This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft File: RNvjYmp2sEoSCIlwSViGPUJjLw8.mft (raw, json) Hash identifier: d035k/bKdIQIrq1i4zH3+/eifaFEO5AjO+Jmd20wsNI= Subject key identifier: F7:F7:E8:78:52:AF:2F:EF:DD:55:4E:AF:71:B6:16:04:60:9D:3F:6D Authority key identifier: 44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F Certificate issuer: /CN=44dbe3626a76b04a120889704958863d42632f0f Certificate serial: 019B3EA3376327CDEEE1CCF872EF0332A5AB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft Manifest number: 0598 Signing time: Sun 21 Dec 2025 02:00:42 +0000 Manifest this update: Sun 21 Dec 2025 02:00:42 +0000 Manifest next update: Mon 22 Dec 2025 02:00:42 +0000 Files and hashes: 1: RNvjYmp2sEoSCIlwSViGPUJjLw8.crl (hash: fGdltSeeD6QJChiIiHh4qcg0iO3neU6fAYrhte3PS1w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:a3:37:63:27:cd:ee:e1:cc:f8:72:ef:03:32:a5:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=44dbe3626a76b04a120889704958863d42632f0f Validity Not Before: Dec 21 02:00:42 2025 GMT Not After : Dec 22 02:00:42 2025 GMT Subject: CN=f7f7e87852af2fefdd554eaf71b61604609d3f6d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:a1:ef:33:b7:47:0a:dc:30:98:4a:49:73:ba: 5b:24:17:67:cf:4f:a3:c4:de:a8:a2:79:68:42:59: b5:36:e2:06:cc:f0:4b:a9:0f:cf:ec:f2:48:c4:3c: 2e:9a:32:96:c6:b2:d6:f5:60:29:2c:6d:3b:c9:b4: 56:e7:15:ee:8d:cb:f0:26:b5:b1:fd:46:c8:de:71: 79:4e:a2:e7:78:76:1c:a5:fc:75:4c:d8:6e:22:9d: 7f:09:02:7c:a1:42:30:1e:1e:3e:c6:9c:c1:97:88: 98:4e:d0:5d:8c:b0:19:34:65:e6:83:b7:6e:6f:f4: b9:f9:0a:70:ac:1d:d0:f5:65:33:0c:c9:da:65:8a: 17:3c:ec:42:55:81:29:e2:a4:4d:0c:96:4b:f5:15: f8:06:d0:83:2d:88:41:65:8e:95:43:98:29:c2:0c: d7:dc:8d:97:61:0c:1a:be:be:ea:56:ab:81:0b:02: 82:63:a9:3f:6d:74:ab:13:65:30:5a:8f:b2:57:4e: 5b:94:a3:29:bb:6e:d1:7b:22:76:c3:5c:f1:39:b2: 03:af:52:cb:01:d6:ea:fa:90:c4:de:45:1e:58:5a: 88:d3:b1:94:70:41:e0:ef:60:2e:4a:ae:d0:87:c2: 2b:ad:db:d1:6d:ed:c7:39:c3:ae:38:10:20:9d:30: 12:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:F7:E8:78:52:AF:2F:EF:DD:55:4E:AF:71:B6:16:04:60:9D:3F:6D X509v3 Authority Key Identifier: keyid:44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption cc:4d:96:9b:52:66:59:bc:82:28:3d:73:c1:89:7e:2f:77:55: a2:48:d0:fc:67:5e:93:7f:b4:d9:18:e7:ac:de:fd:b2:53:71: 03:c0:cf:43:70:6f:76:18:d8:d7:1f:49:3d:04:f3:59:68:02: 18:be:6b:d7:46:5d:5c:c9:ba:06:15:f6:6c:06:58:7d:19:72: 20:42:bf:fe:fc:c1:d2:a0:41:e8:9b:c5:6d:f9:d2:dc:1b:1d: 40:f9:0b:78:e8:e7:58:28:b5:03:8f:21:80:00:31:99:05:c9: b3:df:75:7d:f2:db:83:32:b2:76:54:3b:25:12:62:e7:20:0d: 5d:cf:47:f0:22:1f:61:e3:7e:51:ca:4f:9f:13:be:00:8e:67: 62:1f:9a:d3:cf:2e:61:72:a6:de:ed:2e:3c:e0:85:58:30:9d: e1:5a:c3:1d:d6:ae:88:f0:3a:40:b9:e1:4a:dc:c6:b7:3e:73: b0:df:cd:ca:76:0b:f2:33:d1:9e:6c:1d:4e:4e:d4:d0:28:3e: bc:81:3a:51:6a:b8:14:90:09:d2:fd:90:85:45:b6:38:88:d9: 4a:76:07:ed:a2:76:17:6b:3f:db:e6:76:4b:d3:cb:d7:f2:0b: b0:56:3b:58:cd:41:e4:9c:4e:c1:7c:99:91:8a:7e:b2:9c:68: 78:9b:59:da -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+ozdjJ83u4cz4cu8DMqWrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ0ZGJlMzYyNmE3NmIwNGExMjA4ODk3MDQ5NTg4NjNkNDI2 MzJmMGYwHhcNMjUxMjIxMDIwMDQyWhcNMjUxMjIyMDIwMDQyWjAzMTEwLwYDVQQD EyhmN2Y3ZTg3ODUyYWYyZmVmZGQ1NTRlYWY3MWI2MTYwNDYwOWQzZjZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3qHvM7dHCtwwmEpJc7pbJBdnz0+j xN6oonloQlm1NuIGzPBLqQ/P7PJIxDwumjKWxrLW9WApLG07ybRW5xXujcvwJrWx /UbI3nF5TqLneHYcpfx1TNhuIp1/CQJ8oUIwHh4+xpzBl4iYTtBdjLAZNGXmg7du b/S5+QpwrB3Q9WUzDMnaZYoXPOxCVYEp4qRNDJZL9RX4BtCDLYhBZY6VQ5gpwgzX 3I2XYQwavr7qVquBCwKCY6k/bXSrE2UwWo+yV05blKMpu27ReyJ2w1zxObIDr1LL Adbq+pDE3kUeWFqI07GUcEHg72AuSq7Qh8IrrdvRbe3HOcOuOBAgnTASbwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPf36HhSry/v3VVOr3G2FgRgnT9tMB8GA1UdIwQY MBaAFETb42JqdrBKEgiJcElYhj1CYy8PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDkt ZGU4MWY5YWQ3NzljLzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDktZGU4MWY5YWQ3Nzlj LzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzE2Wm1Jm WbyCKD1zwYl+L3dVokjQ/Gdek3+02RjnrN79slNxA8DPQ3BvdhjY1x9JPQTzWWgC GL5r10ZdXMm6BhX2bAZYfRlyIEK//vzB0qBB6JvFbfnS3BsdQPkLeOjnWCi1A48h gAAxmQXJs991ffLbgzKydlQ7JRJi5yANXc9H8CIfYeN+UcpPnxO+AI5nYh+a088u YXKm3u0uPOCFWDCd4VrDHdauiPA6QLnhStzGtz5zsN/NynYL8jPRnmwdTk7U0Cg+ vIE6UWq4FJAJ0v2QhUW2OIjZSnYH7aJ2F2s/2+Z2S9PL1/ILsFY7WM1B5JxOwXyZ kYp+spxoeJtZ2g== -----END CERTIFICATE-----Generated at Sun Dec 21 04:23:13 2025 by rpki-client