This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft File: EST0oQ141Lq7esUlnCG3Pv5XetA.mft (raw, json) Hash identifier: IF4VAIYHPLqmjZi4kdOVzpXfaJPr6XtiHQwc5LI6CHE= Subject key identifier: BF:26:BD:34:A5:C1:A2:40:74:2C:F1:85:E2:1E:A6:8D:F1:29:76:08 Authority key identifier: 11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0 Certificate issuer: /CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0 Certificate serial: 019B416DD8A9968B30C14E404A7B4A4E5672 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft Manifest number: 0449 Signing time: Sun 21 Dec 2025 15:01:16 +0000 Manifest this update: Sun 21 Dec 2025 15:01:16 +0000 Manifest next update: Mon 22 Dec 2025 15:01:16 +0000 Files and hashes: 1: EST0oQ141Lq7esUlnCG3Pv5XetA.crl (hash: OPUUbkf+2w8kd1rNDLXS7/mHmbtg9IVV33k+N3K7NEk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 15:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:6d:d8:a9:96:8b:30:c1:4e:40:4a:7b:4a:4e:56:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0 Validity Not Before: Dec 21 15:01:16 2025 GMT Not After : Dec 22 15:01:16 2025 GMT Subject: CN=bf26bd34a5c1a240742cf185e21ea68df1297608 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:bb:70:56:e5:10:f1:11:fc:da:aa:85:01:a1: 85:dd:88:25:9a:ab:d7:19:f2:c5:3b:61:bc:1c:d1: f5:a1:6a:8c:bc:1a:03:37:6f:5b:fa:3f:cd:62:30: ce:e4:cd:87:ef:cf:f9:44:9f:4d:b1:54:10:c4:64: 94:6d:46:d2:ff:a9:09:68:f5:c5:1d:39:78:6f:7b: f0:27:03:b3:46:5b:b3:b8:6c:f0:28:55:e0:f8:7b: ea:3a:72:50:23:6e:48:30:38:e8:ab:d8:74:2c:29: 7d:98:98:c9:39:d2:37:3b:20:bf:3c:2c:6c:0b:2f: dd:9e:b7:f5:51:82:fb:33:22:88:6e:1f:c4:17:3d: 7d:e9:f0:99:56:b6:fd:b7:77:11:b9:73:b0:8b:17: 9d:20:ce:74:2c:89:67:f5:63:f6:65:a5:d1:dc:2d: 0e:af:7f:c4:ec:bb:fb:1b:80:9b:bf:9b:ec:63:a4: 22:75:d4:6f:9f:44:8d:6c:15:9e:c0:c7:9d:4b:aa: cf:2e:70:23:e9:48:e8:13:07:0a:66:f7:07:45:e4: 7a:aa:f0:08:1d:b3:fe:03:b1:07:15:3f:38:d9:f6: b5:a5:7e:7f:f4:72:ef:88:f7:a1:cc:1e:ed:81:47: 7a:46:29:fa:ed:5d:b8:77:27:69:18:47:ff:10:ec: a1:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:26:BD:34:A5:C1:A2:40:74:2C:F1:85:E2:1E:A6:8D:F1:29:76:08 X509v3 Authority Key Identifier: keyid:11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:86:ed:58:46:3b:5a:ce:b6:cf:a2:3f:30:8b:b4:87:d2:e1: 41:b2:94:ff:09:3f:83:83:3b:8c:7b:9c:cd:d8:99:6e:94:67: 08:b5:d4:47:81:75:31:8b:2b:17:44:dd:d7:a1:c9:a9:8d:f7: 1e:a0:18:9a:97:98:41:bc:71:84:27:33:2c:70:7d:4b:bb:5a: ec:9f:3b:06:ae:fc:a2:62:66:e4:54:b0:bb:8b:c4:1e:8e:40: 54:71:6a:4d:fb:8f:e6:48:a5:38:f1:61:f5:d7:6e:53:ee:8a: cf:48:de:1b:b8:cc:6c:cd:6c:0e:81:30:47:95:95:32:cf:5b: c1:80:e7:4e:54:1c:fb:7f:4e:b8:09:a9:29:97:67:fe:25:80: e9:a1:7a:d9:fc:79:c5:9d:08:96:58:97:42:94:a2:9e:52:36: 1d:0d:6e:bd:3f:39:42:17:50:f6:23:3c:30:ea:73:54:71:fc: a0:35:1d:53:9e:93:ce:6f:92:5f:6f:d1:74:30:69:46:ce:1e: 76:d9:82:0d:fb:fe:5d:17:16:9a:07:87:52:48:ce:14:a5:54: 85:f0:69:fe:c2:dd:a4:e9:b5:2e:36:40:eb:5e:af:24:d8:91: aa:08:7b:40:0e:0f:75:63:f4:66:d8:1e:03:8e:f8:c1:e2:6e: 8a:f7:61:6c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtBbdiploswwU5ASntKTlZyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDExMjRmNGExMGQ3OGQ0YmFiYjdhYzUyNTljMjFiNzNlZmU1 NzdhZDAwHhcNMjUxMjIxMTUwMTE2WhcNMjUxMjIyMTUwMTE2WjAzMTEwLwYDVQQD EyhiZjI2YmQzNGE1YzFhMjQwNzQyY2YxODVlMjFlYTY4ZGYxMjk3NjA4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7twVuUQ8RH82qqFAaGF3YglmqvX GfLFO2G8HNH1oWqMvBoDN29b+j/NYjDO5M2H78/5RJ9NsVQQxGSUbUbS/6kJaPXF HTl4b3vwJwOzRluzuGzwKFXg+HvqOnJQI25IMDjoq9h0LCl9mJjJOdI3OyC/PCxs Cy/dnrf1UYL7MyKIbh/EFz196fCZVrb9t3cRuXOwixedIM50LIln9WP2ZaXR3C0O r3/E7Lv7G4Cbv5vsY6QiddRvn0SNbBWewMedS6rPLnAj6UjoEwcKZvcHReR6qvAI HbP+A7EHFT842fa1pX5/9HLviPehzB7tgUd6Rin67V24dydpGEf/EOyhewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL8mvTSlwaJAdCzxheIepo3xKXYIMB8GA1UdIwQY MBaAFBEk9KENeNS6u3rFJZwhtz7+V3rQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5Zjgt M2RjMzA2Y2VhNTkxLzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5ZjgtM2RjMzA2Y2VhNTkx LzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWYbtWEY7 Ws62z6I/MIu0h9LhQbKU/wk/g4M7jHuczdiZbpRnCLXUR4F1MYsrF0Td16HJqY33 HqAYmpeYQbxxhCczLHB9S7ta7J87Bq78omJm5FSwu4vEHo5AVHFqTfuP5kilOPFh 9dduU+6Kz0jeG7jMbM1sDoEwR5WVMs9bwYDnTlQc+39OuAmpKZdn/iWA6aF62fx5 xZ0IlliXQpSinlI2HQ1uvT85QhdQ9iM8MOpzVHH8oDUdU56Tzm+SX2/RdDBpRs4e dtmCDfv+XRcWmgeHUkjOFKVUhfBp/sLdpOm1LjZA616vJNiRqgh7QA4PdWP0Ztge A474weJuivdhbA== -----END CERTIFICATE-----Generated at Mon Dec 22 00:05:56 2025 by rpki-client