This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft File: rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft (raw, json) Hash identifier: Ocp9UkOvRqidEi5puGb98UDDFSpowa4UzlFjfJVqqf0= Subject key identifier: 27:27:B9:34:9E:C7:2A:68:D1:8F:81:87:94:DB:02:46:95:20:EC:D7 Authority key identifier: AE:C5:C7:AB:5B:72:18:1E:4E:42:11:32:22:15:E9:77:6B:49:00:F9 Certificate issuer: /CN=aec5c7ab5b72181e4e4211322215e9776b4900f9 Certificate serial: 019B66FAFBEC71A8D62816911BF819E5108E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rsXHq1tyGB5OQhEyIhXpd2tJAPk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft Manifest number: 0C9B Signing time: Sun 28 Dec 2025 22:01:22 +0000 Manifest this update: Sun 28 Dec 2025 22:01:22 +0000 Manifest next update: Mon 29 Dec 2025 22:01:22 +0000 Files and hashes: 1: rsXHq1tyGB5OQhEyIhXpd2tJAPk.crl (hash: 8qhDUCGjybO2PdgYf+NJLW1zHCy0s0aLjdSp1JAt408=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.crl rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft rsync://rpki.ripe.net/repository/DEFAULT/rsXHq1tyGB5OQhEyIhXpd2tJAPk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 20:59:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:66:fa:fb:ec:71:a8:d6:28:16:91:1b:f8:19:e5:10:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aec5c7ab5b72181e4e4211322215e9776b4900f9 Validity Not Before: Dec 28 22:01:22 2025 GMT Not After : Dec 29 22:01:22 2025 GMT Subject: CN=2727b9349ec72a68d18f818794db02469520ecd7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:7c:26:b8:e1:d1:62:d9:dc:97:a0:6a:a6:c3: d7:b2:56:a9:48:5a:96:f8:76:03:0f:f9:01:d6:d5: 1a:a4:ac:95:20:82:2f:ce:0c:10:f1:12:77:8f:89: b6:bd:fc:f2:82:e8:f9:1d:b0:e4:31:5b:b8:68:12: 5c:24:25:d4:3e:80:93:af:66:c3:78:ba:90:6b:ba: 03:0a:7b:aa:26:7f:e1:6c:28:78:78:d3:21:c2:aa: c8:43:0c:f6:29:bd:9f:94:fa:2d:de:38:c0:c4:27: b0:84:53:b1:19:b0:0c:eb:5b:3d:6e:23:85:67:5c: 6d:8c:0a:ca:e6:62:e1:ed:98:38:39:75:c4:b1:0f: 59:bd:54:7f:24:8a:8f:0e:9f:7b:e1:3a:d8:ce:9a: ec:37:a3:5b:51:f7:96:eb:9a:48:02:fe:77:f1:d3: 0b:ed:2d:dd:ac:22:bf:b7:f9:22:b7:79:53:fd:c9: ef:18:9b:6f:61:83:96:9a:f6:09:d9:6b:48:89:d4: 83:3a:26:42:eb:27:09:bd:a7:4b:06:30:e3:25:14: de:f0:bd:e5:76:e5:f0:2e:f0:fd:46:ea:d2:66:0d: 7b:91:48:ec:e4:aa:0a:a2:27:14:10:4a:bc:39:ad: da:86:51:b0:48:d5:71:16:b7:25:0e:71:9e:ac:b2: 39:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:27:B9:34:9E:C7:2A:68:D1:8F:81:87:94:DB:02:46:95:20:EC:D7 X509v3 Authority Key Identifier: keyid:AE:C5:C7:AB:5B:72:18:1E:4E:42:11:32:22:15:E9:77:6B:49:00:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rsXHq1tyGB5OQhEyIhXpd2tJAPk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/98818d-f8b3-4645-86a8-302d92224cb2/1/rsXHq1tyGB5OQhEyIhXpd2tJAPk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:02:f1:2d:2f:20:2a:cd:1b:c9:19:79:9a:4a:29:8a:30:2e: ee:42:bb:c8:41:6b:d1:60:f2:2a:c0:64:e0:a0:a0:75:71:ce: ea:c6:ef:5c:2f:4e:a0:0d:93:a9:ce:ed:91:b6:2e:84:a1:fc: e0:9b:40:f6:db:8a:bd:58:7f:e1:18:3c:95:2f:42:58:e3:4d: 20:a8:14:3b:75:e9:8b:49:b7:6f:d4:a4:99:c3:32:42:76:07: e2:2b:d4:58:8f:42:ab:f7:2e:88:aa:da:90:eb:e2:30:f6:9c: 68:01:7a:c8:2a:96:56:38:35:c8:19:b1:06:84:88:1a:10:34: 82:8d:98:22:cd:37:bb:0f:ab:19:f0:df:bc:21:e9:fb:4d:57: bd:c0:97:30:37:b7:42:48:c2:ba:dc:54:8c:c9:5d:77:f5:f9: 25:9a:81:7d:4f:79:a7:e2:8f:89:85:7f:ac:b7:eb:e3:6e:f5: be:cc:fa:c7:f7:cf:17:03:e8:3f:e0:d6:c7:9f:fc:79:25:1d: f0:ce:5f:08:7b:26:af:a0:ab:c5:f5:18:9e:21:ad:04:71:de: 7b:8e:c4:6d:39:d6:3a:8d:fa:90:40:1d:3d:62:84:a8:3c:2b: b7:75:1c:55:f8:eb:9c:41:29:81:52:9a:02:f9:ec:cd:e7:29: e4:06:78:32 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtm+vvscajWKBaRG/gZ5RCOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFlYzVjN2FiNWI3MjE4MWU0ZTQyMTEzMjIyMTVlOTc3NmI0 OTAwZjkwHhcNMjUxMjI4MjIwMTIyWhcNMjUxMjI5MjIwMTIyWjAzMTEwLwYDVQQD EygyNzI3YjkzNDllYzcyYTY4ZDE4ZjgxODc5NGRiMDI0Njk1MjBlY2Q3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3wmuOHRYtncl6BqpsPXslapSFqW +HYDD/kB1tUapKyVIIIvzgwQ8RJ3j4m2vfzyguj5HbDkMVu4aBJcJCXUPoCTr2bD eLqQa7oDCnuqJn/hbCh4eNMhwqrIQwz2Kb2flPot3jjAxCewhFOxGbAM61s9biOF Z1xtjArK5mLh7Zg4OXXEsQ9ZvVR/JIqPDp974TrYzprsN6NbUfeW65pIAv538dML 7S3drCK/t/kit3lT/cnvGJtvYYOWmvYJ2WtIidSDOiZC6ycJvadLBjDjJRTe8L3l duXwLvD9RurSZg17kUjs5KoKoicUEEq8Oa3ahlGwSNVxFrclDnGerLI53QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCcnuTSexypo0Y+Bh5TbAkaVIOzXMB8GA1UdIwQY MBaAFK7Fx6tbchgeTkIRMiIV6XdrSQD5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcnNYSHExdHlHQjVPUWhFeUloWHBkMnRKQVBrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85ODgxOGQtZjhiMy00NjQ1LTg2YTgt MzAyZDkyMjI0Y2IyLzEvcnNYSHExdHlHQjVPUWhFeUloWHBkMnRKQVBrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC85ODgxOGQtZjhiMy00NjQ1LTg2YTgtMzAyZDkyMjI0Y2Iy LzEvcnNYSHExdHlHQjVPUWhFeUloWHBkMnRKQVBrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQQLxLS8g Ks0byRl5mkopijAu7kK7yEFr0WDyKsBk4KCgdXHO6sbvXC9OoA2Tqc7tkbYuhKH8 4JtA9tuKvVh/4Rg8lS9CWONNIKgUO3Xpi0m3b9SkmcMyQnYH4ivUWI9Cq/cuiKra kOviMPacaAF6yCqWVjg1yBmxBoSIGhA0go2YIs03uw+rGfDfvCHp+01XvcCXMDe3 QkjCutxUjMldd/X5JZqBfU95p+KPiYV/rLfr4271vsz6x/fPFwPoP+DWx5/8eSUd 8M5fCHsmr6CrxfUYniGtBHHee47EbTnWOo36kEAdPWKEqDwrt3UcVfjrnEEpgVKa Avnszecp5AZ4Mg== -----END CERTIFICATE-----Generated at Mon Dec 29 02:39:34 2025 by rpki-client