This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft File: 97KiPZsF9XV53i8CRJtmYD4-Vzo.mft (raw, json) Hash identifier: fI+TqbsTS7MQezqEgCfNmfP8UzNweo/hOK1OKc7XM8I= Subject key identifier: 90:EC:2D:D7:67:FA:05:07:24:65:9E:4C:D1:F2:25:D7:FD:FD:86:88 Authority key identifier: F7:B2:A2:3D:9B:05:F5:75:79:DE:2F:02:44:9B:66:60:3E:3E:57:3A Certificate issuer: /CN=f7b2a23d9b05f57579de2f02449b66603e3e573a Certificate serial: 019B6A32CFF96E3DAEDDF86E83E95A6D91A1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft Manifest number: 1353 Signing time: Mon 29 Dec 2025 13:01:13 +0000 Manifest this update: Mon 29 Dec 2025 13:01:13 +0000 Manifest next update: Tue 30 Dec 2025 13:01:13 +0000 Files and hashes: 1: 97KiPZsF9XV53i8CRJtmYD4-Vzo.crl (hash: VeFnhREDucaLd/oPLCLMmfXiPQzciXixv+p1xGbIir4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.crl rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 13:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6a:32:cf:f9:6e:3d:ae:dd:f8:6e:83:e9:5a:6d:91:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f7b2a23d9b05f57579de2f02449b66603e3e573a Validity Not Before: Dec 29 13:01:13 2025 GMT Not After : Dec 30 13:01:13 2025 GMT Subject: CN=90ec2dd767fa050724659e4cd1f225d7fdfd8688 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:2f:6b:55:2d:0f:d4:5a:c5:3d:d9:c7:6d:b7: 5d:62:c2:86:bd:71:92:08:91:f2:72:1e:b8:4e:76: 29:81:50:67:cf:19:59:2a:e5:63:ef:2c:c1:52:1c: cc:ed:d8:46:b3:7a:ec:fc:7b:e3:51:cc:51:7c:57: 23:18:d7:60:f8:f0:8d:bd:99:80:66:7d:7e:6e:05: 8f:7a:22:b9:25:8f:3e:b9:29:c0:c8:ab:29:c6:2d: ac:b4:76:d6:1d:64:20:b2:f4:02:ed:4f:ff:d5:9a: 14:d3:f9:4a:f4:76:d5:de:3d:7b:24:c4:01:51:b5: 4d:12:70:21:23:e9:ff:99:3a:d4:3f:13:d8:90:34: 5c:48:14:fc:d4:46:8d:55:40:46:39:93:e5:a4:aa: 3b:b0:8e:ac:22:f6:23:ec:95:a8:55:cd:b4:f8:e6: 0b:7b:97:6e:e4:4e:e2:cc:19:38:59:0b:61:01:7d: 51:d6:ac:27:37:b3:66:cf:72:a9:8a:66:99:a9:a5: 3f:f7:6c:d5:75:c1:26:43:62:15:ef:ef:80:24:5a: e6:af:30:b7:68:86:ae:96:50:85:b4:84:25:73:01: e3:fb:a7:3c:ce:ba:85:8c:35:8c:56:cc:af:67:49: 86:17:58:19:33:5f:37:3f:fa:cb:ac:18:a3:c0:55: d1:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:EC:2D:D7:67:FA:05:07:24:65:9E:4C:D1:F2:25:D7:FD:FD:86:88 X509v3 Authority Key Identifier: keyid:F7:B2:A2:3D:9B:05:F5:75:79:DE:2F:02:44:9B:66:60:3E:3E:57:3A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:46:48:b8:10:59:70:7b:2e:0c:85:e8:b1:7a:bd:68:8f:c5: c4:54:e6:e1:1f:4b:58:64:21:d2:d5:3e:a3:2d:07:65:2e:87: 0b:18:32:6b:88:2a:4d:f9:20:2c:75:50:67:01:ac:98:d9:27: a0:94:90:4e:b5:15:89:03:e1:df:5c:fc:83:da:26:de:5f:87: 18:bd:da:eb:0b:5c:a1:41:67:2d:4a:c5:1a:64:b4:9e:0f:be: 2e:36:af:33:15:41:2d:2d:e3:62:bb:6f:0d:a9:79:c8:88:3f: d6:61:58:78:9c:54:cf:f7:76:b7:5c:e5:2a:f8:61:e6:2b:5d: 61:3d:d0:4f:27:c6:e8:7f:32:ec:4e:28:d1:9b:5d:b2:b6:50: 9d:e7:a7:68:01:94:72:36:3e:48:79:57:1c:8b:1f:54:33:4a: 67:cc:b6:8b:df:f2:30:87:07:2c:5b:5a:31:88:cd:e1:66:c4: 10:e6:0f:bb:49:eb:f3:eb:ec:0d:be:b9:27:9a:2b:3d:c6:c5: 30:c9:19:6d:66:b5:e1:24:f5:63:09:b2:fc:00:66:74:f4:45: bb:6c:4e:93:4d:b7:46:6d:25:1f:ca:ff:d9:6e:cc:55:71:db: b1:ec:a5:bd:f6:2d:a4:f1:6b:8a:d5:0e:62:6c:39:2f:3a:b5: 36:cf:4b:c4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtqMs/5bj2u3fhug+labZGhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY3YjJhMjNkOWIwNWY1NzU3OWRlMmYwMjQ0OWI2NjYwM2Uz ZTU3M2EwHhcNMjUxMjI5MTMwMTEzWhcNMjUxMjMwMTMwMTEzWjAzMTEwLwYDVQQD Eyg5MGVjMmRkNzY3ZmEwNTA3MjQ2NTllNGNkMWYyMjVkN2ZkZmQ4Njg4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArS9rVS0P1FrFPdnHbbddYsKGvXGS CJHych64TnYpgVBnzxlZKuVj7yzBUhzM7dhGs3rs/HvjUcxRfFcjGNdg+PCNvZmA Zn1+bgWPeiK5JY8+uSnAyKspxi2stHbWHWQgsvQC7U//1ZoU0/lK9HbV3j17JMQB UbVNEnAhI+n/mTrUPxPYkDRcSBT81EaNVUBGOZPlpKo7sI6sIvYj7JWoVc20+OYL e5du5E7izBk4WQthAX1R1qwnN7Nmz3KpimaZqaU/92zVdcEmQ2IV7++AJFrmrzC3 aIaullCFtIQlcwHj+6c8zrqFjDWMVsyvZ0mGF1gZM183P/rLrBijwFXRhQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJDsLddn+gUHJGWeTNHyJdf9/YaIMB8GA1UdIwQY MBaAFPeyoj2bBfV1ed4vAkSbZmA+Plc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8wYTFiN2YtZGZkMi00NmY5LTgzMTMt NWJlNmE3NTlmMzE4LzEvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC8wYTFiN2YtZGZkMi00NmY5LTgzMTMtNWJlNmE3NTlmMzE4 LzEvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV0ZIuBBZ cHsuDIXosXq9aI/FxFTm4R9LWGQh0tU+oy0HZS6HCxgya4gqTfkgLHVQZwGsmNkn oJSQTrUViQPh31z8g9om3l+HGL3a6wtcoUFnLUrFGmS0ng++LjavMxVBLS3jYrtv Dal5yIg/1mFYeJxUz/d2t1zlKvhh5itdYT3QTyfG6H8y7E4o0ZtdsrZQneenaAGU cjY+SHlXHIsfVDNKZ8y2i9/yMIcHLFtaMYjN4WbEEOYPu0nr8+vsDb65J5orPcbF MMkZbWa14ST1Ywmy/ABmdPRFu2xOk023Rm0lH8r/2W7MVXHbseylvfYtpPFritUO Ymw5Lzq1Ns9LxA== -----END CERTIFICATE-----Generated at Mon Dec 29 22:47:05 2025 by rpki-client