This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft File: tU0YlEyigIUFOR3pf6nWsrxhiZo.mft (raw, json) Hash identifier: preUL4Iz9W/rA9Z9/GdPICOpFu6aHZkBUeaNcpY1L1c= Subject key identifier: 90:C8:2D:D6:B1:2A:BA:09:3C:C9:88:87:71:28:33:B1:DA:0F:50:A9 Authority key identifier: B5:4D:18:94:4C:A2:80:85:05:39:1D:E9:7F:A9:D6:B2:BC:61:89:9A Certificate issuer: /CN=b54d18944ca2808505391de97fa9d6b2bc61899a Certificate serial: 019B4A039DD9B975DD66424AB5695FCE4A9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tU0YlEyigIUFOR3pf6nWsrxhiZo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft Manifest number: 122C Signing time: Tue 23 Dec 2025 07:01:49 +0000 Manifest this update: Tue 23 Dec 2025 07:01:49 +0000 Manifest next update: Wed 24 Dec 2025 07:01:49 +0000 Files and hashes: 1: tU0YlEyigIUFOR3pf6nWsrxhiZo.crl (hash: DajpCpLUglJQmLuoHvyCwNNmo42okX71dy4CMryVLnw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft rsync://rpki.ripe.net/repository/DEFAULT/tU0YlEyigIUFOR3pf6nWsrxhiZo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 07:01:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:03:9d:d9:b9:75:dd:66:42:4a:b5:69:5f:ce:4a:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b54d18944ca2808505391de97fa9d6b2bc61899a Validity Not Before: Dec 23 07:01:49 2025 GMT Not After : Dec 24 07:01:49 2025 GMT Subject: CN=90c82dd6b12aba093cc98887712833b1da0f50a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:85:df:88:a7:0d:a1:ca:7f:cc:5b:10:27:95: a6:29:ff:65:c2:82:2e:94:28:0a:ef:d4:21:7b:4a: 94:44:ee:10:a4:bf:91:46:fe:ce:9b:35:02:34:78: c5:ac:2b:76:c1:ea:cf:e8:c7:df:da:12:5d:da:9a: 05:25:51:f0:a0:cb:f5:96:60:48:ff:f7:00:fb:60: 90:17:73:5a:e2:92:fa:8c:01:78:44:4c:a9:d7:54: dd:47:2b:6c:b7:24:88:d6:6d:f5:96:e7:25:47:b8: 86:88:6d:da:73:ce:73:21:61:fc:81:9d:79:2e:97: bc:1d:1a:b8:87:eb:9d:c6:08:29:13:78:6c:cb:07: d2:b1:21:36:90:1a:da:61:4f:58:fe:5f:18:80:82: 15:eb:25:4e:21:e2:37:40:c0:35:fb:ec:8f:a3:0a: 97:0f:3f:e6:d5:3e:ef:f4:97:44:00:f6:6f:d9:64: 46:cb:c1:a8:fd:69:dd:fa:03:2e:05:0d:e5:fd:5c: 13:13:66:8f:73:50:1e:95:6d:ca:46:65:e4:72:cd: 2a:54:85:c5:68:c8:c7:4a:99:c6:73:a9:c1:30:23: 87:9d:6d:21:ad:38:03:2e:68:58:10:6f:19:68:b1: 4f:ea:eb:be:89:b4:84:cb:b8:bb:4b:64:f1:c9:ee: 83:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:C8:2D:D6:B1:2A:BA:09:3C:C9:88:87:71:28:33:B1:DA:0F:50:A9 X509v3 Authority Key Identifier: keyid:B5:4D:18:94:4C:A2:80:85:05:39:1D:E9:7F:A9:D6:B2:BC:61:89:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tU0YlEyigIUFOR3pf6nWsrxhiZo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5d:66:01:05:c3:cd:89:3a:4b:66:71:24:5d:4a:d0:8e:98:32: 0f:a6:5b:b0:69:9c:07:37:80:a1:c9:7d:70:93:a1:08:94:cf: c5:e0:7a:86:c1:fb:fa:c8:9b:cd:29:ce:d7:85:0d:8a:96:30: 6d:ba:3a:90:82:60:80:34:c8:ea:f4:e2:7e:74:4c:a1:c3:22: 70:10:fb:a3:36:b2:37:61:45:ce:1b:1e:48:d4:a4:ab:f0:cb: 8d:9a:02:23:fe:42:ed:87:ff:f8:90:8a:ed:e7:0c:e3:d8:67: 1e:be:3e:ae:78:93:9b:af:57:2a:de:78:05:95:4f:9f:24:cf: fb:b0:c3:bc:68:c4:5d:3d:af:ef:8f:0b:b2:c2:28:aa:bf:a3: ab:95:3d:28:f4:08:5e:87:36:2b:58:38:46:6c:2e:3f:ee:7d: 50:2a:d0:9d:81:ff:c9:e3:93:63:46:29:ce:e6:22:91:77:e5: eb:b3:9b:aa:59:8e:42:ae:8a:74:8c:c5:d9:71:1f:27:c5:47: bc:b2:7e:aa:29:f5:c9:54:65:4b:1c:10:6b:9f:76:cb:80:89: 5c:98:e5:ec:d3:b2:93:2a:e9:0f:20:84:89:37:a9:14:5e:ac: 1b:1b:5d:b8:41:50:bc:e4:14:51:07:4f:ff:d2:70:70:08:bd: 69:63:5d:30 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKA53ZuXXdZkJKtWlfzkqcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1NGQxODk0NGNhMjgwODUwNTM5MWRlOTdmYTlkNmIyYmM2 MTg5OWEwHhcNMjUxMjIzMDcwMTQ5WhcNMjUxMjI0MDcwMTQ5WjAzMTEwLwYDVQQD Eyg5MGM4MmRkNmIxMmFiYTA5M2NjOTg4ODc3MTI4MzNiMWRhMGY1MGE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYXfiKcNocp/zFsQJ5WmKf9lwoIu lCgK79Qhe0qURO4QpL+RRv7OmzUCNHjFrCt2werP6Mff2hJd2poFJVHwoMv1lmBI //cA+2CQF3Na4pL6jAF4REyp11TdRytstySI1m31luclR7iGiG3ac85zIWH8gZ15 Lpe8HRq4h+udxggpE3hsywfSsSE2kBraYU9Y/l8YgIIV6yVOIeI3QMA1++yPowqX Dz/m1T7v9JdEAPZv2WRGy8Go/Wnd+gMuBQ3l/VwTE2aPc1AelW3KRmXkcs0qVIXF aMjHSpnGc6nBMCOHnW0hrTgDLmhYEG8ZaLFP6uu+ibSEy7i7S2Txye6DqQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJDILdaxKroJPMmIh3EoM7HaD1CpMB8GA1UdIwQY MBaAFLVNGJRMooCFBTkd6X+p1rK8YYmaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFUwWWxFeWlnSVVGT1IzcGY2bldzcnhoaVpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xYzI5ODQtZmQ4My00MWJhLWIxZGMt ZjY4M2I5NjgxZDYxLzEvdFUwWWxFeWlnSVVGT1IzcGY2bldzcnhoaVpvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC8xYzI5ODQtZmQ4My00MWJhLWIxZGMtZjY4M2I5NjgxZDYx LzEvdFUwWWxFeWlnSVVGT1IzcGY2bldzcnhoaVpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXWYBBcPN iTpLZnEkXUrQjpgyD6ZbsGmcBzeAocl9cJOhCJTPxeB6hsH7+sibzSnO14UNipYw bbo6kIJggDTI6vTifnRMocMicBD7ozayN2FFzhseSNSkq/DLjZoCI/5C7Yf/+JCK 7ecM49hnHr4+rniTm69XKt54BZVPnyTP+7DDvGjEXT2v748LssIoqr+jq5U9KPQI Xoc2K1g4RmwuP+59UCrQnYH/yeOTY0YpzuYikXfl67ObqlmOQq6KdIzF2XEfJ8VH vLJ+qin1yVRlSxwQa592y4CJXJjl7NOykyrpDyCEiTepFF6sGxtduEFQvOQUUQdP /9JwcAi9aWNdMA== -----END CERTIFICATE-----Generated at Tue Dec 23 15:23:52 2025 by rpki-client