This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/8f30ea-eb2e-44ce-a93c-d0cadfe84b19/1/21LN5wkMV9jpwx1Rh0jfkiueBM4.mft File: 21LN5wkMV9jpwx1Rh0jfkiueBM4.mft (raw, json) Hash identifier: +STd2UTrWrh7WNb0sDlt8nHkcYU8On1FQA235Jpk0x8= Subject key identifier: E4:77:74:52:23:F6:CC:81:69:17:D4:67:5F:8A:66:3E:19:74:EC:0A Authority key identifier: DB:52:CD:E7:09:0C:57:D8:E9:C3:1D:51:87:48:DF:92:2B:9E:04:CE Certificate issuer: /CN=db52cde7090c57d8e9c31d518748df922b9e04ce Certificate serial: 019B439278DFDDDE5113052418CB1269627A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/21LN5wkMV9jpwx1Rh0jfkiueBM4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/8f30ea-eb2e-44ce-a93c-d0cadfe84b19/1/21LN5wkMV9jpwx1Rh0jfkiueBM4.mft Manifest number: 15FF Signing time: Mon 22 Dec 2025 01:00:31 +0000 Manifest this update: Mon 22 Dec 2025 01:00:31 +0000 Manifest next update: Tue 23 Dec 2025 01:00:31 +0000 Files and hashes: 1: 21LN5wkMV9jpwx1Rh0jfkiueBM4.crl (hash: iUgvFoH4GdtJPlFsRyrqklLasPEVtjkp8leI+//poVY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/8f30ea-eb2e-44ce-a93c-d0cadfe84b19/1/21LN5wkMV9jpwx1Rh0jfkiueBM4.crl rsync://rpki.ripe.net/repository/DEFAULT/20/8f30ea-eb2e-44ce-a93c-d0cadfe84b19/1/21LN5wkMV9jpwx1Rh0jfkiueBM4.mft rsync://rpki.ripe.net/repository/DEFAULT/21LN5wkMV9jpwx1Rh0jfkiueBM4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:43:92:78:df:dd:de:51:13:05:24:18:cb:12:69:62:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db52cde7090c57d8e9c31d518748df922b9e04ce Validity Not Before: Dec 22 01:00:31 2025 GMT Not After : Dec 23 01:00:31 2025 GMT Subject: CN=e477745223f6cc816917d4675f8a663e1974ec0a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:31:e6:27:f6:b5:9b:c9:94:c1:a0:8a:af:c3: fd:5f:ec:d1:a9:b9:09:7d:71:50:ce:d7:b3:50:84: 94:a7:1a:6d:59:19:9a:f2:29:d7:29:9e:4f:f3:20: 73:eb:f9:a4:0c:65:6d:40:04:17:3a:57:0c:38:96: f1:a2:ea:f0:4b:64:8b:4d:81:34:c9:6c:63:37:6a: 0e:7c:ff:76:28:ae:75:ab:68:6c:cd:f7:11:6d:a5: 55:ae:d5:9a:5d:27:91:3f:24:9d:3c:ce:ac:90:c1: 41:b6:84:02:1d:89:29:09:a8:37:f4:75:71:ef:6b: c0:19:18:c9:40:72:48:51:96:8a:a5:d3:90:9a:e7: ed:bd:ef:4f:5b:da:3a:58:df:59:f4:84:34:96:c3: 6c:59:e5:37:65:9f:d0:78:12:29:3d:0a:59:aa:d6: 62:ff:8a:36:55:41:96:88:12:a0:db:0a:6d:fd:58: 52:bd:84:14:d7:ce:6a:bc:ac:f1:58:35:cb:d8:e9: 2d:16:cc:a7:30:00:58:36:64:6c:09:04:74:02:df: e3:f1:db:f5:42:3b:ce:82:b8:bc:0c:52:bc:4d:4b: 75:c3:47:fd:e4:5c:f1:a3:05:1f:28:5f:31:40:26: 0e:46:d7:d1:46:74:f9:3f:a6:33:df:4f:0e:9e:0b: 6e:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:77:74:52:23:F6:CC:81:69:17:D4:67:5F:8A:66:3E:19:74:EC:0A X509v3 Authority Key Identifier: keyid:DB:52:CD:E7:09:0C:57:D8:E9:C3:1D:51:87:48:DF:92:2B:9E:04:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/21LN5wkMV9jpwx1Rh0jfkiueBM4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/8f30ea-eb2e-44ce-a93c-d0cadfe84b19/1/21LN5wkMV9jpwx1Rh0jfkiueBM4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/8f30ea-eb2e-44ce-a93c-d0cadfe84b19/1/21LN5wkMV9jpwx1Rh0jfkiueBM4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9e:e6:47:fb:c9:17:79:d4:37:b0:c1:fd:05:58:8c:58:a4:45: be:92:83:b9:40:0a:e3:55:df:b4:08:09:2d:7f:f3:48:50:49: b3:1b:d7:b3:1d:d9:fa:a7:77:2e:7d:db:5d:f7:0e:84:9c:03: cc:5e:30:bb:54:65:00:66:82:60:f7:3e:a3:38:37:8a:fb:62: e7:ec:e9:1d:3a:29:3b:56:b0:81:9d:9d:cb:7e:3a:70:61:fc: 28:2d:75:3d:1e:e6:3a:c2:bc:c6:c5:17:ee:09:54:9e:49:98: 95:ea:03:42:0a:4e:b4:f5:90:56:9e:80:b4:66:6a:d2:4b:3f: 5f:eb:ac:ca:ee:71:fc:aa:37:d4:ed:6b:b8:f6:2a:45:56:0a: 43:3b:5c:71:fb:dd:10:82:53:28:81:65:e3:20:0c:e4:ee:6b: 82:d0:95:a1:0a:a7:38:b1:a5:ba:d4:e2:6f:b1:e7:71:0a:82: 86:9a:ae:5f:fc:2e:94:4c:37:60:47:19:b5:4c:21:0e:f2:4e: 25:11:80:cd:a4:5d:c3:0a:6a:ca:0d:d9:1e:d2:40:64:0b:6e: 86:f5:6a:34:07:f2:82:97:db:fa:b2:02:dd:25:49:2a:07:fb: 0d:e8:55:67:f0:5c:09:62:5a:0e:ce:f5:f5:be:4c:94:3a:7b: ae:bf:cb:fa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtDknjf3d5REwUkGMsSaWJ6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiNTJjZGU3MDkwYzU3ZDhlOWMzMWQ1MTg3NDhkZjkyMmI5 ZTA0Y2UwHhcNMjUxMjIyMDEwMDMxWhcNMjUxMjIzMDEwMDMxWjAzMTEwLwYDVQQD EyhlNDc3NzQ1MjIzZjZjYzgxNjkxN2Q0Njc1ZjhhNjYzZTE5NzRlYzBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDHmJ/a1m8mUwaCKr8P9X+zRqbkJ fXFQztezUISUpxptWRma8inXKZ5P8yBz6/mkDGVtQAQXOlcMOJbxourwS2SLTYE0 yWxjN2oOfP92KK51q2hszfcRbaVVrtWaXSeRPySdPM6skMFBtoQCHYkpCag39HVx 72vAGRjJQHJIUZaKpdOQmuftve9PW9o6WN9Z9IQ0lsNsWeU3ZZ/QeBIpPQpZqtZi /4o2VUGWiBKg2wpt/VhSvYQU185qvKzxWDXL2OktFsynMABYNmRsCQR0At/j8dv1 QjvOgri8DFK8TUt1w0f95FzxowUfKF8xQCYORtfRRnT5P6Yz308OngtuOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOR3dFIj9syBaRfUZ1+KZj4ZdOwKMB8GA1UdIwQY MBaAFNtSzecJDFfY6cMdUYdI35IrngTOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMjFMTjV3a01WOWpwd3gxUmgwamZraXVlQk00LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC84ZjMwZWEtZWIyZS00NGNlLWE5M2Mt ZDBjYWRmZTg0YjE5LzEvMjFMTjV3a01WOWpwd3gxUmgwamZraXVlQk00Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC84ZjMwZWEtZWIyZS00NGNlLWE5M2MtZDBjYWRmZTg0YjE5 LzEvMjFMTjV3a01WOWpwd3gxUmgwamZraXVlQk00LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnuZH+8kX edQ3sMH9BViMWKRFvpKDuUAK41XftAgJLX/zSFBJsxvXsx3Z+qd3Ln3bXfcOhJwD zF4wu1RlAGaCYPc+ozg3ivti5+zpHTopO1awgZ2dy346cGH8KC11PR7mOsK8xsUX 7glUnkmYleoDQgpOtPWQVp6AtGZq0ks/X+usyu5x/Ko31O1ruPYqRVYKQztccfvd EIJTKIFl4yAM5O5rgtCVoQqnOLGlutTib7HncQqChpquX/wulEw3YEcZtUwhDvJO JRGAzaRdwwpqyg3ZHtJAZAtuhvVqNAfygpfb+rIC3SVJKgf7DehVZ/BcCWJaDs71 9b5MlDp7rr/L+g== -----END CERTIFICATE-----Generated at Mon Dec 22 06:30:37 2025 by rpki-client