This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft File: SVfItkDqWWxdEac7PSZu54w_Cds.mft (raw, json) Hash identifier: IFFPwbtQ+GeNLFp3wkCo9Zr06ZhsWM4XoolZsFfIg6Q= Subject key identifier: 42:57:2D:E3:5C:C5:9C:87:33:53:4B:50:60:AB:73:54:76:A7:81:10 Authority key identifier: 49:57:C8:B6:40:EA:59:6C:5D:11:A7:3B:3D:26:6E:E7:8C:3F:09:DB Certificate issuer: /CN=4957c8b640ea596c5d11a73b3d266ee78c3f09db Certificate serial: 019B5DF71CFA67F27A4703975AC3D5A7E61A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft Manifest number: 0A27 Signing time: Sat 27 Dec 2025 04:00:34 +0000 Manifest this update: Sat 27 Dec 2025 04:00:34 +0000 Manifest next update: Sun 28 Dec 2025 04:00:34 +0000 Files and hashes: 1: SVfItkDqWWxdEac7PSZu54w_Cds.crl (hash: MUa0MjsbHE+wB9MzkfAB9zWLykIAhUr3jzClAZMdb6Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.crl rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 28 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5d:f7:1c:fa:67:f2:7a:47:03:97:5a:c3:d5:a7:e6:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4957c8b640ea596c5d11a73b3d266ee78c3f09db Validity Not Before: Dec 27 04:00:34 2025 GMT Not After : Dec 28 04:00:34 2025 GMT Subject: CN=42572de35cc59c8733534b5060ab735476a78110 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:22:29:19:1a:e3:db:f6:88:97:00:34:7b:ea: a1:3f:fb:ad:75:03:82:34:b0:0e:7e:2f:85:81:c2: 35:5c:6f:b5:6c:35:5c:11:b2:c4:d7:17:d7:4c:41: fb:e8:55:ff:8f:d3:eb:ca:7a:ed:a0:1a:ac:5b:3a: 44:08:7f:4c:f3:c3:55:9b:16:ef:a3:3c:f2:3b:25: cd:73:65:26:15:9a:99:2c:3c:3c:cd:33:87:26:51: 90:12:d8:73:2a:af:55:5a:45:d6:27:17:94:53:27: f9:e8:59:77:13:fe:d8:10:81:6a:de:bb:df:31:50: 05:ca:0b:c7:91:61:e6:9f:9a:8c:8c:15:85:4e:63: 56:1d:38:8c:c8:27:ba:08:80:29:4e:96:0f:f0:01: ac:a3:fa:7c:ff:03:d7:d0:a8:d0:7e:ec:47:ca:22: f1:cc:3a:f6:2a:c0:9e:11:3d:da:89:d4:aa:b3:1e: f1:55:06:b9:6a:86:be:4c:94:4c:cc:e9:f0:88:b2: ba:f7:fd:d7:b6:23:31:88:06:75:a8:ff:42:a0:0d: b3:74:47:1a:6e:fa:36:97:08:74:e3:7c:8c:ad:eb: ff:d3:67:fa:9c:b6:3a:77:ac:6c:54:9a:36:1c:cb: 16:67:93:da:68:65:18:be:ea:bc:03:1e:24:b3:cf: 1e:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:57:2D:E3:5C:C5:9C:87:33:53:4B:50:60:AB:73:54:76:A7:81:10 X509v3 Authority Key Identifier: keyid:49:57:C8:B6:40:EA:59:6C:5D:11:A7:3B:3D:26:6E:E7:8C:3F:09:DB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 44:e0:46:83:d4:20:e1:3a:9f:27:54:18:35:32:8a:24:fe:11: c5:75:6f:19:01:90:ba:6e:69:4f:32:d5:ab:28:1b:f4:0e:63: 51:4b:67:1d:ec:e7:77:34:7c:11:21:e5:d2:f5:81:3b:2d:75: 8e:33:32:d5:18:71:2c:3e:0c:28:36:68:ae:9c:0f:ab:8c:38: 25:65:d0:f8:c7:6a:f3:f5:3d:8a:96:b6:7d:88:35:dd:ab:e9: 1d:bb:bd:ec:a8:43:97:4a:72:9f:3b:8e:40:c3:67:49:06:58: a2:a9:b3:fb:b0:70:7d:cb:7c:fb:b2:6c:51:42:7a:ce:ee:14: 5c:5b:ee:c8:fb:4d:05:7e:8d:59:63:6e:f8:8f:58:36:8e:1f: 8b:50:53:a0:4b:c8:9d:fc:a6:91:51:40:19:53:13:b6:5e:22: 56:cb:e3:f8:b6:f4:79:0d:8e:f1:d1:43:f6:d2:75:dd:7f:d1: ae:11:fd:d8:5e:44:39:d9:ae:b9:90:49:24:2a:5f:99:c8:40: 07:b7:62:6b:e1:e9:c4:0e:67:54:ba:7b:f2:75:31:d5:57:a4: d0:eb:ee:6a:c6:4e:1e:68:28:4d:8e:81:dd:ae:74:f2:b7:55: b9:db:ae:52:b1:80:1e:57:42:41:69:39:4c:48:b6:aa:b8:c7: 68:7a:47:ca -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtd9xz6Z/J6RwOXWsPVp+YaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ5NTdjOGI2NDBlYTU5NmM1ZDExYTczYjNkMjY2ZWU3OGMz ZjA5ZGIwHhcNMjUxMjI3MDQwMDM0WhcNMjUxMjI4MDQwMDM0WjAzMTEwLwYDVQQD Eyg0MjU3MmRlMzVjYzU5Yzg3MzM1MzRiNTA2MGFiNzM1NDc2YTc4MTEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyIpGRrj2/aIlwA0e+qhP/utdQOC NLAOfi+FgcI1XG+1bDVcEbLE1xfXTEH76FX/j9PrynrtoBqsWzpECH9M88NVmxbv ozzyOyXNc2UmFZqZLDw8zTOHJlGQEthzKq9VWkXWJxeUUyf56Fl3E/7YEIFq3rvf MVAFygvHkWHmn5qMjBWFTmNWHTiMyCe6CIApTpYP8AGso/p8/wPX0KjQfuxHyiLx zDr2KsCeET3aidSqsx7xVQa5aoa+TJRMzOnwiLK69/3XtiMxiAZ1qP9CoA2zdEca bvo2lwh043yMrev/02f6nLY6d6xsVJo2HMsWZ5PaaGUYvuq8Ax4ks88eNQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEJXLeNcxZyHM1NLUGCrc1R2p4EQMB8GA1UdIwQY MBaAFElXyLZA6llsXRGnOz0mbueMPwnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wY2VlYzMtNDgyYS00MWE1LTk3ZWIt YmZlMWUxNzNkOGYwLzEvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNy8wY2VlYzMtNDgyYS00MWE1LTk3ZWItYmZlMWUxNzNkOGYw LzEvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAROBGg9Qg 4TqfJ1QYNTKKJP4RxXVvGQGQum5pTzLVqygb9A5jUUtnHezndzR8ESHl0vWBOy11 jjMy1RhxLD4MKDZorpwPq4w4JWXQ+Mdq8/U9ipa2fYg13avpHbu97KhDl0pynzuO QMNnSQZYoqmz+7Bwfct8+7JsUUJ6zu4UXFvuyPtNBX6NWWNu+I9YNo4fi1BToEvI nfymkVFAGVMTtl4iVsvj+Lb0eQ2O8dFD9tJ13X/RrhH92F5EOdmuuZBJJCpfmchA B7dia+HpxA5nVLp78nUx1Vek0OvuasZOHmgoTY6B3a508rdVuduuUrGAHldCQWk5 TEi2qrjHaHpHyg== -----END CERTIFICATE-----Generated at Sat Dec 27 09:43:05 2025 by rpki-client