This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft File: pr640lzi1AsMuuWcEeKSvTcXDfo.mft (raw, json) Hash identifier: nv+XIJfBQI7wcawQCgJSu34rSmcHhB8umIWHWj6E/ko= Subject key identifier: AB:2C:DF:85:03:D7:5F:2E:68:86:75:93:67:58:52:ED:17:F1:63:F8 Authority key identifier: A6:BE:B8:D2:5C:E2:D4:0B:0C:BA:E5:9C:11:E2:92:BD:37:17:0D:FA Certificate issuer: /CN=a6beb8d25ce2d40b0cbae59c11e292bd37170dfa Certificate serial: 019B2BF8CA37E13B324C7E0906DBEE254ACC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft Manifest number: 1177 Signing time: Wed 17 Dec 2025 11:01:23 +0000 Manifest this update: Wed 17 Dec 2025 11:01:23 +0000 Manifest next update: Thu 18 Dec 2025 11:01:23 +0000 Files and hashes: 1: pr640lzi1AsMuuWcEeKSvTcXDfo.crl (hash: xe7qRCF33UX89qT4/guCTs9JTtImRLmfDi9KwNLb4X4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:f8:ca:37:e1:3b:32:4c:7e:09:06:db:ee:25:4a:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a6beb8d25ce2d40b0cbae59c11e292bd37170dfa Validity Not Before: Dec 17 11:01:23 2025 GMT Not After : Dec 18 11:01:23 2025 GMT Subject: CN=ab2cdf8503d75f2e68867593675852ed17f163f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:f2:82:0d:28:81:54:a9:57:3e:a3:8b:a4:58: 76:fc:41:a1:42:79:44:2e:da:1a:e0:a5:5f:29:13: eb:d0:d6:23:37:0d:55:1d:8e:ad:1e:d0:3c:29:a1: 9b:96:59:5b:ef:11:98:cf:84:24:d0:2f:90:99:76: 24:a6:97:25:f1:a5:ea:a2:c6:4f:29:1d:e9:4e:55: 9d:1c:bd:85:7f:73:bd:50:6f:cb:3d:49:39:0c:9a: 7d:6d:30:2a:03:c5:9c:a5:e0:4c:8d:3a:10:a3:fd: 2e:6f:b3:63:dd:28:42:9a:4a:f6:14:77:a5:b2:51: a0:ca:11:ad:44:fa:69:9c:0c:22:13:09:a3:c2:5f: 24:71:22:72:f3:a1:3e:0c:59:50:60:00:58:db:82: fc:a2:6a:7c:5d:69:37:8a:54:9c:40:be:db:01:3e: 70:a6:43:2b:98:de:e2:9f:fc:5d:8a:c5:d8:d6:49: ba:51:74:74:42:fc:3d:57:5c:47:01:1d:45:97:3f: 57:92:a9:99:75:b1:32:a4:7c:b6:8f:30:97:38:fa: 8c:1b:2e:82:d6:bb:f1:52:14:02:89:8b:7f:a1:d7: f1:02:4d:04:93:0e:13:a0:82:44:54:57:6c:03:ea: d8:48:39:c3:46:15:6d:ff:32:2c:ee:d0:ab:16:57: dc:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:2C:DF:85:03:D7:5F:2E:68:86:75:93:67:58:52:ED:17:F1:63:F8 X509v3 Authority Key Identifier: keyid:A6:BE:B8:D2:5C:E2:D4:0B:0C:BA:E5:9C:11:E2:92:BD:37:17:0D:FA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6c:70:2d:cf:cb:33:6e:4e:85:2a:7c:1a:aa:73:6d:4c:b0:95: 85:c6:f0:f2:dc:84:62:86:48:a4:53:38:47:0b:75:a9:2e:3b: ec:ae:97:45:9e:72:60:56:31:17:c9:95:6b:32:00:47:cd:51: 0d:ed:21:38:f9:90:1b:08:88:e3:c8:93:39:f0:b5:27:23:98: b6:4d:f7:33:a7:77:9c:e3:62:3b:cf:b2:87:3a:b8:33:76:11: 8a:29:db:ed:84:2b:c9:ed:70:91:1b:d4:f5:19:69:f4:f8:35: f2:4e:4f:f5:da:76:8c:50:23:07:51:c8:07:a4:28:44:0a:b0: 5d:06:0c:ac:ae:7c:72:98:81:d1:11:f5:13:25:85:29:d5:99: 23:41:8e:3f:46:cf:cb:5d:1d:89:2f:7e:4f:2c:ef:33:37:1a: 54:eb:51:38:fd:27:b3:b1:62:06:8f:ee:6e:d7:53:1d:75:fb: 27:94:3e:fa:ee:25:52:95:6a:d2:e6:ad:c9:67:ce:5c:af:49: e1:6d:af:fe:43:4e:e7:d6:09:99:65:dd:7c:89:40:5d:fc:37: b0:2f:44:ce:63:cd:bc:b9:fc:03:2b:cf:93:e3:22:e8:c3:3e: 2c:9d:fd:bf:e1:2d:e0:c4:df:b4:83:5d:04:11:b4:5c:b7:31: 64:42:7f:dc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsr+Mo34TsyTH4JBtvuJUrMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2YmViOGQyNWNlMmQ0MGIwY2JhZTU5YzExZTI5MmJkMzcx NzBkZmEwHhcNMjUxMjE3MTEwMTIzWhcNMjUxMjE4MTEwMTIzWjAzMTEwLwYDVQQD EyhhYjJjZGY4NTAzZDc1ZjJlNjg4Njc1OTM2NzU4NTJlZDE3ZjE2M2Y4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/KCDSiBVKlXPqOLpFh2/EGhQnlE Ltoa4KVfKRPr0NYjNw1VHY6tHtA8KaGblllb7xGYz4Qk0C+QmXYkppcl8aXqosZP KR3pTlWdHL2Ff3O9UG/LPUk5DJp9bTAqA8WcpeBMjToQo/0ub7Nj3ShCmkr2FHel slGgyhGtRPppnAwiEwmjwl8kcSJy86E+DFlQYABY24L8omp8XWk3ilScQL7bAT5w pkMrmN7in/xdisXY1km6UXR0Qvw9V1xHAR1Flz9XkqmZdbEypHy2jzCXOPqMGy6C 1rvxUhQCiYt/odfxAk0Ekw4ToIJEVFdsA+rYSDnDRhVt/zIs7tCrFlfcUwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKss34UD118uaIZ1k2dYUu0X8WP4MB8GA1UdIwQY MBaAFKa+uNJc4tQLDLrlnBHikr03Fw36MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS81NDI0ZDktNTM0OC00ZjZmLTkzOTAt NDVhNDBhMjFiOGQzLzEvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS81NDI0ZDktNTM0OC00ZjZmLTkzOTAtNDVhNDBhMjFiOGQz LzEvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbHAtz8sz bk6FKnwaqnNtTLCVhcbw8tyEYoZIpFM4Rwt1qS477K6XRZ5yYFYxF8mVazIAR81R De0hOPmQGwiI48iTOfC1JyOYtk33M6d3nONiO8+yhzq4M3YRiinb7YQrye1wkRvU 9Rlp9Pg18k5P9dp2jFAjB1HIB6QoRAqwXQYMrK58cpiB0RH1EyWFKdWZI0GOP0bP y10diS9+TyzvMzcaVOtROP0ns7FiBo/ubtdTHXX7J5Q++u4lUpVq0uatyWfOXK9J 4W2v/kNO59YJmWXdfIlAXfw3sC9EzmPNvLn8AyvPk+Mi6MM+LJ39v+Et4MTftINd BBG0XLcxZEJ/3A== -----END CERTIFICATE-----Generated at Wed Dec 17 19:13:42 2025 by rpki-client