This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft File: 7fBEw2PXiOdDNOE24DzH_R5JohY.mft (raw, json) Hash identifier: 956HZmlsDqv4+AA4nD0j0ULQdr+/qPESWoUXC+mjf6M= Subject key identifier: 63:1F:A1:13:4F:F0:EF:F9:2C:E5:73:DC:0A:61:D8:0A:C4:E8:86:52 Authority key identifier: ED:F0:44:C3:63:D7:88:E7:43:34:E1:36:E0:3C:C7:FD:1E:49:A2:16 Certificate issuer: /CN=edf044c363d788e74334e136e03cc7fd1e49a216 Certificate serial: 019B44391B9455A1FD2664A3CB89894AF1EA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7fBEw2PXiOdDNOE24DzH_R5JohY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft Manifest number: 0A02 Signing time: Mon 22 Dec 2025 04:02:31 +0000 Manifest this update: Mon 22 Dec 2025 04:02:31 +0000 Manifest next update: Tue 23 Dec 2025 04:02:31 +0000 Files and hashes: 1: 7fBEw2PXiOdDNOE24DzH_R5JohY.crl (hash: 4T+DhmPjNhRdTL1iYOZ7IYBC7xrPlNglQ05MFWhjHts=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.crl rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft rsync://rpki.ripe.net/repository/DEFAULT/7fBEw2PXiOdDNOE24DzH_R5JohY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 04:02:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:39:1b:94:55:a1:fd:26:64:a3:cb:89:89:4a:f1:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=edf044c363d788e74334e136e03cc7fd1e49a216 Validity Not Before: Dec 22 04:02:31 2025 GMT Not After : Dec 23 04:02:31 2025 GMT Subject: CN=631fa1134ff0eff92ce573dc0a61d80ac4e88652 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:69:0f:b1:02:91:2f:7a:e7:00:d1:77:d0:d3: 45:48:00:40:db:87:dc:02:7c:25:17:24:6e:13:ff: 21:6e:4c:82:8d:75:93:5f:16:ff:c6:91:1b:f5:10: 19:b5:e8:43:91:ba:4c:29:42:74:d1:ea:35:c0:da: ab:b8:9c:97:3e:c8:94:c9:55:43:05:30:fb:85:bb: 02:60:b3:51:3a:fa:7d:21:71:06:5c:db:dd:6e:f4: a6:b2:87:bd:8d:06:1f:0b:e7:c0:1a:97:88:80:f9: 30:bd:f2:a0:d5:6b:89:76:db:69:eb:39:c9:ac:f5: a6:b6:8e:63:c6:78:0d:7c:6a:59:57:bf:51:a0:fd: 59:1b:cb:06:c2:73:21:30:ee:bc:85:e1:d0:cc:96: 1a:5c:0f:7a:8c:53:64:05:06:bd:38:48:bf:5a:d9: 91:d7:d8:1e:8c:1f:51:66:a7:b9:05:ce:85:62:61: 63:c9:6a:8e:91:fe:9c:eb:38:d9:91:f4:fe:18:02: 95:a4:c3:e2:ce:3d:bb:10:2f:73:38:0e:12:1d:3a: 56:49:20:48:04:33:88:77:fd:40:9f:0f:ec:51:02: 2c:85:36:bf:95:f1:ec:a2:ea:cd:a7:13:35:df:00: 68:cc:a3:c3:b4:80:54:f0:da:5d:1d:78:db:f3:52: f9:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:1F:A1:13:4F:F0:EF:F9:2C:E5:73:DC:0A:61:D8:0A:C4:E8:86:52 X509v3 Authority Key Identifier: keyid:ED:F0:44:C3:63:D7:88:E7:43:34:E1:36:E0:3C:C7:FD:1E:49:A2:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7fBEw2PXiOdDNOE24DzH_R5JohY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 09:8e:b4:b3:88:3e:3c:e5:9c:d1:73:f1:20:9e:b7:20:9d:3b: b8:89:e6:cb:32:11:63:21:d2:b3:85:69:92:ad:37:fc:b8:09: fc:f1:7d:6d:c1:60:28:ce:0f:a2:91:47:ce:2a:93:f6:4b:fb: 61:60:31:8a:1d:0a:5c:56:c8:7c:8a:65:d4:c9:0e:65:4d:62: 92:7f:8c:2d:21:62:23:c0:a7:60:94:26:09:51:1c:11:95:14: 42:db:1d:78:f7:4b:b7:3b:a2:88:78:4c:b7:65:e9:9e:a6:cf: 5e:f3:2b:9d:ce:bc:97:26:70:08:81:5f:95:00:76:95:64:c2: df:c6:53:6e:54:bb:83:98:e0:fc:19:0c:ca:6d:82:35:d7:e7: 7c:19:bf:23:c1:85:e9:cc:f9:f3:a4:09:0d:fd:0a:ed:c7:d7: 9e:b9:72:59:69:e4:b9:9c:02:82:8c:d4:11:6e:a1:bf:33:d1: 91:e4:d0:91:82:51:0f:50:cc:b6:9a:4e:03:0b:96:ce:1f:c2: d5:4f:19:12:4f:35:3e:19:e8:49:a2:27:36:ce:09:87:63:45: ea:d1:79:fc:32:63:01:06:20:af:9b:18:b2:fb:fe:29:d1:ac: fc:15:d6:af:02:2d:6f:9a:79:63:18:96:90:5c:91:2b:e2:2d: 61:da:bd:ee -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEORuUVaH9JmSjy4mJSvHqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVkZjA0NGMzNjNkNzg4ZTc0MzM0ZTEzNmUwM2NjN2ZkMWU0 OWEyMTYwHhcNMjUxMjIyMDQwMjMxWhcNMjUxMjIzMDQwMjMxWjAzMTEwLwYDVQQD Eyg2MzFmYTExMzRmZjBlZmY5MmNlNTczZGMwYTYxZDgwYWM0ZTg4NjUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmkPsQKRL3rnANF30NNFSABA24fc AnwlFyRuE/8hbkyCjXWTXxb/xpEb9RAZtehDkbpMKUJ00eo1wNqruJyXPsiUyVVD BTD7hbsCYLNROvp9IXEGXNvdbvSmsoe9jQYfC+fAGpeIgPkwvfKg1WuJdttp6znJ rPWmto5jxngNfGpZV79RoP1ZG8sGwnMhMO68heHQzJYaXA96jFNkBQa9OEi/WtmR 19gejB9RZqe5Bc6FYmFjyWqOkf6c6zjZkfT+GAKVpMPizj27EC9zOA4SHTpWSSBI BDOId/1Anw/sUQIshTa/lfHsourNpxM13wBozKPDtIBU8NpdHXjb81L5sQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGMfoRNP8O/5LOVz3Aph2ArE6IZSMB8GA1UdIwQY MBaAFO3wRMNj14jnQzThNuA8x/0eSaIWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvN2ZCRXcyUFhpT2RETk9FMjREekhfUjVKb2hZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zNDA0OTEtZDFkMi00MzJjLTk1NmQt MmZlMTU5NGRkYzljLzEvN2ZCRXcyUFhpT2RETk9FMjREekhfUjVKb2hZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYi8zNDA0OTEtZDFkMi00MzJjLTk1NmQtMmZlMTU5NGRkYzlj LzEvN2ZCRXcyUFhpT2RETk9FMjREekhfUjVKb2hZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACY60s4g+ POWc0XPxIJ63IJ07uInmyzIRYyHSs4Vpkq03/LgJ/PF9bcFgKM4PopFHziqT9kv7 YWAxih0KXFbIfIpl1MkOZU1ikn+MLSFiI8CnYJQmCVEcEZUUQtsdePdLtzuiiHhM t2XpnqbPXvMrnc68lyZwCIFflQB2lWTC38ZTblS7g5jg/BkMym2CNdfnfBm/I8GF 6cz586QJDf0K7cfXnrlyWWnkuZwCgozUEW6hvzPRkeTQkYJRD1DMtppOAwuWzh/C 1U8ZEk81PhnoSaInNs4Jh2NF6tF5/DJjAQYgr5sYsvv+KdGs/BXWrwItb5p5YxiW kFyRK+ItYdq97g== -----END CERTIFICATE-----Generated at Mon Dec 22 14:04:01 2025 by rpki-client