This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.mft File: rjRcTQnm4iTh2vRmV9PHEYewIjY.mft (raw, json) Hash identifier: UIixaW95qiH7P4A4unzR+MvahxEDm8zuGygOume3ewk= Subject key identifier: 70:CA:9F:27:65:4E:7D:6B:3B:86:C6:5F:F2:9C:88:49:8C:7C:E2:6F Authority key identifier: AE:34:5C:4D:09:E6:E2:24:E1:DA:F4:66:57:D3:C7:11:87:B0:22:36 Certificate issuer: /CN=ae345c4d09e6e224e1daf46657d3c71187b02236 Certificate serial: 019B39B3B9D62B82A44BD5FFD4DA88792EA5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rjRcTQnm4iTh2vRmV9PHEYewIjY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.mft Manifest number: 06D0 Signing time: Sat 20 Dec 2025 03:00:38 +0000 Manifest this update: Sat 20 Dec 2025 03:00:38 +0000 Manifest next update: Sun 21 Dec 2025 03:00:38 +0000 Files and hashes: 1: rjRcTQnm4iTh2vRmV9PHEYewIjY.crl (hash: l6FpKdiY1DTnMhSAWs1B4SpTQiHIxp36VbwLcjDhjBM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.mft rsync://rpki.ripe.net/repository/DEFAULT/rjRcTQnm4iTh2vRmV9PHEYewIjY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:b3:b9:d6:2b:82:a4:4b:d5:ff:d4:da:88:79:2e:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ae345c4d09e6e224e1daf46657d3c71187b02236 Validity Not Before: Dec 20 03:00:38 2025 GMT Not After : Dec 21 03:00:38 2025 GMT Subject: CN=70ca9f27654e7d6b3b86c65ff29c88498c7ce26f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:c9:1b:fe:03:53:e8:5e:b1:b2:6a:83:4d:72: d6:0d:90:34:90:a0:e6:0c:0c:e1:eb:08:5e:62:4f: 42:80:81:26:18:78:92:2e:7a:19:48:41:da:0e:4f: f7:bf:86:6a:56:09:c1:d7:63:34:99:8c:2f:1f:70: 80:2d:16:81:02:92:5c:9f:d3:9e:9e:2b:da:6d:54: 77:46:d7:e4:b3:ca:c2:cd:be:50:23:8d:d9:a6:9b: f4:b2:4d:71:f6:13:5d:9e:ba:13:d1:7f:96:60:12: b7:35:1c:37:25:1d:13:d6:1e:a1:e7:72:35:45:67: 2d:3b:50:b2:ed:17:a4:31:5e:af:7a:b8:19:16:e1: 57:b4:27:37:fc:f5:6e:2e:08:85:5b:27:73:36:83: 99:51:55:f2:99:c3:7f:79:c8:6b:86:2d:51:a2:e8: ab:f5:c4:07:57:41:04:a2:10:60:fa:07:4e:ee:a1: 75:42:39:91:49:74:d3:5c:69:ab:80:6c:0e:a9:a9: 6e:6b:00:fe:eb:e9:c8:18:a6:92:66:4b:b0:b1:17: 5f:60:54:6d:c8:2b:20:47:86:8c:7d:f7:75:24:8a: 2e:de:7b:36:03:96:2a:fb:5c:57:c2:2b:c3:3d:31: 70:eb:f0:78:27:73:6e:f0:22:9f:c3:c0:d6:ab:36: b2:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:CA:9F:27:65:4E:7D:6B:3B:86:C6:5F:F2:9C:88:49:8C:7C:E2:6F X509v3 Authority Key Identifier: keyid:AE:34:5C:4D:09:E6:E2:24:E1:DA:F4:66:57:D3:C7:11:87:B0:22:36 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rjRcTQnm4iTh2vRmV9PHEYewIjY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/21a53c-63ef-4fc5-9549-3bf61779ddc7/1/rjRcTQnm4iTh2vRmV9PHEYewIjY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7b:90:13:f6:84:8e:1e:00:41:ba:86:41:2e:e7:12:79:65:87: 4d:85:b5:f5:63:77:73:47:91:78:14:6e:c7:88:e6:7a:c6:16: 67:88:b8:fa:e4:b4:9b:69:46:4e:45:a4:09:e2:e8:af:71:3c: 24:9c:9d:49:1d:52:69:14:73:08:c7:53:85:77:66:0d:a8:69: 54:34:13:fe:86:fb:7a:42:45:48:7b:f6:22:ea:53:fc:03:41: 42:e8:3d:fb:3f:ed:a3:e1:91:ef:66:d8:c7:6e:91:29:4f:8e: 44:3d:4a:ac:3c:e7:e5:c9:82:9a:61:0a:b3:62:99:ea:7c:58: 5d:bd:87:18:12:20:05:2a:1c:f3:a7:08:5f:85:a5:63:fd:c0: a2:20:84:97:9c:67:bb:34:3a:57:9d:6d:0d:0a:ad:50:e3:38: 5d:ab:13:2b:9c:d5:24:22:67:8c:82:b6:94:73:be:c3:ca:46: db:af:c7:9e:4c:29:bd:0d:9f:67:b7:e8:52:f1:d9:53:95:b5: 00:7b:de:4c:66:b6:88:40:eb:06:a7:81:1d:88:3f:ff:7d:c9: ae:8a:ee:3e:42:99:86:ac:8e:11:18:dc:60:6d:34:ce:7d:8c: 70:c5:85:ea:c5:e1:19:06:35:01:46:47:c4:91:ab:47:03:54: 16:a7:4a:a9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs5s7nWK4KkS9X/1NqIeS6lMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFlMzQ1YzRkMDllNmUyMjRlMWRhZjQ2NjU3ZDNjNzExODdi MDIyMzYwHhcNMjUxMjIwMDMwMDM4WhcNMjUxMjIxMDMwMDM4WjAzMTEwLwYDVQQD Eyg3MGNhOWYyNzY1NGU3ZDZiM2I4NmM2NWZmMjljODg0OThjN2NlMjZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8kb/gNT6F6xsmqDTXLWDZA0kKDm DAzh6wheYk9CgIEmGHiSLnoZSEHaDk/3v4ZqVgnB12M0mYwvH3CALRaBApJcn9Oe nivabVR3Rtfks8rCzb5QI43Zppv0sk1x9hNdnroT0X+WYBK3NRw3JR0T1h6h53I1 RWctO1Cy7RekMV6vergZFuFXtCc3/PVuLgiFWydzNoOZUVXymcN/echrhi1Rouir 9cQHV0EEohBg+gdO7qF1QjmRSXTTXGmrgGwOqaluawD+6+nIGKaSZkuwsRdfYFRt yCsgR4aMffd1JIou3ns2A5Yq+1xXwivDPTFw6/B4J3Nu8CKfw8DWqzayKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHDKnydlTn1rO4bGX/KciEmMfOJvMB8GA1UdIwQY MBaAFK40XE0J5uIk4dr0ZlfTxxGHsCI2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcmpSY1RRbm00aVRoMnZSbVY5UEhFWWV3SWpZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8yMWE1M2MtNjNlZi00ZmM1LTk1NDkt M2JmNjE3NzlkZGM3LzEvcmpSY1RRbm00aVRoMnZSbVY5UEhFWWV3SWpZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC8yMWE1M2MtNjNlZi00ZmM1LTk1NDktM2JmNjE3NzlkZGM3 LzEvcmpSY1RRbm00aVRoMnZSbVY5UEhFWWV3SWpZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe5AT9oSO HgBBuoZBLucSeWWHTYW19WN3c0eReBRux4jmesYWZ4i4+uS0m2lGTkWkCeLor3E8 JJydSR1SaRRzCMdThXdmDahpVDQT/ob7ekJFSHv2IupT/ANBQug9+z/to+GR72bY x26RKU+ORD1KrDzn5cmCmmEKs2KZ6nxYXb2HGBIgBSoc86cIX4WlY/3AoiCEl5xn uzQ6V51tDQqtUOM4XasTK5zVJCJnjIK2lHO+w8pG26/HnkwpvQ2fZ7foUvHZU5W1 AHveTGa2iEDrBqeBHYg//33JroruPkKZhqyOERjcYG00zn2McMWF6sXhGQY1AUZH xJGrRwNUFqdKqQ== -----END CERTIFICATE-----Generated at Sat Dec 20 10:47:39 2025 by rpki-client