This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft File: 7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft (raw, json) Hash identifier: DFzrfGRHn2nfX8In8i9w4YR3BICmALnm825VPVOYGuY= Subject key identifier: 76:37:D1:11:51:3C:59:E6:98:E4:42:25:98:10:1E:CC:19:8E:EA:AD Authority key identifier: EE:68:B6:64:CC:D5:0C:A7:67:D4:6F:FB:34:F5:3A:06:D1:20:B5:23 Certificate issuer: /CN=ee68b664ccd50ca767d46ffb34f53a06d120b523 Certificate serial: 019B65E8075F834FCCF3F926E9A22695588B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft Manifest number: 0BC4 Signing time: Sun 28 Dec 2025 17:01:03 +0000 Manifest this update: Sun 28 Dec 2025 17:01:03 +0000 Manifest next update: Mon 29 Dec 2025 17:01:03 +0000 Files and hashes: 1: 7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl (hash: lR/XVQNUXK2MQXt8DSGgcLfVC0YGWRqVFx5BG9QJHmc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 17:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:65:e8:07:5f:83:4f:cc:f3:f9:26:e9:a2:26:95:58:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ee68b664ccd50ca767d46ffb34f53a06d120b523 Validity Not Before: Dec 28 17:01:03 2025 GMT Not After : Dec 29 17:01:03 2025 GMT Subject: CN=7637d111513c59e698e4422598101ecc198eeaad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:67:65:f5:55:05:6f:c9:aa:93:45:41:b8:e1: 5c:bc:97:13:a9:a0:8c:78:2d:61:5c:99:19:2b:ee: 5e:72:26:e2:0d:a0:e3:25:76:58:57:91:2c:1e:f7: f9:3b:15:a1:65:f9:b6:fb:b2:4a:67:6d:27:05:f8: 99:36:3b:de:c6:c3:7b:19:bc:ec:40:db:39:f7:19: e1:93:4b:05:c4:db:e5:ee:21:e4:ff:e9:10:42:75: 96:16:25:b6:d2:7b:78:8d:b4:55:1a:95:57:ef:3b: c8:fb:00:9f:8a:70:b9:3b:13:f8:69:57:95:73:05: 6d:c9:41:b7:98:5c:28:f0:bf:1b:f5:25:be:c0:c4: 7b:8f:8f:80:bf:38:c7:9c:56:34:9c:a3:ea:bb:91: f6:31:d8:19:3e:b9:0b:b0:7d:f3:a3:1f:68:10:51: 90:d2:d3:25:62:0c:ac:a4:1a:46:d6:59:a4:94:8a: 92:e6:90:6b:f8:80:2b:69:a4:0f:3b:be:ea:71:fb: a6:d3:d8:21:bd:ab:0e:3d:5e:d7:e8:2c:22:a2:80: 62:7a:d5:ce:51:53:0e:e4:27:97:26:0f:0e:42:1d: a1:5a:28:5b:3f:87:2a:7c:8f:15:98:34:71:28:2c: 93:e5:13:1f:8c:68:45:07:22:bc:e8:c7:d4:0b:c4: a7:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:37:D1:11:51:3C:59:E6:98:E4:42:25:98:10:1E:CC:19:8E:EA:AD X509v3 Authority Key Identifier: keyid:EE:68:B6:64:CC:D5:0C:A7:67:D4:6F:FB:34:F5:3A:06:D1:20:B5:23 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 92:81:33:92:66:ed:56:31:a8:67:50:89:4f:1a:4a:7f:a8:f2: 8a:cc:23:5a:4d:3a:c2:8c:e6:25:ad:04:32:3c:dd:3b:62:be: da:fe:4f:f8:fa:86:46:7a:64:fb:4d:bb:97:5d:9a:54:2a:8a: dd:60:28:e6:8e:c0:c2:7b:57:62:5e:c7:74:55:d7:34:95:ef: 2f:db:5a:23:a2:6d:14:ac:fb:f1:99:cb:59:64:77:a5:dd:71: ae:12:63:11:61:cb:7f:07:47:0d:f3:25:5e:3d:64:38:53:04: fe:b1:d1:0e:a0:9a:09:41:d3:e3:1a:99:15:d1:f6:9f:93:46: 10:37:8d:d3:7e:34:90:c1:c2:30:18:7e:a6:0b:2b:2e:8a:7b: 8c:f5:33:37:d7:fd:c4:53:ea:fe:5f:65:10:3c:97:38:24:a6: 87:14:2f:8c:26:76:8c:29:72:8a:1f:11:fc:cf:41:29:91:ab: f6:e8:b8:70:69:df:d4:b0:1d:2c:ce:85:49:37:0a:ce:a7:ec: 10:c7:80:f3:6d:aa:50:73:dc:7e:aa:3d:8a:20:74:da:14:90: 80:fd:36:a4:37:3c:09:ec:e3:f1:4b:b0:ec:ed:04:44:5b:f0: c6:90:21:06:14:e6:84:a9:39:34:cd:1a:a9:eb:d9:a7:e6:9b: 85:51:b0:bf -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtl6Adfg0/M8/km6aImlViLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVlNjhiNjY0Y2NkNTBjYTc2N2Q0NmZmYjM0ZjUzYTA2ZDEy MGI1MjMwHhcNMjUxMjI4MTcwMTAzWhcNMjUxMjI5MTcwMTAzWjAzMTEwLwYDVQQD Eyg3NjM3ZDExMTUxM2M1OWU2OThlNDQyMjU5ODEwMWVjYzE5OGVlYWFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2dl9VUFb8mqk0VBuOFcvJcTqaCM eC1hXJkZK+5ecibiDaDjJXZYV5EsHvf5OxWhZfm2+7JKZ20nBfiZNjvexsN7Gbzs QNs59xnhk0sFxNvl7iHk/+kQQnWWFiW20nt4jbRVGpVX7zvI+wCfinC5OxP4aVeV cwVtyUG3mFwo8L8b9SW+wMR7j4+AvzjHnFY0nKPqu5H2MdgZPrkLsH3zox9oEFGQ 0tMlYgyspBpG1lmklIqS5pBr+IAraaQPO77qcfum09ghvasOPV7X6CwiooBietXO UVMO5CeXJg8OQh2hWihbP4cqfI8VmDRxKCyT5RMfjGhFByK86MfUC8SnFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHY30RFRPFnmmORCJZgQHswZjuqtMB8GA1UdIwQY MBaAFO5otmTM1QynZ9Rv+zT1OgbRILUjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9iYTc2ZWMtNWQxYS00Mzc1LTg0OWUt ZGVkN2FjMjUyNTQ0LzEvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy9iYTc2ZWMtNWQxYS00Mzc1LTg0OWUtZGVkN2FjMjUyNTQ0 LzEvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkoEzkmbt VjGoZ1CJTxpKf6jyiswjWk06wozmJa0EMjzdO2K+2v5P+PqGRnpk+027l12aVCqK 3WAo5o7AwntXYl7HdFXXNJXvL9taI6JtFKz78ZnLWWR3pd1xrhJjEWHLfwdHDfMl Xj1kOFME/rHRDqCaCUHT4xqZFdH2n5NGEDeN0340kMHCMBh+pgsrLop7jPUzN9f9 xFPq/l9lEDyXOCSmhxQvjCZ2jClyih8R/M9BKZGr9ui4cGnf1LAdLM6FSTcKzqfs EMeA822qUHPcfqo9iiB02hSQgP02pDc8Cezj8Uuw7O0ERFvwxpAhBhTmhKk5NM0a qevZp+abhVGwvw== -----END CERTIFICATE-----Generated at Sun Dec 28 23:22:43 2025 by rpki-client