This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft File: 0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft (raw, json) Hash identifier: FI7xumHAzd7lAsmZAV1/RoJ39fP0hFgySObNlBjr2jA= Subject key identifier: 7B:E8:6F:DC:FE:03:B2:15:6A:DB:4F:C0:4A:D3:37:EE:6E:99:B9:43 Authority key identifier: D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95 Certificate issuer: /CN=d170d4dde23a92166a67bb13f60bc70b667d8695 Certificate serial: 019B71101EBAD71C370D9C8CE220EAB61CA6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft Manifest number: 14DA Signing time: Tue 30 Dec 2025 21:00:40 +0000 Manifest this update: Tue 30 Dec 2025 21:00:40 +0000 Manifest next update: Wed 31 Dec 2025 21:00:40 +0000 Files and hashes: 1: 0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl (hash: KkddTOK2O7FqhIqcxfywmgO/vndPDbkgM3gzr2RUiQg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 21:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:71:10:1e:ba:d7:1c:37:0d:9c:8c:e2:20:ea:b6:1c:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d170d4dde23a92166a67bb13f60bc70b667d8695 Validity Not Before: Dec 30 21:00:40 2025 GMT Not After : Dec 31 21:00:40 2025 GMT Subject: CN=7be86fdcfe03b2156adb4fc04ad337ee6e99b943 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:1a:68:99:12:7f:22:90:71:60:e7:1f:87:3b: 62:46:ba:9f:49:47:99:c9:d9:77:f0:5c:30:84:11: 28:14:fb:e3:e3:1d:94:28:ad:cf:30:33:be:f8:58: 46:aa:2f:68:61:66:77:74:b4:d9:7b:f5:99:7e:b8: 57:84:b3:53:8a:6b:bc:50:9d:ab:33:a3:dc:fc:ba: ff:71:2c:58:82:7f:b4:24:cb:33:32:3e:79:99:cd: c0:a9:38:72:e9:9c:c1:9c:7c:22:b4:e0:db:b8:e8: 0d:22:2f:b5:2f:12:80:3a:73:e2:a6:61:bd:9f:fb: 07:18:f2:d4:57:80:fc:e1:35:63:9b:06:34:63:77: 7f:c9:23:35:93:cf:c7:8b:15:4e:b3:c9:d9:7b:ca: 5f:28:63:a4:fd:ad:eb:44:17:a0:13:5c:3b:ec:44: bc:cc:89:49:8a:05:43:76:4d:a7:93:16:a9:94:36: 1f:b1:64:3d:3e:14:8d:59:20:0e:d1:9e:7f:f0:bf: 30:7f:4c:21:e4:cf:f8:fd:3c:8c:22:17:7c:dc:3c: 78:19:89:59:bc:bf:81:20:a0:bb:ed:67:eb:00:0f: 34:0c:64:f3:e7:22:15:68:47:2c:20:85:c1:69:08: 91:c7:9c:c5:4d:3c:8e:b0:2b:94:01:a9:5d:16:e8: 03:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:E8:6F:DC:FE:03:B2:15:6A:DB:4F:C0:4A:D3:37:EE:6E:99:B9:43 X509v3 Authority Key Identifier: keyid:D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 95:67:ad:93:f3:63:b9:12:44:ec:8d:d4:42:fa:8e:cc:47:8d: 14:a1:8a:0b:26:e3:57:4f:43:15:ea:5c:80:fd:c1:e7:5b:e1: 2d:f5:67:ec:e2:6c:3b:84:f5:8f:75:9f:35:6e:45:21:a7:f6: 63:97:0b:35:a9:a6:f5:05:e7:74:6c:f4:f0:5e:de:f7:bf:7a: 1e:d4:57:69:af:c8:5d:5c:6a:cf:6f:d6:89:19:23:6d:c8:0a: a6:10:72:44:0d:8d:3d:a2:91:c1:26:42:2d:4f:04:6b:4e:84: ca:b4:75:01:9e:76:bc:7d:ce:8d:7b:e0:94:25:66:a9:28:45: 65:14:80:af:b4:0d:29:8a:be:ec:17:3e:84:a5:73:d4:ab:ff: 63:9d:f2:cb:15:c0:e0:83:e7:a9:6e:02:37:a8:3f:e5:75:04: 0b:f2:9e:3a:c7:07:ff:e8:70:2f:4e:da:3a:98:63:85:ef:dc: 83:0a:bf:bc:4f:4a:83:5c:60:e8:f9:54:4e:6b:64:be:69:f7: d8:28:7a:01:df:a2:85:4f:ec:4b:08:95:15:c5:68:eb:4a:c2: 1d:7b:47:67:6e:d3:9e:88:d8:ec:e4:ed:1c:39:fe:14:4a:5f: bc:a1:62:72:f5:ab:96:42:ce:16:9d:0d:a7:6d:11:94:77:9b: 34:35:73:58 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtxEB661xw3DZyM4iDqthymMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQxNzBkNGRkZTIzYTkyMTY2YTY3YmIxM2Y2MGJjNzBiNjY3 ZDg2OTUwHhcNMjUxMjMwMjEwMDQwWhcNMjUxMjMxMjEwMDQwWjAzMTEwLwYDVQQD Eyg3YmU4NmZkY2ZlMDNiMjE1NmFkYjRmYzA0YWQzMzdlZTZlOTliOTQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhpomRJ/IpBxYOcfhztiRrqfSUeZ ydl38FwwhBEoFPvj4x2UKK3PMDO++FhGqi9oYWZ3dLTZe/WZfrhXhLNTimu8UJ2r M6Pc/Lr/cSxYgn+0JMszMj55mc3AqThy6ZzBnHwitODbuOgNIi+1LxKAOnPipmG9 n/sHGPLUV4D84TVjmwY0Y3d/ySM1k8/HixVOs8nZe8pfKGOk/a3rRBegE1w77ES8 zIlJigVDdk2nkxaplDYfsWQ9PhSNWSAO0Z5/8L8wf0wh5M/4/TyMIhd83Dx4GYlZ vL+BIKC77WfrAA80DGTz5yIVaEcsIIXBaQiRx5zFTTyOsCuUAaldFugD5wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHvob9z+A7IVattPwErTN+5umblDMB8GA1UdIwQY MBaAFNFw1N3iOpIWame7E/YLxwtmfYaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQt N2E1NzE0ZjhlNmRhLzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQtN2E1NzE0ZjhlNmRh LzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlWetk/Nj uRJE7I3UQvqOzEeNFKGKCybjV09DFepcgP3B51vhLfVn7OJsO4T1j3WfNW5FIaf2 Y5cLNamm9QXndGz08F7e9796HtRXaa/IXVxqz2/WiRkjbcgKphByRA2NPaKRwSZC LU8Ea06EyrR1AZ52vH3OjXvglCVmqShFZRSAr7QNKYq+7Bc+hKVz1Kv/Y53yyxXA 4IPnqW4CN6g/5XUEC/KeOscH/+hwL07aOphjhe/cgwq/vE9Kg1xg6PlUTmtkvmn3 2Ch6Ad+ihU/sSwiVFcVo60rCHXtHZ27TnojY7OTtHDn+FEpfvKFicvWrlkLOFp0N p20RlHebNDVzWA== -----END CERTIFICATE-----Generated at Wed Dec 31 05:56:51 2025 by rpki-client