This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.mft File: xIzPWOSy4trdSoSDPAZ87iuXRek.mft (raw, json) Hash identifier: Au4q1uIBPzhKglzSN0TSnW+ZVfIQ2fuwMp6zZj7PCCI= Subject key identifier: 41:E3:57:B7:7E:72:22:94:AD:27:93:67:85:1F:65:77:06:9F:71:77 Authority key identifier: C4:8C:CF:58:E4:B2:E2:DA:DD:4A:84:83:3C:06:7C:EE:2B:97:45:E9 Certificate issuer: /CN=c48ccf58e4b2e2dadd4a84833c067cee2b9745e9 Certificate serial: 019B58D1360D8632B2DCFF6349258EF1941F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xIzPWOSy4trdSoSDPAZ87iuXRek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.mft Manifest number: 09C6 Signing time: Fri 26 Dec 2025 04:01:04 +0000 Manifest this update: Fri 26 Dec 2025 04:01:04 +0000 Manifest next update: Sat 27 Dec 2025 04:01:04 +0000 Files and hashes: 1: xIzPWOSy4trdSoSDPAZ87iuXRek.crl (hash: 9QpGYGfEi8kdqjsdFnoTV4iL7dxLK6d1z8/qeePPWlQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.crl rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.mft rsync://rpki.ripe.net/repository/DEFAULT/xIzPWOSy4trdSoSDPAZ87iuXRek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 04:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:58:d1:36:0d:86:32:b2:dc:ff:63:49:25:8e:f1:94:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c48ccf58e4b2e2dadd4a84833c067cee2b9745e9 Validity Not Before: Dec 26 04:01:04 2025 GMT Not After : Dec 27 04:01:04 2025 GMT Subject: CN=41e357b77e722294ad279367851f6577069f7177 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:a5:8e:67:37:de:6f:a2:cd:93:69:b7:1b:73: 07:53:3c:75:4c:2f:38:ca:e2:ba:35:fc:b6:d7:47: 71:17:eb:e8:8c:33:29:e1:7a:3b:38:0d:50:bc:3d: 50:ac:51:77:3f:84:82:12:b1:f4:ad:7d:30:57:16: 7e:b9:14:dc:74:c8:07:5f:a5:69:92:42:76:59:1d: 09:91:b1:a6:ec:39:9c:2d:71:5d:98:0e:2f:25:f3: 67:93:fc:8c:b3:48:17:82:fd:6c:86:c9:c0:96:f8: 01:92:fe:34:2d:42:f6:b3:88:d5:55:9a:b5:d3:b2: e7:03:a4:c3:f0:3a:04:4f:82:7f:2d:ba:54:c3:de: 5d:68:ee:f4:d9:82:4c:40:a2:11:c3:d0:4d:4e:98: bd:e3:4a:cd:12:31:97:7e:1f:1f:61:23:c5:f8:26: 3f:f9:43:95:37:2d:50:26:ad:a7:a8:7a:ab:a9:75: 04:dc:a4:ba:84:66:e9:d7:8e:a7:b2:3f:e1:6b:f9: c7:2c:39:c8:2d:89:f0:47:45:6a:5e:09:9e:5b:3d: d5:56:00:4e:e4:7c:be:d1:77:1c:f2:9b:54:bc:69: ad:3f:4d:19:47:45:dd:73:77:b5:f0:fc:d9:0a:5c: ad:fe:0b:a1:62:42:6e:4c:9d:80:ca:3a:5c:77:20: a3:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:E3:57:B7:7E:72:22:94:AD:27:93:67:85:1F:65:77:06:9F:71:77 X509v3 Authority Key Identifier: keyid:C4:8C:CF:58:E4:B2:E2:DA:DD:4A:84:83:3C:06:7C:EE:2B:97:45:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xIzPWOSy4trdSoSDPAZ87iuXRek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 99:69:d9:d0:39:90:d2:fd:25:68:02:c3:7f:78:f7:fa:19:31: c9:c9:23:c8:b4:36:1c:64:e7:cd:66:d0:13:b7:e2:1f:ca:a3: 52:62:a3:68:21:0e:a2:f1:d1:4c:3a:f3:6c:60:89:40:f3:7b: d7:e5:21:3d:f0:de:e4:84:6b:21:56:f9:37:f6:18:29:a1:16: 80:31:9f:9d:6c:7a:a1:8e:26:69:77:9b:94:b5:98:8d:96:28: 9c:12:55:c1:d0:9b:8f:7d:b9:52:2b:5b:7e:30:50:3d:3c:99: eb:f1:5a:56:69:28:36:b7:a6:79:52:cb:b2:5b:19:bf:75:94: 95:14:7d:77:19:3b:c5:e3:f4:c3:1f:0d:d5:10:86:b3:c5:12: ee:a2:71:49:86:bd:f7:fd:48:a9:6a:1b:94:70:34:b0:2a:c7: e5:04:9e:84:e5:37:75:33:27:83:41:9e:b7:34:65:7b:49:c4: a0:f6:13:8a:0b:19:10:f8:d7:52:64:d9:1e:d9:f9:5c:c8:2a: f3:83:bc:ec:98:d5:78:1e:a3:d4:fe:76:73:a1:82:bb:a9:4c: 3f:05:27:4b:d3:95:f8:2e:33:2a:6a:99:7c:9a:c6:99:c5:4b: b8:40:6e:d6:4b:c3:73:02:4b:68:e1:ce:77:f4:ca:37:14:18: 5f:b9:7d:e3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtY0TYNhjKy3P9jSSWO8ZQfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0OGNjZjU4ZTRiMmUyZGFkZDRhODQ4MzNjMDY3Y2VlMmI5 NzQ1ZTkwHhcNMjUxMjI2MDQwMTA0WhcNMjUxMjI3MDQwMTA0WjAzMTEwLwYDVQQD Eyg0MWUzNTdiNzdlNzIyMjk0YWQyNzkzNjc4NTFmNjU3NzA2OWY3MTc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaWOZzfeb6LNk2m3G3MHUzx1TC84 yuK6Nfy210dxF+vojDMp4Xo7OA1QvD1QrFF3P4SCErH0rX0wVxZ+uRTcdMgHX6Vp kkJ2WR0JkbGm7DmcLXFdmA4vJfNnk/yMs0gXgv1shsnAlvgBkv40LUL2s4jVVZq1 07LnA6TD8DoET4J/LbpUw95daO702YJMQKIRw9BNTpi940rNEjGXfh8fYSPF+CY/ +UOVNy1QJq2nqHqrqXUE3KS6hGbp146nsj/ha/nHLDnILYnwR0VqXgmeWz3VVgBO 5Hy+0Xcc8ptUvGmtP00ZR0Xdc3e18PzZClyt/guhYkJuTJ2AyjpcdyCjbQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEHjV7d+ciKUrSeTZ4UfZXcGn3F3MB8GA1UdIwQY MBaAFMSMz1jksuLa3UqEgzwGfO4rl0XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveEl6UFdPU3k0dHJkU29TRFBBWjg3aXVYUmVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9jYmUwMDUtMjY4OS00Mzc5LTlhN2Ut YTUwZTMyZGUwODIzLzEveEl6UFdPU3k0dHJkU29TRFBBWjg3aXVYUmVrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYi9jYmUwMDUtMjY4OS00Mzc5LTlhN2UtYTUwZTMyZGUwODIz LzEveEl6UFdPU3k0dHJkU29TRFBBWjg3aXVYUmVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmWnZ0DmQ 0v0laALDf3j3+hkxyckjyLQ2HGTnzWbQE7fiH8qjUmKjaCEOovHRTDrzbGCJQPN7 1+UhPfDe5IRrIVb5N/YYKaEWgDGfnWx6oY4maXeblLWYjZYonBJVwdCbj325Uitb fjBQPTyZ6/FaVmkoNremeVLLslsZv3WUlRR9dxk7xeP0wx8N1RCGs8US7qJxSYa9 9/1IqWoblHA0sCrH5QSehOU3dTMng0GetzRle0nEoPYTigsZEPjXUmTZHtn5XMgq 84O87JjVeB6j1P52c6GCu6lMPwUnS9OV+C4zKmqZfJrGmcVLuEBu1kvDcwJLaOHO d/TKNxQYX7l94w== -----END CERTIFICATE-----Generated at Fri Dec 26 14:08:51 2025 by rpki-client