This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.mft File: CTUJ5-xo_i2UNAfV3RJqD1lvKrU.mft (raw, json) Hash identifier: FGH1+f3O2nEN5p5zoGK+sdOmIdzKGNHbSz/GseHSkiw= Subject key identifier: D6:A7:05:F0:7D:7A:14:D8:B2:40:F0:7F:9B:93:84:6B:C3:75:14:CE Authority key identifier: 09:35:09:E7:EC:68:FE:2D:94:34:07:D5:DD:12:6A:0F:59:6F:2A:B5 Certificate issuer: /CN=093509e7ec68fe2d943407d5dd126a0f596f2ab5 Certificate serial: 019B27AE24715D35947BD98DC07733305742 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.mft Manifest number: 12AE Signing time: Tue 16 Dec 2025 15:01:22 +0000 Manifest this update: Tue 16 Dec 2025 15:01:22 +0000 Manifest next update: Wed 17 Dec 2025 15:01:22 +0000 Files and hashes: 1: CTUJ5-xo_i2UNAfV3RJqD1lvKrU.crl (hash: 6BPn437BL+4YD9YiIkVYzT00KaZwru/DVaoe1ZcYmuc=) 2: x-sFc0XuZWyC8mb5YkUAH-GfdII.roa (hash: SLT0QNLc8vBCO5UeVhbutYzbWFamBQrhqoa9wxuI2Us=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.crl rsync://rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.mft rsync://rpki.ripe.net/repository/DEFAULT/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 14:45:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:27:ae:24:71:5d:35:94:7b:d9:8d:c0:77:33:30:57:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=093509e7ec68fe2d943407d5dd126a0f596f2ab5 Validity Not Before: Dec 16 15:01:22 2025 GMT Not After : Dec 17 15:01:22 2025 GMT Subject: CN=d6a705f07d7a14d8b240f07f9b93846bc37514ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:27:6b:17:0d:a0:5b:01:34:aa:fb:f6:72:8c: 2e:19:d4:b4:d4:81:10:3e:06:6f:54:cd:e5:8f:52: 4e:bd:b2:e5:78:aa:30:fc:cc:ec:b3:8b:e2:f6:1c: db:69:52:e3:55:7d:74:26:81:5d:4f:f2:5c:e4:0b: 08:3b:dc:e7:5e:23:04:78:9c:e5:dd:ae:a1:7a:14: e1:92:c9:09:a7:ab:12:06:eb:63:d0:54:d0:84:db: 28:91:c2:51:42:b5:65:73:6f:07:2a:37:bc:5c:9f: 64:b5:14:ea:fa:29:ae:62:5e:6c:a3:d8:79:97:a8: 42:16:80:c2:99:cf:87:d5:2d:48:e0:d6:9e:5e:71: 08:7c:56:de:76:7d:3a:bf:d2:7f:af:25:65:0a:7b: fa:74:2a:f1:cc:f0:66:af:6c:9b:e8:67:08:22:b5: f6:45:ef:48:3c:d9:3d:32:87:8f:e5:5f:e0:55:9d: fe:a7:70:ae:27:bd:ae:d5:50:75:39:60:58:fc:de: 65:1d:46:9b:16:03:19:47:9e:29:63:4d:86:f9:97: 14:b7:cf:b2:e6:be:61:02:a1:db:0e:8e:e9:30:77: c6:00:cf:71:58:f9:14:ee:13:32:2d:6a:1c:04:b0: 9e:c3:74:25:71:0a:9c:16:a0:3d:1b:b3:cf:28:75: ee:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:A7:05:F0:7D:7A:14:D8:B2:40:F0:7F:9B:93:84:6B:C3:75:14:CE X509v3 Authority Key Identifier: keyid:09:35:09:E7:EC:68:FE:2D:94:34:07:D5:DD:12:6A:0F:59:6F:2A:B5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1b:13:79:06:45:76:b3:4b:8a:57:78:e9:53:69:6c:93:14:9e: 91:09:54:fd:4f:0d:fd:5c:b5:9f:bd:63:77:ca:ce:08:04:af: 76:d3:e0:2c:e1:2c:4d:6c:b6:6a:c7:75:65:08:6b:3a:c3:91: e1:18:9d:9c:b3:a7:d3:06:52:46:d3:98:55:00:03:43:e4:63: 4e:be:37:be:7e:2d:9e:0a:df:8d:a8:49:db:11:d8:fd:5f:41: 3f:e3:12:0c:75:49:6e:95:53:a5:c9:5d:a0:7b:29:db:91:d8: 4b:02:27:b8:81:38:ad:c4:f2:d3:52:02:0d:84:c5:bc:7f:03: 2c:6e:fe:ac:0f:28:01:c1:b5:58:61:02:ee:c4:87:5a:9b:5a: e5:49:44:b2:65:ef:56:64:07:45:c0:76:2f:8b:cd:16:81:08: c5:02:94:dd:63:81:4d:02:86:a3:3b:9d:96:e9:eb:b4:d1:8a: 62:ad:c0:dc:ff:43:3c:d3:8e:ca:85:8c:e2:be:01:68:dc:3a: a7:98:39:d5:79:5e:b3:1b:b5:96:17:d0:bb:cb:99:a4:3b:cd: bb:c4:c3:0c:0c:51:78:84:a4:3d:c2:9d:06:bf:46:e6:0c:72: 88:97:c4:c7:21:65:fe:86:6c:a5:72:e3:33:f9:fb:3a:c9:28: 9a:25:9b:e6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsnriRxXTWUe9mNwHczMFdCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5MzUwOWU3ZWM2OGZlMmQ5NDM0MDdkNWRkMTI2YTBmNTk2 ZjJhYjUwHhcNMjUxMjE2MTUwMTIyWhcNMjUxMjE3MTUwMTIyWjAzMTEwLwYDVQQD EyhkNmE3MDVmMDdkN2ExNGQ4YjI0MGYwN2Y5YjkzODQ2YmMzNzUxNGNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCdrFw2gWwE0qvv2cowuGdS01IEQ PgZvVM3lj1JOvbLleKow/Mzss4vi9hzbaVLjVX10JoFdT/Jc5AsIO9znXiMEeJzl 3a6hehThkskJp6sSButj0FTQhNsokcJRQrVlc28HKje8XJ9ktRTq+imuYl5so9h5 l6hCFoDCmc+H1S1I4NaeXnEIfFbedn06v9J/ryVlCnv6dCrxzPBmr2yb6GcIIrX2 Re9IPNk9MoeP5V/gVZ3+p3CuJ72u1VB1OWBY/N5lHUabFgMZR54pY02G+ZcUt8+y 5r5hAqHbDo7pMHfGAM9xWPkU7hMyLWocBLCew3QlcQqcFqA9G7PPKHXuYQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNanBfB9ehTYskDwf5uThGvDdRTOMB8GA1UdIwQY MBaAFAk1CefsaP4tlDQH1d0Sag9Zbyq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1RVSjUteG9faTJVTkFmVjNSSnFEMWx2S3JVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9kZmI5NGMtZmRmNC00OTcyLTlhZDgt N2Q2OTczMzcxMzdiLzEvQ1RVSjUteG9faTJVTkFmVjNSSnFEMWx2S3JVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS9kZmI5NGMtZmRmNC00OTcyLTlhZDgtN2Q2OTczMzcxMzdi LzEvQ1RVSjUteG9faTJVTkFmVjNSSnFEMWx2S3JVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGxN5BkV2 s0uKV3jpU2lskxSekQlU/U8N/Vy1n71jd8rOCASvdtPgLOEsTWy2asd1ZQhrOsOR 4RidnLOn0wZSRtOYVQADQ+RjTr43vn4tngrfjahJ2xHY/V9BP+MSDHVJbpVTpcld oHsp25HYSwInuIE4rcTy01ICDYTFvH8DLG7+rA8oAcG1WGEC7sSHWpta5UlEsmXv VmQHRcB2L4vNFoEIxQKU3WOBTQKGozudlunrtNGKYq3A3P9DPNOOyoWM4r4BaNw6 p5g51Xlesxu1lhfQu8uZpDvNu8TDDAxReISkPcKdBr9G5gxyiJfExyFl/oZspXLj M/n7OskomiWb5g== -----END CERTIFICATE-----Generated at Tue Dec 16 17:08:47 2025 by rpki-client