This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft File: 09XiCPMtcw1DHUpNTtgJWx59lDE.mft (raw, json) Hash identifier: eecHdD1oUX8cFw2d3YcRQ5LeitIoS0j2VAtKOqQayvc= Subject key identifier: F2:72:90:A0:30:58:BB:92:55:8A:2A:FB:C0:05:BB:F3:EF:C4:E9:B5 Authority key identifier: D3:D5:E2:08:F3:2D:73:0D:43:1D:4A:4D:4E:D8:09:5B:1E:7D:94:31 Certificate issuer: /CN=d3d5e208f32d730d431d4a4d4ed8095b1e7d9431 Certificate serial: 019B66FBAC665EE4B7DDC8AF8E0650E7D3F4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09XiCPMtcw1DHUpNTtgJWx59lDE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft Manifest number: 02CB Signing time: Sun 28 Dec 2025 22:02:08 +0000 Manifest this update: Sun 28 Dec 2025 22:02:08 +0000 Manifest next update: Mon 29 Dec 2025 22:02:08 +0000 Files and hashes: 1: 09XiCPMtcw1DHUpNTtgJWx59lDE.crl (hash: UbYGRCxET8B1MlJ6CbnjihFiQEq1Jdc5XL5ImN631o4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.crl rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft rsync://rpki.ripe.net/repository/DEFAULT/09XiCPMtcw1DHUpNTtgJWx59lDE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 20:59:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:66:fb:ac:66:5e:e4:b7:dd:c8:af:8e:06:50:e7:d3:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d3d5e208f32d730d431d4a4d4ed8095b1e7d9431 Validity Not Before: Dec 28 22:02:08 2025 GMT Not After : Dec 29 22:02:08 2025 GMT Subject: CN=f27290a03058bb92558a2afbc005bbf3efc4e9b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:1a:ba:8c:04:d9:30:47:f4:07:77:0e:89:20: 0d:a7:94:13:30:6c:23:0f:f9:39:d5:55:72:50:e4: e7:d6:c6:3d:18:0d:8d:47:48:a8:c2:5b:ea:2e:a2: 56:08:dd:ab:36:b8:89:a4:87:6b:20:94:c0:6d:33: d3:b0:df:2e:68:80:15:d2:f7:88:d3:a1:1f:61:0f: a6:d5:ce:68:87:26:a6:4b:69:17:d6:aa:b2:d3:17: 8e:4c:21:8f:3a:b9:6b:3e:bb:fc:f4:c2:2c:0d:fc: 6c:45:0e:b3:21:78:ca:60:93:25:0c:17:db:b8:c9: e9:06:01:48:fb:60:1c:ae:46:ba:69:29:22:c3:af: 10:f7:0b:ce:2d:88:6d:06:81:76:f5:04:45:15:2d: 33:a0:16:c3:08:12:e1:b5:bb:b3:e7:d9:e1:68:fd: f2:a9:ce:a5:80:f6:ab:d5:a5:e8:09:59:a7:4c:bf: a5:0c:2f:4c:d6:f9:30:a4:84:49:8f:fe:f8:99:f8: c3:02:a1:17:9c:23:ae:cd:83:77:f0:1c:9e:a0:b5: b6:9d:50:63:17:95:d9:ce:10:45:ca:9c:82:46:1b: 0c:e7:3a:82:93:7c:31:35:97:81:81:e1:4a:ab:cc: 6b:a1:70:73:74:65:e9:e8:2c:33:e7:8f:f9:92:f5: d3:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:72:90:A0:30:58:BB:92:55:8A:2A:FB:C0:05:BB:F3:EF:C4:E9:B5 X509v3 Authority Key Identifier: keyid:D3:D5:E2:08:F3:2D:73:0D:43:1D:4A:4D:4E:D8:09:5B:1E:7D:94:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09XiCPMtcw1DHUpNTtgJWx59lDE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/fa396e-0dd4-4226-ae61-6e89a88dae93/1/09XiCPMtcw1DHUpNTtgJWx59lDE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3a:29:f9:05:c1:30:dd:0c:1a:72:f9:84:8a:a5:68:d6:73:0f: 06:a2:d2:21:12:42:82:b2:38:68:d9:13:54:80:5a:aa:3f:78: ec:55:c6:26:a8:6c:e0:83:e3:9e:20:b8:87:79:96:fe:b8:04: 00:98:8d:11:93:b4:70:0e:1b:f7:27:66:f6:d7:76:99:1f:a3: cf:a8:ae:80:94:03:48:2e:81:18:ae:41:5b:2f:96:e7:87:bc: 87:40:c8:ec:e8:5b:21:0a:12:16:c1:19:a6:f8:8e:83:a6:bb: c0:c4:8d:a2:7f:87:b5:dd:f3:bb:a7:e7:3f:71:a5:cb:5f:68: 85:b7:4e:2b:15:b9:4a:c8:36:93:9d:2e:bf:ef:c0:12:40:5e: 01:65:80:c9:64:d5:39:a3:42:1f:89:8d:69:23:37:1c:36:3c: 92:6a:c6:e1:38:df:c0:51:6d:4d:f6:46:61:e3:2f:52:05:c2: 99:99:33:fc:a1:8f:a1:55:74:83:a0:3f:7c:bc:c1:e8:3a:a0: 9a:49:26:ac:67:2f:b0:53:5d:c5:b6:0f:1b:d1:ae:5c:89:04: 00:da:c0:f0:13:7c:f6:ee:ac:d5:f3:41:25:84:ba:b6:b8:18: ab:87:51:9f:59:6d:7f:71:ad:90:8b:4b:e1:7f:9d:ba:5b:08: ec:3c:3c:87 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtm+6xmXuS33civjgZQ59P0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzZDVlMjA4ZjMyZDczMGQ0MzFkNGE0ZDRlZDgwOTViMWU3 ZDk0MzEwHhcNMjUxMjI4MjIwMjA4WhcNMjUxMjI5MjIwMjA4WjAzMTEwLwYDVQQD EyhmMjcyOTBhMDMwNThiYjkyNTU4YTJhZmJjMDA1YmJmM2VmYzRlOWI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxq6jATZMEf0B3cOiSANp5QTMGwj D/k51VVyUOTn1sY9GA2NR0iowlvqLqJWCN2rNriJpIdrIJTAbTPTsN8uaIAV0veI 06EfYQ+m1c5ohyamS2kX1qqy0xeOTCGPOrlrPrv89MIsDfxsRQ6zIXjKYJMlDBfb uMnpBgFI+2Acrka6aSkiw68Q9wvOLYhtBoF29QRFFS0zoBbDCBLhtbuz59nhaP3y qc6lgPar1aXoCVmnTL+lDC9M1vkwpIRJj/74mfjDAqEXnCOuzYN38ByeoLW2nVBj F5XZzhBFypyCRhsM5zqCk3wxNZeBgeFKq8xroXBzdGXp6Cwz54/5kvXTeQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPJykKAwWLuSVYoq+8AFu/PvxOm1MB8GA1UdIwQY MBaAFNPV4gjzLXMNQx1KTU7YCVsefZQxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDlYaUNQTXRjdzFESFVwTlR0Z0pXeDU5bERFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mYTM5NmUtMGRkNC00MjI2LWFlNjEt NmU4OWE4OGRhZTkzLzEvMDlYaUNQTXRjdzFESFVwTlR0Z0pXeDU5bERFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni9mYTM5NmUtMGRkNC00MjI2LWFlNjEtNmU4OWE4OGRhZTkz LzEvMDlYaUNQTXRjdzFESFVwTlR0Z0pXeDU5bERFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOin5BcEw 3QwacvmEiqVo1nMPBqLSIRJCgrI4aNkTVIBaqj947FXGJqhs4IPjniC4h3mW/rgE AJiNEZO0cA4b9ydm9td2mR+jz6iugJQDSC6BGK5BWy+W54e8h0DI7OhbIQoSFsEZ pviOg6a7wMSNon+Htd3zu6fnP3Gly19ohbdOKxW5Ssg2k50uv+/AEkBeAWWAyWTV OaNCH4mNaSM3HDY8kmrG4TjfwFFtTfZGYeMvUgXCmZkz/KGPoVV0g6A/fLzB6Dqg mkkmrGcvsFNdxbYPG9GuXIkEANrA8BN89u6s1fNBJYS6trgYq4dRn1ltf3GtkItL 4X+dulsI7Dw8hw== -----END CERTIFICATE-----Generated at Mon Dec 29 05:22:49 2025 by rpki-client