This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/71345d-2f2d-4b59-9e67-16e1308737b0/1/1CzEAmfjWS4bUvDwCWyx8vCvFn0.mft File: 1CzEAmfjWS4bUvDwCWyx8vCvFn0.mft (raw, json) Hash identifier: XKHIl9DXIbcovjH34qLhYgrnS77fLHfx/R8xZEOYjVs= Subject key identifier: BE:9C:43:98:8A:E4:A3:6B:2B:DE:77:8B:21:57:42:2B:58:24:6E:D6 Authority key identifier: D4:2C:C4:02:67:E3:59:2E:1B:52:F0:F0:09:6C:B1:F2:F0:AF:16:7D Certificate issuer: /CN=d42cc40267e3592e1b52f0f0096cb1f2f0af167d Certificate serial: 019B4693F8B4F725F0BE895A2054E7226097 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1CzEAmfjWS4bUvDwCWyx8vCvFn0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/71345d-2f2d-4b59-9e67-16e1308737b0/1/1CzEAmfjWS4bUvDwCWyx8vCvFn0.mft Manifest number: 04A5 Signing time: Mon 22 Dec 2025 15:01:00 +0000 Manifest this update: Mon 22 Dec 2025 15:01:00 +0000 Manifest next update: Tue 23 Dec 2025 15:01:00 +0000 Files and hashes: 1: 1CzEAmfjWS4bUvDwCWyx8vCvFn0.crl (hash: 13af05EmJ8v3bwlzYknJm27K/TMc6n2YQa+7g1nSM0E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/71345d-2f2d-4b59-9e67-16e1308737b0/1/1CzEAmfjWS4bUvDwCWyx8vCvFn0.crl rsync://rpki.ripe.net/repository/DEFAULT/53/71345d-2f2d-4b59-9e67-16e1308737b0/1/1CzEAmfjWS4bUvDwCWyx8vCvFn0.mft rsync://rpki.ripe.net/repository/DEFAULT/1CzEAmfjWS4bUvDwCWyx8vCvFn0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 15:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:46:93:f8:b4:f7:25:f0:be:89:5a:20:54:e7:22:60:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d42cc40267e3592e1b52f0f0096cb1f2f0af167d Validity Not Before: Dec 22 15:01:00 2025 GMT Not After : Dec 23 15:01:00 2025 GMT Subject: CN=be9c43988ae4a36b2bde778b2157422b58246ed6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:a6:87:df:d8:3b:61:d9:b3:a0:e4:ea:4f:b2: 60:2e:cd:94:e1:97:a2:cc:3d:f4:02:a8:87:c9:8e: 0f:38:1c:14:0d:dd:f1:bf:ee:d5:34:1d:51:1f:2e: 30:31:9f:4b:60:ff:d0:9c:d3:59:7b:1c:35:7d:ac: e6:e9:44:e8:03:c9:22:c3:73:52:7e:9c:3d:2c:53: cb:46:6a:3c:e4:cd:91:ce:1f:6d:71:3f:a2:3a:c0: 32:5e:8e:7d:ca:2c:32:ea:c6:62:a5:87:7a:b7:de: 74:2f:50:25:d6:25:86:59:18:97:3d:ef:57:59:42: c6:a3:4a:27:6a:6f:6c:52:a8:25:ee:24:3a:c0:7d: 9e:e4:f8:a7:49:6d:70:a0:1d:15:b1:c0:22:b8:58: 58:1f:e6:86:f6:89:d9:10:bc:9b:8c:80:d0:fd:be: 69:28:c8:ed:60:9f:ca:f7:39:74:67:e3:43:08:b9: bd:5a:e2:08:fb:e6:09:0d:c6:19:bd:36:4f:45:72: 5a:4c:92:ba:ac:5a:93:80:f0:eb:e9:1f:1a:5e:4b: d7:c3:73:2e:d5:60:2a:16:09:1f:63:7f:93:ef:45: 32:0c:4a:4f:ad:69:75:80:59:82:47:2a:74:8d:d9: ed:b3:6f:c2:e2:45:47:42:f3:54:55:e7:98:83:4a: 24:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:9C:43:98:8A:E4:A3:6B:2B:DE:77:8B:21:57:42:2B:58:24:6E:D6 X509v3 Authority Key Identifier: keyid:D4:2C:C4:02:67:E3:59:2E:1B:52:F0:F0:09:6C:B1:F2:F0:AF:16:7D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1CzEAmfjWS4bUvDwCWyx8vCvFn0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/71345d-2f2d-4b59-9e67-16e1308737b0/1/1CzEAmfjWS4bUvDwCWyx8vCvFn0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/71345d-2f2d-4b59-9e67-16e1308737b0/1/1CzEAmfjWS4bUvDwCWyx8vCvFn0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 67:2a:1b:37:5d:5f:21:52:e0:8b:12:47:dc:be:4e:78:75:69: f8:1e:c8:fe:9f:e5:24:e0:93:14:45:44:0a:6a:83:12:15:a2: 2b:a4:10:cc:e4:91:1b:38:2e:2a:09:c9:36:4b:1c:8d:b8:2a: 2a:62:24:7c:50:8e:a6:16:5c:68:6d:20:09:61:2b:21:f0:b7: 8a:9c:96:1f:e9:37:40:52:33:95:25:92:0a:ef:59:a8:bd:09: 88:9f:00:af:16:f6:d4:6d:15:c1:76:89:12:45:d5:41:ba:2e: 79:0e:18:54:4c:ef:99:8d:da:82:7e:c0:80:ae:d4:a9:93:3b: 84:30:18:0e:a9:31:ad:a5:5a:21:b9:6b:b5:3f:e2:c1:2b:b6: dc:6a:7f:7d:19:6b:5b:cc:f7:bb:8f:f5:a3:c8:b4:04:de:63: 2d:8a:7b:0f:89:e1:ba:d9:d4:59:b5:5f:df:05:a3:ec:77:89: ba:87:47:42:ff:56:89:7f:0e:a6:b0:1d:3c:c2:17:ea:5a:29: 5a:69:cf:bc:28:02:66:ab:68:7f:d5:68:f9:3b:1b:65:eb:0f: 2e:f6:aa:78:4d:01:68:ef:4e:ee:b2:8a:1a:e4:24:16:77:01: 6c:86:67:2e:aa:f2:7e:47:a4:b3:53:bd:36:19:f9:55:d1:4e: ba:2d:ee:b8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtGk/i09yXwvolaIFTnImCXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0MmNjNDAyNjdlMzU5MmUxYjUyZjBmMDA5NmNiMWYyZjBh ZjE2N2QwHhcNMjUxMjIyMTUwMTAwWhcNMjUxMjIzMTUwMTAwWjAzMTEwLwYDVQQD EyhiZTljNDM5ODhhZTRhMzZiMmJkZTc3OGIyMTU3NDIyYjU4MjQ2ZWQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraaH39g7YdmzoOTqT7JgLs2U4Zei zD30AqiHyY4POBwUDd3xv+7VNB1RHy4wMZ9LYP/QnNNZexw1fazm6UToA8kiw3NS fpw9LFPLRmo85M2Rzh9tcT+iOsAyXo59yiwy6sZipYd6t950L1Al1iWGWRiXPe9X WULGo0onam9sUqgl7iQ6wH2e5PinSW1woB0VscAiuFhYH+aG9onZELybjIDQ/b5p KMjtYJ/K9zl0Z+NDCLm9WuII++YJDcYZvTZPRXJaTJK6rFqTgPDr6R8aXkvXw3Mu 1WAqFgkfY3+T70UyDEpPrWl1gFmCRyp0jdnts2/C4kVHQvNUVeeYg0okpwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL6cQ5iK5KNrK953iyFXQitYJG7WMB8GA1UdIwQY MBaAFNQsxAJn41kuG1Lw8AlssfLwrxZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUN6RUFtZmpXUzRiVXZEd0NXeXg4dkN2Rm4wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My83MTM0NWQtMmYyZC00YjU5LTllNjct MTZlMTMwODczN2IwLzEvMUN6RUFtZmpXUzRiVXZEd0NXeXg4dkN2Rm4wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My83MTM0NWQtMmYyZC00YjU5LTllNjctMTZlMTMwODczN2Iw LzEvMUN6RUFtZmpXUzRiVXZEd0NXeXg4dkN2Rm4wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZyobN11f IVLgixJH3L5OeHVp+B7I/p/lJOCTFEVECmqDEhWiK6QQzOSRGzguKgnJNkscjbgq KmIkfFCOphZcaG0gCWErIfC3ipyWH+k3QFIzlSWSCu9ZqL0JiJ8Arxb21G0VwXaJ EkXVQboueQ4YVEzvmY3agn7AgK7UqZM7hDAYDqkxraVaIblrtT/iwSu23Gp/fRlr W8z3u4/1o8i0BN5jLYp7D4nhutnUWbVf3wWj7HeJuodHQv9WiX8OprAdPMIX6lop WmnPvCgCZqtof9Vo+TsbZesPLvaqeE0BaO9O7rKKGuQkFncBbIZnLqryfkeks1O9 Nhn5VdFOui3uuA== -----END CERTIFICATE-----Generated at Tue Dec 23 00:49:27 2025 by rpki-client