This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft File: ELZc9vpeH8roz4TJcB44vftjqrM.mft (raw, json) Hash identifier: d4p/C46pNaoROgz+nkeSSOnR9Et9htI21y5pTdfH+9M= Subject key identifier: 96:3C:50:D0:35:FD:B5:8A:77:C3:1A:D6:6E:30:17:EC:AD:E2:3D:54 Authority key identifier: 10:B6:5C:F6:FA:5E:1F:CA:E8:CF:84:C9:70:1E:38:BD:FB:63:AA:B3 Certificate issuer: /CN=10b65cf6fa5e1fcae8cf84c9701e38bdfb63aab3 Certificate serial: 019B4392E4FA7720889B25A5C4A195540270 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ELZc9vpeH8roz4TJcB44vftjqrM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft Manifest number: 1038 Signing time: Mon 22 Dec 2025 01:00:58 +0000 Manifest this update: Mon 22 Dec 2025 01:00:58 +0000 Manifest next update: Tue 23 Dec 2025 01:00:58 +0000 Files and hashes: 1: ELZc9vpeH8roz4TJcB44vftjqrM.crl (hash: N+Z+vN1aqMmQ4hnUXqG+VvMlKMI5G3grXQ8IYUZA9oI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft rsync://rpki.ripe.net/repository/DEFAULT/ELZc9vpeH8roz4TJcB44vftjqrM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:43:92:e4:fa:77:20:88:9b:25:a5:c4:a1:95:54:02:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=10b65cf6fa5e1fcae8cf84c9701e38bdfb63aab3 Validity Not Before: Dec 22 01:00:58 2025 GMT Not After : Dec 23 01:00:58 2025 GMT Subject: CN=963c50d035fdb58a77c31ad66e3017ecade23d54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:d7:4b:d9:44:a3:01:f8:44:1c:e6:0c:16:d5: e0:b7:27:20:95:b2:10:40:6d:a8:3a:09:c8:19:6a: 54:1a:84:9c:24:b0:5a:5c:09:f6:f8:6a:eb:0e:70: 9b:a5:b0:2a:8f:60:20:f2:f8:ec:c1:39:29:9d:81: 6e:35:59:e5:99:53:15:45:30:4d:25:45:d0:c6:23: c0:03:a5:2e:9a:09:f0:cc:b5:f5:0e:64:75:ec:c0: 3e:27:41:c5:3f:ca:ef:17:7f:e1:12:de:50:13:e9: 2b:54:18:04:9b:5d:f7:bf:4c:d6:07:e7:e8:3c:d3: 96:ae:6f:42:c6:42:67:bb:37:17:06:58:4a:ae:03: 52:bb:94:99:fd:f2:07:34:75:db:f1:b5:1b:29:66: 25:ef:7c:57:38:ca:ee:48:d5:f7:df:00:d1:ee:59: 33:e4:bb:cf:6c:77:9c:31:03:be:18:e2:b8:61:77: a9:8f:f3:2e:4f:43:d0:37:19:cc:0d:17:12:90:44: b3:63:15:dc:4f:a2:b4:d4:14:d1:85:d3:45:30:81: 0d:6e:4c:a1:49:a0:b4:15:dd:6e:b5:5f:91:66:79: f1:37:70:18:dd:4e:53:cd:26:b8:e4:d9:ae:b4:a2: 3c:58:8b:83:70:80:c7:d1:8c:61:a3:8c:e9:a3:6f: 1a:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:3C:50:D0:35:FD:B5:8A:77:C3:1A:D6:6E:30:17:EC:AD:E2:3D:54 X509v3 Authority Key Identifier: keyid:10:B6:5C:F6:FA:5E:1F:CA:E8:CF:84:C9:70:1E:38:BD:FB:63:AA:B3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ELZc9vpeH8roz4TJcB44vftjqrM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 82:8f:63:ed:80:7a:e4:aa:06:61:ab:89:00:80:de:b0:2c:20: d1:a8:c8:b1:0e:a0:d1:24:09:9a:17:76:6e:28:b8:11:12:07: 40:05:80:e9:6f:d9:b9:a2:fe:8c:92:2d:9a:e4:31:39:d9:6b: 51:b7:b2:3f:db:30:f5:50:df:ac:76:6b:e0:50:e6:e3:ff:38: b6:8e:ca:f4:7f:12:99:82:f4:b8:e6:73:86:9c:6d:df:91:74: 80:23:48:26:cd:58:ef:1c:2a:aa:c7:fb:bc:34:e1:80:0f:bb: c6:33:73:e1:e1:79:97:fd:25:ca:49:11:07:17:44:dd:54:e1: cc:62:cd:08:ae:8e:2d:4d:2c:e1:55:f1:23:ba:01:0b:e2:bf: 4f:64:4a:4b:83:52:33:f0:87:c0:9e:2a:af:f0:a8:01:19:23: eb:28:ea:51:c8:c5:49:32:9f:2a:75:b5:27:fb:f5:73:c8:5d: 0d:f5:b8:ac:e1:f5:d7:21:6c:1b:6f:5f:ff:cf:f1:bf:24:f1: dd:93:d1:be:7e:76:ea:31:c6:74:67:eb:72:37:0e:f6:e0:6a: ad:50:36:06:3d:93:e8:c7:dc:e1:9e:37:65:7c:ad:ce:5f:13: 12:0b:ca:0e:f1:36:18:8b:a1:d0:cb:fd:0c:4b:23:1e:d0:58: 08:64:d7:46 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtDkuT6dyCImyWlxKGVVAJwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEwYjY1Y2Y2ZmE1ZTFmY2FlOGNmODRjOTcwMWUzOGJkZmI2 M2FhYjMwHhcNMjUxMjIyMDEwMDU4WhcNMjUxMjIzMDEwMDU4WjAzMTEwLwYDVQQD Eyg5NjNjNTBkMDM1ZmRiNThhNzdjMzFhZDY2ZTMwMTdlY2FkZTIzZDU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArddL2USjAfhEHOYMFtXgtycglbIQ QG2oOgnIGWpUGoScJLBaXAn2+GrrDnCbpbAqj2Ag8vjswTkpnYFuNVnlmVMVRTBN JUXQxiPAA6UumgnwzLX1DmR17MA+J0HFP8rvF3/hEt5QE+krVBgEm133v0zWB+fo PNOWrm9CxkJnuzcXBlhKrgNSu5SZ/fIHNHXb8bUbKWYl73xXOMruSNX33wDR7lkz 5LvPbHecMQO+GOK4YXepj/MuT0PQNxnMDRcSkESzYxXcT6K01BTRhdNFMIENbkyh SaC0Fd1utV+RZnnxN3AY3U5TzSa45NmutKI8WIuDcIDH0Yxho4zpo28a2wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJY8UNA1/bWKd8Ma1m4wF+yt4j1UMB8GA1UdIwQY MBaAFBC2XPb6Xh/K6M+EyXAeOL37Y6qzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRUxaYzl2cGVIOHJvejRUSmNCNDR2ZnRqcXJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS84MDkwYzItODE4MC00ZjNmLTgxNDIt YTIzODU1ODcyYjg2LzEvRUxaYzl2cGVIOHJvejRUSmNCNDR2ZnRqcXJNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS84MDkwYzItODE4MC00ZjNmLTgxNDItYTIzODU1ODcyYjg2 LzEvRUxaYzl2cGVIOHJvejRUSmNCNDR2ZnRqcXJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgo9j7YB6 5KoGYauJAIDesCwg0ajIsQ6g0SQJmhd2bii4ERIHQAWA6W/ZuaL+jJItmuQxOdlr UbeyP9sw9VDfrHZr4FDm4/84to7K9H8SmYL0uOZzhpxt35F0gCNIJs1Y7xwqqsf7 vDThgA+7xjNz4eF5l/0lykkRBxdE3VThzGLNCK6OLU0s4VXxI7oBC+K/T2RKS4NS M/CHwJ4qr/CoARkj6yjqUcjFSTKfKnW1J/v1c8hdDfW4rOH11yFsG29f/8/xvyTx 3ZPRvn526jHGdGfrcjcO9uBqrVA2Bj2T6Mfc4Z43ZXytzl8TEgvKDvE2GIuh0Mv9 DEsjHtBYCGTXRg== -----END CERTIFICATE-----Generated at Mon Dec 22 04:27:36 2025 by rpki-client