This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/27f7fa-b019-4842-a6a6-59df73d3bb91/1/rRIanMsoPqIejQoHCi4LakDph30.mft File: rRIanMsoPqIejQoHCi4LakDph30.mft (raw, json) Hash identifier: dD7jZBWtxH1+gUnsp7KUQyBA1Ox0QeTTW/C12f0bmNM= Subject key identifier: 87:1E:E9:FE:8D:41:08:DA:70:1D:36:59:47:3D:10:BD:25:BD:95:F4 Authority key identifier: AD:12:1A:9C:CB:28:3E:A2:1E:8D:0A:07:0A:2E:0B:6A:40:E9:87:7D Certificate issuer: /CN=ad121a9ccb283ea21e8d0a070a2e0b6a40e9877d Certificate serial: 019B30E821B855B2F7ADC2F04AE42FECB7BA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rRIanMsoPqIejQoHCi4LakDph30.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/27f7fa-b019-4842-a6a6-59df73d3bb91/1/rRIanMsoPqIejQoHCi4LakDph30.mft Manifest number: 177E Signing time: Thu 18 Dec 2025 10:01:17 +0000 Manifest this update: Thu 18 Dec 2025 10:01:17 +0000 Manifest next update: Fri 19 Dec 2025 10:01:17 +0000 Files and hashes: 1: rRIanMsoPqIejQoHCi4LakDph30.crl (hash: U+GaJggN+EJPjFgLpcGT7TYYbKRrGUY9fF/kTeehZ00=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/27f7fa-b019-4842-a6a6-59df73d3bb91/1/rRIanMsoPqIejQoHCi4LakDph30.crl rsync://rpki.ripe.net/repository/DEFAULT/1b/27f7fa-b019-4842-a6a6-59df73d3bb91/1/rRIanMsoPqIejQoHCi4LakDph30.mft rsync://rpki.ripe.net/repository/DEFAULT/rRIanMsoPqIejQoHCi4LakDph30.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:30:e8:21:b8:55:b2:f7:ad:c2:f0:4a:e4:2f:ec:b7:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ad121a9ccb283ea21e8d0a070a2e0b6a40e9877d Validity Not Before: Dec 18 10:01:17 2025 GMT Not After : Dec 19 10:01:17 2025 GMT Subject: CN=871ee9fe8d4108da701d3659473d10bd25bd95f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:d9:cf:be:74:35:8c:17:a8:36:86:da:1f:13: 0a:21:77:46:9e:9c:22:b8:ed:0e:13:24:4c:9f:36: 2a:44:c3:fb:9f:81:48:d5:b4:cf:56:c1:cc:69:da: e2:59:46:34:52:b6:cb:8a:93:b0:fe:08:ed:13:f3: 22:7d:d5:ec:23:13:8c:aa:5e:b7:e9:f1:b1:81:14: d7:d5:37:e6:95:28:16:23:34:75:44:64:f0:f2:ae: 5b:a2:57:93:60:7b:07:b0:41:7c:05:a6:57:b8:7b: 22:82:28:55:34:b6:d4:81:6b:dd:cf:50:8c:8c:c7: e0:01:a7:75:9a:48:2e:78:bb:18:9f:3f:a6:8a:74: bc:81:c3:72:e3:20:d3:d8:a4:c4:fc:c6:1c:f9:2f: 75:a1:da:6d:87:a1:7a:5e:83:5c:e8:5a:b0:be:73: 55:eb:4f:d0:64:20:62:5b:a5:07:9b:29:26:9f:d2: 66:c3:06:ec:b7:3a:c0:7c:1b:e7:db:98:23:da:ef: 06:cb:21:c7:45:ac:9e:53:f6:de:1e:ee:f0:68:52: cf:c9:f9:0f:d1:15:87:11:0d:87:b1:d1:e5:bc:4a: aa:3f:7a:dc:b5:66:dd:5b:92:7e:5d:86:f7:f3:6a: 8c:5b:6b:56:3e:1e:39:f1:f2:80:c9:a8:c4:5f:5d: 97:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:1E:E9:FE:8D:41:08:DA:70:1D:36:59:47:3D:10:BD:25:BD:95:F4 X509v3 Authority Key Identifier: keyid:AD:12:1A:9C:CB:28:3E:A2:1E:8D:0A:07:0A:2E:0B:6A:40:E9:87:7D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rRIanMsoPqIejQoHCi4LakDph30.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/27f7fa-b019-4842-a6a6-59df73d3bb91/1/rRIanMsoPqIejQoHCi4LakDph30.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/27f7fa-b019-4842-a6a6-59df73d3bb91/1/rRIanMsoPqIejQoHCi4LakDph30.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 15:90:a7:6a:f7:71:42:0f:6d:76:a9:7b:a6:b6:d2:2c:4f:2d: 7a:a9:50:a8:e8:c6:98:87:e5:29:06:0c:7a:6e:cc:ae:80:00: 4d:57:b2:2a:8b:77:eb:1e:d9:aa:f8:42:f0:a3:61:bb:4d:11: 12:6b:9c:3a:c3:eb:23:44:a8:46:12:e8:e3:8a:8f:f0:86:ef: c9:42:80:b2:8c:3e:01:72:0c:47:60:99:ce:cd:0d:00:db:75: 47:22:bd:89:43:cc:db:36:60:4c:d8:51:c8:70:9f:af:1d:41: da:fd:e4:a2:7f:3b:d6:f7:86:10:45:2e:a4:09:4e:24:f4:90: 20:65:b9:15:55:23:ee:74:9f:16:75:04:37:cf:cd:7e:02:b8: 5f:08:14:98:49:d6:13:b5:3b:65:75:75:e6:2f:df:e9:64:73: 21:00:c6:7c:61:00:e6:18:51:b6:48:6e:ce:74:3d:48:b4:4b: 82:b4:61:7a:13:98:c0:b3:c7:7b:7c:35:e5:39:c1:2c:45:67: 01:1a:eb:d6:ab:e4:90:d9:b2:fa:58:72:8f:05:d4:76:f5:eb: 2a:46:e9:0f:30:24:f3:61:5d:dc:8a:f6:4d:04:5d:69:ef:5d: 76:44:87:74:65:8a:77:3e:64:5d:3c:7d:48:93:b2:06:3a:e2: ed:64:ab:6d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsw6CG4VbL3rcLwSuQv7Le6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFkMTIxYTljY2IyODNlYTIxZThkMGEwNzBhMmUwYjZhNDBl OTg3N2QwHhcNMjUxMjE4MTAwMTE3WhcNMjUxMjE5MTAwMTE3WjAzMTEwLwYDVQQD Eyg4NzFlZTlmZThkNDEwOGRhNzAxZDM2NTk0NzNkMTBiZDI1YmQ5NWY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdnPvnQ1jBeoNobaHxMKIXdGnpwi uO0OEyRMnzYqRMP7n4FI1bTPVsHMadriWUY0UrbLipOw/gjtE/MifdXsIxOMql63 6fGxgRTX1TfmlSgWIzR1RGTw8q5boleTYHsHsEF8BaZXuHsigihVNLbUgWvdz1CM jMfgAad1mkgueLsYnz+minS8gcNy4yDT2KTE/MYc+S91odpth6F6XoNc6FqwvnNV 60/QZCBiW6UHmykmn9JmwwbstzrAfBvn25gj2u8GyyHHRayeU/beHu7waFLPyfkP 0RWHEQ2HsdHlvEqqP3rctWbdW5J+XYb382qMW2tWPh458fKAyajEX12X7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIce6f6NQQjacB02WUc9EL0lvZX0MB8GA1UdIwQY MBaAFK0SGpzLKD6iHo0KBwouC2pA6Yd9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvclJJYW5Nc29QcUllalFvSENpNExha0RwaDMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8yN2Y3ZmEtYjAxOS00ODQyLWE2YTYt NTlkZjczZDNiYjkxLzEvclJJYW5Nc29QcUllalFvSENpNExha0RwaDMwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYi8yN2Y3ZmEtYjAxOS00ODQyLWE2YTYtNTlkZjczZDNiYjkx LzEvclJJYW5Nc29QcUllalFvSENpNExha0RwaDMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFZCnavdx Qg9tdql7prbSLE8teqlQqOjGmIflKQYMem7MroAATVeyKot36x7ZqvhC8KNhu00R EmucOsPrI0SoRhLo44qP8IbvyUKAsow+AXIMR2CZzs0NANt1RyK9iUPM2zZgTNhR yHCfrx1B2v3kon871veGEEUupAlOJPSQIGW5FVUj7nSfFnUEN8/NfgK4XwgUmEnW E7U7ZXV15i/f6WRzIQDGfGEA5hhRtkhuznQ9SLRLgrRhehOYwLPHe3w15TnBLEVn ARrr1qvkkNmy+lhyjwXUdvXrKkbpDzAk82Fd3Ir2TQRdae9ddkSHdGWKdz5kXTx9 SJOyBjri7WSrbQ== -----END CERTIFICATE-----Generated at Thu Dec 18 12:48:00 2025 by rpki-client