This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft File: CUsU8URwOb33-d7l-ik4XB3OlZ0.mft (raw, json) Hash identifier: /BaNNlndOBDC9f4gWrf92QrnK3dptlFBUaoYKwqaGUo= Subject key identifier: 43:4E:34:BF:23:CF:66:8F:96:DE:04:17:6F:70:F7:60:F2:6E:3F:8C Authority key identifier: 09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D Certificate issuer: /CN=094b14f1447039bdf7f9dee5fa29385c1dce959d Certificate serial: 019B405AAD81449B72F993D620A7EBB96FF0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft Manifest number: 1719 Signing time: Sun 21 Dec 2025 10:00:43 +0000 Manifest this update: Sun 21 Dec 2025 10:00:43 +0000 Manifest next update: Mon 22 Dec 2025 10:00:43 +0000 Files and hashes: 1: CUsU8URwOb33-d7l-ik4XB3OlZ0.crl (hash: pkRVuwE6Lm1ENn2n2bKOXuVTCTnuGozRZcIYS1IgPUw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 10:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:5a:ad:81:44:9b:72:f9:93:d6:20:a7:eb:b9:6f:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=094b14f1447039bdf7f9dee5fa29385c1dce959d Validity Not Before: Dec 21 10:00:43 2025 GMT Not After : Dec 22 10:00:43 2025 GMT Subject: CN=434e34bf23cf668f96de04176f70f760f26e3f8c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:9a:f9:a4:d3:29:71:3f:51:7c:0c:a0:85:ef: 19:a0:ee:ca:0f:fd:9e:ee:8c:bc:e7:98:b5:de:f3: 84:0d:07:4a:96:c5:0f:33:71:ec:37:a3:56:b2:19: c0:68:4b:17:b0:bd:f3:d1:bf:62:99:90:d5:82:6e: 22:b4:6f:74:26:c1:75:54:e5:b8:7b:0f:f3:52:7a: b3:d7:d5:83:cd:b6:e6:b8:4a:5e:14:10:7d:08:da: f9:f1:ad:1b:e4:ec:33:19:66:14:c8:90:83:24:dc: 15:db:54:2f:83:59:14:1f:5c:27:86:ce:d7:45:13: ca:88:e7:4a:85:6e:20:21:4c:f7:04:f3:28:10:77: 37:83:82:92:3d:45:20:82:ca:f3:c9:ff:3d:b3:f0: e3:9f:0a:b7:c6:5a:5c:6d:22:a4:5a:07:c2:a1:1f: 36:28:cf:23:45:46:6f:11:f1:aa:e2:bc:6b:ea:13: 17:2c:5b:8e:a9:3b:be:9e:f8:88:42:0a:82:03:46: 53:97:cd:72:45:f4:68:f2:7b:55:c9:fe:15:03:85: e4:a4:4b:17:19:9f:f8:4a:6f:86:04:90:a8:a4:2a: 52:fb:c8:a8:9c:31:17:f7:9e:66:96:d0:52:ef:f9: 89:65:67:94:b9:53:c9:2e:f9:64:0a:33:0b:e2:22: ad:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:4E:34:BF:23:CF:66:8F:96:DE:04:17:6F:70:F7:60:F2:6E:3F:8C X509v3 Authority Key Identifier: keyid:09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:3b:df:ae:4e:70:c2:8d:e8:1d:fb:d0:63:32:4e:e4:3f:d1: b7:30:67:72:8a:e9:da:f9:dc:cc:db:ae:2e:4e:ca:b4:3a:7c: 58:b5:1e:a8:11:71:92:e7:1d:95:09:02:7c:c4:47:f6:38:7b: 9b:0a:f8:f1:a9:2c:56:31:c1:6e:bb:66:d9:52:00:6a:02:8e: 29:cc:8e:b3:a6:8b:ef:2d:4e:46:86:96:cc:c2:06:5b:58:a7: d2:8b:30:14:4f:dc:d0:81:92:4c:5e:78:3a:c5:09:34:5e:06: 3f:ce:0d:75:e7:3a:2b:18:e5:82:27:c1:6f:34:30:93:ad:f8: d1:c8:d6:b6:58:da:09:e9:aa:86:23:e5:e3:b2:2d:f8:47:d4: a3:d3:c0:f5:8b:5a:49:77:03:03:4c:60:5f:6f:3b:44:8d:f3: 06:fa:7e:db:d4:e8:19:38:fb:63:77:2c:ff:f0:39:56:f8:98: 5b:8b:4a:8b:61:73:09:c0:2c:be:75:84:ea:22:80:d8:c5:23: 3e:a4:2e:4c:67:09:15:7f:70:f5:8e:57:86:d5:df:b8:eb:e2: 77:47:82:4b:4a:80:c6:29:09:00:c5:d0:58:10:5e:f1:77:7e: 50:4e:0a:ff:e0:a9:58:ee:83:93:91:fc:69:cc:9a:3a:bb:af: 99:d6:27:2e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAWq2BRJty+ZPWIKfruW/wMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5NGIxNGYxNDQ3MDM5YmRmN2Y5ZGVlNWZhMjkzODVjMWRj ZTk1OWQwHhcNMjUxMjIxMTAwMDQzWhcNMjUxMjIyMTAwMDQzWjAzMTEwLwYDVQQD Eyg0MzRlMzRiZjIzY2Y2NjhmOTZkZTA0MTc2ZjcwZjc2MGYyNmUzZjhjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA45r5pNMpcT9RfAyghe8ZoO7KD/2e 7oy855i13vOEDQdKlsUPM3HsN6NWshnAaEsXsL3z0b9imZDVgm4itG90JsF1VOW4 ew/zUnqz19WDzbbmuEpeFBB9CNr58a0b5OwzGWYUyJCDJNwV21Qvg1kUH1wnhs7X RRPKiOdKhW4gIUz3BPMoEHc3g4KSPUUggsrzyf89s/Djnwq3xlpcbSKkWgfCoR82 KM8jRUZvEfGq4rxr6hMXLFuOqTu+nviIQgqCA0ZTl81yRfRo8ntVyf4VA4XkpEsX GZ/4Sm+GBJCopCpS+8ionDEX955mltBS7/mJZWeUuVPJLvlkCjML4iKtiQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFENONL8jz2aPlt4EF29w92Dybj+MMB8GA1UdIwQY MBaAFAlLFPFEcDm99/ne5fopOFwdzpWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2Ut NTBiNjRjYmQwZmUxLzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2UtNTBiNjRjYmQwZmUx LzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALjvfrk5w wo3oHfvQYzJO5D/RtzBncorp2vnczNuuLk7KtDp8WLUeqBFxkucdlQkCfMRH9jh7 mwr48aksVjHBbrtm2VIAagKOKcyOs6aL7y1ORoaWzMIGW1in0oswFE/c0IGSTF54 OsUJNF4GP84Ndec6KxjlgifBbzQwk6340cjWtljaCemqhiPl47It+EfUo9PA9Yta SXcDA0xgX287RI3zBvp+29ToGTj7Y3cs//A5VviYW4tKi2FzCcAsvnWE6iKA2MUj PqQuTGcJFX9w9Y5XhtXfuOvid0eCS0qAxikJAMXQWBBe8Xd+UE4K/+CpWO6Dk5H8 acyaOruvmdYnLg== -----END CERTIFICATE-----Generated at Sun Dec 21 15:35:59 2025 by rpki-client