This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft File: 7HDF2GfeIA8BSGsaiAqUuEldciA.mft (raw, json) Hash identifier: BfbKBmLDvIRHIstngg+l7Av2AIk7yRRJLI4y0iaDyDc= Subject key identifier: 94:43:B1:CA:C0:0B:DA:FE:83:77:EC:A8:52:AA:5B:55:2A:1A:19:98 Authority key identifier: EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20 Certificate issuer: /CN=ec70c5d867de200f01486b1a880a94b8495d7220 Certificate serial: 019B5976F61E0CADA73EF7B683C1560E2F68 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft Manifest number: 1059 Signing time: Fri 26 Dec 2025 07:02:06 +0000 Manifest this update: Fri 26 Dec 2025 07:02:06 +0000 Manifest next update: Sat 27 Dec 2025 07:02:06 +0000 Files and hashes: 1: 7HDF2GfeIA8BSGsaiAqUuEldciA.crl (hash: AB/ljSQSJFgs5S3RTjsvVBif2IAzoWXEQoNuFX6kCdc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:76:f6:1e:0c:ad:a7:3e:f7:b6:83:c1:56:0e:2f:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ec70c5d867de200f01486b1a880a94b8495d7220 Validity Not Before: Dec 26 07:02:06 2025 GMT Not After : Dec 27 07:02:06 2025 GMT Subject: CN=9443b1cac00bdafe8377eca852aa5b552a1a1998 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:28:eb:de:57:27:d0:7f:2b:23:77:52:a8:ca: 07:92:01:2a:56:37:e1:49:db:fd:6d:43:97:c1:20: 06:b6:f6:89:e8:9c:89:24:41:89:c5:66:ca:a4:de: 7c:98:4c:8e:bf:b1:60:be:78:7c:c8:e9:58:1e:2a: 6a:88:95:ff:7c:6a:4b:c3:ce:91:c0:b5:ec:88:fe: 36:9b:1a:38:fc:14:3a:42:e1:cc:48:04:12:97:e1: 02:d0:9c:b7:8c:e6:54:48:cf:39:e6:17:42:45:24: 43:2f:e2:a7:e1:7b:68:59:6e:38:85:7f:4e:a0:3a: 38:71:32:55:a8:ef:8a:d3:6b:3e:14:03:24:d7:1f: be:10:87:b9:3c:6b:67:c4:62:39:42:64:16:ca:10: aa:97:1f:1c:e8:17:a4:fc:4a:5a:73:ec:23:02:9b: 4f:fc:73:df:0c:e0:ff:65:21:37:4a:1e:b2:6a:3b: bf:5a:7e:34:8d:52:41:80:3b:5b:49:4c:96:78:b2: 73:54:23:9b:eb:eb:11:27:70:94:c9:e6:da:71:96: 6b:6c:8e:cc:ef:3b:a9:30:2e:d1:50:7f:f0:d9:6d: 54:61:ad:4e:58:d1:3b:54:a7:e3:66:77:16:07:b3: d8:6c:8d:2b:1c:e0:f8:34:9e:16:16:30:33:44:b9: 94:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:43:B1:CA:C0:0B:DA:FE:83:77:EC:A8:52:AA:5B:55:2A:1A:19:98 X509v3 Authority Key Identifier: keyid:EC:70:C5:D8:67:DE:20:0F:01:48:6B:1A:88:0A:94:B8:49:5D:72:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7HDF2GfeIA8BSGsaiAqUuEldciA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6ef54c-b034-49e6-8da4-c5ad153c2d46/1/7HDF2GfeIA8BSGsaiAqUuEldciA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:8f:53:97:3f:17:8c:39:8c:13:96:e7:79:3b:7c:0e:20:d8: 06:05:b6:5c:14:b2:73:1d:a0:1e:79:fd:51:cf:7c:e8:bd:86: 12:b5:9a:7b:48:f3:8d:4a:27:8a:86:79:c8:b1:8e:ec:59:0b: 31:62:6a:77:2b:97:9b:a9:47:91:2b:f1:95:fc:92:87:ec:92: 3b:e4:b6:7b:e8:d3:f1:20:49:25:79:7b:0a:dd:a7:12:86:67: 6b:c7:b1:95:6e:72:ed:78:58:b4:41:29:74:35:c4:e7:17:82: d6:2a:16:a2:1d:32:b7:73:72:18:9f:2f:2f:f3:17:91:3d:7a: 10:d3:1c:f4:4c:17:7e:2f:14:78:af:2b:4d:6f:1c:76:92:5c: 04:a1:e3:61:b1:9c:7a:a1:f6:ee:1f:bf:02:08:46:5d:ef:ee: bd:40:85:ba:6c:63:11:ee:e7:46:85:94:d0:bb:ce:71:e0:fd: 71:1b:58:8b:85:6a:bb:5f:eb:0d:37:70:ae:48:ac:72:be:ed: 09:75:42:e7:60:64:72:ff:bb:a2:db:4e:9a:bb:c1:12:72:20: a8:ee:55:21:92:a2:90:14:46:f1:e6:ee:d5:ff:3f:7c:0a:b1: b4:39:fc:dc:97:a4:8e:ad:13:e3:db:63:db:a9:18:c8:f2:9b: ce:08:2a:f0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdvYeDK2nPve2g8FWDi9oMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVjNzBjNWQ4NjdkZTIwMGYwMTQ4NmIxYTg4MGE5NGI4NDk1 ZDcyMjAwHhcNMjUxMjI2MDcwMjA2WhcNMjUxMjI3MDcwMjA2WjAzMTEwLwYDVQQD Eyg5NDQzYjFjYWMwMGJkYWZlODM3N2VjYTg1MmFhNWI1NTJhMWExOTk4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyjr3lcn0H8rI3dSqMoHkgEqVjfh Sdv9bUOXwSAGtvaJ6JyJJEGJxWbKpN58mEyOv7Fgvnh8yOlYHipqiJX/fGpLw86R wLXsiP42mxo4/BQ6QuHMSAQSl+EC0Jy3jOZUSM855hdCRSRDL+Kn4XtoWW44hX9O oDo4cTJVqO+K02s+FAMk1x++EIe5PGtnxGI5QmQWyhCqlx8c6Bek/Epac+wjAptP /HPfDOD/ZSE3Sh6yaju/Wn40jVJBgDtbSUyWeLJzVCOb6+sRJ3CUyebacZZrbI7M 7zupMC7RUH/w2W1UYa1OWNE7VKfjZncWB7PYbI0rHOD4NJ4WFjAzRLmUkQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJRDscrAC9r+g3fsqFKqW1UqGhmYMB8GA1UdIwQY MBaAFOxwxdhn3iAPAUhrGogKlLhJXXIgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQt YzVhZDE1M2MyZDQ2LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS82ZWY1NGMtYjAzNC00OWU2LThkYTQtYzVhZDE1M2MyZDQ2 LzEvN0hERjJHZmVJQThCU0dzYWlBcVV1RWxkY2lBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOI9Tlz8X jDmME5bneTt8DiDYBgW2XBSycx2gHnn9Uc986L2GErWae0jzjUonioZ5yLGO7FkL MWJqdyuXm6lHkSvxlfySh+ySO+S2e+jT8SBJJXl7Ct2nEoZna8exlW5y7XhYtEEp dDXE5xeC1ioWoh0yt3NyGJ8vL/MXkT16ENMc9EwXfi8UeK8rTW8cdpJcBKHjYbGc eqH27h+/AghGXe/uvUCFumxjEe7nRoWU0LvOceD9cRtYi4Vqu1/rDTdwrkiscr7t CXVC52Bkcv+7ottOmrvBEnIgqO5VIZKikBRG8ebu1f8/fAqxtDn83Jekjq0T49tj 26kYyPKbzggq8A== -----END CERTIFICATE-----Generated at Fri Dec 26 15:45:28 2025 by rpki-client