This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft File: 7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft (raw, json) Hash identifier: 2WL4RIfzICgniDjZFkUF8/QKKcay8/zcXw/bHKFdtVw= Subject key identifier: 67:B2:F2:6F:98:9F:25:53:00:48:59:03:D4:3A:A3:DE:A9:B0:F6:E9 Authority key identifier: EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94 Certificate issuer: /CN=ee03df829afd6a1f2590e4244522e1b36c086a94 Certificate serial: 019B3D59C8BCB1959D92118D1502F0994A86 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft Manifest number: 0E68 Signing time: Sat 20 Dec 2025 20:00:52 +0000 Manifest this update: Sat 20 Dec 2025 20:00:52 +0000 Manifest next update: Sun 21 Dec 2025 20:00:52 +0000 Files and hashes: 1: 7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl (hash: eibziNybZf6YogNwZLkhQBNXYYw0S5awf3vkq8XTgN4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:59:c8:bc:b1:95:9d:92:11:8d:15:02:f0:99:4a:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ee03df829afd6a1f2590e4244522e1b36c086a94 Validity Not Before: Dec 20 20:00:52 2025 GMT Not After : Dec 21 20:00:52 2025 GMT Subject: CN=67b2f26f989f255300485903d43aa3dea9b0f6e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:25:59:fc:97:fa:f8:33:99:99:ff:8b:69:b4: a0:16:1d:7b:33:72:da:66:73:d3:6a:5d:24:d5:6d: 91:63:46:19:71:f4:a1:c9:c1:5a:eb:87:59:61:c3: c6:52:84:6d:99:77:22:df:88:06:4c:09:9e:4e:33: 35:1b:89:01:c3:a8:9f:13:3b:21:ed:cc:14:f7:aa: bc:b3:39:ee:a1:84:89:0f:1e:9c:3a:b3:fe:e0:20: 44:5b:eb:e7:4a:db:9c:6f:89:06:cb:a5:53:3a:22: b8:96:99:4e:ac:f4:67:42:99:bc:2a:1f:64:c2:f5: 7a:80:5c:cc:f0:73:cf:0b:4a:d9:b3:be:53:4b:a3: a5:7c:58:50:5d:e2:72:5d:84:5f:72:33:e7:e9:fc: 2b:6d:e8:2a:b4:48:ee:25:0e:15:85:37:04:83:ac: 06:0c:48:51:97:0a:e7:2c:26:a8:1c:40:28:e0:57: 6d:66:90:04:10:d5:10:36:3f:3e:84:ec:31:c7:ea: d6:04:cd:95:29:67:c5:27:78:d0:ff:0d:53:4c:06: 75:9b:1a:01:3f:bd:16:15:7d:a1:8a:c5:fc:e0:f5: 85:d0:99:5b:15:e9:43:9d:2e:b2:a4:78:2b:0d:ca: ed:7d:69:9a:8b:39:d3:3e:b9:27:74:7f:86:73:d1: 4d:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:B2:F2:6F:98:9F:25:53:00:48:59:03:D4:3A:A3:DE:A9:B0:F6:E9 X509v3 Authority Key Identifier: keyid:EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b8:bc:42:f4:05:09:3e:6b:33:c4:12:4c:f6:6d:90:66:bb:17: 40:b2:47:89:21:04:83:eb:85:9a:59:4c:f7:2d:36:cc:1f:a5: 63:3b:15:c2:ef:c0:d2:9f:46:f6:28:1b:eb:6a:9b:c7:69:3f: a9:0b:15:3e:33:fc:41:f9:fa:7d:1f:70:9e:fc:dd:20:9b:52: fd:e5:23:02:f5:68:6b:2a:22:67:3e:78:3b:2e:6e:63:ba:3f: 8e:d4:c2:ec:74:30:15:12:15:d9:0d:04:6f:ca:3f:c1:b4:22: 9c:bd:4b:24:5c:4b:36:4c:fb:dd:06:8a:00:ac:c8:13:c2:70: 14:e8:4e:41:7f:dd:6c:28:02:27:83:5e:17:a8:31:fd:f6:b2: 7a:d4:6e:d8:90:c5:81:4d:42:be:8a:89:77:16:ae:f8:70:34: dc:f5:b4:c9:68:f4:a6:5a:29:35:eb:fe:01:f7:74:6b:fa:a3: 63:35:31:31:7a:19:0c:02:2c:4c:ff:43:90:27:f8:a0:4e:9d: b0:05:51:12:7a:2d:8f:e5:97:55:6c:1b:7f:29:67:91:32:2d: 16:b7:32:ef:83:11:80:67:d8:5b:81:f9:2d:36:c5:25:75:0f: da:0d:1c:41:49:7d:60:3f:6b:23:04:74:b4:b0:61:4c:d0:cd: 0d:0c:08:a1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9Wci8sZWdkhGNFQLwmUqGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVlMDNkZjgyOWFmZDZhMWYyNTkwZTQyNDQ1MjJlMWIzNmMw ODZhOTQwHhcNMjUxMjIwMjAwMDUyWhcNMjUxMjIxMjAwMDUyWjAzMTEwLwYDVQQD Eyg2N2IyZjI2Zjk4OWYyNTUzMDA0ODU5MDNkNDNhYTNkZWE5YjBmNmU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSVZ/Jf6+DOZmf+LabSgFh17M3La ZnPTal0k1W2RY0YZcfShycFa64dZYcPGUoRtmXci34gGTAmeTjM1G4kBw6ifEzsh 7cwU96q8sznuoYSJDx6cOrP+4CBEW+vnStucb4kGy6VTOiK4lplOrPRnQpm8Kh9k wvV6gFzM8HPPC0rZs75TS6OlfFhQXeJyXYRfcjPn6fwrbegqtEjuJQ4VhTcEg6wG DEhRlwrnLCaoHEAo4FdtZpAEENUQNj8+hOwxx+rWBM2VKWfFJ3jQ/w1TTAZ1mxoB P70WFX2hisX84PWF0JlbFelDnS6ypHgrDcrtfWmaiznTPrkndH+Gc9FNxQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGey8m+YnyVTAEhZA9Q6o96psPbpMB8GA1UdIwQY MBaAFO4D34Ka/WofJZDkJEUi4bNsCGqUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjIt YTFhNDZhODBjMWRhLzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjItYTFhNDZhODBjMWRh LzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuLxC9AUJ PmszxBJM9m2QZrsXQLJHiSEEg+uFmllM9y02zB+lYzsVwu/A0p9G9igb62qbx2k/ qQsVPjP8Qfn6fR9wnvzdIJtS/eUjAvVoayoiZz54Oy5uY7o/jtTC7HQwFRIV2Q0E b8o/wbQinL1LJFxLNkz73QaKAKzIE8JwFOhOQX/dbCgCJ4NeF6gx/fayetRu2JDF gU1CvoqJdxau+HA03PW0yWj0plopNev+Afd0a/qjYzUxMXoZDAIsTP9DkCf4oE6d sAVREnotj+WXVWwbfylnkTItFrcy74MRgGfYW4H5LTbFJXUP2g0cQUl9YD9rIwR0 tLBhTNDNDQwIoQ== -----END CERTIFICATE-----Generated at Sat Dec 20 21:33:35 2025 by rpki-client