This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft File: veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft (raw, json) Hash identifier: tl7BWknwjR67fkTCJFq5lpYPMy8piV6UOvpSX53UqJU= Subject key identifier: D3:11:03:81:74:29:EB:59:CB:0F:E0:D9:DB:61:1C:8A:92:8C:60:2E Authority key identifier: BD:E3:A4:FB:26:81:DB:28:B5:C3:F5:F1:D4:6A:2D:35:99:60:FA:A4 Certificate issuer: /CN=bde3a4fb2681db28b5c3f5f1d46a2d359960faa4 Certificate serial: 019B3AFE0879B7ADD5247C3DF183E89A7B7F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/veOk-yaB2yi1w_Xx1GotNZlg-qQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft Manifest number: 13D8 Signing time: Sat 20 Dec 2025 09:01:25 +0000 Manifest this update: Sat 20 Dec 2025 09:01:25 +0000 Manifest next update: Sun 21 Dec 2025 09:01:25 +0000 Files and hashes: 1: veOk-yaB2yi1w_Xx1GotNZlg-qQ.crl (hash: qBvgqbQZpdxCMQYM6UTUEQfiYF2/62Bpwz/LbKykbp8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.crl rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft rsync://rpki.ripe.net/repository/DEFAULT/veOk-yaB2yi1w_Xx1GotNZlg-qQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 09:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:fe:08:79:b7:ad:d5:24:7c:3d:f1:83:e8:9a:7b:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bde3a4fb2681db28b5c3f5f1d46a2d359960faa4 Validity Not Before: Dec 20 09:01:25 2025 GMT Not After : Dec 21 09:01:25 2025 GMT Subject: CN=d31103817429eb59cb0fe0d9db611c8a928c602e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:be:95:a1:86:f6:e8:b4:06:f3:15:e7:5b:c4: 06:84:7a:f5:b4:6d:6c:fb:02:64:d4:97:67:34:6e: 85:f1:23:4c:fe:18:f4:c3:29:7f:a0:13:f5:04:f1: ca:f8:76:0d:9f:9c:c1:f0:9b:c8:fb:6b:58:3a:26: 64:0c:ac:dd:8a:c2:c1:68:19:3c:99:ab:70:7d:bc: 55:bc:9c:a2:44:c7:40:5a:b3:b8:0c:e4:96:31:5f: 8d:ae:7d:35:30:29:d9:55:94:04:70:8e:e0:78:09: a7:ca:9b:b5:26:77:7a:b5:c0:c4:f6:3a:92:31:a8: 4e:75:d1:4f:e3:82:d1:d6:52:10:68:ca:7a:37:c9: fc:da:37:7e:dc:b0:ee:ab:3f:d6:65:6d:82:73:a8: 0f:aa:59:77:4e:88:61:3b:b3:cc:98:9c:f6:df:d9: 17:c3:c6:07:ca:10:62:aa:74:fe:47:a8:7a:bb:28: 2b:c2:fc:ef:d0:22:5f:2a:5a:b8:df:2e:93:ff:3f: 8c:24:b8:81:38:c3:13:4d:18:69:9c:02:87:c6:aa: 9d:3b:f2:47:14:fd:e1:c1:c0:fc:f6:ac:c1:56:64: 63:40:98:50:9d:73:d8:98:49:6e:21:9e:5e:82:da: 41:1c:65:77:fc:fb:7b:3e:93:49:9f:4c:09:8d:f2: b1:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:11:03:81:74:29:EB:59:CB:0F:E0:D9:DB:61:1C:8A:92:8C:60:2E X509v3 Authority Key Identifier: keyid:BD:E3:A4:FB:26:81:DB:28:B5:C3:F5:F1:D4:6A:2D:35:99:60:FA:A4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/veOk-yaB2yi1w_Xx1GotNZlg-qQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/21de67-4975-47a8-846c-808feaaf987d/1/veOk-yaB2yi1w_Xx1GotNZlg-qQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7e:3d:f0:1f:af:c5:d9:16:c6:55:7d:6a:68:63:1a:91:70:96: 98:d1:d4:f7:16:61:a6:33:e0:bc:72:00:15:66:81:2e:2a:ab: 28:35:bc:eb:c0:be:e9:63:47:40:bd:21:8c:c3:f6:9b:45:ef: c6:48:f4:16:0c:9d:d9:7c:e7:82:7a:1b:08:86:41:62:6f:ca: 5a:56:8d:a5:a5:ff:86:96:a2:a8:72:a4:85:75:5e:aa:5b:02: 1e:18:e7:b6:14:78:5a:cb:83:75:43:51:fa:c2:db:d9:94:ef: 2d:d1:b4:46:9b:49:cc:e5:04:98:be:eb:1e:20:91:f4:01:9b: a5:b9:81:b7:73:4a:18:97:e3:fc:71:66:7a:2f:c1:2e:df:21: dc:42:4b:50:29:a5:25:b4:70:bb:c7:95:76:35:c3:62:4f:1c: d9:ed:f0:21:a0:1c:9f:94:71:8d:20:27:83:d4:51:1d:07:a2: 0d:3c:5a:81:b4:09:97:e8:cf:ec:6d:d8:ee:42:6a:6d:b0:06: d2:48:11:89:da:1f:ef:49:b9:ec:a5:0f:ee:f3:90:1d:e8:76: 48:57:5e:ff:8c:d3:93:3c:aa:09:42:83:88:4d:88:fa:4f:22: 5d:0e:4d:11:0f:e3:81:bd:3d:88:0b:27:65:7e:c6:b0:bd:ea: ec:1e:6f:c8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6/gh5t63VJHw98YPomnt/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJkZTNhNGZiMjY4MWRiMjhiNWMzZjVmMWQ0NmEyZDM1OTk2 MGZhYTQwHhcNMjUxMjIwMDkwMTI1WhcNMjUxMjIxMDkwMTI1WjAzMTEwLwYDVQQD EyhkMzExMDM4MTc0MjllYjU5Y2IwZmUwZDlkYjYxMWM4YTkyOGM2MDJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAub6VoYb26LQG8xXnW8QGhHr1tG1s +wJk1JdnNG6F8SNM/hj0wyl/oBP1BPHK+HYNn5zB8JvI+2tYOiZkDKzdisLBaBk8 matwfbxVvJyiRMdAWrO4DOSWMV+Nrn01MCnZVZQEcI7geAmnypu1Jnd6tcDE9jqS MahOddFP44LR1lIQaMp6N8n82jd+3LDuqz/WZW2Cc6gPqll3TohhO7PMmJz239kX w8YHyhBiqnT+R6h6uygrwvzv0CJfKlq43y6T/z+MJLiBOMMTTRhpnAKHxqqdO/JH FP3hwcD89qzBVmRjQJhQnXPYmEluIZ5egtpBHGV3/Pt7PpNJn0wJjfKxgQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNMRA4F0KetZyw/g2dthHIqSjGAuMB8GA1UdIwQY MBaAFL3jpPsmgdsotcP18dRqLTWZYPqkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdmVPay15YUIyeWkxd19YeDFHb3ROWmxnLXFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8yMWRlNjctNDk3NS00N2E4LTg0NmMt ODA4ZmVhYWY5ODdkLzEvdmVPay15YUIyeWkxd19YeDFHb3ROWmxnLXFRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYi8yMWRlNjctNDk3NS00N2E4LTg0NmMtODA4ZmVhYWY5ODdk LzEvdmVPay15YUIyeWkxd19YeDFHb3ROWmxnLXFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfj3wH6/F 2RbGVX1qaGMakXCWmNHU9xZhpjPgvHIAFWaBLiqrKDW868C+6WNHQL0hjMP2m0Xv xkj0Fgyd2XzngnobCIZBYm/KWlaNpaX/hpaiqHKkhXVeqlsCHhjnthR4WsuDdUNR +sLb2ZTvLdG0RptJzOUEmL7rHiCR9AGbpbmBt3NKGJfj/HFmei/BLt8h3EJLUCml JbRwu8eVdjXDYk8c2e3wIaAcn5RxjSAng9RRHQeiDTxagbQJl+jP7G3Y7kJqbbAG 0kgRidof70m57KUP7vOQHeh2SFde/4zTkzyqCUKDiE2I+k8iXQ5NEQ/jgb09iAsn ZX7GsL3q7B5vyA== -----END CERTIFICATE-----Generated at Sat Dec 20 12:25:43 2025 by rpki-client