This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/4a6ef1-b4ee-4a14-9384-4714f971b78b/1/RK3etuoTlfaY9C51Qa70kkJiX2I.mft File: RK3etuoTlfaY9C51Qa70kkJiX2I.mft (raw, json) Hash identifier: YQWYFbfv2WsL8z1XvCI8W4DLVM8XJMif8S+gvmRR1DA= Subject key identifier: 9D:5D:23:D0:14:EC:81:8B:05:7A:56:C9:A0:64:D3:C3:CE:CB:69:D4 Authority key identifier: 44:AD:DE:B6:EA:13:95:F6:98:F4:2E:75:41:AE:F4:92:42:62:5F:62 Certificate issuer: /CN=44addeb6ea1395f698f42e7541aef49242625f62 Certificate serial: 019B32D75B2F9F3C63AA730D7A88BACFDCE7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RK3etuoTlfaY9C51Qa70kkJiX2I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/4a6ef1-b4ee-4a14-9384-4714f971b78b/1/RK3etuoTlfaY9C51Qa70kkJiX2I.mft Manifest number: 1780 Signing time: Thu 18 Dec 2025 19:02:12 +0000 Manifest this update: Thu 18 Dec 2025 19:02:12 +0000 Manifest next update: Fri 19 Dec 2025 19:02:12 +0000 Files and hashes: 1: RK3etuoTlfaY9C51Qa70kkJiX2I.crl (hash: yBLP3LMRg8j3uisbdSCbQ0qX2W4y844efNNvZBnNTBw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/4a6ef1-b4ee-4a14-9384-4714f971b78b/1/RK3etuoTlfaY9C51Qa70kkJiX2I.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/4a6ef1-b4ee-4a14-9384-4714f971b78b/1/RK3etuoTlfaY9C51Qa70kkJiX2I.mft rsync://rpki.ripe.net/repository/DEFAULT/RK3etuoTlfaY9C51Qa70kkJiX2I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 19:02:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d7:5b:2f:9f:3c:63:aa:73:0d:7a:88:ba:cf:dc:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=44addeb6ea1395f698f42e7541aef49242625f62 Validity Not Before: Dec 18 19:02:12 2025 GMT Not After : Dec 19 19:02:12 2025 GMT Subject: CN=9d5d23d014ec818b057a56c9a064d3c3cecb69d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:1e:be:99:ed:54:33:10:69:55:d1:78:ff:3d: fb:aa:e6:ba:c4:75:ed:2f:da:22:14:62:51:a1:f9: 51:3c:6c:f4:1e:55:1a:33:b9:8c:d8:be:bc:3d:08: f5:fc:02:58:09:ce:b1:91:82:05:74:2d:92:c7:ca: 97:35:64:4c:ae:c4:33:a9:3a:74:be:53:49:b0:39: 34:6f:d5:d2:23:b1:4b:94:12:3a:56:56:b8:db:16: 00:17:b3:cf:9b:9e:96:97:49:5d:49:cf:10:0b:0f: e0:93:e0:40:50:1e:80:66:70:df:67:77:80:91:ae: 84:b9:0b:5d:4e:83:ba:2f:05:33:c9:f7:5a:5c:e2: 65:0a:8a:1c:3d:c1:31:d8:2b:ac:8c:8e:9a:7e:83: c6:0b:d5:91:a2:22:c2:55:f3:6e:89:27:a9:1e:7f: f2:82:b1:58:50:b6:e0:bc:6c:8f:ef:92:ef:94:0b: e1:25:d4:e4:8f:88:0c:87:0a:16:ab:24:84:4f:1c: 2a:85:50:1d:fa:e4:85:6d:7e:40:c4:05:b2:a3:9b: a8:75:5c:3a:2a:69:78:47:fe:11:09:bb:09:44:55: 22:78:49:3c:3e:dd:b7:70:90:ca:98:a3:86:41:1d: 97:f0:df:2f:21:5a:cb:82:22:b7:6d:29:93:e9:d6: 31:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:5D:23:D0:14:EC:81:8B:05:7A:56:C9:A0:64:D3:C3:CE:CB:69:D4 X509v3 Authority Key Identifier: keyid:44:AD:DE:B6:EA:13:95:F6:98:F4:2E:75:41:AE:F4:92:42:62:5F:62 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RK3etuoTlfaY9C51Qa70kkJiX2I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/4a6ef1-b4ee-4a14-9384-4714f971b78b/1/RK3etuoTlfaY9C51Qa70kkJiX2I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/4a6ef1-b4ee-4a14-9384-4714f971b78b/1/RK3etuoTlfaY9C51Qa70kkJiX2I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:21:ad:ea:37:f3:ae:0c:54:de:a2:38:6d:62:58:60:24:fc: 99:ed:84:f3:f1:a6:3b:e9:ab:44:66:21:eb:b1:ae:81:71:b6: 8c:62:bb:3c:da:52:df:1d:1e:f5:df:f4:50:21:2f:26:e7:d3: fa:8b:72:a2:8f:68:a6:e1:dc:24:58:36:8b:0d:f8:37:44:6e: d2:54:3e:1c:92:eb:ae:fe:22:0a:95:39:42:c7:7d:bf:bc:c3: 29:66:d3:87:e0:9c:21:50:44:12:90:69:cc:a7:30:79:4d:bf: d0:07:43:61:fe:33:d5:44:c2:8a:b5:79:50:6a:af:5f:6e:e4: 7b:81:38:c7:96:fa:4b:c3:4a:04:ee:5d:aa:c3:6d:6f:81:63: cf:71:37:bc:db:47:5a:42:f2:41:e3:54:cb:dc:8c:bc:12:86: b8:bc:48:07:1f:06:41:d7:1f:3c:ab:ef:d1:4b:fe:5e:ee:aa: 47:53:5d:9c:5d:92:72:16:8d:96:c7:85:eb:22:41:b2:ee:65: a6:28:e0:c0:ae:9b:fd:87:8d:e9:1f:38:b7:25:42:11:a2:57: 7f:c6:1d:4b:ba:7c:33:7d:c8:a1:ed:11:6d:cf:a2:49:e7:a6: 55:a7:b0:a3:92:41:a9:a0:1c:25:95:c8:82:5b:80:94:e4:56: 7d:30:b5:1a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy11svnzxjqnMNeoi6z9znMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ0YWRkZWI2ZWExMzk1ZjY5OGY0MmU3NTQxYWVmNDkyNDI2 MjVmNjIwHhcNMjUxMjE4MTkwMjEyWhcNMjUxMjE5MTkwMjEyWjAzMTEwLwYDVQQD Eyg5ZDVkMjNkMDE0ZWM4MThiMDU3YTU2YzlhMDY0ZDNjM2NlY2I2OWQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0h6+me1UMxBpVdF4/z37qua6xHXt L9oiFGJRoflRPGz0HlUaM7mM2L68PQj1/AJYCc6xkYIFdC2Sx8qXNWRMrsQzqTp0 vlNJsDk0b9XSI7FLlBI6Vla42xYAF7PPm56Wl0ldSc8QCw/gk+BAUB6AZnDfZ3eA ka6EuQtdToO6LwUzyfdaXOJlCoocPcEx2CusjI6afoPGC9WRoiLCVfNuiSepHn/y grFYULbgvGyP75LvlAvhJdTkj4gMhwoWqySETxwqhVAd+uSFbX5AxAWyo5uodVw6 Kml4R/4RCbsJRFUieEk8Pt23cJDKmKOGQR2X8N8vIVrLgiK3bSmT6dYxywIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ1dI9AU7IGLBXpWyaBk08POy2nUMB8GA1UdIwQY MBaAFESt3rbqE5X2mPQudUGu9JJCYl9iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUkszZXR1b1RsZmFZOUM1MVFhNzBra0ppWDJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC80YTZlZjEtYjRlZS00YTE0LTkzODQt NDcxNGY5NzFiNzhiLzEvUkszZXR1b1RsZmFZOUM1MVFhNzBra0ppWDJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC80YTZlZjEtYjRlZS00YTE0LTkzODQtNDcxNGY5NzFiNzhi LzEvUkszZXR1b1RsZmFZOUM1MVFhNzBra0ppWDJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATSGt6jfz rgxU3qI4bWJYYCT8me2E8/GmO+mrRGYh67GugXG2jGK7PNpS3x0e9d/0UCEvJufT +otyoo9opuHcJFg2iw34N0Ru0lQ+HJLrrv4iCpU5Qsd9v7zDKWbTh+CcIVBEEpBp zKcweU2/0AdDYf4z1UTCirV5UGqvX27ke4E4x5b6S8NKBO5dqsNtb4Fjz3E3vNtH WkLyQeNUy9yMvBKGuLxIBx8GQdcfPKvv0Uv+Xu6qR1NdnF2SchaNlseF6yJBsu5l pijgwK6b/YeN6R84tyVCEaJXf8YdS7p8M33Ioe0Rbc+iSeemVaewo5JBqaAcJZXI gluAlORWfTC1Gg== -----END CERTIFICATE-----Generated at Fri Dec 19 01:27:56 2025 by rpki-client