This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/dcf32f-326d-4e40-85a3-ccc877b5a375/1/sxU2q-49e1S4MDubxpqKq76XAOQ.mft File: sxU2q-49e1S4MDubxpqKq76XAOQ.mft (raw, json) Hash identifier: 5jaLZ9LQTFettLRvVW9PL1g3XL7/zwSj8V9SsP27tS4= Subject key identifier: AB:8F:AA:03:83:48:97:03:80:25:DA:00:DC:51:06:32:FF:D9:F2:54 Authority key identifier: B3:15:36:AB:EE:3D:7B:54:B8:30:3B:9B:C6:9A:8A:AB:BE:97:00:E4 Certificate issuer: /CN=b31536abee3d7b54b8303b9bc69a8aabbe9700e4 Certificate serial: 019B82040E59B9A10E7911EDE9F29018BA70 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sxU2q-49e1S4MDubxpqKq76XAOQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/dcf32f-326d-4e40-85a3-ccc877b5a375/1/sxU2q-49e1S4MDubxpqKq76XAOQ.mft Manifest number: 09C1 Signing time: Sat 03 Jan 2026 04:01:02 +0000 Manifest this update: Sat 03 Jan 2026 04:01:02 +0000 Manifest next update: Sun 04 Jan 2026 04:01:02 +0000 Files and hashes: 1: sxU2q-49e1S4MDubxpqKq76XAOQ.crl (hash: 42csMCbTjqPfB0dVPSZdxyGv9Vamk9AY2YrYDo3wF8I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/dcf32f-326d-4e40-85a3-ccc877b5a375/1/sxU2q-49e1S4MDubxpqKq76XAOQ.crl rsync://rpki.ripe.net/repository/DEFAULT/38/dcf32f-326d-4e40-85a3-ccc877b5a375/1/sxU2q-49e1S4MDubxpqKq76XAOQ.mft rsync://rpki.ripe.net/repository/DEFAULT/sxU2q-49e1S4MDubxpqKq76XAOQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 21:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:82:04:0e:59:b9:a1:0e:79:11:ed:e9:f2:90:18:ba:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b31536abee3d7b54b8303b9bc69a8aabbe9700e4 Validity Not Before: Jan 3 04:01:02 2026 GMT Not After : Jan 4 04:01:02 2026 GMT Subject: CN=ab8faa03834897038025da00dc510632ffd9f254 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:17:3a:f2:84:e6:33:45:7f:50:c7:71:01:9c: 51:a3:da:46:e1:af:ea:b4:0d:48:92:c0:cd:dc:99: 66:b6:42:ba:2c:19:ac:ac:87:df:7f:b0:e1:b4:38: f6:2f:c4:95:3d:d3:dc:49:bb:b9:7a:d1:dc:f4:64: 9a:d8:24:45:25:77:46:b2:da:1c:1f:d9:00:4c:39: db:ae:bb:39:88:c5:72:da:52:2c:49:dc:2e:0c:f1: a3:12:3d:ba:46:60:03:38:f5:dc:c7:c3:62:4a:92: ac:bf:c1:9a:2b:7c:2d:01:7c:29:20:e5:a5:ed:f9: 8f:0b:17:53:ae:23:3c:43:f0:74:ec:1f:98:5f:ab: 82:3e:57:9a:3d:84:e7:bf:ed:d1:e7:c3:a4:7a:fe: df:d9:ae:0c:11:a2:fb:63:36:0f:40:30:05:8a:c8: 06:d5:19:2d:52:38:77:0a:fa:ac:ec:b6:ba:c6:77: 6d:bc:be:8b:9f:29:f0:ef:a2:fa:8b:58:65:97:f3: d2:c9:a9:c5:bb:36:c7:13:1c:cf:a4:aa:f6:1f:bd: 72:f1:e2:af:c0:e1:8c:9d:3d:0a:27:c7:3b:ab:78: 67:a3:d4:f4:ca:03:c2:ab:c3:fc:94:e2:52:b5:00: 29:b8:d6:63:73:0b:9b:1e:3f:54:08:0b:88:d3:91: 83:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:8F:AA:03:83:48:97:03:80:25:DA:00:DC:51:06:32:FF:D9:F2:54 X509v3 Authority Key Identifier: keyid:B3:15:36:AB:EE:3D:7B:54:B8:30:3B:9B:C6:9A:8A:AB:BE:97:00:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxU2q-49e1S4MDubxpqKq76XAOQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/dcf32f-326d-4e40-85a3-ccc877b5a375/1/sxU2q-49e1S4MDubxpqKq76XAOQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/38/dcf32f-326d-4e40-85a3-ccc877b5a375/1/sxU2q-49e1S4MDubxpqKq76XAOQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 94:4f:02:c7:8b:20:15:28:9d:cb:af:cc:46:bb:a0:3c:a9:7d: 39:40:b6:eb:9d:b8:59:a5:cf:99:69:03:63:41:21:06:0d:c2: 12:85:05:4b:3c:30:56:0d:8d:f7:77:b8:dd:bf:40:b5:36:48: 59:a3:11:e2:8a:2e:6f:a9:e0:77:8c:62:ee:4a:26:32:04:2e: c9:7d:7b:7d:8b:da:31:f3:37:98:a7:ab:f0:3c:a7:93:01:e7: 10:89:a5:53:50:27:07:c8:b5:5b:2d:bc:f1:e0:57:ad:76:b6: ba:fa:27:54:12:ed:55:71:4f:cd:b4:9b:e5:7b:a3:ef:8a:70: c4:8c:9e:04:19:b0:36:f4:d6:6c:fd:12:5b:d9:07:2d:ce:0a: b7:da:c5:8a:51:9b:6c:c5:54:c2:37:d6:2d:8e:b7:d0:7d:9a: fd:3f:f0:39:ed:a8:9b:80:88:9e:98:65:53:f7:b1:d0:f2:d7: 42:41:2c:1b:ee:15:15:a0:78:c3:f0:43:04:58:3c:06:75:38: 31:68:87:72:d1:df:be:43:f9:0b:95:3f:43:bb:70:c9:e3:c5: 9d:94:86:c1:e8:cf:a5:84:f9:b9:2f:20:04:8b:f8:a1:46:66: 29:5c:2e:30:bd:3d:36:4e:7c:d5:6b:ca:b0:36:aa:d0:5e:79: 7e:ec:22:e3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuCBA5ZuaEOeRHt6fKQGLpwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzMTUzNmFiZWUzZDdiNTRiODMwM2I5YmM2OWE4YWFiYmU5 NzAwZTQwHhcNMjYwMTAzMDQwMTAyWhcNMjYwMTA0MDQwMTAyWjAzMTEwLwYDVQQD EyhhYjhmYWEwMzgzNDg5NzAzODAyNWRhMDBkYzUxMDYzMmZmZDlmMjU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxc68oTmM0V/UMdxAZxRo9pG4a/q tA1IksDN3JlmtkK6LBmsrIfff7DhtDj2L8SVPdPcSbu5etHc9GSa2CRFJXdGstoc H9kATDnbrrs5iMVy2lIsSdwuDPGjEj26RmADOPXcx8NiSpKsv8GaK3wtAXwpIOWl 7fmPCxdTriM8Q/B07B+YX6uCPleaPYTnv+3R58Okev7f2a4MEaL7YzYPQDAFisgG 1RktUjh3Cvqs7La6xndtvL6Lnynw76L6i1hll/PSyanFuzbHExzPpKr2H71y8eKv wOGMnT0KJ8c7q3hno9T0ygPCq8P8lOJStQApuNZjcwubHj9UCAuI05GDswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKuPqgODSJcDgCXaANxRBjL/2fJUMB8GA1UdIwQY MBaAFLMVNqvuPXtUuDA7m8aaiqu+lwDkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc3hVMnEtNDllMVM0TUR1YnhwcUtxNzZYQU9RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9kY2YzMmYtMzI2ZC00ZTQwLTg1YTMt Y2NjODc3YjVhMzc1LzEvc3hVMnEtNDllMVM0TUR1YnhwcUtxNzZYQU9RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOC9kY2YzMmYtMzI2ZC00ZTQwLTg1YTMtY2NjODc3YjVhMzc1 LzEvc3hVMnEtNDllMVM0TUR1YnhwcUtxNzZYQU9RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlE8Cx4sg FSidy6/MRrugPKl9OUC26524WaXPmWkDY0EhBg3CEoUFSzwwVg2N93e43b9AtTZI WaMR4ooub6ngd4xi7komMgQuyX17fYvaMfM3mKer8DynkwHnEImlU1AnB8i1Wy28 8eBXrXa2uvonVBLtVXFPzbSb5Xuj74pwxIyeBBmwNvTWbP0SW9kHLc4Kt9rFilGb bMVUwjfWLY630H2a/T/wOe2om4CInphlU/ex0PLXQkEsG+4VFaB4w/BDBFg8BnU4 MWiHctHfvkP5C5U/Q7twyePFnZSGwejPpYT5uS8gBIv4oUZmKVwuML09Nk581WvK sDaq0F55fuwi4w== -----END CERTIFICATE-----Generated at Sat Jan 3 06:55:05 2026 by rpki-client