This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft File: 582m42RtyToNLUKV0esJR2xmvKY.mft (raw, json) Hash identifier: t14OcCh0T3hzlhC1gpVs38JRuBcWIaLl5XijWVvyyts= Subject key identifier: B4:D4:24:C6:F2:EF:F6:06:CD:13:95:BC:76:2A:1D:36:CC:2B:EB:D6 Authority key identifier: E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6 Certificate issuer: /CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6 Certificate serial: 019B6DA145CE3A9DA2C8DB51D1E368FD862B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft Manifest number: 04C8 Signing time: Tue 30 Dec 2025 05:00:44 +0000 Manifest this update: Tue 30 Dec 2025 05:00:44 +0000 Manifest next update: Wed 31 Dec 2025 05:00:44 +0000 Files and hashes: 1: 582m42RtyToNLUKV0esJR2xmvKY.crl (hash: MuvBOdEZF9M0Weq45r9YiBeDPoGGcIho5NHaXzJW19c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 00:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6d:a1:45:ce:3a:9d:a2:c8:db:51:d1:e3:68:fd:86:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6 Validity Not Before: Dec 30 05:00:44 2025 GMT Not After : Dec 31 05:00:44 2025 GMT Subject: CN=b4d424c6f2eff606cd1395bc762a1d36cc2bebd6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:d3:0d:c5:23:aa:36:d5:9a:79:9d:0f:89:75: 10:5c:f1:8c:11:1c:b9:5d:b5:0b:1d:b3:44:20:27: 8d:16:0e:7d:6d:b8:93:eb:65:86:3a:16:b0:97:74: 18:6a:2f:6d:3e:71:ff:6a:69:99:40:f5:8e:71:61: a9:49:af:b9:9e:9b:42:48:09:88:98:6c:f8:46:7a: 6c:3c:aa:3f:aa:85:03:a6:92:77:36:d2:3c:bb:04: 4c:7e:3e:ba:b1:82:3a:d2:28:6e:09:fa:64:e8:e6: 4c:13:bc:e8:8c:f3:c0:81:89:dd:a2:da:ed:af:84: 52:1b:27:55:b2:39:10:04:9c:9a:7e:03:fe:1c:14: f5:75:1c:0d:6e:ed:99:45:38:e9:13:6f:ca:a9:c3: 9e:c3:44:ba:71:83:c6:ca:ee:fc:28:91:df:98:a9: 02:45:4d:8a:e4:b5:e1:5d:e5:1d:b9:96:b5:0b:19: df:15:73:15:6c:b5:ce:24:95:20:46:78:dd:47:52: 7f:8e:db:ff:4b:83:fd:6c:f1:ac:56:b3:8a:a1:12: e2:39:52:e8:0e:20:f5:d6:9b:1d:78:15:4f:7b:35: e9:16:59:d7:9e:41:1c:3b:8f:70:e2:36:e2:d1:f3: 52:1d:c9:30:f3:b4:29:29:0b:06:8e:76:c6:e3:22: c2:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:D4:24:C6:F2:EF:F6:06:CD:13:95:BC:76:2A:1D:36:CC:2B:EB:D6 X509v3 Authority Key Identifier: keyid:E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a0:4b:90:75:01:4f:a1:3d:8a:8b:a0:f6:b9:b6:ef:ce:f5:c4: 3d:71:66:03:ab:9d:5f:44:5b:ac:60:8b:62:fe:21:d6:c7:87: 3c:d5:ef:0a:e8:55:cf:61:f6:63:20:12:89:27:21:5c:39:ef: b6:8c:95:d3:c2:11:9c:95:f1:b5:ef:92:b1:ba:66:45:39:a9: 82:54:ec:6c:44:85:d2:69:0a:34:aa:40:2e:d4:f6:36:7f:b4: 5f:c5:fa:e1:0d:c7:54:6d:4e:ab:66:d5:c3:da:7e:88:4a:e6: 60:b7:34:e5:2b:a2:18:34:71:2d:61:cd:a6:88:55:33:30:b9: ed:d0:d5:3a:30:12:66:3a:b8:26:9e:b5:cd:83:46:5f:16:3e: cd:f4:e9:43:b0:91:e3:f4:dd:95:90:3d:91:90:94:1f:9f:a3: 52:b8:6a:bc:a3:64:97:6f:37:fc:8e:37:fc:ba:c0:68:e8:25: 17:0f:bd:84:3e:bf:de:e7:d8:47:36:f8:4f:61:83:c0:ed:61: 1e:8f:81:cc:d4:7a:7e:bc:c2:b2:23:0a:3d:11:9a:14:74:06: 52:c7:14:09:f8:c2:4a:ee:05:85:9b:0b:85:a5:cf:c6:14:c6: 12:b5:e7:cb:91:b8:67:27:0c:98:bf:99:2d:b9:8f:a5:1a:90: 22:05:ea:a9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZttoUXOOp2iyNtR0eNo/YYrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU3Y2RhNmUzNjQ2ZGM5M2EwZDJkNDI5NWQxZWIwOTQ3NmM2 NmJjYTYwHhcNMjUxMjMwMDUwMDQ0WhcNMjUxMjMxMDUwMDQ0WjAzMTEwLwYDVQQD EyhiNGQ0MjRjNmYyZWZmNjA2Y2QxMzk1YmM3NjJhMWQzNmNjMmJlYmQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9MNxSOqNtWaeZ0PiXUQXPGMERy5 XbULHbNEICeNFg59bbiT62WGOhawl3QYai9tPnH/ammZQPWOcWGpSa+5nptCSAmI mGz4RnpsPKo/qoUDppJ3NtI8uwRMfj66sYI60ihuCfpk6OZME7zojPPAgYndotrt r4RSGydVsjkQBJyafgP+HBT1dRwNbu2ZRTjpE2/KqcOew0S6cYPGyu78KJHfmKkC RU2K5LXhXeUduZa1CxnfFXMVbLXOJJUgRnjdR1J/jtv/S4P9bPGsVrOKoRLiOVLo DiD11psdeBVPezXpFlnXnkEcO49w4jbi0fNSHckw87QpKQsGjnbG4yLC7wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLTUJMby7/YGzROVvHYqHTbMK+vWMB8GA1UdIwQY MBaAFOfNpuNkbck6DS1CldHrCUdsZrymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMt NTY4YzQwN2IzMGY3LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMtNTY4YzQwN2IzMGY3 LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoEuQdQFP oT2Ki6D2ubbvzvXEPXFmA6udX0RbrGCLYv4h1seHPNXvCuhVz2H2YyASiSchXDnv toyV08IRnJXxte+SsbpmRTmpglTsbESF0mkKNKpALtT2Nn+0X8X64Q3HVG1Oq2bV w9p+iErmYLc05SuiGDRxLWHNpohVMzC57dDVOjASZjq4Jp61zYNGXxY+zfTpQ7CR 4/TdlZA9kZCUH5+jUrhqvKNkl283/I43/LrAaOglFw+9hD6/3ufYRzb4T2GDwO1h Ho+BzNR6frzCsiMKPRGaFHQGUscUCfjCSu4FhZsLhaXPxhTGErXny5G4ZycMmL+Z LbmPpRqQIgXqqQ== -----END CERTIFICATE-----Generated at Tue Dec 30 07:07:45 2025 by rpki-client