This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft File: vFxHuPnkKkkot2dDFqcap21AHjw.mft (raw, json) Hash identifier: tcIlMnJ+yZ6+rOmtSMKDMshh+KtOzYu2wsrYCI/ExS0= Subject key identifier: 35:A3:3B:22:49:61:B8:C6:B8:C6:08:35:20:A7:9D:10:A1:38:90:3C Authority key identifier: BC:5C:47:B8:F9:E4:2A:49:28:B7:67:43:16:A7:1A:A7:6D:40:1E:3C Certificate issuer: /CN=bc5c47b8f9e42a4928b7674316a71aa76d401e3c Certificate serial: 019B5D52B269A2B57EE4D09C2739499182FB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vFxHuPnkKkkot2dDFqcap21AHjw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft Manifest number: 0D2A Signing time: Sat 27 Dec 2025 01:00:59 +0000 Manifest this update: Sat 27 Dec 2025 01:00:59 +0000 Manifest next update: Sun 28 Dec 2025 01:00:59 +0000 Files and hashes: 1: vFxHuPnkKkkot2dDFqcap21AHjw.crl (hash: Yy3qYtjVWKO7nRcZAZs5j31ULPOVuC+QUVyWUAKbeZo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.crl rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft rsync://rpki.ripe.net/repository/DEFAULT/vFxHuPnkKkkot2dDFqcap21AHjw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 28 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5d:52:b2:69:a2:b5:7e:e4:d0:9c:27:39:49:91:82:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bc5c47b8f9e42a4928b7674316a71aa76d401e3c Validity Not Before: Dec 27 01:00:59 2025 GMT Not After : Dec 28 01:00:59 2025 GMT Subject: CN=35a33b224961b8c6b8c6083520a79d10a138903c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:c0:d1:64:49:d9:15:cf:b4:f1:05:f3:89:bc: 0b:76:38:70:4a:24:15:f1:ac:4a:59:b2:0e:03:7e: 46:60:e3:27:a2:89:62:ac:ba:22:23:ff:bd:58:7f: 1a:86:83:f9:0f:b4:d4:18:b7:53:8f:53:f3:e2:15: 6e:e8:1e:dd:74:b6:09:f2:4a:c7:69:a3:e3:d4:76: a8:9e:5d:bc:57:9f:cc:80:fd:be:d7:1c:43:e6:78: f6:1c:48:88:c3:c1:62:a3:8f:16:6b:bc:e3:4f:ac: 74:67:78:d1:60:6f:70:c4:05:00:bb:52:05:f3:53: a8:6d:2d:29:87:45:e0:2c:1c:de:6e:7b:8c:52:96: f3:68:18:e0:57:d1:83:d7:04:cd:8c:47:d2:ee:61: 6d:29:a5:a9:87:47:f0:3e:a5:c6:1f:aa:ca:00:1b: ec:c8:e0:6a:fa:45:fc:da:b3:0b:6b:84:6b:6b:06: bc:e1:d0:33:e5:2c:ca:ca:a3:1b:53:bb:11:73:5f: e6:de:80:a5:28:0e:7c:81:53:83:e1:6d:6c:3d:aa: 57:2c:f9:43:1d:86:5b:8a:3d:30:05:14:4c:51:c4: a2:18:47:63:76:2b:4f:a9:ac:32:22:fd:95:e7:39: 16:87:fd:59:a2:d2:c0:6b:ef:fd:33:77:fd:d6:00: d9:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:A3:3B:22:49:61:B8:C6:B8:C6:08:35:20:A7:9D:10:A1:38:90:3C X509v3 Authority Key Identifier: keyid:BC:5C:47:B8:F9:E4:2A:49:28:B7:67:43:16:A7:1A:A7:6D:40:1E:3C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vFxHuPnkKkkot2dDFqcap21AHjw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 09:20:d3:b8:96:e3:ee:4a:a2:ce:cf:d0:88:52:4f:f1:2a:c6: af:b6:34:49:6e:2e:12:ce:2a:05:53:d9:94:d6:b3:3d:64:45: eb:8d:72:1f:b7:70:3b:1f:59:33:db:b6:f8:38:a6:51:f1:19: 72:0e:7a:50:b4:f7:09:22:f7:ad:e5:ef:66:24:da:85:30:ae: 07:4b:3d:69:7a:6b:5c:8e:30:1d:ec:4f:50:bc:b4:c7:f3:c5: 51:c1:05:ff:37:ec:e5:ee:93:86:de:56:cc:26:2d:ec:fb:62: ff:b2:ec:59:2b:86:8e:a3:f7:46:92:41:33:fc:a9:19:39:ef: b3:8d:00:3d:2e:17:b8:10:07:ff:d3:cd:25:80:18:ee:de:3e: 9d:fb:51:e6:97:68:3c:2c:cf:b0:fe:8b:30:51:b2:1d:11:69: e5:21:78:0e:03:e5:29:2d:c8:46:96:53:be:2d:db:55:af:02: 15:26:4a:05:86:ac:6b:00:55:f4:3e:7f:ef:00:4c:99:7a:91: cc:fb:35:c6:f6:5d:b5:0c:f1:99:7d:cf:28:ce:29:05:c8:65: d8:21:9b:a2:4c:11:84:dd:ee:4d:bc:45:97:b3:96:3a:8a:87: 1a:25:93:49:37:4e:b8:8c:04:3e:fa:4f:6d:75:1e:66:cf:f7: 2c:62:90:5e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtdUrJporV+5NCcJzlJkYL7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJjNWM0N2I4ZjllNDJhNDkyOGI3Njc0MzE2YTcxYWE3NmQ0 MDFlM2MwHhcNMjUxMjI3MDEwMDU5WhcNMjUxMjI4MDEwMDU5WjAzMTEwLwYDVQQD EygzNWEzM2IyMjQ5NjFiOGM2YjhjNjA4MzUyMGE3OWQxMGExMzg5MDNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsDRZEnZFc+08QXzibwLdjhwSiQV 8axKWbIOA35GYOMnoolirLoiI/+9WH8ahoP5D7TUGLdTj1Pz4hVu6B7ddLYJ8krH aaPj1Haonl28V5/MgP2+1xxD5nj2HEiIw8Fio48Wa7zjT6x0Z3jRYG9wxAUAu1IF 81OobS0ph0XgLBzebnuMUpbzaBjgV9GD1wTNjEfS7mFtKaWph0fwPqXGH6rKABvs yOBq+kX82rMLa4Rrawa84dAz5SzKyqMbU7sRc1/m3oClKA58gVOD4W1sPapXLPlD HYZbij0wBRRMUcSiGEdjditPqawyIv2V5zkWh/1ZotLAa+/9M3f91gDZjwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDWjOyJJYbjGuMYINSCnnRChOJA8MB8GA1UdIwQY MBaAFLxcR7j55CpJKLdnQxanGqdtQB48MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdkZ4SHVQbmtLa2tvdDJkREZxY2FwMjFBSGp3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9mZDg3NjItNDdiYy00NTExLTkzYTUt N2ExOGMxNzkwNzZkLzEvdkZ4SHVQbmtLa2tvdDJkREZxY2FwMjFBSGp3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNC9mZDg3NjItNDdiYy00NTExLTkzYTUtN2ExOGMxNzkwNzZk LzEvdkZ4SHVQbmtLa2tvdDJkREZxY2FwMjFBSGp3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACSDTuJbj 7kqizs/QiFJP8SrGr7Y0SW4uEs4qBVPZlNazPWRF641yH7dwOx9ZM9u2+DimUfEZ cg56ULT3CSL3reXvZiTahTCuB0s9aXprXI4wHexPULy0x/PFUcEF/zfs5e6Tht5W zCYt7Pti/7LsWSuGjqP3RpJBM/ypGTnvs40APS4XuBAH/9PNJYAY7t4+nftR5pdo PCzPsP6LMFGyHRFp5SF4DgPlKS3IRpZTvi3bVa8CFSZKBYasawBV9D5/7wBMmXqR zPs1xvZdtQzxmX3PKM4pBchl2CGbokwRhN3uTbxFl7OWOoqHGiWTSTdOuIwEPvpP bXUeZs/3LGKQXg== -----END CERTIFICATE-----Generated at Sat Dec 27 07:23:40 2025 by rpki-client