIwQY MBaAFHewJS8qZ6zUKZcPpkpkF3dvctjWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZDdBbEx5cG5yTlFwbHctbVNtUVhkMjl5Mk5ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yOTZlOTQtOTI5Ni00MmU1LWE0YjQt OTk2YzUyOWVjOTg2LzEvZDdBbEx5cG5yTlFwbHctbVNtUVhkMjl5Mk5ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMC8yOTZlOTQtOTI5Ni00MmU1LWE0YjQtOTk2YzUyOWVjOTg2 LzEvZDdBbEx5cG5yTlFwbHctbVNtUVhkMjl5Mk5ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgQPF2HPC oY6vKTm5hidqib1dBNKkxtRZjekuAWRna1mmNtBeZKrHFbJ23aQoGKL5AEqIQPOI CFEAWyHEbFHxPF5jzjfa8B6kxrnobTF4FHli9Cu2ZHciGb3ZWT8w2Q6lVhRww903 EzQiCfiBafAaWG+f6H6DgzQa7V6lCeVjh8RZFupMKR4aqd+RJ0lvBJFc9MWfm4bS J6i5JePXANiadPo3SWyMHeNHGoP5j29kueqgrVUskybGlB2IbXtfZAohXY5BaJw5 scTUL/xVeA4SBAbvK1c3ML10kWniGglMKUvm53zdkTaFaAyAjLZjm1fdDUgbK28x mAOzWWcShqo8HQ== -----END CERTIFICATE-----Generated at Fri Dec 26 15:56:19 2025 by rpki-client