This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft File: ckWEKSHz0CDU2AReUrsQ_PV-r28.mft (raw, json) Hash identifier: hG5P4ZWqDoUU3NPHYzXh1h26+BNzqj8yX00gaHuOSzU= Subject key identifier: 3C:F9:41:FF:18:79:DD:7E:96:0A:4C:3E:BA:B2:EE:5C:BC:58:6E:39 Authority key identifier: 72:45:84:29:21:F3:D0:20:D4:D8:04:5E:52:BB:10:FC:F5:7E:AF:6F Certificate issuer: /CN=7245842921f3d020d4d8045e52bb10fcf57eaf6f Certificate serial: 019B3721316F81866A9A4414E4F20CD7C532 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft Manifest number: 1101 Signing time: Fri 19 Dec 2025 15:01:20 +0000 Manifest this update: Fri 19 Dec 2025 15:01:20 +0000 Manifest next update: Sat 20 Dec 2025 15:01:20 +0000 Files and hashes: 1: ckWEKSHz0CDU2AReUrsQ_PV-r28.crl (hash: IDi+64kLVUSH9MLariHD5OqxwBrmgk1wQjw1gUwMdZo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.crl rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 15:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:37:21:31:6f:81:86:6a:9a:44:14:e4:f2:0c:d7:c5:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7245842921f3d020d4d8045e52bb10fcf57eaf6f Validity Not Before: Dec 19 15:01:20 2025 GMT Not After : Dec 20 15:01:20 2025 GMT Subject: CN=3cf941ff1879dd7e960a4c3ebab2ee5cbc586e39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:98:6a:ce:ef:ae:63:c8:55:d3:3c:ac:45:18: 00:e9:61:44:b7:26:07:21:4f:1d:55:17:77:bc:38: df:4c:42:e6:69:c4:0d:1e:bb:0f:13:d1:b7:bb:5a: b5:9b:97:0e:e5:53:0b:41:e2:bd:af:68:3a:3f:68: 96:ab:8e:38:b6:d4:07:71:12:52:32:21:48:8a:4d: da:d2:a2:a8:5f:9a:cd:b6:e0:4e:ee:93:2e:2d:0d: 38:20:c0:04:33:73:18:87:9d:4c:8c:1b:35:84:39: 88:88:51:be:5d:00:9b:10:aa:79:03:bb:ed:e8:3c: ab:93:53:33:26:66:70:29:d0:ef:38:02:19:6c:c8: 05:ba:7b:45:95:8d:a3:27:c0:3e:4c:67:7f:3c:ed: 3d:72:c8:ff:1f:9a:85:69:19:25:ab:19:55:9b:30: bc:89:17:b5:92:3a:28:e1:92:ee:61:2e:fc:88:05: 6f:9d:e6:4b:25:cb:da:0a:4b:83:af:a7:c2:2a:df: a6:06:85:ad:cf:77:c1:59:81:ea:8a:42:1f:c2:85: fa:b9:61:d9:8f:f2:97:c5:6b:d5:10:93:75:2c:2a: 81:d5:14:d4:ac:4e:8e:ea:81:e6:c0:a6:be:33:93: 19:a8:8c:20:6f:c6:e8:25:b7:08:7c:17:f9:2b:4e: 30:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:F9:41:FF:18:79:DD:7E:96:0A:4C:3E:BA:B2:EE:5C:BC:58:6E:39 X509v3 Authority Key Identifier: keyid:72:45:84:29:21:F3:D0:20:D4:D8:04:5E:52:BB:10:FC:F5:7E:AF:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 49:74:42:50:0e:92:52:1f:5a:09:c2:fa:18:1c:73:a8:a1:49: 83:b9:37:ab:f7:ec:6a:82:cb:2b:11:01:aa:2b:95:71:fc:df: c6:8d:1f:61:4b:d5:31:0a:06:24:50:66:58:65:0f:f9:59:9f: d0:1b:ef:77:3f:7f:04:aa:d7:5f:b9:0e:07:89:d0:b9:d9:dd: 68:dc:8f:a7:04:a8:18:f5:94:e0:d0:6e:3e:86:99:d0:36:03: a6:a5:52:86:54:ad:e0:d0:ef:e8:4e:52:af:f3:c4:58:fb:d9: bb:19:33:d5:d1:31:2d:db:ce:27:32:8f:da:fe:fb:f0:a4:2d: e0:73:59:8d:08:59:bb:60:1a:78:e0:17:01:c1:3f:14:a3:91: 74:82:91:52:f0:73:b7:f9:cc:26:84:d5:e4:69:05:6e:6e:85: 10:68:e8:24:34:f0:ff:77:66:7d:eb:98:be:e7:5d:7a:94:b4: 69:5b:0d:03:9e:9f:84:e0:64:85:7a:6d:b3:16:63:08:34:6c: b9:23:ec:b6:ff:8b:45:df:86:64:98:74:3d:30:1c:41:b2:69: a0:41:6b:9e:f2:67:f2:ab:d6:36:0b:eb:07:5b:4e:97:78:01: bf:f2:0f:87:b6:da:fe:2d:16:91:ed:a6:b7:d3:68:0f:fc:ba: aa:ba:ed:53 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs3ITFvgYZqmkQU5PIM18UyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyNDU4NDI5MjFmM2QwMjBkNGQ4MDQ1ZTUyYmIxMGZjZjU3 ZWFmNmYwHhcNMjUxMjE5MTUwMTIwWhcNMjUxMjIwMTUwMTIwWjAzMTEwLwYDVQQD EygzY2Y5NDFmZjE4NzlkZDdlOTYwYTRjM2ViYWIyZWU1Y2JjNTg2ZTM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJhqzu+uY8hV0zysRRgA6WFEtyYH IU8dVRd3vDjfTELmacQNHrsPE9G3u1q1m5cO5VMLQeK9r2g6P2iWq444ttQHcRJS MiFIik3a0qKoX5rNtuBO7pMuLQ04IMAEM3MYh51MjBs1hDmIiFG+XQCbEKp5A7vt 6Dyrk1MzJmZwKdDvOAIZbMgFuntFlY2jJ8A+TGd/PO09csj/H5qFaRklqxlVmzC8 iRe1kjoo4ZLuYS78iAVvneZLJcvaCkuDr6fCKt+mBoWtz3fBWYHqikIfwoX6uWHZ j/KXxWvVEJN1LCqB1RTUrE6O6oHmwKa+M5MZqIwgb8boJbcIfBf5K04wiwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDz5Qf8Yed1+lgpMPrqy7ly8WG45MB8GA1UdIwQY MBaAFHJFhCkh89Ag1NgEXlK7EPz1fq9vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS83MWY0MjItZTA5Mi00MTg5LThkM2Mt OGUyNThlZmVkZmZhLzEvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS83MWY0MjItZTA5Mi00MTg5LThkM2MtOGUyNThlZmVkZmZh LzEvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASXRCUA6S Uh9aCcL6GBxzqKFJg7k3q/fsaoLLKxEBqiuVcfzfxo0fYUvVMQoGJFBmWGUP+Vmf 0Bvvdz9/BKrXX7kOB4nQudndaNyPpwSoGPWU4NBuPoaZ0DYDpqVShlSt4NDv6E5S r/PEWPvZuxkz1dExLdvOJzKP2v778KQt4HNZjQhZu2AaeOAXAcE/FKORdIKRUvBz t/nMJoTV5GkFbm6FEGjoJDTw/3dmfeuYvuddepS0aVsNA56fhOBkhXptsxZjCDRs uSPstv+LRd+GZJh0PTAcQbJpoEFrnvJn8qvWNgvrB1tOl3gBv/IPh7ba/i0Wke2m t9NoD/y6qrrtUw== -----END CERTIFICATE-----Generated at Sat Dec 20 00:53:28 2025 by rpki-client